ouo.press/VZkrb3R
172.67.22.15403 Forbidden 3.8 kB IP 172.67.22.15:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (838)
Hash 4156af75dcc3a9da13ceede5be3ecb02
c2e9d8749f8db9e593d499c92bddcb9ff75b0c1c
766e04c10fe95731f91022a61546c2a05c8b9fb8055b2384c75ab737abb23341
GET /VZkrb3R HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 403 Forbidden
Date: Tue, 27 Sep 2022 15:13:59 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
CF-Chl-Bypass: 1
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Frame-Options: SAMEORIGIN
Set-Cookie: __cf_bm=D_dRibXmSmFhXpmTNx5mObonlX7KL_C2jgze0M82Z4I-1664291639-0-AVVLVCQEcS5HCu/c5gQV9sTLf3YFe+Knd96jiEmkbqpRG3ceRVOZ4BVThgTXTPxT9ocl37dN3ijE+IIKy0rNKcE=; path=/; expires=Tue, 27-Sep-22 15:43:59 GMT; domain=.ouo.press; HttpOnly; SameSite=None
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75152fbcc80d1c06-OSL
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d2560f62890e75b8de444fed96c22f52
334ce0c48e606ee029f31eeb1463af87b1024bb9
4397e6b45b5822fbab9b83abe0b96ee70efba7cd2160b51936159865ede5fdb1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7339
Expires: Tue, 27 Sep 2022 17:16:18 GMT
Date: Tue, 27 Sep 2022 15:13:59 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 27 Sep 2022 14:15:30 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: F1P2GKHvigTi9ISw_uAFmLg2fNAA9Ohl-DLUHZo4dZRSwIKST-nAiw==
Age: 3509
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1017811d25642601e984edc1676d118d
c177c4f7a897584bf91347fa4990c83d6bfd0321
f35bb3a8c877dd8d3c5920f3c917722f12b157aff398e2ec30fab51fa6caa2ef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F35BB3A8C877DD8D3C5920F3C917722F12B157AFF398E2EC30FAB51FA6CAA2EF"
Last-Modified: Mon, 26 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11995
Expires: Tue, 27 Sep 2022 18:33:55 GMT
Date: Tue, 27 Sep 2022 15:14:00 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: yejPHdtgwNPRqNyFBJ/BFLh4YAB5DNZ6JdnYudoxF+a/LIYrKEUpKL/hqvkS/uXvlxw5T73uzvzwZ4skX2Q2rg==
x-amz-request-id: DRG99TNSGN5N1172
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 27 Sep 2022 14:46:53 GMT
age: 1627
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ouo.press/cdn-cgi/styles/challenges.css
172.67.22.15200 OK 2.6 kB URL HTTP/1.1 ouo.press/cdn-cgi/styles/challenges.css
IP 172.67.22.15:0
File type ASCII text, with very long lines (6294), with no line terminators
Hash ba2d8534d208d2a5b158507e004d7150
ab81307634698ea304a68783fa38937f562009a2
63b366fdbfea7cbec639f9a5f24714a831e171570625def9462d724b5c8fdc59
GET /cdn-cgi/styles/challenges.css HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/VZkrb3R
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 15:14:00 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 26 Sep 2022 11:11:32 GMT
ETag: W/"633188e4-1896"
Server: cloudflare
CF-RAY: 75152fbe6be0fabc-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Expires: Tue, 27 Sep 2022 17:14:00 GMT
Cache-Control: max-age=7200, public
Content-Encoding: gzip
ouo.press/favicon.ico
172.67.22.15200 OK 0 B IP 172.67.22.15:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/VZkrb3R
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 15:14:00 GMT
Content-Type: image/x-icon
Content-Length: 0
Connection: keep-alive
Last-Modified: Sat, 14 Feb 2015 06:41:24 GMT
ETag: "54deee14-0"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=86400
CF-Cache-Status: HIT
Age: 6572
Accept-Ranges: bytes
Set-Cookie: __cf_bm=Q6HGkNTuIu.oGkBN4Mq1dMNtQa898D2cUFrBmNZHJzk-1664291640-0-ARduzMH0iQ2bn0pMPhoI1vg1JC1tABNir2Ch2a3oMXhng7g69+ZHOl/lg8wbNmWSPJNZ4dzyaVct4Wyxc+hw8RM=; path=/; expires=Tue, 27-Sep-22 15:44:00 GMT; domain=.ouo.press; HttpOnly; SameSite=None
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75152fbe7839b51d-OSL
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 15:14:00 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ouo.press/cdn-cgi/images/trace/managed/js/transparent.gif?ray=75152fbcc80d1c06
172.67.22.15200 OK 42 B URL HTTP/1.1 ouo.press/cdn-cgi/images/trace/managed/js/transparent.gif?ray=75152fbcc80d1c06
IP 172.67.22.15:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /cdn-cgi/images/trace/managed/js/transparent.gif?ray=75152fbcc80d1c06 HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/VZkrb3R
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 15:14:00 GMT
Content-Type: image/gif
Content-Length: 42
Connection: keep-alive
Last-Modified: Mon, 26 Sep 2022 11:11:32 GMT
ETag: "633188e4-2a"
Server: cloudflare
CF-RAY: 75152fbf4c65fabc-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Expires: Tue, 27 Sep 2022 17:14:00 GMT
Cache-Control: max-age=7200, public
Accept-Ranges: bytes
ouo.press/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=75152fbcc80d1c06
172.67.22.15200 OK 24 kB URL HTTP/1.1 ouo.press/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=75152fbcc80d1c06
IP 172.67.22.15:0
File type HTML document, ASCII text, with very long lines (65536), with no line terminators
Hash 3e19f26d21f12421e1eb0797167ca2b0
e136eba29b4cffc141fda48fa7ddfe4ca0f5a65f
e21e7a7e7999f4b6b5b41354df0d0595796ef560eebe9f2f82daf15bf5fe3782
GET /cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=75152fbcc80d1c06 HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/VZkrb3R?__cf_chl_rt_tk=r85yQwAawOTj1WQW3YktGkVSKfca.mvcsvdH8IQP91I-1664291639-0-gaNycGzNAv0
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 15:14:00 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: max-age=0, must-revalidate
Set-Cookie: __cf_bm=b2rZuOhJEowE.mU_mhUGlChKac343itaghGOAo57xdA-1664291640-0-AUJuapiWC43pfVZum5kvzjEJHyXe3bASAirjTifFbkgVs8OOFTBMqFIecsNiJzRylDfaRWjBNisI9RLoUVQHFJY=; path=/; expires=Tue, 27-Sep-22 15:44:00 GMT; domain=.ouo.press; HttpOnly; SameSite=None
Server: cloudflare
CF-RAY: 75152fbf4943b51d-OSL
Content-Encoding: gzip
ouo.press/cdn-cgi/challenge-platform/h/g/flow/ov1/0.14776869421852812:1664288758:Wl0WNJPv5A2HumyLf1uaruL06Pn5bhK3G2AwuPWwNow/75152fbcc80d1c06/ffc81a48dd38010
172.67.22.15200 OK 66 kB URL HTTP/1.1 ouo.press/cdn-cgi/challenge-platform/h/g/flow/ov1/0.14776869421852812:1664288758:Wl0WNJPv5A2HumyLf1uaruL06Pn5bhK3G2AwuPWwNow/75152fbcc80d1c06/ffc81a48dd38010
IP 172.67.22.15:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 12dbf360cc6c1bcda9abf4158e8d4750
96e908f6cbfd814b9bf315f8669c5b29d4f03a6f
c2ad891eb1bf61e8f233026ee7fd8386ca3068ea6c60994a1d29721a5e1c128b
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/0.14776869421852812:1664288758:Wl0WNJPv5A2HumyLf1uaruL06Pn5bhK3G2AwuPWwNow/75152fbcc80d1c06/ffc81a48dd38010 HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-type: application/x-www-form-urlencoded
CF-Challenge: ffc81a48dd38010
Content-Length: 1770
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/VZkrb3R
Cookie: cf_chl_prog=e
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 15:14:00 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf_chl_gen: J7fD6AjneutHZTsKKxVhu0+XjSKnmReYpXu7dUVVJlWcrl/DrmNQluhx3fNkrZHu8F1CSlFCPUB3C1XAlpXlEFdB0vyImXqediQQyDUed5JylzQkn+N2pE2uj06mPiuiWaUZB14yxsV85amkHH9IA2z1enMCsl22sHRhzUGMwiYwCQf1iK+pJBBGarVAyrgcMnToB+6/jkQcAPjSD+2+QTNMRTsEWLKO9JvxPNGt91OThROsCEB9Ut5u5jPjjP2k3I/OQJfAxYKxuJyvyOEp5PHf4qYc3fzA9LsEnE1p/3/USLaVWpKE4yiucYpRH/aVciVQsbM23Tf9YA2P7Sf73+MRQo021aeW+uLBpT3rSz/YNPGOXqOKwLkHax0JjmEI61epDeVQSXG+9wjhVD5AnA==$NGwKk8zomkFU4yKyJqGaxg==
set-cookie: cf_chl_seq_ffc81a48dd38010=vBWypHVdQs1_AFi;SameSite=Strict;HttpOnly
__cf_bm=5YxrEnaIQwLSiaeGZSwtUEnya08VKzol3ilzlx_whow-1664291640-0-AdDu2XnoUto8OPFVQuvivWWJRdwWiuyJdgPG7jJoxzwTD1bLehI36SkFzfrdYwyDq26MacsdLfk18+8ZSv1B4dg=; path=/; expires=Tue, 27-Sep-22 15:44:00 GMT; domain=.ouo.press; HttpOnly; SameSite=None
Server: cloudflare
CF-RAY: 75152fc09ab9b51d-OSL
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Tue, 27 Sep 2022 15:10:46 GMT
Expires: Tue, 27 Sep 2022 16:02:56 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: M-qqjNaJXej2l2dWnDRr7h5ln3u7Bqrw5IpgT-oqnru3ubo7-Arx_Q==
Age: 194
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c18823050f86339eaa73ddb1bf80d64c
ac4ee81f59f706cee8a74458d498bbc20d8d351a
9a505647517bd02d8ff994fd4ad98dc2f4b519916145b0c327691420c1084c46
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3944
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 15:14:00 GMT
Last-Modified: Tue, 27 Sep 2022 14:08:16 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
ouo.press/cdn-cgi/challenge-platform/h/g/img/75152fbcc80d1c06/1664291640431/UVnD5ctIEUO2tKx
172.67.22.15200 OK 61 B URL HTTP/1.1 ouo.press/cdn-cgi/challenge-platform/h/g/img/75152fbcc80d1c06/1664291640431/UVnD5ctIEUO2tKx
IP 172.67.22.15:0
File type PNG image data, 23 x 98, 8-bit/color RGB, non-interlaced\012- data
Hash 77b84f2c953ed24a512c10ea6640569d
85ccae14ded787c423a1c470ef42c48bb7333758
3cd8838ac4849dbfda3f0edcae249507117ef3b283f250035cbbdb524d196aca
GET /cdn-cgi/challenge-platform/h/g/img/75152fbcc80d1c06/1664291640431/UVnD5ctIEUO2tKx HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/VZkrb3R
Cookie: cf_chl_prog=e
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 15:14:00 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cf_bm=JLOacthXHquM1aBC8prjpnERU18mMLjDixy7OBx7FEs-1664291640-0-Ac3BbMiXAjQw+pKMnvlD/NZSrTM+bfo8azU+CI0UHwB/CdSasJ+0b/V+G5peQXVPOuavSPFGmIEz5hI1YQWgbZE=; path=/; expires=Tue, 27-Sep-22 15:44:00 GMT; domain=.ouo.press; HttpOnly; SameSite=None
Server: cloudflare
CF-RAY: 75152fc41ef5b51d-OSL
ouo.press/cdn-cgi/challenge-platform/h/g/flow/ov1/0.14776869421852812:1664288758:Wl0WNJPv5A2HumyLf1uaruL06Pn5bhK3G2AwuPWwNow/75152fbcc80d1c06/ffc81a48dd38010
172.67.22.15200 OK 3.1 kB URL HTTP/1.1 ouo.press/cdn-cgi/challenge-platform/h/g/flow/ov1/0.14776869421852812:1664288758:Wl0WNJPv5A2HumyLf1uaruL06Pn5bhK3G2AwuPWwNow/75152fbcc80d1c06/ffc81a48dd38010
IP 172.67.22.15:0
File type ASCII text, with very long lines (4136), with no line terminators
Hash fb07ee5c4afdaaae321c3f45da791b79
0e78c3416feb051bde5a5cb816882c5b04b17b1d
0569ebff39e1af760dffb5f9ef1838106635095032718f35f6aa2296a09ecf32
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/0.14776869421852812:1664288758:Wl0WNJPv5A2HumyLf1uaruL06Pn5bhK3G2AwuPWwNow/75152fbcc80d1c06/ffc81a48dd38010 HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-type: application/x-www-form-urlencoded
CF-Challenge: ffc81a48dd38010
Content-Length: 16137
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/VZkrb3R
Cookie: cf_chl_seq_ffc81a48dd38010=vBWypHVdQs1_AFi; cf_chl_prog=e
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 15:14:01 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf_chl_gen: vc2bDzdvq2QiGvBqNc+Ml+pLhf0M4DffvJnrVtPPpkk=$2p8ob+/Viho7OHLQqDwF+Q==
set-cookie: cf_chl_seq_ffc81a48dd38010=dfwkL8y8zfAqGoB;SameSite=Strict;HttpOnly
__cf_bm=SFGyzMtaHYvTCFIusUQhQdmANmZAQk9bhlPfgByJnYY-1664291641-0-AXOIKYXSTZL53UHi1JKYtxsiDtx9m4xAVyGGCSq70fMk/2B3dR/G+HjnrEkwVesIrKRlGMCElO3kpsqp3kXRCF0=; path=/; expires=Tue, 27-Sep-22 15:44:01 GMT; domain=.ouo.press; HttpOnly; SameSite=None
Server: cloudflare
CF-RAY: 75152fc51841b51d-OSL
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash e3ffeb18b9a0a32db42e9f9683c02749
d0169492f1ed09f682e43120cba88989f83d2fc0
54c34b1f28ec7ac6da3a4c2854c6577568e197ff9cc99d7fd49a1ca6fb9a9537
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2705
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 15:14:01 GMT
Last-Modified: Tue, 27 Sep 2022 14:28:56 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 279
challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit
104.18.6.185302 Found 0 B URL HTTP/2 challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit
IP 104.18.6.185:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Tue, 27 Sep 2022 15:14:01 GMT
content-length: 0
location: /turnstile/v0/192bead3/api.js?onload=_cf_chl_turnstile_l&render=explicit
cache-control: max-age: 300
vary: Accept-Encoding
server: cloudflare
cf-ray: 75152fc5a983b4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash e3ffeb18b9a0a32db42e9f9683c02749
d0169492f1ed09f682e43120cba88989f83d2fc0
54c34b1f28ec7ac6da3a4c2854c6577568e197ff9cc99d7fd49a1ca6fb9a9537
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2705
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 15:14:01 GMT
Last-Modified: Tue, 27 Sep 2022 14:28:56 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 279
push.services.mozilla.com/
54.149.101.24101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.149.101.24:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: AdgyuoegG9blNMhPD7D9Ew==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: OWS/DbD15X+FRjuveEL3PBk5B4I=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13664
Expires: Tue, 27 Sep 2022 19:01:46 GMT
Date: Tue, 27 Sep 2022 15:14:02 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13664
Expires: Tue, 27 Sep 2022 19:01:46 GMT
Date: Tue, 27 Sep 2022 15:14:02 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13664
Expires: Tue, 27 Sep 2022 19:01:46 GMT
Date: Tue, 27 Sep 2022 15:14:02 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13664
Expires: Tue, 27 Sep 2022 19:01:46 GMT
Date: Tue, 27 Sep 2022 15:14:02 GMT
Connection: keep-alive
cloudflare.hcaptcha.com/1/api.js?endpoint=https%3A%2F%2Fcloudflare.hcaptcha.com&assethost=https%3A%2F%2Fcf-assets.hcaptcha.com&imghost=https%3A%2F%2Fcf-imgs.hcaptcha.com&render=explicit&recaptchacompat=off&onload=_cf_chl_hload
104.18.18.132200 OK 90 kB URL HTTP/2 cloudflare.hcaptcha.com/1/api.js?endpoint=https%3A%2F%2Fcloudflare.hcaptcha.com&assethost=https%3A%2F%2Fcf-assets.hcaptcha.com&imghost=https%3A%2F%2Fcf-imgs.hcaptcha.com&render=explicit&recaptchacompat=off&onload=_cf_chl_hload
IP 104.18.18.132:0
Hash 3725974e91b9412d5899494fabf14532
1c734adcb94bec3e6ab58297722dc7c9487edf56
2b7545fa6da0983a7dc96b126c34c33df7f967d9ceb58978a56a751265ee1345
GET /1/api.js?endpoint=https%3A%2F%2Fcloudflare.hcaptcha.com&assethost=https%3A%2F%2Fcf-assets.hcaptcha.com&imghost=https%3A%2F%2Fcf-imgs.hcaptcha.com&render=explicit&recaptchacompat=off&onload=_cf_chl_hload HTTP/1.1
Host: cloudflare.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 15:14:00 GMT
content-type: application/javascript
cf-ray: 75152fbfeeec1bfe-OSL
access-control-allow-origin: *
age: 0
cache-control: max-age=120
etag: W/"84729783ded6e9166650d2e40d1556b2"
last-modified: Thu, 11 Aug 2022 21:59:15 GMT
strict-transport-security: max-age=0
