ouo.press/E8qPJV
104.22.59.251403 Forbidden 3.8 kB IP 104.22.59.251:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (836)
Hash 95e5e8af1cfa998a3dde96e862c5bbe7
9323ed9978c9f343e0d8f88abbdf1deeeb7d536a
77dea0883e9f11a534db1c47cf31b3becebb09524c715cbeedc820906c79fb66
GET /E8qPJV HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 403 Forbidden
Date: Sun, 20 Nov 2022 05:38:00 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
CF-Chl-Bypass: 1
Referrer-Policy: same-origin
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Frame-Options: SAMEORIGIN
Set-Cookie: __cf_bm=lKDkh_8S5zm507z2cNuNpSx6AJkwC4LqMCW2mYlc3zg-1668922680-0-ASnLkYwBS3xhqUYtN4+G580Dg3BYGBY4AbkRTLpoBCthtbxGaAbCycZ9JuYgG16vegKfsJl6SeL4EbZg+zS2e8g=; path=/; expires=Sun, 20-Nov-22 06:08:00 GMT; domain=.ouo.press; HttpOnly; SameSite=None
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76ced6439d5b0b3d-OSL
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6ed951622549ed76959631f8a1bf497b
682b2dd2a72190510e3fa7bdb0c0c6f25a322dfb
86f5e5ae2da408a899d16c83b7ca441033ac0c30062cd29f2db1b1b5be666746
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "86F5E5AE2DA408A899D16C83B7CA441033AC0C30062CD29F2DB1B1B5BE666746"
Last-Modified: Sat, 19 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14766
Expires: Sun, 20 Nov 2022 09:44:07 GMT
Date: Sun, 20 Nov 2022 05:38:01 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f732c50f6a2482aeea20552e0370c2d0
6f33119d5c38e92a0a62f3a46766ff86014e4d68
a47e38c199c5fecd5594544a3889e1cfca5547d85f19056f06eaeeadf17f4fe9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6224
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 05:38:01 GMT
Last-Modified: Sun, 20 Nov 2022 03:54:18 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1cee7787feebac18f9eca273e56e3741
3a7dac544172921e24c2a1701beef5079b21d01b
79ff4a450c749d64e116c00ca3b00d40e968906c5c3881d6eeb2dc6374a4c858
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "79FF4A450C749D64E116C00CA3B00D40E968906C5C3881D6EEB2DC6374A4C858"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2357
Expires: Sun, 20 Nov 2022 06:17:18 GMT
Date: Sun, 20 Nov 2022 05:38:01 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 20 Nov 2022 04:44:58 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3183
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 6lLIOhQKrz/W2T/52leKbPRa/1UeVbwYW273I7fJf55L4mQeJUpk06vhaYzmWjzw2SEBGlT+Cro=
x-amz-request-id: GGKSVFQ6MM8GHGBB
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 20 Nov 2022 04:38:35 GMT
age: 3566
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ouo.press/cdn-cgi/styles/challenges.css
104.22.59.251200 OK 2.6 kB URL HTTP/1.1 ouo.press/cdn-cgi/styles/challenges.css
IP 104.22.59.251:0
File type ASCII text, with very long lines (6294), with no line terminators
Hash ba2d8534d208d2a5b158507e004d7150
ab81307634698ea304a68783fa38937f562009a2
63b366fdbfea7cbec639f9a5f24714a831e171570625def9462d724b5c8fdc59
GET /cdn-cgi/styles/challenges.css HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ouo.press/E8qPJV
Connection: keep-alive
HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 05:38:01 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 15 Nov 2022 18:09:42 GMT
ETag: W/"6373d5e6-1896"
Server: cloudflare
CF-RAY: 76ced645f8590b51-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Expires: Sun, 20 Nov 2022 07:38:01 GMT
Cache-Control: max-age=7200, public
Content-Encoding: gzip
ouo.press/favicon.ico
104.22.59.251200 OK 0 B IP 104.22.59.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ouo.press/E8qPJV
Connection: keep-alive
HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 05:38:01 GMT
Content-Type: image/x-icon
Content-Length: 0