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-id: 10g5RVqLpYkU0aa-3kxGh5TDyliupy3A-DXslF07tUxdkEnx8Zz81g==
x-amz-cf-pop: OSL50-P1
x-cache: Hit from cloudfront
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
content-encoding: gzip
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F171029d0-40d4-47b3-8936-8ba3b16b3212.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F171029d0-40d4-47b3-8936-8ba3b16b3212.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 347dca206e13a3b13953f0ab398310b4
be60bbc96c832ae385cc9ae5828bd32703011b21
f6da888a54a0c6c73466f2c2a72dd875514a39d81b760a6b0116b4dd56ef31dd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F171029d0-40d4-47b3-8936-8ba3b16b3212.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10211
x-amzn-requestid: 3ea4ac84-2465-4bd1-8ade-863de3c9576e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YbfSuGoQoAMF9oQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632145aa-7843b82728ead9a053c689d1;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 03:08:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: p1vYTqYjOmYHjVmJ8f6qyT_nLIsyXsr7ZI-DI7JBF9RJa0ZJNPiluA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:56:23 GMT
age: 62259
etag: "be60bbc96c832ae385cc9ae5828bd32703011b21"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bd5ecd8-fafe-452d-ae17-9df7d4cb5682.webp
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bd5ecd8-fafe-452d-ae17-9df7d4cb5682.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 720fc80bd0ff9b71f20c8e0c13e1084e
6ff5d7ce0608a8c1b1f4c731a94295e7a56dfe50
e84bcabd01425354050fe8ba5f4b29a97f05e6f5f15d26d0706c174136de30e6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bd5ecd8-fafe-452d-ae17-9df7d4cb5682.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8931
x-amzn-requestid: 9255ee80-ae19-4b47-882b-01e663e857ed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCUG-EmZoAMFyWw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cd5f-70cc0bc87ed2480879ba081a;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:51:27 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Md06h9jRAN491M1gOjvAXN4Zp2msjqH-dYNVxyH6xJ2G8pf50tyHeQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 22:23:21 GMT
age: 60641
etag: "6ff5d7ce0608a8c1b1f4c731a94295e7a56dfe50"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 62e68c3cd08dd94d910507512a67e85f
3d4fa8701f17e8818c25584ef5f04bfbee8440cd
058d798963f83f5fb88ab728185f755c5353fa981d93e1b6ff869089f501586b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13213
x-amzn-requestid: fe9ec409-2757-4910-8443-5b4d3be7efd3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlATEp8oAMFd9Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321b9b-3230e97a4fe34413285eb578;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:37:31 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: kRSg9NTTAgeAJgIZ_C9_rRodCX4bzGduJEvNPNHUya0Moa2vsmWSoQ==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:38:57 GMT
age: 63305
etag: "3d4fa8701f17e8818c25584ef5f04bfbee8440cd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ouo.press/cdn-cgi/challenge-platform/h/g/flow/ov1/0.14776869421852812:1664288758:Wl0WNJPv5A2HumyLf1uaruL06Pn5bhK3G2AwuPWwNow/75152fbcc80d1c06/ffc81a48dd38010
172.67.22.15200 OK 56 kB URL HTTP/1.1 ouo.press/cdn-cgi/challenge-platform/h/g/flow/ov1/0.14776869421852812:1664288758:Wl0WNJPv5A2HumyLf1uaruL06Pn5bhK3G2AwuPWwNow/75152fbcc80d1c06/ffc81a48dd38010
IP 172.67.22.15:0
Hash b101fc346dc5dac30cc8ca9ff32c7dc1
e919b897f074a9fd2ab3d4d2378850c24e5d2d40
3108d5056cd7c96215e2e00d25ceab8dbe44344a055ab0b1a3dc081a909201a8
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/0.14776869421852812:1664288758:Wl0WNJPv5A2HumyLf1uaruL06Pn5bhK3G2AwuPWwNow/75152fbcc80d1c06/ffc81a48dd38010 HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-type: application/x-www-form-urlencoded
CF-Challenge: ffc81a48dd38010
Content-Length: 16848
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/VZkrb3R
Cookie: cf_chl_seq_ffc81a48dd38010=dfwkL8y8zfAqGoB; cf_chl_prog=b
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 15:14:02 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf_chl_out: LSlPQogVXJgb+ZeyE0a0HsIXhIZGxvhGSDNMFWOdm4JmEmwkX6MePkdpo40W1vIuxCC3WRfWSkOeg5GaLzvF4g==$xpliRTlFkdL043lkhbExrg==
cf_chl_out_s: 0u4Nfv8e5gqY3TVpXasUv9v9TnsvZyw7tIOuR5Fgs/R/88IkwIDhQ3qPhqqabj3fMLKTmZjuAGzyrC+/gZdhdYlGMmsoNkGBP5IHn0EaMuCiHh5rF4w94ndFN5t5elAhKmMdvM7egneqCYwrikUgvA==$FZWKWMzZ7FKt8TDq2dLCwg==
set-cookie: cf_chl_rc_m=;Expires=Mon, 26 Sep 2022 15:14:02 GMT;SameSite=Strict
__cf_bm=MmE2E88vD9QPnfYiGVV4aaoX5_fEFXiH5UdAPeJ4nGU-1664291642-0-Achf29EjwkEyzrFhy29gGoS8z1vGgUh/7GQNvrx3uIjyzinbJvfoQwXVivyd1LKmhSCxD+z0vZxLbvALNq6lv9c=; path=/; expires=Tue, 27-Sep-22 15:44:02 GMT; domain=.ouo.press; HttpOnly; SameSite=None
Server: cloudflare
CF-RAY: 75152fcb288eb51d-OSL
Content-Encoding: gzip
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2517fd65-65c6-43b1-93a6-b1205ba3f0f8.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2517fd65-65c6-43b1-93a6-b1205ba3f0f8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5274e770cb5a704916c8965659709f4a
1a26007f761e439db575fb80fb403031260aecf4
e36e8be75c92feb9b416a46c5918356d8f9694894a799b7c10de21034d33d5ef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2517fd65-65c6-43b1-93a6-b1205ba3f0f8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7455
x-amzn-requestid: 0887cd56-f324-46cf-a086-709e1c66f354
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGBTdHmhoAMFvIw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633248e2-42391706084f335228fe3994;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 00:50:42 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: IWzfDNFlgYdqYnbQ9uWfOvqb5zl3I3mgTZrT5pU5P3EvetMRDN5P7w==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 01:06:47 GMT
age: 50835
etag: "1a26007f761e439db575fb80fb403031260aecf4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F658e1cdd-3e54-47dd-9724-ec65659721ea.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F658e1cdd-3e54-47dd-9724-ec65659721ea.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 14218a43c5e5bbce546735a780c8ccce
61676358cdbb2373bc644e66f8a84fbc8cc5daf6
905b1c30a2273aef69904f2eb1451c756fc1fdba02e86ea5c957629dd056aeda
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F658e1cdd-3e54-47dd-9724-ec65659721ea.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6390
x-amzn-requestid: b2681ff8-ab83-41e6-adef-3e6772c93c3f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGFJ6Gc_oAMF44g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63324f0c-3dbf9f4e2047567b5abdbe74;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 01:17:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8JXEBo_L_xKuKdeoOXEJ6FO7ZVsZVQzUmQFe7fYcxaHRQNEq1HWp6w==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 01:37:50 GMT
age: 48972
etag: "61676358cdbb2373bc644e66f8a84fbc8cc5daf6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ouo.press/VZkrb3R
172.67.22.15200 OK 3.5 kB IP 172.67.22.15:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1938)
Hash f34253973642833073aec8ec50a04d2a
64131d2994d6a2b016774f07eaa8ba66e227485e
15e13e94269cad53cec85ff7fca6a012be960a1cfbd824c5925c34f8fbd72cc4
POST /VZkrb3R HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 1768
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/VZkrb3R?__cf_chl_tk=r85yQwAawOTj1WQW3YktGkVSKfca.mvcsvdH8IQP91I-1664291639-0-gaNycGzNAv0
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 15:14:02 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
CF-Cache-Status: DYNAMIC
Set-Cookie: cf_clearance=yciF37lzCoEWhDdCh9RI9dSpOyaBh7_1.KVemdNLUJ0-1664291642-0-250; path=/; expires=Wed, 27-Sep-23 16:14:02 GMT; domain=.ouo.press; HttpOnly
ouoio_session=eyJpdiI6IlwvXC9hMjdvU0dtcGZHa1ZQQ2hud3RTVlJqOEkxeW5uR01XQnpKMW5TcVBSRT0iLCJ2YWx1ZSI6Ik5WTDJMSzlqdDdqRkk1NFBPVnFETjY0RGxrV1hPRFZSeSs5blVQU0IxbTFaZ0Z0SUtRc3FhWGE5aXdJU2VOUTJ2K2FXZFg4RWJBNEZmQU1tNkZyNnRBPT0iLCJtYWMiOiIxM2ZiNDdhNDk0OWI1MGQ3ZmRmM2JmNDZkNDBkZDZmYWRjZTYxZDA4NWFkZTI4Yjc0NWU1MDE5NjNlZjU0ODUyIn0%3D; path=/; httponly
language=eyJpdiI6IlhkXC9TZUtvZ2dmRHM4OTcrUEJVNHV0SHp5VlBlZlNvbzNYbUNTdFA2eW80PSIsInZhbHVlIjoickpoMUQwK0xTM2xcL2cycmV1MnNjZmdqcUlDTm9iSVFFeDZNb1ppbXNhNTQ9IiwibWFjIjoiNWIzZTFkMmFjOTFkNDY4YWM5NzIxMjljOTMwZDZjMWUwNWZmMjU5NTQ0ZWY3Njc5MzU0Mjg1MDk2OWFmZmJmNiJ9; expires=Sun, 26-Sep-2027 15:14:02 GMT; Max-Age=157680000; path=/; httponly
39a3b42096f2c7f54e6b963aa82dc3ce914c6108=eyJpdiI6InpiY3NZZGp5cFpVZ2JBTGdCbkVQT1JWVTlOUFFHelhzdk44c2RCZFwvWFgwPSIsInZhbHVlIjoiNHZvNHFcL0NFUVd4ZDlveTBDTGZRNkpjQ2h3dTF3eHN1NUFDRmpXRzJJNnpEUFI0SUhKdGNISVFCV2hKSk04cDVzT012M0Y5NjBxZ2tRMkU2OE1HeFZQTVRxU3lYZHhWT01hWGNtQWpXUGxNZzlpeGFGbWpPVUN5TzNZazJmRklseFN4WU1iS2QxditxdVI0SmVLUXVCd0pxRlNUY1wvbGpvUkVla01hQ2V2amtqSEhlZ1VcLzVRd1IxckNaZ0JaSVd1Y3JKS1FCZjJ6RW9selBEY2MyXC9VaDJoRTQ5ejNpWmE4WUZCUUFQWTd0Qk5aM3dRcEhkWE53REtyVXBjMTFZY3VRTWJidjdITDN2dHNHbFNUMDN4SUhcL1VhM0Z2OElzSVdrNFZESnlLU1F4K2pLU0d4dHZBRG40dWFBV0NnYnRCT3hkZHh0TlEyN1JjS3BiWW1WcERVYXFyNUJLcnN1Z1o1Q21jYStWZUZ0cHJGdlA5WXpmaWxUMDNyUGZqM2xQRVMiLCJtYWMiOiI4N2Y2NWE4ZDBlODI2MWQ3ODRlMTcwOWNiY2IxOTRmZmI1YzQ2NzhlZTU1MTE0YTA2MDNmMzQ3N2UyOWZmNjBiIn0%3D; expires=Tue, 27-Sep-2022 17:14:02 GMT; Max-Age=7200; path=/; httponly
__cf_bm=3oprDHRg9kyl2Gi9xE1HAmU0Hj460zqw5fD6tMzBJn4-1664291642-0-ARqE/q7v8aHOD9FsSuHjpBdn2uDDxX+NSWT26nEqRGvtQNS+L7q18IJz5194ziR1X3jQfC6NGVetc+QXb3L/FWc=; path=/; expires=Tue, 27-Sep-22 15:44:02 GMT; domain=.ouo.press; HttpOnly; SameSite=None
Server: cloudflare
CF-RAY: 75152fcd6be0b51d-OSL
Content-Encoding: gzip
ouo.press/css/bootstrap.css
172.67.22.15200 OK 18 kB URL HTTP/1.1 ouo.press/css/bootstrap.css
IP 172.67.22.15:0
File type ASCII text, with very long lines (65452)
Hash ecd7a3b8fdf856cece681f760bad623c
3c16d8b0523e3c6de3b20f7c7f9de2ae48a2949a
40f5215bfeb4c595389b7d02127c47c94e173dbca21022c9f67eca101d03ab92
GET /css/bootstrap.css HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/VZkrb3R
Cookie: cf_clearance=yciF37lzCoEWhDdCh9RI9dSpOyaBh7_1.KVemdNLUJ0-1664291642-0-250; ouoio_session=eyJpdiI6IlwvXC9hMjdvU0dtcGZHa1ZQQ2hud3RTVlJqOEkxeW5uR01XQnpKMW5TcVBSRT0iLCJ2YWx1ZSI6Ik5WTDJMSzlqdDdqRkk1NFBPVnFETjY0RGxrV1hPRFZSeSs5blVQU0IxbTFaZ0Z0SUtRc3FhWGE5aXdJU2VOUTJ2K2FXZFg4RWJBNEZmQU1tNkZyNnRBPT0iLCJtYWMiOiIxM2ZiNDdhNDk0OWI1MGQ3ZmRmM2JmNDZkNDBkZDZmYWRjZTYxZDA4NWFkZTI4Yjc0NWU1MDE5NjNlZjU0ODUyIn0%3D; language=eyJpdiI6IlhkXC9TZUtvZ2dmRHM4OTcrUEJVNHV0SHp5VlBlZlNvbzNYbUNTdFA2eW80PSIsInZhbHVlIjoickpoMUQwK0xTM2xcL2cycmV1MnNjZmdqcUlDTm9iSVFFeDZNb1ppbXNhNTQ9IiwibWFjIjoiNWIzZTFkMmFjOTFkNDY4YWM5NzIxMjljOTMwZDZjMWUwNWZmMjU5NTQ0ZWY3Njc5MzU0Mjg1MDk2OWFmZmJmNiJ9; 39a3b42096f2c7f54e6b963aa82dc3ce914c6108=eyJpdiI6InpiY3NZZGp5cFpVZ2JBTGdCbkVQT1JWVTlOUFFHelhzdk44c2RCZFwvWFgwPSIsInZhbHVlIjoiNHZvNHFcL0NFUVd4ZDlveTBDTGZRNkpjQ2h3dTF3eHN1NUFDRmpXRzJJNnpEUFI0SUhKdGNISVFCV2hKSk04cDVzT012M0Y5NjBxZ2tRMkU2OE1HeFZQTVRxU3lYZHhWT01hWGNtQWpXUGxNZzlpeGFGbWpPVUN5TzNZazJmRklseFN4WU1iS2QxditxdVI0SmVLUXVCd0pxRlNUY1wvbGpvUkVla01hQ2V2amtqSEhlZ1VcLzVRd1IxckNaZ0JaSVd1Y3JKS1FCZjJ6RW9selBEY2MyXC9VaDJoRTQ5ejNpWmE4WUZCUUFQWTd0Qk5aM3dRcEhkWE53REtyVXBjMTFZY3VRTWJidjdITDN2dHNHbFNUMDN4SUhcL1VhM0Z2OElzSVdrNFZESnlLU1F4K2pLU0d4dHZBRG40dWFBV0NnYnRCT3hkZHh0TlEyN1JjS3BiWW1WcERVYXFyNUJLcnN1Z1o1Q21jYStWZUZ0cHJGdlA5WXpmaWxUMDNyUGZqM2xQRVMiLCJtYWMiOiI4N2Y2NWE4ZDBlODI2MWQ3ODRlMTcwOWNiY2IxOTRmZmI1YzQ2NzhlZTU1MTE0YTA2MDNmMzQ3N2UyOWZmNjBiIn0%3D
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 15:14:02 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=86400
Cf-Bgj: minify
Cf-Polished: origSize=109522
ETag: W/"54def1fc-1abd2"
Expires: Tue, 27 Sep 2022 21:54:57 GMT
Last-Modified: Sat, 14 Feb 2015 06:58:04 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
CF-Cache-Status: HIT
Age: 19145
Set-Cookie: __cf_bm=vwclo_.rEIc.Nhx0H3FqzHOebVA4IX_caRSE_3wEK0I-1664291642-0-ATe7Fh4yq3B1/GfHsV3cH+xvqCxP17OWV3oMhxqFPhuVJXJyis6lrcqxcktfDXl8WqpOAfgLDf4FeG2x1ba/xEE=; path=/; expires=Tue, 27-Sep-22 15:44:02 GMT; domain=.ouo.press; HttpOnly; SameSite=None
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75152fd00ff4b51d-OSL
Content-Encoding: gzip
ouo.press/css/link-safe.css
172.67.22.15200 OK 1.8 kB URL HTTP/1.1 ouo.press/css/link-safe.css
IP 172.67.22.15:0
Hash d91a45478adaa488ef4f1733dfa3c44c
3686ea901ce8ca85bb82f42bf0a8d39095ebf73d
4bb66b15dd5791ec4c9867c3a89ee2ef9bdb5f0bbd0d442a1fbfe2c34e9bc86b
GET /css/link-safe.css HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/VZkrb3R
Cookie: cf_clearance=yciF37lzCoEWhDdCh9RI9dSpOyaBh7_1.KVemdNLUJ0-1664291642-0-250; ouoio_session=eyJpdiI6IlwvXC9hMjdvU0dtcGZHa1ZQQ2hud3RTVlJqOEkxeW5uR01XQnpKMW5TcVBSRT0iLCJ2YWx1ZSI6Ik5WTDJMSzlqdDdqRkk1NFBPVnFETjY0RGxrV1hPRFZSeSs5blVQU0IxbTFaZ0Z0SUtRc3FhWGE5aXdJU2VOUTJ2K2FXZFg4RWJBNEZmQU1tNkZyNnRBPT0iLCJtYWMiOiIxM2ZiNDdhNDk0OWI1MGQ3ZmRmM2JmNDZkNDBkZDZmYWRjZTYxZDA4NWFkZTI4Yjc0NWU1MDE5NjNlZjU0ODUyIn0%3D; language=eyJpdiI6IlhkXC9TZUtvZ2dmRHM4OTcrUEJVNHV0SHp5VlBlZlNvbzNYbUNTdFA2eW80PSIsInZhbHVlIjoickpoMUQwK0xTM2xcL2cycmV1MnNjZmdqcUlDTm9iSVFFeDZNb1ppbXNhNTQ9IiwibWFjIjoiNWIzZTFkMmFjOTFkNDY4YWM5NzIxMjljOTMwZDZjMWUwNWZmMjU5NTQ0ZWY3Njc5MzU0Mjg1MDk2OWFmZmJmNiJ9; 39a3b42096f2c7f54e6b963aa82dc3ce914c6108=eyJpdiI6InpiY3NZZGp5cFpVZ2JBTGdCbkVQT1JWVTlOUFFHelhzdk44c2RCZFwvWFgwPSIsInZhbHVlIjoiNHZvNHFcL0NFUVd4ZDlveTBDTGZRNkpjQ2h3dTF3eHN1NUFDRmpXRzJJNnpEUFI0SUhKdGNISVFCV2hKSk04cDVzT012M0Y5NjBxZ2tRMkU2OE1HeFZQTVRxU3lYZHhWT01hWGNtQWpXUGxNZzlpeGFGbWpPVUN5TzNZazJmRklseFN4WU1iS2QxditxdVI0SmVLUXVCd0pxRlNUY1wvbGpvUkVla01hQ2V2amtqSEhlZ1VcLzVRd1IxckNaZ0JaSVd1Y3JKS1FCZjJ6RW9selBEY2MyXC9VaDJoRTQ5ejNpWmE4WUZCUUFQWTd0Qk5aM3dRcEhkWE53REtyVXBjMTFZY3VRTWJidjdITDN2dHNHbFNUMDN4SUhcL1VhM0Z2OElzSVdrNFZESnlLU1F4K2pLU0d4dHZBRG40dWFBV0NnYnRCT3hkZHh0TlEyN1JjS3BiWW1WcERVYXFyNUJLcnN1Z1o1Q21jYStWZUZ0cHJGdlA5WXpmaWxUMDNyUGZqM2xQRVMiLCJtYWMiOiI4N2Y2NWE4ZDBlODI2MWQ3ODRlMTcwOWNiY2IxOTRmZmI1YzQ2NzhlZTU1MTE0YTA2MDNmMzQ3N2UyOWZmNjBiIn0%3D
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 15:14:02 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=86400
Cf-Bgj: minify
Cf-Polished: status=cannot_optimize
ETag: W/"5d951ace-1830"
Expires: Wed, 28 Sep 2022 01:38:53 GMT
Last-Modified: Wed, 02 Oct 2019 21:46:54 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
CF-Cache-Status: HIT
Age: 5709
Set-Cookie: __cf_bm=7SKQZlbBX4BZnJV.LlfuyhbVBT18CQkJyRXRZqPFOwQ-1664291642-0-AWxk7aEQZOeDjmyvi2ohui9HpkNfcrHSW/pMwkMq95wmrtOqLyaGAtUdndWnYi3lK8vmn6BU2urqPDJc7lA4d7o=; path=/; expires=Tue, 27-Sep-22 15:44:02 GMT; domain=.ouo.press; HttpOnly; SameSite=None
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75152fd0081dfabc-OSL
Content-Encoding: gzip
ouo.press/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
172.67.22.15200 OK 655 B URL HTTP/1.1 ouo.press/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP 172.67.22.15:0
File type HTML document, ASCII text, with very long lines (1238)
Hash bc3ba461c8a309acf61b6d9c41cb6236
88482306ecc9258d5e9cbb9ba5314dab223a5db4
31331f1b1519882d2f2fb60367708fd56a7a1ec0bddd0554c635547179c7dc8f
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/VZkrb3R
Cookie: cf_clearance=yciF37lzCoEWhDdCh9RI9dSpOyaBh7_1.KVemdNLUJ0-1664291642-0-250; ouoio_session=eyJpdiI6IlwvXC9hMjdvU0dtcGZHa1ZQQ2hud3RTVlJqOEkxeW5uR01XQnpKMW5TcVBSRT0iLCJ2YWx1ZSI6Ik5WTDJMSzlqdDdqRkk1NFBPVnFETjY0RGxrV1hPRFZSeSs5blVQU0IxbTFaZ0Z0SUtRc3FhWGE5aXdJU2VOUTJ2K2FXZFg4RWJBNEZmQU1tNkZyNnRBPT0iLCJtYWMiOiIxM2ZiNDdhNDk0OWI1MGQ3ZmRmM2JmNDZkNDBkZDZmYWRjZTYxZDA4NWFkZTI4Yjc0NWU1MDE5NjNlZjU0ODUyIn0%3D; language=eyJpdiI6IlhkXC9TZUtvZ2dmRHM4OTcrUEJVNHV0SHp5VlBlZlNvbzNYbUNTdFA2eW80PSIsInZhbHVlIjoickpoMUQwK0xTM2xcL2cycmV1MnNjZmdqcUlDTm9iSVFFeDZNb1ppbXNhNTQ9IiwibWFjIjoiNWIzZTFkMmFjOTFkNDY4YWM5NzIxMjljOTMwZDZjMWUwNWZmMjU5NTQ0ZWY3Njc5MzU0Mjg1MDk2OWFmZmJmNiJ9; 39a3b42096f2c7f54e6b963aa82dc3ce914c6108=eyJpdiI6InpiY3NZZGp5cFpVZ2JBTGdCbkVQT1JWVTlOUFFHelhzdk44c2RCZFwvWFgwPSIsInZhbHVlIjoiNHZvNHFcL0NFUVd4ZDlveTBDTGZRNkpjQ2h3dTF3eHN1NUFDRmpXRzJJNnpEUFI0SUhKdGNISVFCV2hKSk04cDVzT012M0Y5NjBxZ2tRMkU2OE1HeFZQTVRxU3lYZHhWT01hWGNtQWpXUGxNZzlpeGFGbWpPVUN5TzNZazJmRklseFN4WU1iS2QxditxdVI0SmVLUXVCd0pxRlNUY1wvbGpvUkVla01hQ2V2amtqSEhlZ1VcLzVRd1IxckNaZ0JaSVd1Y3JKS1FCZjJ6RW9selBEY2MyXC9VaDJoRTQ5ejNpWmE4WUZCUUFQWTd0Qk5aM3dRcEhkWE53REtyVXBjMTFZY3VRTWJidjdITDN2dHNHbFNUMDN4SUhcL1VhM0Z2OElzSVdrNFZESnlLU1F4K2pLU0d4dHZBRG40dWFBV0NnYnRCT3hkZHh0TlEyN1JjS3BiWW1WcERVYXFyNUJLcnN1Z1o1Q21jYStWZUZ0cHJGdlA5WXpmaWxUMDNyUGZqM2xQRVMiLCJtYWMiOiI4N2Y2NWE4ZDBlODI2MWQ3ODRlMTcwOWNiY2IxOTRmZmI1YzQ2NzhlZTU1MTE0YTA2MDNmMzQ3N2UyOWZmNjBiIn0%3D
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 15:14:02 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 26 Sep 2022 11:11:52 GMT
ETag: W/"633188f8-4d7"
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75152fd01be9b518-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Expires: Thu, 29 Sep 2022 15:14:02 GMT
Cache-Control: max-age=172800, public
Content-Encoding: gzip
fonts.googleapis.com/css?family=Questrial
142.250.74.10200 OK 387 B URL HTTP/1.1 fonts.googleapis.com/css?family=Questrial
IP 142.250.74.10:0
Hash 7b73b3eed6a43db40b0640388112329f
ad4bb62a66f1f95c0a252f83345b40d40dcd5bb4
1776d3903d4f6fb36773bac4ccb4b86c0658838f29674d1fb506859506a41bc3
GET /css?family=Questrial HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Tue, 27 Sep 2022 15:14:02 GMT
Date: Tue, 27 Sep 2022 15:14:02 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
cdn.adtrue.com/rtb/async.js
172.64.108.4301 Moved Permanently 0 B URL HTTP/1.1 cdn.adtrue.com/rtb/async.js
IP 172.64.108.4:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rtb/async.js HTTP/1.1
Host: cdn.adtrue.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 301 Moved Permanently
Date: Tue, 27 Sep 2022 15:14:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 27 Sep 2022 16:14:02 GMT
Location: https://cdn.adtrue.com/rtb/async.js
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Atj7Pd9ptkrDvilq1qlrmH%2Fdr2Hk0NmBW01uYvq%2FniZhg5wFf0FGrT8fqtSfNRSJ5vxllZ2EuirdZG5IzmHGhtD%2FTViRyvunJY1IR6wF6sI3tmQMC0AWtc6k7UbFNVHdng%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75152fd03ea6753d-LHR
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5b7b66f5886a12421c3f3970bbf49d5a
13a31565fb5b2f1e75d67ba1ce09dae339f1c0e8
3ed8ffa99cefdf81381912b426c0ab9091fb5888836665d9012435965f99feba
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 15:14:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ecdn.firstimpression.io/fi_client.js
54.230.111.73200 OK 100 kB URL HTTP/1.1 ecdn.firstimpression.io/fi_client.js
IP 54.230.111.73:0
File type ASCII text, with very long lines (618)
Size 100 kB (100011 bytes)
Hash 0d28fc8a9af7daab0f45e849ebdea647
f9f404bfa2da1e111eb9a079eb418c28e6d5d02d
91b7c16098dfb7b84e3f723f3a4f562f53f433f28f4f73be22ea940376ec6bcc
GET /fi_client.js HTTP/1.1
Host: ecdn.firstimpression.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Date: Tue, 27 Sep 2022 14:34:51 GMT
Server: nginx/1.20.0
X-Powered-By: PHP/8.0.14
X-XSS-Protection: 0
Last-Modified: Tue, 27 Sep 2022 14:34:51 UTC
ETag: W/"216408bf3adb1a99ae54c636cf2dc77f"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 1XVlCFIpHMKe5iyyk1l1fmXrRQ0edzVjALq7lBtYcTJDdJDvPuqmFw==
Age: 2351
www.google.com/recaptcha/api.js?render=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x
142.250.74.164200 OK 583 B URL HTTP/2 www.google.com/recaptcha/api.js?render=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x
IP 142.250.74.164:0
File type ASCII text, with very long lines (884), with no line terminators
Hash 7cf76e558e1645a08f7c525e848ab958
2b6a55a19e3bd4ff5df6d1a1409206d10fcd0fd3
63d6b56c37c9b3c2514dcac246726707b87eaa72adc3c71b4a4b2d18ce96658d
GET /recaptcha/api.js?render=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Tue, 27 Sep 2022 15:14:02 GMT
date: Tue, 27 Sep 2022 15:14:02 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 583
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tv.gourdycortes.com/1clkn/48786
172.255.6.223200 OK 26 B URL HTTP/1.1 tv.gourdycortes.com/1clkn/48786
IP 172.255.6.223:0
File type ASCII text, with no line terminators
Hash 414a242a6fee8464282857e475d3ef61
f669890350347f53aa9bd19c1a355692e8d17d2f
d4914e81dd0b4c1d8ee8e789f6b369d107b93ac886f862930e1a98580e79aafa
GET /1clkn/48786 HTTP/1.1
Host: tv.gourdycortes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 27 Sep 2022 15:14:02 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Set-Cookie: GL_UI4=eJw9jUtOwzAYhPMOVUnESDkAR2gi0rRLNqy4Q%2BTYf4Jp4r9y3Ae3xyDBbh6fZoIgiKoS4TWLEV9Ei%2BejGru9pJrkoW6a%2BuXQyLEdRDfWqunqdoeNXnsnhplcgseJDFkte8mKCjz56i85Gb6ZBOlghVEF0sUTc4F8sHxbyVYxEiMWQv6mLY1894T4ZIvouPdSGy%2FDHSJeq7jcIH3X5nIvt1lQFlmA7XkWbmS79Fp5m05WKEL4igcpHE1sv5ArWk%2BOzwDPqv%2Fnfz%2FT%2BWcNmaKrlt6y%2ByD7DTb9Sx8%3D; expires=Wed, 28-Sep-2022 15:14:02 GMT; Max-Age=86400; path=/
GL_GI10=eJxNjMFqg0AURXXSTCOK5UI%2FID9Qk7R2kW3TZdGFHzBY8xIGzDxxJm0mX181ULK5HA6cGwSBeE4hdIdku8m26yx%2FzTbvOWZHYoiiRNLw2bjeK1OfCLLg%2Frf2kD0dNRuI9RviG6uG94R5Ub7cuSmKS9vycjf%2BeDw0etxRIRr51j0O3eRm2nZIP1p9WVbcnt3wYhEZcsp2RHtEu%2Fq7pdVn9YX0304fMsRCW9X1fPEDPzl9oisbUnw4WHJSIPyR4g8Mt0dW; expires=Wed, 28-Sep-2022 15:14:02 GMT; Max-Age=86400; path=/
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
ecdn.analysis.fi/static/js/fab.js
54.230.111.8200 OK 4.2 kB URL HTTP/1.1 ecdn.analysis.fi/static/js/fab.js
IP 54.230.111.8:0
File type ASCII text, with very long lines (574)
Hash 28a0bef1ecb63168106f97b637ab3414
e577575dd115f6a95aea8c2ae87d2c30c8464728
d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6
GET /static/js/fab.js HTTP/1.1
Host: ecdn.analysis.fi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 4240
Connection: keep-alive
Server: nginx/1.20.0
Last-Modified: Tue, 14 Dec 2021 15:30:51 GMT
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Date: Tue, 27 Sep 2022 15:04:19 GMT
Expires: Tue, 27 Sep 2022 16:04:19 GMT
Cache-Control: max-age=3600
ETag: "61b8b8ab-1090"
X-Cache: Hit from cloudfront
Via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: LBhK_25RRgyC8UggMqgF4QFx2ILGcoFAEMCxdJIQ16yb1YdL7FRD5g==
Age: 584
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash be52dbe2d47697a7f007d69c486b77b4
fe445ea87749e97423e7865bc559ad78f672a62d
65d16df2b3095c658d2bdf39b06d57486967bba7b43c43108e5025d7af5b7ab6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 15:14:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
itineraryupper.com/ed/36/01/ed36014633829dc70a42dccaefdf3f11.js
192.243.61.225200 OK 13 kB URL HTTP/1.1 itineraryupper.com/ed/36/01/ed36014633829dc70a42dccaefdf3f11.js
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (37188), with no line terminators
Hash 1e48c00c09d042db4f7193634131b186
bcfecf02cb911a745aadadb9a4bc5c80fe1375c8
21debf932206f513c143920d342f336c31c495ac7cde1dd4366f06bcf5452357
Analyzer Verdict Alert fortinet Malware
GET /ed/36/01/ed36014633829dc70a42dccaefdf3f11.js HTTP/1.1
Host: itineraryupper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Tue, 27 Sep 2022 15:14:03 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 02a659bab21e201bcf56c8cdfe4ffced
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
fonts.gstatic.com/s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2
142.250.74.163200 OK 19 kB URL HTTP/1.1 fonts.gstatic.com/s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 19292, version 1.0\012- data
Hash 19007b17e56daa60133bce9e9b352a95
bac1384caeae5762e7a1d8c18037f69c8cd21bc4
fd88a03358ba14440b78c6329717bdf6ed1a9fe97c3ad4e0a0a39d31fb1ac546
GET /s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://ouo.press
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 19292
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 22 Sep 2022 09:06:13 GMT
Expires: Fri, 22 Sep 2023 09:06:13 GMT
Cache-Control: public, max-age=31536000
Age: 454070
Last-Modified: Wed, 27 Apr 2022 16:12:54 GMT
Content-Type: font/woff2
exchange.adtrue.com/delivery/impress?pzoneid=12953&ref=http%3A%2F%2Fouo.press%2FVZkrb3R&cb=3081902102&timeZone=0&adWidth=300&adHeight=250&loc=http://ouo.press/VZkrb3R
172.64.108.4301 Moved Permanently 0 B URL HTTP/1.1 exchange.adtrue.com/delivery/impress?pzoneid=12953&ref=http%3A%2F%2Fouo.press%2FVZkrb3R&cb=3081902102&timeZone=0&adWidth=300&adHeight=250&loc=http://ouo.press/VZkrb3R
IP 172.64.108.4:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /delivery/impress?pzoneid=12953&ref=http%3A%2F%2Fouo.press%2FVZkrb3R&cb=3081902102&timeZone=0&adWidth=300&adHeight=250&loc=http://ouo.press/VZkrb3R HTTP/1.1
Host: exchange.adtrue.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 301 Moved Permanently
Date: Tue, 27 Sep 2022 15:14:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 27 Sep 2022 16:14:03 GMT
Location: https://exchange.adtrue.com/delivery/impress?pzoneid=12953&ref=http%3A%2F%2Fouo.press%2FVZkrb3R&cb=3081902102&timeZone=0&adWidth=300&adHeight=250&loc=http://ouo.press/VZkrb3R
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OU%2B0PCHIL%2BztlCisiCfs5Pbx8Ag0%2BkfUrviIPVBfkVfsOc3HsshX%2Fhq2clj296rFQNJc5vNc%2FdHzGDsjGA49G6Xy%2FQwjVeLB2vauVGQ8aucrZ1AykaCSo6kIKnF%2FIsMncZDVy3wQ"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75152fd47b918879-LHR
alt-svc: h2=":443"; ma=60
creepingbrings.com/sfp.js
172.64.198.30200 OK 28 kB URL HTTP/1.1 creepingbrings.com/sfp.js
IP 172.64.198.30:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash b1fa950e77a7db5425f9a5257af02e9c
2d5580451f34ad96218f8b97edf9708f9ee1be87
d999c4320df27dc4a1d3de5aec22bb3ef201560b47a7eff3f28f4133c1997a14
GET /sfp.js HTTP/1.1
Host: creepingbrings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 15:14:03 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: max-age=14400
X-Request-ID: cff98ef9523181e1671ab02d93feeb02
Strict-Transport-Security: max-age=0; includeSubdomains
CF-Cache-Status: EXPIRED
Last-Modified: Tue, 27 Sep 2022 15:14:03 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j63lq2tD%2F1n2N74oX%2F%2Fbl10jA6d8QRorNZpnp5ts9ZeAnt%2By2ZMHLxyfBYkqjumBv7okn6Z1KcZeBhBRXqJo7AJSojTDXI0yvAJ%2Fzj46QgZad3Aah%2F0nciw8sGEK%2B3RvnQ%2BOqT8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75152fd44ab27505-LHR
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
cdn.adtrue.com/pb/prebid_dev.js?v=1.2345
172.64.108.4301 Moved Permanently 0 B URL HTTP/1.1 cdn.adtrue.com/pb/prebid_dev.js?v=1.2345
IP 172.64.108.4:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pb/prebid_dev.js?v=1.2345 HTTP/1.1
Host: cdn.adtrue.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 301 Moved Permanently
Date: Tue, 27 Sep 2022 15:14:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 27 Sep 2022 16:14:03 GMT
Location: https://cdn.adtrue.com/pb/prebid_dev.js?v=1.2345
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k8J3J%2F3AY4eJ1UciOr%2Fhq9B7t9Z0ny0EtaHBZ9YyiblsNadVjYMSghLbBG9%2B9%2FMB8MbH8ID2syciJhCfIhnpZTkmbwuEYhKiJaEY8%2FMyej%2FklBH6%2BpfRaElInUgFWM9JUw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75152fd51f29753d-LHR
alt-svc: h2=":443"; ma=60
simplewebanalysis.com/stats
52.29.95.124200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.29.95.124:0
File type ASCII text, with no line terminators
Hash 7c69f9eada4e3d574705cb25c5f56e0d
b11d2214ed2ceab23a1084ab852bf6cb5b278124
d75dcfe58f8789d521d1f43f1e4eb5abfc27b9b6951fa97380427b91dbe2f2f0
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 15:14:03 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://ouo.press
access-control-allow-credentials: true
set-cookie: uid_id2=539d1165-819e-4c1a-b5b2-0144706b1112:2:1; expires=Fri, 24 Sep 2032 15:14:03 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
track.adtrue.com/track/request?pzoneid=12953&domain=ouo.press&ref=http%3A%2F%2Fouo.press%2FVZkrb3R&loc=http%3A%2F%2Fouo.press%2FVZkrb3R
172.64.109.4301 Moved Permanently 0 B URL HTTP/1.1 track.adtrue.com/track/request?pzoneid=12953&domain=ouo.press&ref=http%3A%2F%2Fouo.press%2FVZkrb3R&loc=http%3A%2F%2Fouo.press%2FVZkrb3R
IP 172.64.109.4:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /track/request?pzoneid=12953&domain=ouo.press&ref=http%3A%2F%2Fouo.press%2FVZkrb3R&loc=http%3A%2F%2Fouo.press%2FVZkrb3R HTTP/1.1
Host: track.adtrue.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 27 Sep 2022 15:14:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 27 Sep 2022 16:14:03 GMT
Location: https://track.adtrue.com/track/request?pzoneid=12953&domain=ouo.press&ref=http%3A%2F%2Fouo.press%2FVZkrb3R&loc=http%3A%2F%2Fouo.press%2FVZkrb3R
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jxSuzVhga09g4Jpna7xOe3gIYmEEPQrXfO8CQ%2BX4JZ48BkC%2BB2PadieI1bBLkNvy9wZfgMpfPFG0TMbk6Lpx3P6sJf28SnSBIUEnu9G9gVqcsicztSElSvRGtsdzVVWF1ppS"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75152fd53f077599-LHR
alt-svc: h2=":443"; ma=60
widgets.outbrain.com/images/widgetIcons/achoice.svg
23.38.201.81200 OK 2.7 kB URL HTTP/2 widgets.outbrain.com/images/widgetIcons/achoice.svg