Connection: keep-alive
Last-Modified: Sat, 14 Feb 2015 06:41:24 GMT
ETag: "54deee14-0"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=86400
CF-Cache-Status: HIT
Age: 6279
Accept-Ranges: bytes
Set-Cookie: __cf_bm=SER0mDpQp1yVu54a1M5GwRjFkTV01JZIY3GO6jQjXD8-1668922681-0-ASqpsfsHpZszptANcXB1rDVZg0CfEvPjne4+sI5lT9ioufPeoRwtQpoRK0BKmq2lgbPZXJagXtAJqO8FHgjLu7k=; path=/; expires=Sun, 20-Nov-22 06:08:01 GMT; domain=.ouo.press; HttpOnly; SameSite=None
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76ced6460f3db523-OSL
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 20 Nov 2022 05:38:01 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ouo.press/cdn-cgi/images/trace/managed/js/transparent.gif?ray=76ced6439d5b0b3d
104.22.59.251200 OK 42 B URL HTTP/1.1 ouo.press/cdn-cgi/images/trace/managed/js/transparent.gif?ray=76ced6439d5b0b3d
IP 104.22.59.251:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /cdn-cgi/images/trace/managed/js/transparent.gif?ray=76ced6439d5b0b3d HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ouo.press/E8qPJV
Connection: keep-alive
HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 05:38:01 GMT
Content-Type: image/gif
Content-Length: 42
Connection: keep-alive
Last-Modified: Tue, 15 Nov 2022 18:09:42 GMT
ETag: "6373d5e6-2a"
Server: cloudflare
CF-RAY: 76ced646887f0b51-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Expires: Sun, 20 Nov 2022 07:38:01 GMT
Cache-Control: max-age=7200, public
Accept-Ranges: bytes
ouo.press/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=76ced6439d5b0b3d
104.22.59.251200 OK 24 kB URL HTTP/1.1 ouo.press/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=76ced6439d5b0b3d
IP 104.22.59.251:0
File type ASCII text, with very long lines (54245), with no line terminators
Hash d55ed388bebc55ced7df8708ce841360
0694443e4891ea9c4d165bdbcaa1e3d5b3428e6c
e6a4bd5169cf16f4bbdbae719a2bf06558c599bceaf5a7872ce5c6b99434c630
GET /cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=76ced6439d5b0b3d HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ouo.press/E8qPJV?__cf_chl_rt_tk=7Ey7jib5_TG9J1PRFrPC_ozmXJDnBHw2U_U6_KkzfQo-1668922680-0-gaNycGzNAv0
Connection: keep-alive
HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 05:38:01 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: max-age=0, must-revalidate
Set-Cookie: __cf_bm=0bGdNaPGi2s6qY72oSTzl20QTOAuClFJspQXeMr7Xx0-1668922681-0-AZy6r4IHqfxqGUQHzYDUV3dMYrTJUQf5ydJDrzOmZOjS76qNzMqt2kxymeqE2ZOX/YvOl+Y6AC8wp0r9XTDnbts=; path=/; expires=Sun, 20-Nov-22 06:08:01 GMT; domain=.ouo.press; HttpOnly; SameSite=None
Server: cloudflare
CF-RAY: 76ced646a88c0b51-OSL
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash c990cd1804138d9ad1e964ebc79a8b58
3f2d69fbdde780814758035d3c0225247a7f6ee3
992c924d0ffc7352d58ce5a88c51e3ae9644537c117a3128855a1eaf3367362d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1111
Cache-Control: max-age=105824
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 05:38:01 GMT
Etag: "6378b342-118"
Expires: Mon, 21 Nov 2022 11:01:45 GMT
Last-Modified: Sat, 19 Nov 2022 10:43:14 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 280
ouo.press/cdn-cgi/challenge-platform/h/b/flow/ov1/0.710115296297177:1668920741:4BhpWKYRPbXHoJxG8urG1-TdntTEiL4IlSacwVCIr2c/76ced6439d5b0b3d/3efb8e6f0b84ee6
104.22.59.251200 OK 67 kB URL HTTP/1.1 ouo.press/cdn-cgi/challenge-platform/h/b/flow/ov1/0.710115296297177:1668920741:4BhpWKYRPbXHoJxG8urG1-TdntTEiL4IlSacwVCIr2c/76ced6439d5b0b3d/3efb8e6f0b84ee6
IP 104.22.59.251:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 397a159ff99c15f153d8a0fd0450787b
89d17d408a8865dd0bd6cdaf1f41b15a420cd936
ac16159f98abb3845ca783c72124e1a75e46f3e8ac4b599587cad544416177b1
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/0.710115296297177:1668920741:4BhpWKYRPbXHoJxG8urG1-TdntTEiL4IlSacwVCIr2c/76ced6439d5b0b3d/3efb8e6f0b84ee6 HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ouo.press/E8qPJV
Content-type: application/x-www-form-urlencoded
CF-Challenge: 3efb8e6f0b84ee6
Content-Length: 1797
Origin: http://ouo.press
Connection: keep-alive
HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 05:38:01 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf_chl_gen: lmg8c3u2+dDJHVVzBG4dySic/Y+JUr/Ol6ebW6nqj3XSwy01Ww/o6WO9hwWAeIwMUiOfNm0Vzpdb9eyTOVcdQXf4ZlMTWidndq0ldTRuPBa1p8Y7Hk31dJcYbFqZLwb1GN61FAbflYeWGV1RPnyDQKHtjLTFqtecV7lkqBCwgV9fnPO7D3EbK588QLFgw5IwL9AOLF+mPVgj1x8PK8UslLs65lb1gFnWwQWMlfuuzWZ6vsedp6f8joaeXIVmvy6ISU5vIW0JjX9PZcfQY9Otsbn5zF4EVJ9fRJeprPvHKp38eKZynD/DAQEIv+7iZIaKj5bXe0oEiEuY8K8SwWGUvg==$YZY9tVRJZL+gxrgDw33MfQ==
Set-Cookie: __cf_bm=bTuoY1K9l3NcUlrX9y0IRpP7UPZfnOo_08Oeyt4RbOk-1668922681-0-AWNNOjifbmHN5ExB+tQ1LSB5fZt+Kdq7UrLZsyqC4bluY6eaSsPCQN5e9OsgGELV3Bbcil3socB1n/UYW2uL3W8=; path=/; expires=Sun, 20-Nov-22 06:08:01 GMT; domain=.ouo.press; HttpOnly; SameSite=None
Server: cloudflare
CF-RAY: 76ced647b8dd0b51-OSL
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 20 Nov 2022 04:44:50 GMT
cache-control: public,max-age=3600
age: 3191
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 060d538b33e370fcd033339830d33a42
4a37d427988358eb318e18e2678c3484ef4a5ebd
efa33f92547243814b5bd3bca4f94d26055d590a4431611b3ba251a8d774bfbb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5608
Cache-Control: max-age=104538
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 05:38:02 GMT
Etag: "63789cac-1d7"
Expires: Mon, 21 Nov 2022 10:40:20 GMT
Last-Modified: Sat, 19 Nov 2022 09:06:52 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.203.75.56101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.203.75.56:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: R/NkFhhlZUFhoMG3fJ90dA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: zvzuExB77LrPAtsJya2MvH891Fw=
ouo.press/cdn-cgi/challenge-platform/h/b/img/76ced6439d5b0b3d/1668922681577/X6lerKe4un5clZl
104.22.59.251200 OK 61 B URL HTTP/1.1 ouo.press/cdn-cgi/challenge-platform/h/b/img/76ced6439d5b0b3d/1668922681577/X6lerKe4un5clZl
IP 104.22.59.251:0
File type PNG image data, 1 x 8, 8-bit/color RGB, non-interlaced\012- data
Hash 1a1e172aabb3dbc3cee53765d2d6b163
4f49b206084affc52644f0ce24670dda4b06794d
65736444c10e6bf8fdc16414a7baa7e1c8d4d2b36e4433f177ccde26ae0bbe37
GET /cdn-cgi/challenge-platform/h/b/img/76ced6439d5b0b3d/1668922681577/X6lerKe4un5clZl HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ouo.press/E8qPJV
Connection: keep-alive
HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 05:38:02 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cf_bm=uEAbSgBmg2jBzpZPImEHuMO3HGBxeAX669kgfosaeJY-1668922682-0-ASKnKwUhlWrU2pQ8SVix0Vt4LdWXVWIx8MJolLRnjismz7KWQwcUISEFIOVjrBzxuYyS3vp3G1ArtiTce5j1z9w=; path=/; expires=Sun, 20-Nov-22 06:08:02 GMT; domain=.ouo.press; HttpOnly; SameSite=None
Server: cloudflare
CF-RAY: 76ced64d0ac50b51-OSL
ouo.press/cdn-cgi/challenge-platform/h/b/flow/ov1/0.710115296297177:1668920741:4BhpWKYRPbXHoJxG8urG1-TdntTEiL4IlSacwVCIr2c/76ced6439d5b0b3d/3efb8e6f0b84ee6
104.22.59.251200 OK 3.9 kB URL HTTP/1.1 ouo.press/cdn-cgi/challenge-platform/h/b/flow/ov1/0.710115296297177:1668920741:4BhpWKYRPbXHoJxG8urG1-TdntTEiL4IlSacwVCIr2c/76ced6439d5b0b3d/3efb8e6f0b84ee6
IP 104.22.59.251:0
File type ASCII text, with very long lines (5136), with no line terminators
Hash 7fee8c99baf751802d04563104aba0cf
345968f72c02e324824bcc76f0c30e9e228530dc
1e267f782ee249bbaddcdef18a3838f7757bfa145a3116deca1522acd3a8e2ea