IP 23.38.201.81:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2290)
Hash 9d26fa4e7238ed94f1d0d92afb453b3e
ae18efe7d09337bf2f580b3f5bc912284aad7821
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
GET /images/widgetIcons/achoice.svg HTTP/1.1
Host: widgets.outbrain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/svg+xml
etag: "9d26fa4e7238ed94f1d0d92afb453b3e:1662969032.874716"
last-modified: Mon, 12 Sep 2022 07:37:47 GMT
server: AkamaiNetStorage
content-length: 2735
cache-control: max-age=2592000
expires: Thu, 27 Oct 2022 15:14:03 GMT
date: Tue, 27 Sep 2022 15:14:03 GMT
timing-allow-origin: *, *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fc82211401f793132f7d43c2fd253af5
605d8371709b5d2a41967fd390c34fa649f89ea3
b23fd36ec037710672ac1aa6fea284e3869c4bae7941d9b53c771cff8743478e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 15:14:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6b7324a1c5e2da0a6abe72001c8b37fe
1538cb7c20c9fd164dd1e610b6fd1227a06e31d3
7247eec98a236f82a0eaf6bdafa8a0c25023c0b8b86832a44cfcdc52aafeafa3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 15:14:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
23.38.200.201200 OK 80 kB URL HTTP/1.1 ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
IP 23.38.200.201:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 6a4ce36b0d03543974d71b88fa37145d
a5c1750aab7489f287c98bae25f5afff0ed16ce8
30fb02ff951a4220268d02c95e2dbd16adfad28b179a89e9643d75ade8809aaf
GET /AdServer/js/pwt/155495/4202/pwt.js HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 200 OK
Last-Modified: Wed, 27 Oct 2021 05:33:12 GMT
ETag: "1241a12-3fca8-5cf4eee137dd8"
Server: Apache
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Type: text/javascript
Content-Length: 80538
Cache-Control: max-age=57976
Expires: Wed, 28 Sep 2022 07:20:19 GMT
Date: Tue, 27 Sep 2022 15:14:03 GMT
Connection: keep-alive
Vary: Accept-Encoding
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 737756d717fd215d94458a21028ae486
ee3c3097bcb2ff3f5482b0dc6056b1549afa8f1f
8e705bae2060960e1b2f79c42ebc445d52f307aeac41b34d3a1789879e51b85a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 15:14:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ce9fa7c0f8c668afd33a2fa65bf285e5
0333c06c16ea38e346cee9aad19965aa9d2729b1
50b7e5b9d9833fbd2c737642a86c63217f3296fb4bce6c7a876e4cde3dcddbd8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 15:14:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 2f76d47ed4f3c90f557522303bb760bc
f34542cabea7a4517debf64c298b59fc009ea56c
5ce5c216b7cb6a4425f12453e447ad364bcc1cd7d23a9d2468a8a40adfc2cb10
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 15:14:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=GTM-NPLC9ST
142.250.74.72200 OK 45 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=GTM-NPLC9ST
IP 142.250.74.72:0
File type ASCII text, with very long lines (1720)
Hash 290d151cda8a756331f52af2a721a3b5
45968580e95af13bbe7d019ca83c641f70522981
50913dbc41c7fdd469bc1201121b4ffad045b2d023cab7113e59c7c3e13a7aa4
GET /gtag/js?id=GTM-NPLC9ST HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.adtrue.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 27 Sep 2022 15:14:03 GMT
expires: Tue, 27 Sep 2022 15:14:03 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 45442
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 94ae113a430c2ae4b199aeca1f969224
1994a8cde662c4209fa0edfd2ae3775d9a7ee10d
ba7b276ba2fc9e6a2e3aa00d377a85ae5054668c425b414fe76b84f7fcc090f1
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4139
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 15:14:03 GMT
Last-Modified: Tue, 27 Sep 2022 14:05:04 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 2f76d47ed4f3c90f557522303bb760bc
f34542cabea7a4517debf64c298b59fc009ea56c
5ce5c216b7cb6a4425f12453e447ad364bcc1cd7d23a9d2468a8a40adfc2cb10
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 15:14:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ib.adnxs.com/ut/v3/prebid
185.89.210.46200 OK 139 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 185.89.210.46:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 38abaafe0c7db8f0b60565a7c4cb0be6
e37353d8bfc9fe6c4c4b8803dc7a78b5920096ae
710b8fc01564a6c40ab102dd1af27f6e01dc143b179eef656c54c9efe664c6da
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 474
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Tue, 27 Sep 2022 15:14:03 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 139
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://ouo.press
AN-X-Request-Uuid: d6119b3c-02d0-47f5-81e5-9beda1d85328
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__en.js
142.250.74.163200 OK 42 B URL HTTP/2 www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__en.js
IP 142.250.74.163:0
Hash 821c8141b8f7c192072ca7730d09e6ec
85f9a621087ac2a6c7ecad3f3c245d89003b987c
dedd81f9590e4534677ed3e1801c27f37f3837af1843524d8923087ef6f20997
GET /recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 158248
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 22:25:55 GMT
expires: Mon, 25 Sep 2023 22:25:55 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 19 Sep 2022 04:01:43 GMT
content-type: text/javascript
age: 146888
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 944c43daeb114b52f31985e73a2e4de4
6edea5919fdbc74de43535086581527dcef9a9dc
a56e37bc78ae79d514bc828cfa7416a950f5ce4310b281303ab900beb5bc525e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3349
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 15:14:04 GMT
Last-Modified: Tue, 27 Sep 2022 14:18:15 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 313
fptadtrue-d.openx.net/w/1.0/arj?ju=http%3A%2F%2Fouo.press%2FVZkrb3R&ch=UTF-8&res=1280x1024x24&ifr=true&tz=0&tws=1280x939&be=1&bc=hb_pb_3.0.3&dddid=0781a883-ef64-40fe-b047-356c5758a330&nocache=1664291641715&aus=300x250&divids=adtrue_ads_12953_9rsgry4gupgvit9sox&aucs=&auid=557936314&aumfs=100
34.98.64.218200 OK 79 B URL HTTP/2 fptadtrue-d.openx.net/w/1.0/arj?ju=http%3A%2F%2Fouo.press%2FVZkrb3R&ch=UTF-8&res=1280x1024x24&ifr=true&tz=0&tws=1280x939&be=1&bc=hb_pb_3.0.3&dddid=0781a883-ef64-40fe-b047-356c5758a330&nocache=1664291641715&aus=300x250&divids=adtrue_ads_12953_9rsgry4gupgvit9sox&aucs=&auid=557936314&aumfs=100
IP 34.98.64.218:0
File type JSON data\012- , ASCII text
Hash f14ad5e0c860eba93c0b0f7befde1e4f
6256c0a1111c4896bdd5601475d895c305cd35b5
05374833ee7ac635832929aab85a98d947a16feebed83fe9debabb08649580e1
GET /w/1.0/arj?ju=http%3A%2F%2Fouo.press%2FVZkrb3R&ch=UTF-8&res=1280x1024x24&ifr=true&tz=0&tws=1280x939&be=1&bc=hb_pb_3.0.3&dddid=0781a883-ef64-40fe-b047-356c5758a330&nocache=1664291641715&aus=300x250&divids=adtrue_ads_12953_9rsgry4gupgvit9sox&aucs=&auid=557936314&aumfs=100 HTTP/1.1
Host: fptadtrue-d.openx.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept, Accept-Encoding
server: OXGW/0.0.0
pragma: no-cache
p3p: CP="CUR ADM OUR NOR STA NID"
expires: Mon, 26 Jul 1997 05:00:00 GMT
date: Tue, 27 Sep 2022 15:14:04 GMT
content-type: application/json
content-length: 79
content-encoding: gzip
cache-control: private, max-age=0, no-cache
access-control-allow-origin: http://ouo.press
access-control-allow-credentials: true
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 05f425aca667d158b6127b5e20dc055c
ca80a10b0b26c616cd9db4387e56298bf6f250c7
ec79528ff692fda775f1232c95fcc3a6d76a3a959ace2e5756e490e13e154326
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4969
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 15:14:04 GMT
Last-Modified: Tue, 27 Sep 2022 13:51:15 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
bidder.criteo.com/cdb?profileId=207&av=34&wv=7.12.0-pre&cb=41572619994&lsavail=0
178.250.2.131204 No Content 0 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=7.12.0-pre&cb=41572619994&lsavail=0
IP 178.250.2.131:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdb?profileId=207&av=34&wv=7.12.0-pre&cb=41572619994&lsavail=0 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 346
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Tue, 27 Sep 2022 15:14:03 GMT
vary: Origin
server: Finatra
timing-allow-origin: *
access-control-allow-origin: http://ouo.press
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1f9850bc6e0bc7e2b7ec9306e28a083e
c9154d1e088cb644b9c832b82d79fe207ff71f0c
2389b61a0f0f98c4c6f617984ab989c086f92d1ef2926b88a9a2e35583b40068
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5339
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 15:14:04 GMT
Last-Modified: Tue, 27 Sep 2022 13:45:05 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
hbopenbid.pubmatic.com/translator?source=prebid-client
185.64.190.77204 No Content 0 B URL HTTP/2 hbopenbid.pubmatic.com/translator?source=prebid-client
IP 185.64.190.77:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /translator?source=prebid-client HTTP/1.1
Host: hbopenbid.pubmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 818
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: http://ouo.press
cache-control: no-cache, no-store, must-revalidate
date: Tue, 27 Sep 2022 15:14:03 GMT
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
151.101.85.229200 OK 8.9 kB URL HTTP/2 cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
IP 151.101.85.229:0
File type ASCII text, with very long lines (26606)
Hash 77019dfea792351eb58beb264f808970
106d35ea53f5a6e4024ba9bfafe6b0bd0551771f
ca2b0e50ed967336aea35965d7a99b4986429c5c5984f8de96d92b2c573b7bef
GET /npm/prebid-universal-creative@latest/dist/creative.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.13.0
x-jsd-version-type: version
etag: W/"682b-2ihEYwqesMldd0dS8BiHEV2ELiA"
content-encoding: gzip
accept-ranges: bytes
date: Tue, 27 Sep 2022 15:14:04 GMT
age: 21830
x-served-by: cache-fra19147-FRA, cache-bma1633-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 8874
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.adtrue.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Tue, 27 Sep 2022 14:41:09 GMT
expires: Tue, 27 Sep 2022 16:41:09 GMT
cache-control: public, max-age=7200
age: 1975
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.firstimpression.io/delivery/spc_fi.php?id=7419&url=%2FVZkrb3R&charset=UTF-8&ch=15&ref=ouo.press&viewerId=null&referer=http://ouo.press/VZkrb3R?__cf_chl_tk=r85yQwAawOTj1WQW3YktGkVSKfca.mvcsvdH8IQP91I-1664291639-0-gaNycGzNAv0&_firid=94221745
54.230.111.77200 OK 164 kB URL HTTP/2 cdn.firstimpression.io/delivery/spc_fi.php?id=7419&url=%2FVZkrb3R&charset=UTF-8&ch=15&ref=ouo.press&viewerId=null&referer=http://ouo.press/VZkrb3R?__cf_chl_tk=r85yQwAawOTj1WQW3YktGkVSKfca.mvcsvdH8IQP91I-1664291639-0-gaNycGzNAv0&_firid=94221745
IP 54.230.111.77:0
File type JSON data\012- , ASCII text, with very long lines (25942)
Size 164 kB (163935 bytes)
Hash 89a2bc32d4d27dc56caefef17ebcb07b
53fb6c47fde08d5b38fc2ffa3d27c07abd7f3a5b
168cd56274a00297c21080841685fb759bb78d044b66c6ac62dfd094f99d1076
GET /delivery/spc_fi.php?id=7419&url=%2FVZkrb3R&charset=UTF-8&ch=15&ref=ouo.press&viewerId=null&referer=http://ouo.press/VZkrb3R?__cf_chl_tk=r85yQwAawOTj1WQW3YktGkVSKfca.mvcsvdH8IQP91I-1664291639-0-gaNycGzNAv0&_firid=94221745 HTTP/1.1
Host: cdn.firstimpression.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
date: Tue, 27 Sep 2022 15:14:03 GMT
server: nginx/1.20.0
vary: Accept-Encoding
x-powered-by: PHP/8.0.14
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
expires: 0
access-control-allow-origin: http://ouo.press
access-control-allow-credentials: true
p3p: CP="CUR ADM OUR NOR STA NID"
set-cookie: OAID=GDPR; expires=Wed, 27-Sep-2023 15:14:03 GMT; Max-Age=31536000; path=/; secure; SameSite=none
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: gsmhve1LKwPXcBNHNmpzFSkRv5vLsQK7a0xjxordcnFjRHq5A35-8g==
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.21.226:0
Hash a691649a8b901234a408089388d99f15
220679f718ff10c98bd1a23000fdd9ff2256348d
3d73c15299f99591f6e8f1894256c5f1e0281b264812b6ad3bc98523dea2212a
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 15:14:04 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "2B0CD534B67A26D54531D11D67AD4FC44E1F26FD"
Expires: Wed, 28 Sep 2022 02:00:00 GMT
Last-Modified: Tue, 27 Sep 2022 14:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 891
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75152fd90e5cb521-OSL
ecdn.firstimpression.io/static/js/prebidamp.js
54.230.111.73200 OK 135 kB URL HTTP/2 ecdn.firstimpression.io/static/js/prebidamp.js
IP 54.230.111.73:0
Size 135 kB (135443 bytes)
Hash a92cfe8abcb2787b2acbb2eab338bb1e
79cb765339f0e5a205b1ee4408e94bdd4c5bbf35
bc3379472d717e04f28544b560a066bef9973d6578fb6246bc79b29c5fbaf7d7
GET /static/js/prebidamp.js HTTP/1.1
Host: ecdn.firstimpression.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
server: nginx/1.20.0
last-modified: Tue, 14 Dec 2021 15:30:51 GMT
access-control-allow-origin: *
content-encoding: gzip
date: Tue, 27 Sep 2022 15:04:20 GMT
expires: Tue, 27 Sep 2022 16:04:19 GMT
cache-control: max-age=3600
etag: W/"61b8b8ab-4e128"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ye6_d-s8EG00tydS6O-WfhyybT1wEU0hHVN10pB0bsOpSkEuGyTKRg==
age: 585
X-Firefox-Spdy: h2
c.amazon-adsystem.com/aax2/apstag.js
185.89.210.46200 OK 44 kB URL HTTP/1.1 c.amazon-adsystem.com/aax2/apstag.js
IP 185.89.210.46:0
File type gzip compressed data, from Unix\012- data
Hash 8a2aa0157ce8c48940bedf6cd467b5c0
89810d0135170993ac8b6327219da4ac7d7bfff0
03d7d8c6cb5e8472c9ee47155247f2e18e7c6c1d8ee51241fa85e5558cddbb86
GET /aax2/apstag.js HTTP/1.1
Host: c.amazon-adsystem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Tue, 27 Sep 2022 15:14:04 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 137
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://ouo.press
AN-X-Request-Uuid: cec26427-4084-4dd1-862a-e3533407d1be
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
bidder.criteo.com/cdb?profileId=207&av=34&wv=6.2.0&cb=64970509149
178.250.2.131200 OK 44 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=6.2.0&cb=64970509149
IP 178.250.2.131:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5f1dcf53824ce88cdb7941d34db3f19d
4164a13e3f53e1f002606a807d64a92620720fb0
3a803b7520764b5266cfac90aa9f9b2ff931109f489d9a1deb24aa686c239a74
POST /cdb?profileId=207&av=34&wv=6.2.0&cb=64970509149 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 487
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 15:14:03 GMT
vary: Origin
server: Finatra
content-type: application/json; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: http://ouo.press
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-encoding: gzip
content-length: 44
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
cdn.adtrue.com/rtb/passback.js
172.64.108.4301 Moved Permanently 0 B URL HTTP/1.1 cdn.adtrue.com/rtb/passback.js
IP 172.64.108.4:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rtb/passback.js HTTP/1.1
Host: cdn.adtrue.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 301 Moved Permanently
Date: Tue, 27 Sep 2022 15:14:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 27 Sep 2022 16:14:04 GMT
Location: https://cdn.adtrue.com/rtb/passback.js
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jPGIy8yEbSZzDI8p06ALVR5FY%2BTT3%2FvXfMy9s4gwPAyvjC0LUGyrq9xiEYBLbjIgFAD8ds%2Be2Eetm4Q%2BhzYxL69NSSKtLC7%2FcHk13xVWO%2B3DnLTTyjgNyTeK7mV0JAaFNg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75152fd98f5a753d-LHR
alt-svc: h2=":443"; ma=60
gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1
178.250.0.157200 OK 872 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1
IP 178.250.0.157:0
Hash 0baa54c2b6c4779488d701e70aa366e0
1f9c63df60822fa1e851567b3b6e6ec414a2ce9d
bfdffdabf76bbd97e9b952f67ee5c87923526a5d4ff45bb647a87ee818921692
GET /sid/json?origin=prebid&topUrl=http%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 15:14:04 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: http://ouo.press
server-processing-duration-in-ticks: 991160
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
tag.1rx.io/rmp/212927/0/mvo?z=1r&hbv=6.2,2.1
213.19.147.43204 No Content 0 B URL HTTP/2 tag.1rx.io/rmp/212927/0/mvo?z=1r&hbv=6.2,2.1
IP 213.19.147.43:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /rmp/212927/0/mvo?z=1r&hbv=6.2,2.1 HTTP/1.1
Host: tag.1rx.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 605
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Tue, 27 Sep 2022 15:14:04 GMT
access-control-allow-origin: http://ouo.press
access-control-allow-credentials: true
pragma: no-cache
cache-control: private, max-age=0, no-cache, no-store
X-Firefox-Spdy: h2
exchange.adtrue.com/tag/passback?adtrue_pzoneid=12953&divid=1900627551&ref=undefined
172.64.108.4301 Moved Permanently 0 B URL HTTP/1.1 exchange.adtrue.com/tag/passback?adtrue_pzoneid=12953&divid=1900627551&ref=undefined
IP 172.64.108.4:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tag/passback?adtrue_pzoneid=12953&divid=1900627551&ref=undefined HTTP/1.1
Host: exchange.adtrue.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 301 Moved Permanently
Date: Tue, 27 Sep 2022 15:14:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 27 Sep 2022 16:14:04 GMT
Location: https://exchange.adtrue.com/tag/passback?adtrue_pzoneid=12953&divid=1900627551&ref=undefined
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sJFub0VwT28fpD0YIIlGi%2BOYIhwxM%2FZJ5lKqIzd6DzJ0nPeH%2B5E1FpzrRzLTlFewCTQY3kzBsb9CPtBBM73hV%2FNeOJeXBv9vIeMH2TzuAkgGCwuUm5hDVJNtUvap6sQRZm5WHOQ%2B"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75152fda28a08879-LHR
alt-svc: h2=":443"; ma=60
jsc.adskeeper.com/a/d/adtrue.ouo.press.991771.js
104.18.4.42200 OK 908 B URL HTTP/2 jsc.adskeeper.com/a/d/adtrue.ouo.press.991771.js
IP 104.18.4.42:0
File type ASCII text, with very long lines (2337)
Hash 4f8f059fbf3b6b0e3a37926f648a3993
83b61eb9d45cdf8f7c708bf4e148d7cab569c596
69190d6c2b78d7b0de0a44dbdde96bb7cf6c793f52481633b4f26ca2cfefcd4e
GET /a/d/adtrue.ouo.press.991771.js HTTP/1.1
Host: jsc.adskeeper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 15:14:04 GMT
content-type: text/javascript
content-length: 908
x-amz-id-2: w9ADNRdrUc0iHWZBLfIb0me5IbCCwH7gPELK+Qx3tQZSrgnZz9Jl7+QMcHgcehSX+voNeu2uJlM=
x-amz-request-id: 3JG2R7S1MREYZDZN
last-modified: Wed, 15 Jun 2022 13:18:30 GMT
etag: "4f8f059fbf3b6b0e3a37926f648a3993"
content-encoding: gzip
x-amz-version-id: f.ffT1LrPbQX.EIpax0NyQEwqJ97JBVW
cf-cache-status: HIT
age: 71
expires: Tue, 27 Sep 2022 19:14:04 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 75152fdb5c530b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d4d6ccb03b71af183a26e4a9e50ae92b
fd4f6daccab644cf7b6eb2b338542dbfbb02287c
f8aa680a2c6f3855481318ad834807ca18bcc52fc33ff47ced01556f78cf732d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5578
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 15:14:04 GMT
Last-Modified: Tue, 27 Sep 2022 13:41:06 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
cdn.adtrue.com/rtb/async.js
172.64.108.4200 OK 5.3 kB URL HTTP/2 cdn.adtrue.com/rtb/async.js
IP 172.64.108.4:0
File type HTML document, ASCII text, with very long lines (7327), with no line terminators
Hash 99dab0e8e3f2d5bbeec5f3a15565ea5a
81b037db7f62b7db28757845a063c2aff8e2d7f6
6d7c1fbf26a96d50572324f7fb58a957c7d9e2c712950d86e31df3a338b10752
GET /rtb/async.js HTTP/1.1
Host: cdn.adtrue.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ouo.press/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 15:14:03 GMT
content-type: application/x-javascript
last-modified: Mon, 16 Nov 2020 01:20:45 GMT
etag: W/"5fb1d3ed-1c9f"
expires: Fri, 21 Oct 2022 15:24:08 GMT
cache-control: max-age=31104000
cf-cache-status: HIT
age: 29029795
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gu7KUPi2xtfLEre4RS6j8j80es8x5eLQU0DT%2BB2eyYk%2BUWxcKOLBjsBRRD20%2FKwttoxj5VF93yA98aexKQDSHbeksQN7DW81m7EHyKLhRgqn8zltwKgXqKlGdipA3jdJ2A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75152fd0e9fb76b9-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
c.amazon-adsystem.com/cdn/prod/config?src=600&u=http%3A%2F%2Fouo.press&pubid=4cd01fd0-0780-4b33-a4da-c39467660185
54.230.111.210204 No Content 200 B URL HTTP/2 c.amazon-adsystem.com/cdn/prod/config?src=600&u=http%3A%2F%2Fouo.press&pubid=4cd01fd0-0780-4b33-a4da-c39467660185
IP 54.230.111.210:0
Hash 6660be7d7ab00559653582b739e2dc7b
fa6b3967db84416326b3d9940f7ebe686992f935
8d779a12bcc23893c119a0a0eaf9183666aba4e499b2f413efab5b3db8347e24
GET /cdn/prod/config?src=600&u=http%3A%2F%2Fouo.press&pubid=4cd01fd0-0780-4b33-a4da-c39467660185 HTTP/1.1
Host: c.amazon-adsystem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
access-control-allow-origin: http://ouo.press
access-control-allow-credentials: true
cache-control: max-age=21550, s-maxage=21600
date: Tue, 27 Sep 2022 15:14:04 GMT
server: Server
x-cache: Miss from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: bYasdJRzwKfslbCWcmCuOC7b26wd_vwEKaL9wQuYOOK15UJlTIb7-Q==
X-Firefox-Spdy: h2
fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18438&site_id=202928&zone_id=1317174&size_id=2&rp_schain=1.0,1!firstimpression.io,7419,1,,,&rf=http%3A%2F%2Fouo.press%2FVZkrb3R&kw=ouo.press%2Cshortlinks%2Clinkshortener%2CfreeURLshortener&tg_i.ref=http%3A%2F%2Fouo.press%2FVZkrb3R&tg_i.page=http%3A%2F%2Fouo.press%2FVZkrb3R&tg_i.domain=ouo.press&tg_i.figroup=a9&tk_flint=pbjs_lite_v6.2.0&x_source.tid=f48a110b-32ff-4f0b-83a1-22c9f28c1b83&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.2793365117369153
213.19.162.41200 OK 348 B URL HTTP/1.1 fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18438&site_id=202928&zone_id=1317174&size_id=2&rp_schain=1.0,1!firstimpression.io,7419,1,,,&rf=http%3A%2F%2Fouo.press%2FVZkrb3R&kw=ouo.press%2Cshortlinks%2Clinkshortener%2CfreeURLshortener&tg_i.ref=http%3A%2F%2Fouo.press%2FVZkrb3R&tg_i.page=http%3A%2F%2Fouo.press%2FVZkrb3R&tg_i.domain=ouo.press&tg_i.figroup=a9&tk_flint=pbjs_lite_v6.2.0&x_source.tid=f48a110b-32ff-4f0b-83a1-22c9f28c1b83&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.2793365117369153
IP 213.19.162.41:0
File type JSON data\012- , ASCII text, with very long lines (348), with no line terminators
Hash 507e59dc2ffa47628b7c26781b5f4cfc
1d664305632acb01644cd76e205e7715b7ac8d25
891e76d025583d560a4c7a02b34bec3a093ec6db300a1430b9f7cbdf9c8e956b
GET /a/api/fastlane.json?account_id=18438&site_id=202928&zone_id=1317174&size_id=2&rp_schain=1.0,1!firstimpression.io,7419,1,,,&rf=http%3A%2F%2Fouo.press%2FVZkrb3R&kw=ouo.press%2Cshortlinks%2Clinkshortener%2CfreeURLshortener&tg_i.ref=http%3A%2F%2Fouo.press%2FVZkrb3R&tg_i.page=http%3A%2F%2Fouo.press%2FVZkrb3R&tg_i.domain=ouo.press&tg_i.figroup=a9&tk_flint=pbjs_lite_v6.2.0&x_source.tid=f48a110b-32ff-4f0b-83a1-22c9f28c1b83&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.2793365117369153 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.4
Date: Tue, 27 Sep 2022 15:14:04 GMT
Content-Type: application/json
Content-Length: 348
Connection: keep-alive
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Expires: Wed, 17 Sep 1975 21:32:10 GMT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://ouo.press
Pragma: no-cache
Vary: Accept-Encoding
Set-Cookie: khaos=L8KC9VUC-25-M3FZ; Domain=.rubiconproject.com; Path=/; Expires=Wed, 27-Sep-2023 15:14:04 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|naVuGyos1qqwNP+Fn5bZzO9DtVM30fCgIEm+BBiEUhou/a/aMemjHJZjSCqH74hcJhsHlJbldDdJwe9iGXKQTKZr5ZVxLWDe; Domain=.rubiconproject.com; Path=/; Expires=Wed, 27-Sep-2023 15:14:04 GMT; Max-Age=31536000; SameSite=None; Secure
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=http%3A%2F%2Fouo.press%2FVZkrb3R&pr=http%3A%2F%2Fouo.press%2FVZkrb3R%3F__cf_chl_tk%3Dr85yQwAawOTj1WQW3YktGkVSKfca.mvcsvdH8IQP91I-1664291639-0-gaNycGzNAv0&pid=12tqcvdA3S0kl&cb=0&ws=728x90&v=22.9.81452&t=2000&slots=%5B%7B%22sd%22%3A%2293863%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%5D&schain=1.0%2C1!firstimpression.io%2C7419%2C1%2C%2C%2C&pubid=4cd01fd0-0780-4b33-a4da-c39467660185&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
54.230.241.131200 OK 369 B URL HTTP/2 aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=http%3A%2F%2Fouo.press%2FVZkrb3R&pr=http%3A%2F%2Fouo.press%2FVZkrb3R%3F__cf_chl_tk%3Dr85yQwAawOTj1WQW3YktGkVSKfca.mvcsvdH8IQP91I-1664291639-0-gaNycGzNAv0&pid=12tqcvdA3S0kl&cb=0&ws=728x90&v=22.9.81452&t=2000&slots=%5B%7B%22sd%22%3A%2293863%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%5D&schain=1.0%2C1!firstimpression.io%2C7419%2C1%2C%2C%2C&pubid=4cd01fd0-0780-4b33-a4da-c39467660185&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
IP 54.230.241.131:0
Hash bc88f6e52834c5d7bb6a6a263a97be84
86fc986f940389cfc2fa60f1b957ff7ec7e1f11b
9f46de38dd0bddcaa5c0aaeb1b2c71b5afc5d035ce6cbed50d1e364b10855432
GET /e/dtb/bid?src=600&u=http%3A%2F%2Fouo.press%2FVZkrb3R&pr=http%3A%2F%2Fouo.press%2FVZkrb3R%3F__cf_chl_tk%3Dr85yQwAawOTj1WQW3YktGkVSKfca.mvcsvdH8IQP91I-1664291639-0-gaNycGzNAv0&pid=12tqcvdA3S0kl&cb=0&ws=728x90&v=22.9.81452&t=2000&slots=%5B%7B%22sd%22%3A%2293863%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%5D&schain=1.0%2C1!firstimpression.io%2C7419%2C1%2C%2C%2C&pubid=4cd01fd0-0780-4b33-a4da-c39467660185&gdprl=%7B%22status%22%3A%22no-cmp%22%7D HTTP/1.1
Host: aax-dtb-cf.amazon-adsystem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
content-length: 154
server: Server
date: Tue, 27 Sep 2022 15:14:04 GMT
x-amz-rid: WX2B8HW83B8RGYVTVM0W
access-control-allow-origin: http://ouo.press
access-control-allow-credentials: true
timing-allow-origin: *
strict-transport-security: max-age=47474747; includeSubDomains; preload
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 3yg7ZA2bk1jOxvn230nHXguu643Cj0qFty_BbvaCXf2ttrtLWGsaDw==
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 97a214a879d52f45268759a7be87257a
80b76b6cea63fcd0b2499c024a4107af4d4c6a29
b9bc5d684dedb52bf4edac9f6ce7d1d4bf2e99745e7255757ab4ab0c6c0f7bb3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6580
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 15:14:05 GMT
Last-Modified: Tue, 27 Sep 2022 13:24:25 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 1b38278fa6ffd8c86b24839081164a96
92b5ee31846d802f8d685ffb73f1b4aeff3f79fc
c7e3c4c064d58692c5aeafdc380ae99093b86b8df61150501d66e5b90dbdd9eb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 269
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 15:14:05 GMT
Last-Modified: Tue, 27 Sep 2022 15:09:36 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 313
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 40a3af3dfc021b3100991b708c1c60e4
27bf2a629ba45b3a9a9b0772aef11cd99ed8e83e
bee54c7b6be4fa5246c9262aa090156193351f56fb9bd880a8ac7d72883940a9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BEE54C7B6BE4FA5246C9262AA090156193351F56FB9BD880A8AC7D72883940A9"
Last-Modified: Mon, 26 Sep 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11329
Expires: Tue, 27 Sep 2022 18:22:54 GMT
Date: Tue, 27 Sep 2022 15:14:05 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 97a214a879d52f45268759a7be87257a
80b76b6cea63fcd0b2499c024a4107af4d4c6a29
b9bc5d684dedb52bf4edac9f6ce7d1d4bf2e99745e7255757ab4ab0c6c0f7bb3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6580
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 15:14:05 GMT
Last-Modified: Tue, 27 Sep 2022 13:24:25 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 278
s-img.adskeeper.com/g/8164885/492x277/0x0x1100x619/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDUvMTAxOTI0LzMwZGEzMTdiZTg2Njk3ZTFmNjQ4ODRlNTVjYmY3MDViLmpwZWc.webp?v=1664291645-oF6D3sRkfjXeTrp6hQc-YurOlG3Sl1zKYIBL2gIVVnc
104.18.5.42200 OK 23 kB URL HTTP/2 s-img.adskeeper.com/g/8164885/492x277/0x0x1100x619/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDUvMTAxOTI0LzMwZGEzMTdiZTg2Njk3ZTFmNjQ4ODRlNTVjYmY3MDViLmpwZWc.webp?v=1664291645-oF6D3sRkfjXeTrp6hQc-YurOlG3Sl1zKYIBL2gIVVnc
IP 104.18.5.42:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 492x277, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash fad44948da5d36302ec284ea103d60ae
53e882efcfd39f62238491eb7842030c5d8bc76a
6c52042a0debf07519211df9a161a1959cc772f20e1dc64ba5e548901e2fde0f
GET /g/8164885/492x277/0x0x1100x619/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDUvMTAxOTI0LzMwZGEzMTdiZTg2Njk3ZTFmNjQ4ODRlNTVjYmY3MDViLmpwZWc.webp?v=1664291645-oF6D3sRkfjXeTrp6hQc-YurOlG3Sl1zKYIBL2gIVVnc HTTP/1.1
Host: s-img.adskeeper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 15:14:05 GMT
content-type: image/webp
content-length: 22950
x-mg-request-uuid: ac59d1ad-a0c3-4553-86b7-a5baaa175633
access-control-allow-origin: *
last-modified: Tue, 09 Aug 2022 18:50:31 GMT
cache-control: immutable, max-age=31536000
cf-cache-status: HIT
age: 776448
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 75152fddf9a2b4f7-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ads.pubmatic.com/AdServer/js/pwt/161673/7165/pwt.js
23.38.200.201200 OK 73 kB URL HTTP/2 ads.pubmatic.com/AdServer/js/pwt/161673/7165/pwt.js
IP 23.38.200.201:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 06cd2eddf805cce44a8cb5178e00d7de
4450e085f121f57255512d5f7c8d4bcffbf77bc5
8c41037c0b242f0fe65640486379d7f6cd91c55f8edd998ea285d8f994ec48f7
GET /AdServer/js/pwt/161673/7165/pwt.js HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Fri, 23 Sep 2022 12:15:31 GMT
server: Apache
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type: application/javascript
content-length: 73257
cache-control: max-age=127496
expires: Thu, 29 Sep 2022 02:39:01 GMT
date: Tue, 27 Sep 2022 15:14:05 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 87f383a78a81d2e654d5c06fd49d15ff
39676b49b1dd76ed7b0cdf8c67bfc7e79caa2fa1
9fd231814858fbf4aee16aa9653a00fbac17b706545c640cb1a58dc8b1f2243b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2121
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 15:14:05 GMT
Last-Modified: Tue, 27 Sep 2022 14:38:44 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 7fe5d7e8bab006e280be51825bd0e7f3
04b2e3443b73f3da95b8befc775c007a35974ba1
c9e96bf1d96f91f66945a20eaf3a81e360ee13a00475a1297ae8e68e89d86ed9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2771
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 15:14:05 GMT
Last-Modified: Tue, 27 Sep 2022 14:27:54 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 313
cdn.id5-sync.com/api/1.0/id5-api.js
104.22.53.86200 OK 16 kB URL HTTP/2 cdn.id5-sync.com/api/1.0/id5-api.js
IP 104.22.53.86:0
File type ASCII text, with very long lines (57547)
Hash 4bd18d3c7599ce1ab32949c9250898e4
ea0f7514032733ad1ec214892738dd349fbba484
5ba563f7e15ba95dbdaeadbf42c69ad8a98a7aa9dff65ac49f343ffd71a60955
GET /api/1.0/id5-api.js HTTP/1.1
Host: cdn.id5-sync.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 15:14:05 GMT
content-type: text/javascript;charset=utf-8
x-amz-id-2: xquZ6QoBGtIgECOlulfi9qoPm7v0WWNvgdo/gHYkJool7qqKRJv1p7VLfgECP96SCtmXrsRKKZg=
x-amz-request-id: NB2A206MY26ZNA92
last-modified: Thu, 22 Sep 2022 13:13:44 GMT
etag: W/"68154020ef14b5881614607902c7c21b"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600
cf-cache-status: HIT
age: 1725
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 75152fde4805b4f3-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fc70ae243425540a405f80f58df7c854
46871bfb1f917a4b5dda0a005524879703f2397b
5f3f3a4d7e385f7d5d9b833bc48807ad7db8a9d70da689b460503ba173e577f2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5F3F3A4D7E385F7D5D9B833BC48807AD7DB8A9D70DA689B460503BA173E577F2"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5454
Expires: Tue, 27 Sep 2022 16:44:59 GMT
Date: Tue, 27 Sep 2022 15:14:05 GMT
Connection: keep-alive
lb.eu-1-id5-sync.com/lb/v1
141.95.98.66200 33 B URL HTTP/1.1 lb.eu-1-id5-sync.com/lb/v1
IP 141.95.98.66:0
File type JSON data\012- , ASCII text, with no line terminators
Hash e8fca447cdfed0f4a44dc00bfcb419da
1ba67ac2ee2d49758e7b7bb68d190c7dfd6862be
b5284467047a1acf2fa4e25ec9cc8f48e836cef8259c35b465f21f26be3baba9
GET /lb/v1 HTTP/1.1
Host: lb.eu-1-id5-sync.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: http://ouo.press
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Tue, 27 Sep 2022 15:14:04 GMT
contagiousantagonizequarry.com/sbar.json?key=ed36014633829dc70a42dccaefdf3f11&uuid=539d1165-819e-4c1a-b5b2-0144706b1112%3A2%3A1
173.233.137.60200 OK 4.1 kB URL HTTP/1.1 contagiousantagonizequarry.com/sbar.json?key=ed36014633829dc70a42dccaefdf3f11&uuid=539d1165-819e-4c1a-b5b2-0144706b1112%3A2%3A1
IP 173.233.137.60:0
File type JSON data\012- , ASCII text, with very long lines (5690), with no line terminators
Hash a6753be5d9e0ea344c27e5f3f85c1d29
309eac9ad64fcf2f4a155216435f2f4f0d62b224
f1ba9b990aea10dfad263c131ca306b3a6269d09235abb168d75b4752d2736c9
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=ed36014633829dc70a42dccaefdf3f11&uuid=539d1165-819e-4c1a-b5b2-0144706b1112%3A2%3A1 HTTP/1.1
Host: contagiousantagonizequarry.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 27 Sep 2022 15:14:05 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://ouo.press
Access-Control-Allow-Origin: http://ouo.press
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=15424691; expires=Wed, 28 Sep 2022 15:14:05 GMT; secure; SameSite=None
uid_id2=539d1165-819e-4c1a-b5b2-0144706b1112:2:1; expires=Tue, 04 Oct 2022 15:14:05 GMT; secure; SameSite=None
pdhtkv=true; expires=Wed, 28 Sep 2022 15:14:05 GMT; secure; SameSite=None
uncs=1; expires=Wed, 28 Sep 2022 15:14:05 GMT; secure; SameSite=None
pdhtkv29=true; expires=Wed, 28 Sep 2022 15:14:05 GMT; secure; SameSite=None
uncs29=1; expires=Wed, 28 Sep 2022 15:14:05 GMT; secure; SameSite=None
sleced36014633829dc70a42dccaefdf3f11=[3691774]; expires=Tue, 27 Sep 2022 15:14:10 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0b694290ab11ba3ca960e01d1a8135cc
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash d7103c61c45779a7b5d41d348717a808
eefd5e3968dda1f2d6e4eb24977265459ecbe974
093f9f2eaaa017cbd1fa1a8fdd067c242b3e28d18c6925d3116ad8d50f08af0d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1414
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 15:14:05 GMT
Last-Modified: Tue, 27 Sep 2022 14:50:31 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash d7103c61c45779a7b5d41d348717a808
eefd5e3968dda1f2d6e4eb24977265459ecbe974
093f9f2eaaa017cbd1fa1a8fdd067c242b3e28d18c6925d3116ad8d50f08af0d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1413
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 15:14:05 GMT
Last-Modified: Tue, 27 Sep 2022 14:50:32 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 313
unseenreport.com/pxf.gif?uuid=539d1165-819e-4c1a-b5b2-0144706b1112&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.29&b_frame=0&pk=ed36014633829dc70a42dccaefdf3f11&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=15
192.243.59.12200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=539d1165-819e-4c1a-b5b2-0144706b1112&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.29&b_frame=0&pk=ed36014633829dc70a42dccaefdf3f11&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=15
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=539d1165-819e-4c1a-b5b2-0144706b1112&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.29&b_frame=0&pk=ed36014633829dc70a42dccaefdf3f11&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=15 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 27 Sep 2022 15:14:05 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3a225f3d4babc3ad6ae8c2690bfd6cfd
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f97fb3901ca271d482507144beb94227
1e11e37741ce260eb4333678fdd1ee977faf4073
9ac322b9a22c80ac8386a51efd64e14349144b1a159471e18689cc729a8ed97f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9AC322B9A22C80AC8386A51EFD64E14349144B1A159471E18689CC729A8ED97F"
Last-Modified: Sun, 25 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5475
Expires: Tue, 27 Sep 2022 16:45:20 GMT
Date: Tue, 27 Sep 2022 15:14:05 GMT
Connection: keep-alive
contagiousantagonizequarry.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSwYscRRvGqzf5Dp%2BKoObiITKIgoI729U90zNjkOi6blhcsyGJ6EGQ6qqe2XJrupqqrunZ8bIYkRzH%2F6D3md0s0RAUzwaZDXhYEHY8hD244NmjkKPITBZH38v7vv08h18%2F9X61606JD8dOVj7QA6kUW6pX%2FcprH1N6qbIuU9ev9JvRp1HtUsX03mxFVf%2F1ypWEb%2BmlwKe%2BT31aWZUmaev%2B0lSEzO61aLXlV2tBldZr6Jv%2F7tZ5sMyD6J2S5yHF5PxD7wIkHyPtfreS2K1cZ2%2B813WK5dqgJw4%2BTLdSXaTozse28dBOD87c0PZ49QF0uj%2FDhe79Y4zlhHg%2FP0CcHpxBIu7tzThjhSRFLJ5G0RsjUWNINgbXtyDFMQG4wNUNpN07V7Up2PYTlU3VCTn%2F%2BE%2FIYkLO%2F3YBaff%2BspL9yg2tXC51atFvl5D9MWRnjMwdIh8sQBaH4PkXkOIXsvR4HWl3b8MqDSlOXqmHLUFpVF9s0layWOOULcb1OFj0aa3W8KOYUhrMApJyDNkeQyVDMLsAZz046cG1PbjMQ1ecVDiltOELzvxmi%2FNQNJI4Ej5ljTZl1I%2BacHz6D0Pk2RBcDcHNDjKzgy05hHE%2FwW6WsMKDzQl6okSREBSWoGAEhSQocoKiV%2B4LZQNb3hHKupie9eCsh%2BVI551dtq%2FzTpKS3eyUPDcL7o9PfsBWclJJRBj5tBaFYTNoCd7wWS0QnLOkLdphm1JYWULaBTDrYSCPn32ETB7%2Fv0TMDmHVIbh8GcxdBCtGjcAH2xzVmj4G6V3tdDUzibUQukSW%2Fw%2F5trerTsmLM4Dmzb%2BQ8KPLXw5%2Bv3L%2FwufgpkRmSnwmHxJ01O3RdV2Qveu6sOT7jSyXXTlg01e9kbM8OffN%2B8l2oY1YW7HDu%2B%2FwqTAd791MbL7OUiHTjiXfLkshErOqDU%2FIj2v2oyS%2B5uzmsjOpy9avvbu61p0BSp2OwaYH%2Bsyr4HJCnlqQs4O9%2BOhtSDOGcSW67oicFaQ%2BBM92YLM5v9XnYNTcE2ceCleOTBDPPypJoJL5zuIS9l97PJ937W10zEtg%2BS2k3RI9U6KnSjA1hHXnRnlmji7%2FGs4KsfJGsTLeXqyM%2BvpJuFaeVBph6LOoVaeNBksacS1otiMqGAtqURBFLERuJzx84a2%2FAQAA%2F%2F8BAAD%2F%2F%2Fsr4dJ7BAAA
173.233.137.60200 OK 7 B URL HTTP/1.1 contagiousantagonizequarry.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSwYscRRvGqzf5Dp%2BKoObiITKIgoI729U90zNjkOi6blhcsyGJ6EGQ6qqe2XJrupqqrunZ8bIYkRzH%2F6D3md0s0RAUzwaZDXhYEHY8hD244NmjkKPITBZH38v7vv08h18%2F9X61606JD8dOVj7QA6kUW6pX%2FcprH1N6qbIuU9ev9JvRp1HtUsX03mxFVf%2F1ypWEb%2BmlwKe%2BT31aWZUmaev%2B0lSEzO61aLXlV2tBldZr6Jv%2F7tZ5sMyD6J2S5yHF5PxD7wIkHyPtfreS2K1cZ2%2B813WK5dqgJw4%2BTLdSXaTozse28dBOD87c0PZ49QF0uj%2FDhe79Y4zlhHg%2FP0CcHpxBIu7tzThjhSRFLJ5G0RsjUWNINgbXtyDFMQG4wNUNpN07V7Up2PYTlU3VCTn%2F%2BE%2FIYkLO%2F3YBaff%2BspL9yg2tXC51atFvl5D9MWRnjMwdIh8sQBaH4PkXkOIXsvR4HWl3b8MqDSlOXqmHLUFpVF9s0layWOOULcb1OFj0aa3W8KOYUhrMApJyDNkeQyVDMLsAZz046cG1PbjMQ1ecVDiltOELzvxmi%2FNQNJI4Ej5ljTZl1I%2BacHz6D0Pk2RBcDcHNDjKzgy05hHE%2FwW6WsMKDzQl6okSREBSWoGAEhSQocoKiV%2B4LZQNb3hHKupie9eCsh%2BVI551dtq%2FzTpKS3eyUPDcL7o9PfsBWclJJRBj5tBaFYTNoCd7wWS0QnLOkLdphm1JYWULaBTDrYSCPn32ETB7%2Fv0TMDmHVIbh8GcxdBCtGjcAH2xzVmj4G6V3tdDUzibUQukSW%2Fw%2F5trerTsmLM4Dmzb%2BQ8KPLXw5%2Bv3L%2FwufgpkRmSnwmHxJ01O3RdV2Qveu6sOT7jSyXXTlg01e9kbM8OffN%2B8l2oY1YW7HDu%2B%2FwqTAd791MbL7OUiHTjiXfLkshErOqDU%2FIj2v2oyS%2B5uzmsjOpy9avvbu61p0BSp2OwaYH%2Bsyr4HJCnlqQs4O9%2BOhtSDOGcSW67oicFaQ%2BBM92YLM5v9XnYNTcE2ceCleOTBDPPypJoJL5zuIS9l97PJ937W10zEtg%2BS2k3RI9U6KnSjA1hHXnRnlmji7%2FGs4KsfJGsTLeXqyM%2BvpJuFaeVBph6LOoVaeNBksacS1otiMqGAtqURBFLERuJzx84a2%2FAQAA%2F%2F8BAAD%2F%2F%2Fsr4dJ7BAAA
IP 173.233.137.60:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1SSwYscRRvGqzf5Dp%2BKoObiITKIgoI729U90zNjkOi6blhcsyGJ6EGQ6qqe2XJrupqqrunZ8bIYkRzH%2F6D3md0s0RAUzwaZDXhYEHY8hD244NmjkKPITBZH38v7vv08h18%2F9X61606JD8dOVj7QA6kUW6pX%2FcprH1N6qbIuU9ev9JvRp1HtUsX03mxFVf%2F1ypWEb%2BmlwKe%2BT31aWZUmaev%2B0lSEzO61aLXlV2tBldZr6Jv%2F7tZ5sMyD6J2S5yHF5PxD7wIkHyPtfreS2K1cZ2%2B813WK5dqgJw4%2BTLdSXaTozse28dBOD87c0PZ49QF0uj%2FDhe79Y4zlhHg%2FP0CcHpxBIu7tzThjhSRFLJ5G0RsjUWNINgbXtyDFMQG4wNUNpN07V7Up2PYTlU3VCTn%2F%2BE%2FIYkLO%2F3YBaff%2BspL9yg2tXC51atFvl5D9MWRnjMwdIh8sQBaH4PkXkOIXsvR4HWl3b8MqDSlOXqmHLUFpVF9s0layWOOULcb1OFj0aa3W8KOYUhrMApJyDNkeQyVDMLsAZz046cG1PbjMQ1ecVDiltOELzvxmi%2FNQNJI4Ej5ljTZl1I%2BacHz6D0Pk2RBcDcHNDjKzgy05hHE%2FwW6WsMKDzQl6okSREBSWoGAEhSQocoKiV%2B4LZQNb3hHKupie9eCsh%2BVI551dtq%2FzTpKS3eyUPDcL7o9PfsBWclJJRBj5tBaFYTNoCd7wWS0QnLOkLdphm1JYWULaBTDrYSCPn32ETB7%2Fv0TMDmHVIbh8GcxdBCtGjcAH2xzVmj4G6V3tdDUzibUQukSW%2Fw%2F5trerTsmLM4Dmzb%2BQ8KPLXw5%2Bv3L%2FwufgpkRmSnwmHxJ01O3RdV2Qveu6sOT7jSyXXTlg01e9kbM8OffN%2B8l2oY1YW7HDu%2B%2FwqTAd791MbL7OUiHTjiXfLkshErOqDU%2FIj2v2oyS%2B5uzmsjOpy9avvbu61p0BSp2OwaYH%2Bsyr4HJCnlqQs4O9%2BOhtSDOGcSW67oicFaQ%2BBM92YLM5v9XnYNTcE2ceCleOTBDPPypJoJL5zuIS9l97PJ937W10zEtg%2BS2k3RI9U6KnSjA1hHXnRnlmji7%2FGs4KsfJGsTLeXqyM%2BvpJuFaeVBph6LOoVaeNBksacS1otiMqGAtqURBFLERuJzx84a2%2FAQAA%2F%2F8BAAD%2F%2F%2Fsr4dJ7BAAA HTTP/1.1
Host: contagiousantagonizequarry.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ouo.press/
Cookie: u_pl=15424691; uid_id2=539d1165-819e-4c1a-b5b2-0144706b1112:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleced36014633829dc70a42dccaefdf3f11=[3691774]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 27 Sep 2022 15:14:05 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 01178f3a424d4c6bf6d477aa748d146e
Strict-Transport-Security: max-age=0; includeSubdomains
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a8efccf4c61af35f8011cfb61e7f66ca
90987edc2453bcd66d8c89ed47c9882a846b22d6
973f1eaa5748b6c10ab41032e3a0dfd1f370ac6c25e819e54e81b8c3c4bd78a0
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "973F1EAA5748B6C10AB41032E3A0DFD1F370AC6C25E819E54E81B8C3C4BD78A0"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3946
Expires: Tue, 27 Sep 2022 16:19:51 GMT
Date: Tue, 27 Sep 2022 15:14:05 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a8efccf4c61af35f8011cfb61e7f66ca
90987edc2453bcd66d8c89ed47c9882a846b22d6
973f1eaa5748b6c10ab41032e3a0dfd1f370ac6c25e819e54e81b8c3c4bd78a0
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "973F1EAA5748B6C10AB41032E3A0DFD1F370AC6C25E819E54E81B8C3C4BD78A0"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3946
Expires: Tue, 27 Sep 2022 16:19:51 GMT
Date: Tue, 27 Sep 2022 15:14:05 GMT
Connection: keep-alive
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
142.250.74.10200 OK 660 B URL HTTP/1.1 fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP 142.250.74.10:0
Hash 55130bf120bd75a4bba7d678be617cdf
77b172c0cc1d15e60ab95edccf3ac1e640d16812
262b9e8c2eeba18bdc3dd53ac7bbacdbbec713a9443ff5dc34e359de56ea040d
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Tue, 27 Sep 2022 15:14:05 GMT
Date: Tue, 27 Sep 2022 15:14:05 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
cdn.sb4you1.com/sb/chat/mob/ssp/v2/new/3/img/close.png
172.64.200.2200 OK 6.0 kB URL HTTP/2 cdn.sb4you1.com/sb/chat/mob/ssp/v2/new/3/img/close.png
IP 172.64.200.2:0
File type PNG image data, 522 x 391, 8-bit/color RGBA, non-interlaced\012- data
Hash c489ce2c491a22ee37a55e26a92dfd73
2fa588ab09e94dd902e5bd24b48f98ad1949c9d6
1eed147c7d5de6291c25fbc5274830c12d5549262fb144271576d4e15966e5bd
GET /sb/chat/mob/ssp/v2/new/3/img/close.png HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 15:14:05 GMT
content-type: image/png
content-length: 5982
last-modified: Tue, 05 Jul 2022 10:43:39 GMT
etag: "62c415db-175e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4770580
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FJKqD8xYlIn1fdmDgXjdwQdGb%2BLL4AZf4%2FYsVyy6L%2BwA3YbxmKJbz5zjM2nAGvPVOY680q%2Bi3mUe%2BIEyVJO%2FULsWk9Uu7PWtk5P%2F%2BJDN%2BkI9hTLb0hV%2B8%2Bkwvu91zhnZbjY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75152fe18dfc72c0-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
contagiousantagonizequarry.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2Fe6%2Fd7%2F97%2Fe6d797a3a7be0e7ec1877d1b33146dfa%2F1657714258.html&l=1190&fd=129
173.233.137.60200 OK 0 B URL HTTP/1.1 contagiousantagonizequarry.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2Fe6%2Fd7%2F97%2Fe6d797a3a7be0e7ec1877d1b33146dfa%2F1657714258.html&l=1190&fd=129
IP 173.233.137.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2Fe6%2Fd7%2F97%2Fe6d797a3a7be0e7ec1877d1b33146dfa%2F1657714258.html&l=1190&fd=129 HTTP/1.1
Host: contagiousantagonizequarry.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 27 Sep 2022 15:14:05 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
ag.gbc.criteo.com/newidsd
178.250.6.226200 OK 542 B URL HTTP/2 ag.gbc.criteo.com/newidsd
IP 178.250.6.226:0
Hash 1caf94967962fc4627ca71fb43d186ac
b8f71479ecd66339fd5775f6223026fc32a46719
488f8ebd880d952028547569491d0f36ee3aaf06802b16d6584c24b78d3fe65b
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 15:14:04 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 86248
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a8efccf4c61af35f8011cfb61e7f66ca
90987edc2453bcd66d8c89ed47c9882a846b22d6
973f1eaa5748b6c10ab41032e3a0dfd1f370ac6c25e819e54e81b8c3c4bd78a0
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "973F1EAA5748B6C10AB41032E3A0DFD1F370AC6C25E819E54E81B8C3C4BD78A0"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3946
Expires: Tue, 27 Sep 2022 16:19:51 GMT
Date: Tue, 27 Sep 2022 15:14:05 GMT
Connection: keep-alive
cdn.cloudimagesb.com/si/7b/e8/63/7be86319ec93e94be3081d2debeb1d2f/1664269244.jpg
45.133.44.10200 OK 14 kB URL HTTP/2 cdn.cloudimagesb.com/si/7b/e8/63/7be86319ec93e94be3081d2debeb1d2f/1664269244.jpg
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Hash e68fd37b42b9114ef94f0fc575542ca1
2baabb86497fc9a34e7c0b75569a77a0731895a5
abb6166a507f698fdc424b4558a0f0c5765fd6a657cbdc601e2b53d2eb3ce21f
GET /si/7b/e8/63/7be86319ec93e94be3081d2debeb1d2f/1664269244.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 15:14:05 GMT
content-type: image/jpeg
content-length: 14121
server: nginx/1.17.6
last-modified: Tue, 27 Sep 2022 09:00:52 GMT
etag: "6332bbc4-3729"
expires: Thu, 29 Sep 2022 15:14:05 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/chat/mob/ssp/v2/new/3/css/animate.css
172.64.200.2200 OK 4.9 kB URL HTTP/2 cdn.sb4you1.com/sb/chat/mob/ssp/v2/new/3/css/animate.css
IP 172.64.200.2:0
Hash 3674a1cb86daab116b5846fd66b927bd
67879f775f61d0ee60c4e603e1c26c356e50fa30
110f259337068c4c1543bdf6c90cc8f59f3cd9895a83c3c4171f988af2d3e070
GET /sb/chat/mob/ssp/v2/new/3/css/animate.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 15:14:05 GMT
content-type: text/css
last-modified: Wed, 13 Jul 2022 12:13:56 GMT
etag: W/"62ceb704-135d1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cns7iL5q4zlbuCqZc4TFDgzyx2QWN1P%2F1dQH8RmdiRHvj0nYA1EULQfCkxc92hfWrvXyFBTrH9mBK1Et2uuML3Er6IowKjNQ%2BdDTjKmGB%2BdwWLpmO7ZjeOBuFpUFqwsNbjw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75152fe15db672c0-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f65ea1b3c2ae2ce920030f3e0b20e120
03ab1e585353c1d310b30d54635024489c5a8f59
195135066025e34eb86ebfdb626743667181419395bacbf4d44f124cc775a7c3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "195135066025E34EB86EBFDB626743667181419395BACBF4D44F124CC775A7C3"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6530
Expires: Tue, 27 Sep 2022 17:02:55 GMT
Date: Tue, 27 Sep 2022 15:14:05 GMT
Connection: keep-alive
contagiousantagonizequarry.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fchat%2Fmob%2Fssp%2Fv2%2Fnew%2F3%2Fcss%2Fstyle.css&l=4649&fd=315
173.233.137.60200 OK 0 B URL HTTP/1.1 contagiousantagonizequarry.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fchat%2Fmob%2Fssp%2Fv2%2Fnew%2F3%2Fcss%2Fstyle.css&l=4649&fd=315
IP 173.233.137.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fchat%2Fmob%2Fssp%2Fv2%2Fnew%2F3%2Fcss%2Fstyle.css&l=4649&fd=315 HTTP/1.1
Host: contagiousantagonizequarry.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 27 Sep 2022 15:14:05 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
15.197.193.217301 Moved Permanently 134 B URL HTTP/1.1 match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
IP 15.197.193.217:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4aa7a432bb447f094408f1bd6229c605
1965c4952cc8c082a6307ed67061a57aab6632fa
34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a
GET /track/rid?ttd_pid=pubmatic&fmt=json HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: text/plain
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 301 Moved Permanently
Server: awselb/2.0
Date: Tue, 27 Sep 2022 15:14:05 GMT
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Location: https://match.adsrvr.org:443/track/rid?ttd_pid=pubmatic&fmt=json
cdn.sb4you1.com/sb/chat/mob/ssp/v2/new/3/css/style.css
172.64.200.2200 OK 1.2 kB URL HTTP/2 cdn.sb4you1.com/sb/chat/mob/ssp/v2/new/3/css/style.css
IP 172.64.200.2:0
Hash bbf28fd391610ff9270bb98d01be3385
9b20b7ef4e7bdd7c53d44e2d46bfd4c087a19a97
1c0c134647982cd1e9c08d5dc8b565ca613b8ccb1b45402c8ff7b5609aa780a8
GET /sb/chat/mob/ssp/v2/new/3/css/style.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 15:14:05 GMT
content-type: text/css
last-modified: Wed, 13 Jul 2022 12:13:55 GMT
etag: W/"62ceb703-1229"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DcS1JUwKQkg9vw1I%2BB7iEHtfx%2B2AGnT7xV1lv%2BgXQINRRYVQtSsRCVTKQvHMjiV97kFcAmKsYU%2B%2FTvBlQ%2FFTiTjeLAg%2BLHb2KFD%2B%2FraZTqHyE3YNjntnBVzbsvzAQSuVEMQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75152fe15dbd72c0-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 16 kB URL HTTP/1.1 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://ouo.press
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15744
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 21 Sep 2022 20:15:52 GMT
Expires: Thu, 21 Sep 2023 20:15:52 GMT
Cache-Control: public, max-age=31536000
Age: 500294
Last-Modified: Wed, 11 May 2022 19:24:48 GMT
Content-Type: font/woff2
contagiousantagonizequarry.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fchat%2Fmob%2Fssp%2Fv2%2Fnew%2F3%2Fjs%2Fscript.js&l=383&fd=256
173.233.137.60200 OK 0 B URL HTTP/1.1 contagiousantagonizequarry.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fchat%2Fmob%2Fssp%2Fv2%2Fnew%2F3%2Fjs%2Fscript.js&l=383&fd=256
IP 173.233.137.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fchat%2Fmob%2Fssp%2Fv2%2Fnew%2F3%2Fjs%2Fscript.js&l=383&fd=256 HTTP/1.1
Host: contagiousantagonizequarry.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 27 Sep 2022 15:14:06 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/1.1 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://ouo.press
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15860
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 21 Sep 2022 20:15:52 GMT
Expires: Thu, 21 Sep 2023 20:15:52 GMT
Cache-Control: public, max-age=31536000
Age: 500294
Last-Modified: Wed, 11 May 2022 19:24:42 GMT
Content-Type: font/woff2
ocsp.godaddy.com/
192.124.249.24200 OK 1.8 kB IP 192.124.249.24:0
Hash f6cea38558db0258ea616f18d6710c41
beaf12eb28343f95925b1304c7dc3c8440c9e106
df4b49e7d3e9601051122ed814f7a46deafc8576b1706e5d440eeecff6b69b32
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 27 Sep 2022 15:14:06 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 26 Sep 2022 23:55:13 GMT
Expires: Tue, 27 Sep 2022 23:55:13 GMT
ETag: "beaf12eb28343f95925b1304c7dc3c8440c9e106"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
contagiousantagonizequarry.com/impr.gif?sid=H4sIAAAAAAAC%2F1SSz2tc1RvGz037XXxVBLUbF5VBFBTM5J75PRapxpgSjE1pK7oQ5Py6k2PO3HM55965k3ETrEiX439w80zSUC1FcW2RScFFQMi4KFkYcO1S6FJkpsHRd%2FO%2B732exec%2B5%2F1qNzslITJ2svKBHWhj2FK9HJZe%2B5jSS6V1HWf9Ur%2FV%2BLRRu1RyvTfbjXL4eumKElt2qRLSMKQhLa1qpyLbX5qK0Mm9Ni23w3KtUqb1Gvruv7vPAngWQPZOyfPQcnL%2BYXABWowRd79bUX4rtckb73Uzw1Lr0JMHH8Zbsc1jdOdj5AJE8cGZG9Yfrz6AjfdnuLC9f4xcT0jw8wPw%2BOAMEry3N%2BPkBioGl08j742hzBiajSHsLWh5TAAhcXUDcffOVetytv1EZVN1Qs4%2F%2FhM6n5Dzv11A3L2%2FbHS%2FdMOaLNU29uhHBXR%2FDN0ZI8kOkQ4WoPNDiPQLaPkLWXq8jri7t%2BGNhZYnr9SrbUlpo77Yom21WBOULfI6ryyGtFZrhg1OKa3MAtJ6DB2NYdQQzC8g8wEyHSCLAmRJgK48KQlKaTOUgoWtthBV2VS8IUPKmhFlNGy0kInpPwyRJkMIM4RwO0jcDrb0EC77CX6zgJcBfErQkwVyRZB7gpwR5JogTwnyXrEvja%2F44o40PuP0rFfOerUY2bSzy%2FZt2lEx2U1OyXOz4P745AdsqZOSktVGSGuNarVVaUvRDFmtIoVgKpJRNaIUXhfQfgHMBxjo42cfIdHH%2Fy%2FA2SG8OYTQL4NlF8HyUbMSgm2Oaq0Qg%2FiuzWw5ccp7SFsgSf%2BHdDvYNafkxRlA6%2BZfUOLo8peD36%2Fcv%2FA5hCuQuAKf6YcEHXN7dN3mZO%2B6zT35fiNJdVcP2PRVb6QsVee%2BeV9t59bJtRU%2FvPuOmArT8d5N5dN1Fksddzz5dllLqdyqdUKRH9f8R4pfy%2FzmcubiLFm%2F9u7qWncGqG08Bpse6DOvQugJeWpBzw724qO3od0YLivQzY7IWUHbQ4hkBz6Z83t7Ds7MPTwJkGfFyFX4%2FKPRBEbNd8YL%2BH%2FtfD7v%2BtvouJfA0luIuwV6rkDPFGBmCJ%2BdG6WJO7r8a3VW4CYYceOCPW6c%2BfpJuF6flKqhbHIVqSZXtXotUkLyep2HIhK8KlstgdRPRPWFt%2F4GAAD%2F%2FwEAAP%2F%2Fe%2F80OnsEAAA%3D
173.233.137.60200 OK 7 B URL HTTP/1.1 contagiousantagonizequarry.com/impr.gif?sid=H4sIAAAAAAAC%2F1SSz2tc1RvGz037XXxVBLUbF5VBFBTM5J75PRapxpgSjE1pK7oQ5Py6k2PO3HM55965k3ETrEiX439w80zSUC1FcW2RScFFQMi4KFkYcO1S6FJkpsHRd%2FO%2B732exec%2B5%2F1qNzslITJ2svKBHWhj2FK9HJZe%2B5jSS6V1HWf9Ur%2FV%2BLRRu1RyvTfbjXL4eumKElt2qRLSMKQhLa1qpyLbX5qK0Mm9Ni23w3KtUqb1Gvruv7vPAngWQPZOyfPQcnL%2BYXABWowRd79bUX4rtckb73Uzw1Lr0JMHH8Zbsc1jdOdj5AJE8cGZG9Yfrz6AjfdnuLC9f4xcT0jw8wPw%2BOAMEry3N%2BPkBioGl08j742hzBiajSHsLWh5TAAhcXUDcffOVetytv1EZVN1Qs4%2F%2FhM6n5Dzv11A3L2%2FbHS%2FdMOaLNU29uhHBXR%2FDN0ZI8kOkQ4WoPNDiPQLaPkLWXq8jri7t%2BGNhZYnr9SrbUlpo77Yom21WBOULfI6ryyGtFZrhg1OKa3MAtJ6DB2NYdQQzC8g8wEyHSCLAmRJgK48KQlKaTOUgoWtthBV2VS8IUPKmhFlNGy0kInpPwyRJkMIM4RwO0jcDrb0EC77CX6zgJcBfErQkwVyRZB7gpwR5JogTwnyXrEvja%2F44o40PuP0rFfOerUY2bSzy%2FZt2lEx2U1OyXOz4P745AdsqZOSktVGSGuNarVVaUvRDFmtIoVgKpJRNaIUXhfQfgHMBxjo42cfIdHH%2Fy%2FA2SG8OYTQL4NlF8HyUbMSgm2Oaq0Qg%2FiuzWw5ccp7SFsgSf%2BHdDvYNafkxRlA6%2BZfUOLo8peD36%2Fcv%2FA5hCuQuAKf6YcEHXN7dN3mZO%2B6zT35fiNJdVcP2PRVb6QsVee%2BeV9t59bJtRU%2FvPuOmArT8d5N5dN1Fksddzz5dllLqdyqdUKRH9f8R4pfy%2FzmcubiLFm%2F9u7qWncGqG08Bpse6DOvQugJeWpBzw724qO3od0YLivQzY7IWUHbQ4hkBz6Z83t7Ds7MPTwJkGfFyFX4%2FKPRBEbNd8YL%2BH%2FtfD7v%2BtvouJfA0luIuwV6rkDPFGBmCJ%2BdG6WJO7r8a3VW4CYYceOCPW6c%2BfpJuF6flKqhbHIVqSZXtXotUkLyep2HIhK8KlstgdRPRPWFt%2F4GAAD%2F%2FwEAAP%2F%2Fe%2F80OnsEAAA%3D
IP 173.233.137.60:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1SSz2tc1RvGz037XXxVBLUbF5VBFBTM5J75PRapxpgSjE1pK7oQ5Py6k2PO3HM55965k3ETrEiX439w80zSUC1FcW2RScFFQMi4KFkYcO1S6FJkpsHRd%2FO%2B732exec%2B5%2F1qNzslITJ2svKBHWhj2FK9HJZe%2B5jSS6V1HWf9Ur%2FV%2BLRRu1RyvTfbjXL4eumKElt2qRLSMKQhLa1qpyLbX5qK0Mm9Ni23w3KtUqb1Gvruv7vPAngWQPZOyfPQcnL%2BYXABWowRd79bUX4rtckb73Uzw1Lr0JMHH8Zbsc1jdOdj5AJE8cGZG9Yfrz6AjfdnuLC9f4xcT0jw8wPw%2BOAMEry3N%2BPkBioGl08j742hzBiajSHsLWh5TAAhcXUDcffOVetytv1EZVN1Qs4%2F%2FhM6n5Dzv11A3L2%2FbHS%2FdMOaLNU29uhHBXR%2FDN0ZI8kOkQ4WoPNDiPQLaPkLWXq8jri7t%2BGNhZYnr9SrbUlpo77Yom21WBOULfI6ryyGtFZrhg1OKa3MAtJ6DB2NYdQQzC8g8wEyHSCLAmRJgK48KQlKaTOUgoWtthBV2VS8IUPKmhFlNGy0kInpPwyRJkMIM4RwO0jcDrb0EC77CX6zgJcBfErQkwVyRZB7gpwR5JogTwnyXrEvja%2F44o40PuP0rFfOerUY2bSzy%2FZt2lEx2U1OyXOz4P745AdsqZOSktVGSGuNarVVaUvRDFmtIoVgKpJRNaIUXhfQfgHMBxjo42cfIdHH%2Fy%2FA2SG8OYTQL4NlF8HyUbMSgm2Oaq0Qg%2FiuzWw5ccp7SFsgSf%2BHdDvYNafkxRlA6%2BZfUOLo8peD36%2Fcv%2FA5hCuQuAKf6YcEHXN7dN3mZO%2B6zT35fiNJdVcP2PRVb6QsVee%2BeV9t59bJtRU%2FvPuOmArT8d5N5dN1Fksddzz5dllLqdyqdUKRH9f8R4pfy%2FzmcubiLFm%2F9u7qWncGqG08Bpse6DOvQugJeWpBzw724qO3od0YLivQzY7IWUHbQ4hkBz6Z83t7Ds7MPTwJkGfFyFX4%2FKPRBEbNd8YL%2BH%2FtfD7v%2BtvouJfA0luIuwV6rkDPFGBmCJ%2BdG6WJO7r8a3VW4CYYceOCPW6c%2BfpJuF6flKqhbHIVqSZXtXotUkLyep2HIhK8KlstgdRPRPWFt%2F4GAAD%2F%2FwEAAP%2F%2Fe%2F80OnsEAAA%3D HTTP/1.1
Host: contagiousantagonizequarry.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ouo.press/
Cookie: u_pl=15424691; uid_id2=539d1165-819e-4c1a-b5b2-0144706b1112:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleced36014633829dc70a42dccaefdf3f11=[3691774]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 27 Sep 2022 15:14:06 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 722766fd59fd684069146e8bc681d7d9
Strict-Transport-Security: max-age=0; includeSubdomains
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 68eeaf1d0cd2ef5c36ab55992430343e
7c88fc09f8d1e0a4fe2c4ae4ea14440c33d15cb4
2572d7e99a9edcf421032cb558404f86ccd263477243348c4c317425f612609e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 15:14:06 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 25 Sep 2022 01:42:53 GMT
Expires: Sun, 02 Oct 2022 01:42:52 GMT
Etag: "7c88fc09f8d1e0a4fe2c4ae4ea14440c33d15cb4"
Cache-Control: max-age=382725,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75152fe33b95b512-OSL
id.crwdcntrl.net/id
18.203.72.119200 OK 63 B IP 18.203.72.119:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 04627ae4a69a5c3acdefc8b237746edc
e3adf518cef7266471b8c111f915cdde08120561
a9fb37af6a62590376b2d858c40f5699865987686b66871cd0e4f457bf1dd055
GET /id HTTP/1.1
Host: id.crwdcntrl.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 15:14:06 GMT
content-type: application/json;charset=utf-8
content-length: 63
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.9.207
access-control-allow-credentials: true
access-control-allow-origin: http://ouo.press
server: Jetty(9.4.38.v20210224)
X-Firefox-Spdy: h2
api.rlcdn.com/api/identity/envelope?pid=1258
34.120.133.55401 Unauthorized 19 B URL HTTP/2 api.rlcdn.com/api/identity/envelope?pid=1258
IP 34.120.133.55:0
Hash 63dfbd2b39fe4f536a04e7b32ada47b4
207298c4a215ad5d97d888522927910ae772ba48
26e51290d12b4fea0bb98da3ed118837b744555ba723061771ab3df30000b6b7
GET /api/identity/envelope?pid=1258 HTTP/1.1
Host: api.rlcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 401 Unauthorized
content-type: text/plain; charset=utf-8
x-content-type-options: nosniff
date: Tue, 27 Sep 2022 15:14:06 GMT
content-length: 19
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
static.criteo.net/js/ld/publishertag.prebid.js
178.250.0.130200 OK 30 kB URL HTTP/2 static.criteo.net/js/ld/publishertag.prebid.js
IP 178.250.0.130:0
Hash c8a25eccc04013b7f9a9a22f66bd6fb7
ac64f0715692799535f3c0601477c326c2bd56f2
557f4e667c92c144ae4100d21510be4c213cc2099d81e094f263ef16b03e99fd
GET /js/ld/publishertag.prebid.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 15:14:05 GMT
content-type: text/javascript
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
etag: W/"6326273b-16120"
expires: Wed, 28 Sep 2022 15:14:05 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
contagiousantagonizequarry.com/pixel/sbs?c=1
173.233.137.60200 OK 0 B URL HTTP/1.1 contagiousantagonizequarry.com/pixel/sbs?c=1
IP 173.233.137.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: contagiousantagonizequarry.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ouo.press/
Cookie: u_pl=15424691; uid_id2=539d1165-819e-4c1a-b5b2-0144706b1112:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleced36014633829dc70a42dccaefdf3f11=[3691774]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 27 Sep 2022 15:14:06 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155495
23.38.200.201200 OK 5.5 kB URL HTTP/2 ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155495
IP 23.38.200.201:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (15844), with no line terminators
Hash 7725e8e949141c8ded449d86975d4c04
8cd8c314a2002cc26f821d331ab9512f52a551a2
a0c49aacf6f552bce544eb8516404f696918253cd934a6404ebeafd71f8780ae
GET /AdServer/js/user_sync.html?kdntuid=1&p=155495 HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ouo.press/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
server: Apache
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5549
content-type: text/html; charset=UTF-8
cache-control: max-age=169758
expires: Thu, 29 Sep 2022 14:23:25 GMT
date: Tue, 27 Sep 2022 15:14:07 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
acdn.adnxs.com/dmp/async_usersync.html
23.38.200.189200 OK 17 kB URL HTTP/1.1 acdn.adnxs.com/dmp/async_usersync.html
IP 23.38.200.189:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (52990)
Hash 9c6b5ce6b3452e98573e6409c34dd73c
de607fadef62e36945a409a838eb8fc36d819b42
cd729039a1b314b25ea94b5c45c8d575d3387f7df83f98c233614bf09484a1fc
GET /dmp/async_usersync.html HTTP/1.1
Host: acdn.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ouo.press/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
ETag: "623de86a-cf34"
Server: nginx/1.18.0 (Ubuntu)
Access-Control-Allow-Origin: *
Content-Type: text/html
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Wed, 28 Sep 2022 15:14:09 GMT
Date: Tue, 27 Sep 2022 15:14:07 GMT
Connection: keep-alive
Vary: Accept-Encoding
ib.adnxs.com/async_usersync?cbfn=queuePixels
185.89.210.46307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP 185.89.210.46:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Tue, 27 Sep 2022 15:14:07 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: 4a496949-d24d-4939-b4c9-e4a717462e6a
Set-Cookie: uuid2=228733794345564626; SameSite=None; Path=/; Max-Age=7776000; Expires=Mon, 26-Dec-2022 15:14:07 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1
178.250.0.157200 OK 430 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1
IP 178.250.0.157:0
Hash a3e68c3bee6b6ef0fd8ff9664f55f308
2ec54ca70abe76cf122b617c0a4155ca013252c5
7e28e02a9a7117d66028eac9448c0d0c94ea5c7d883f6abbea464ff1167f9614
OPTIONS /sid/json?origin=prebid&topUrl=http%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: http://ouo.press/
Origin: http://ouo.press
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 15:14:04 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: http://ouo.press
server-processing-duration-in-ticks: 372189
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&pbt=1&lsw=1
178.250.0.157200 OK 82 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&pbt=1&lsw=1
IP 178.250.0.157:0
Hash fb4a266b9f9f73d90bb946fc058f4147
f59227e0d0ab171a971cab9fdb7924cb1247ae8a
c3c17d8410332d59289669acc76808ae685bc41ab84369755b4bf0af29bc65aa
OPTIONS /sid/json?origin=prebid&topUrl=http%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&pbt=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: http://ouo.press/
Origin: http://ouo.press
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 15:14:06 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: http://ouo.press
server-processing-duration-in-ticks: 561076
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
ib.adnxs.com/async_usersync?cbfn=queuePixels
185.89.210.46307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP 185.89.210.46:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Tue, 27 Sep 2022 15:14:08 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: ef9fb574-20af-47ee-89db-c9ae4ccdf49a
Set-Cookie: uuid2=3819004954150334725; SameSite=None; Path=/; Max-Age=7776000; Expires=Mon, 26-Dec-2022 15:14:08 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
185.89.210.46200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP 185.89.210.46:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Tue, 27 Sep 2022 15:14:08 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 94f4d529-1698-4906-9c40-65f1289e0fe9
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
id5-sync.com/g/v2/231.json
162.19.138.82200 216 B URL HTTP/1.1 id5-sync.com/g/v2/231.json
IP 162.19.138.82:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 01677c057245ea5e9290d73bed25068a
172461136a1d237560cfa087507026c2c8d41f08
b9aa3dd7f8c66d0967ab3c9d02d691af7f8df38d96914ac5d7aaa3b613388bc4
POST /g/v2/231.json HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 304
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: http://ouo.press
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Tue, 27 Sep 2022 15:14:08 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
challenges.cloudflare.com/turnstile/v0/192bead3/api.js?onload=_cf_chl_turnstile_l&render=explicit
104.18.6.185200 OK 0 B URL HTTP/2 challenges.cloudflare.com/turnstile/v0/192bead3/api.js?onload=_cf_chl_turnstile_l&render=explicit
IP 104.18.6.185:0
GET /turnstile/v0/192bead3/api.js?onload=_cf_chl_turnstile_l&render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ouo.press/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 15:14:01 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000
vary: Accept-Encoding
server: cloudflare
cf-ray: 75152fc5f9e4b4ff-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
simage4.pubmatic.com/AdServer/SPug?o=1&p=155495&sc=1&u=609F2E8C-2EAB-4D6E-A387-0A61756BF87E&rs=3&gdpr=0&gdpr_consent=&us_privacy=
198.47.127.20200 OK 0 B URL HTTP/2 simage4.pubmatic.com/AdServer/SPug?o=1&p=155495&sc=1&u=609F2E8C-2EAB-4D6E-A387-0A61756BF87E&rs=3&gdpr=0&gdpr_consent=&us_privacy=
IP 198.47.127.20:0
GET /AdServer/SPug?o=1&p=155495&sc=1&u=609F2E8C-2EAB-4D6E-A387-0A61756BF87E&rs=3&gdpr=0&gdpr_consent=&us_privacy= HTTP/1.1
Host: simage4.pubmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 15:14:06 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=publishertag&domain=ouo.press&sn=FirefoxSyncframe&so=3&topUrl=ouo.press&bundle=2hySTl92WXZ1aXNydiUyRm9HSVZlZEtVNEswZXBMJTJGSWdSbVBvUzd1bEpzQTMlMkJ4d1BSS3FKV1ozeXlFZkdsMERNTm9WMlE5WU9ZU2QxUHVHcVZldWhuQlN3bDNiMHBZTDVUVFI3RnRtdktGSlBoWkkyVjNPWlAwc1o2JTJGYTk1dHZWWEU0Mk9M&info=B7NG2F80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3lSJTJCbGdnY2dxM1RTSkZUTSUyRm0lMkJXR1didXRaJTJCenk0bWxlSFRFTkRON3hSMA&idsd=1362115961,-1590641815&cw=1&lsw=1
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=publishertag&domain=ouo.press&sn=FirefoxSyncframe&so=3&topUrl=ouo.press&bundle=2hySTl92WXZ1aXNydiUyRm9HSVZlZEtVNEswZXBMJTJGSWdSbVBvUzd1bEpzQTMlMkJ4d1BSS3FKV1ozeXlFZkdsMERNTm9WMlE5WU9ZU2QxUHVHcVZldWhuQlN3bDNiMHBZTDVUVFI3RnRtdktGSlBoWkkyVjNPWlAwc1o2JTJGYTk1dHZWWEU0Mk9M&info=B7NG2F80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3lSJTJCbGdnY2dxM1RTSkZUTSUyRm0lMkJXR1didXRaJTJCenk0bWxlSFRFTkRON3hSMA&idsd=1362115961,-1590641815&cw=1&lsw=1
IP 178.250.0.157:0
GET /sid/json?origin=publishertag&domain=ouo.press&sn=FirefoxSyncframe&so=3&topUrl=ouo.press&bundle=2hySTl92WXZ1aXNydiUyRm9HSVZlZEtVNEswZXBMJTJGSWdSbVBvUzd1bEpzQTMlMkJ4d1BSS3FKV1ozeXlFZkdsMERNTm9WMlE5WU9ZU2QxUHVHcVZldWhuQlN3bDNiMHBZTDVUVFI3RnRtdktGSlBoWkkyVjNPWlAwc1o2JTJGYTk1dHZWWEU0Mk9M&info=B7NG2F80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3lSJTJCbGdnY2dxM1RTSkZUTSUyRm0lMkJXR1didXRaJTJCenk0bWxlSFRFTkRON3hSMA&idsd=1362115961,-1590641815&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ouo.press
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 15:14:05 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 1129198
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
cdn.firstimpression.io/delivery/lg.php?bannerid=65637%7C65638%7C65639%7C83411%7C93863%7C100721&campaignid=18%7C15%7C9%7C44%7C43%7C22&zoneid=110459%7C110459%7C110459%7C110459%7C110459%7C110459
54.230.111.77200 OK 0 B URL HTTP/2 cdn.firstimpression.io/delivery/lg.php?bannerid=65637%7C65638%7C65639%7C83411%7C93863%7C100721&campaignid=18%7C15%7C9%7C44%7C43%7C22&zoneid=110459%7C110459%7C110459%7C110459%7C110459%7C110459
IP 54.230.111.77:0
POST /delivery/lg.php?bannerid=65637%7C65638%7C65639%7C83411%7C93863%7C100721&campaignid=18%7C15%7C9%7C44%7C43%7C22&zoneid=110459%7C110459%7C110459%7C110459%7C110459%7C110459 HTTP/1.1
Host: cdn.firstimpression.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Cookie: OAID=GDPR
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
date: Tue, 27 Sep 2022 15:14:04 GMT
server: nginx/1.20.0
vary: Accept-Encoding
x-powered-by: PHP/8.0.14
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
expires: 0
access-control-allow-origin: http://ouo.press
p3p: CP="CUR ADM OUR NOR STA NID"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: GHGiN8jomTvG-vzUF74ZqzVvB7bq9rponwS6Y6gvyhvLLQimtwld1w==
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/chat/mob/ssp/v2/new/3/js/script.js
172.64.200.2200 OK 0 B URL HTTP/2 cdn.sb4you1.com/sb/chat/mob/ssp/v2/new/3/js/script.js
IP 172.64.200.2:0
GET /sb/chat/mob/ssp/v2/new/3/js/script.js HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 15:14:05 GMT
content-type: application/javascript
last-modified: Wed, 13 Jul 2022 12:13:56 GMT
etag: W/"62ceb704-17f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vNAjPYEogUkUxNEQDB99wTbEYwQOUMAtd5Twt8JZZOQQmHzJ24ZFnRWI9VW%2FAvqac%2B%2B7jKU%2FXoJUu1iS0oxsDMjw7TdTaxO%2Fau5tv4A0QPnJVCXytsf7%2BNZY4NTMWYGtJHc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75152fe1ee9972c0-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.barscreative1.com/sb/au/e6/d7/97/e6d797a3a7be0e7ec1877d1b33146dfa/1657714258.html
45.133.44.3200 OK 0 B URL HTTP/2 cdn.barscreative1.com/sb/au/e6/d7/97/e6d797a3a7be0e7ec1877d1b33146dfa/1657714258.html
IP 45.133.44.3:0
ASN #39572 DataWeb Global Group B.V.
Analyzer Verdict Alert fortinet Phishing
GET /sb/au/e6/d7/97/e6d797a3a7be0e7ec1877d1b33146dfa/1657714258.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 15:14:05 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Wed, 13 Jul 2022 12:11:03 GMT
etag: W/"62ceb657-4a6"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Tue, 27 Sep 2022 16:14:05 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
static.criteo.net/js/ld/publishertag.prebid.123.js
178.250.0.130200 OK 0 B URL HTTP/2 static.criteo.net/js/ld/publishertag.prebid.123.js
IP 178.250.0.130:0
GET /js/ld/publishertag.prebid.123.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 15:14:05 GMT
content-type: text/javascript
last-modified: Tue, 03 May 2022 11:21:03 GMT
etag: W/"6271101f-15b58"
expires: Wed, 28 Sep 2022 15:14:05 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
gum.criteo.com/syncframe?origin=publishertag&topUrl=ouo.press
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/syncframe?origin=publishertag&topUrl=ouo.press
IP 178.250.0.157:0
GET /syncframe?origin=publishertag&topUrl=ouo.press HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ouo.press/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 15:14:04 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=148bd634-4b31-4d52-95ce-7a655f18df7e; expires=Sun, 22 Oct 2023 15:14:04 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 751900
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.0.157200 OK 0 B IP 178.250.0.157:0
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Cookie: browser_data=B7NG2F80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3lSJTJCbGdnY2dxM1RTSkZUTSUyRm0lMkJXR1didXRaJTJCenk0bWxlSFRFTkRON3hSMA
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 15:14:06 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=h3XJTl80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3lSJTJCbGdnY2dxM1RTSkZUTSUyRm0lMkJXR1dSRlg3eEx1akxjUGs0czZpaE9CMkY; expires=Sun, 22 Oct 2023 15:14:07 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: http://ouo.press
server-processing-duration-in-ticks: 371412
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
cdn.adskeeper.co.uk/images/adskeeper_svg.svg
104.18.27.174200 OK 0 B URL HTTP/2 cdn.adskeeper.co.uk/images/adskeeper_svg.svg
IP 104.18.27.174:0
GET /images/adskeeper_svg.svg HTTP/1.1
Host: cdn.adskeeper.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 15:14:05 GMT
content-type: image/svg+xml
x-amz-id-2: 9+wK7//B9wiKymVhwJBS49yIWsknA1BYnHtl2rpiLd1F4bVgMRR1xL0U37+qHDuhswdKTk5XkFw=
x-amz-request-id: P23ZACW8NK08CPPP
last-modified: Tue, 08 Dec 2020 08:34:59 GMT
etag: W/"93f6d1136fb77e38a0a2c72108588f09"
x-amz-meta-s3cmd-attrs: atime:1607416491/ctime:1607416491/gid:0/gname:root/md5:93f6d1136fb77e38a0a2c72108588f09/mode:33206/mtime:1607416491/uid:0/uname:root
x-amz-version-id: null
cf-cache-status: HIT
age: 5227
expires: Tue, 27 Sep 2022 19:14:05 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
server: cloudflare
cf-ray: 75152fdda8c20b31-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/chat/mob/ssp/v2/new/3/js/jquery.min.js
172.64.200.2200 OK 0 B URL HTTP/2 cdn.sb4you1.com/sb/chat/mob/ssp/v2/new/3/js/jquery.min.js
IP 172.64.200.2:0
GET /sb/chat/mob/ssp/v2/new/3/js/jquery.min.js HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 15:14:05 GMT
content-type: application/javascript
last-modified: Wed, 13 Jul 2022 12:13:58 GMT
etag: W/"62ceb706-15d94"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4770580
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O6uzmhFWARi124v2PGUSys6p56nd8Ibi60Bo2x%2FZB2FwJRvEe2kbzLHDg3EikRnlkzv8jnY5prg625FbWss1CmpMy6koMplNQ0vZgxEEcobee8oesnKZl%2FOArWpLrAq1jBM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75152fe18dff72c0-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&pbt=1&lsw=1
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&pbt=1&lsw=1
IP 178.250.0.157:0
GET /sid/json?origin=prebid&topUrl=http%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&pbt=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 15:14:06 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: http://ouo.press
server-processing-duration-in-ticks: 893089
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2