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/0.710115296297177:1668920741:4BhpWKYRPbXHoJxG8urG1-TdntTEiL4IlSacwVCIr2c/76ced6439d5b0b3d/3efb8e6f0b84ee6 HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ouo.press/E8qPJV
Content-type: application/x-www-form-urlencoded
CF-Challenge: 3efb8e6f0b84ee6
Content-Length: 16140
Origin: http://ouo.press
Connection: keep-alive
HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 05:38:02 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf_chl_gen: kifDM4VgIU5REZfm5SEUuAipq0GcNcThLpJAPBl5rP8=$Qg4sHxlISZKC+9ZQNpVulQ==
Set-Cookie: __cf_bm=zmrxuq36W8gPJytNbEmJQXNV5pCV.aVbGkEDTT3i7tw-1668922682-0-AdS6o4wOm+JVS3puO8463VplbKO2z/GbGnFGl2DEHFfKKAWgH/ewvauHj+i4ApzL9hJOlOgpl27cO6Ox61K0ou0=; path=/; expires=Sun, 20-Nov-22 06:08:02 GMT; domain=.ouo.press; HttpOnly; SameSite=None
Server: cloudflare
CF-RAY: 76ced64d9aff0b51-OSL
Content-Encoding: gzip
challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit
104.18.6.185302 Found 0 B URL HTTP/2 challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit
IP 104.18.6.185:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 20 Nov 2022 05:38:02 GMT
content-length: 0
location: /turnstile/v0/75e640aa/api.js?onload=_cf_chl_turnstile_l&render=explicit
cache-control: max-age: 300
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ced64e0a23b4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f7c5da16d7c4384a4c2454d6b0d84710
69fd80fdf2f1ce27b25617589c867cd1c6e5d2ab
a80d1b813523e44d2e59d7c2edd6919c0354873637bb15bccc88f66f5c24e05d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20958
Expires: Sun, 20 Nov 2022 11:27:21 GMT
Date: Sun, 20 Nov 2022 05:38:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f7c5da16d7c4384a4c2454d6b0d84710
69fd80fdf2f1ce27b25617589c867cd1c6e5d2ab
a80d1b813523e44d2e59d7c2edd6919c0354873637bb15bccc88f66f5c24e05d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20958
Expires: Sun, 20 Nov 2022 11:27:21 GMT
Date: Sun, 20 Nov 2022 05:38:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f7c5da16d7c4384a4c2454d6b0d84710
69fd80fdf2f1ce27b25617589c867cd1c6e5d2ab
a80d1b813523e44d2e59d7c2edd6919c0354873637bb15bccc88f66f5c24e05d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20958
Expires: Sun, 20 Nov 2022 11:27:21 GMT
Date: Sun, 20 Nov 2022 05:38:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f7c5da16d7c4384a4c2454d6b0d84710
69fd80fdf2f1ce27b25617589c867cd1c6e5d2ab
a80d1b813523e44d2e59d7c2edd6919c0354873637bb15bccc88f66f5c24e05d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20958
Expires: Sun, 20 Nov 2022 11:27:21 GMT
Date: Sun, 20 Nov 2022 05:38:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f7c5da16d7c4384a4c2454d6b0d84710
69fd80fdf2f1ce27b25617589c867cd1c6e5d2ab
a80d1b813523e44d2e59d7c2edd6919c0354873637bb15bccc88f66f5c24e05d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20958
Expires: Sun, 20 Nov 2022 11:27:21 GMT
Date: Sun, 20 Nov 2022 05:38:03 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a2640ea-cb67-4da2-9989-09bf608bd138.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a2640ea-cb67-4da2-9989-09bf608bd138.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2dcdeb5df10dd86dbc155dbefc4fd72b
b0a20213cdedc7fa472dbdad4e1152152009433e
ba98ae058e591f010056de61cdc58e09b5a2742be08421e0ba57ac2a0de36422
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a2640ea-cb67-4da2-9989-09bf608bd138.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11915
x-amzn-requestid: 93e2bad9-148f-4b10-9c07-8ab77bcaafcf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b3jW6F0BoAMFU3Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63794c2c-19e415980648396973718d73;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 21:35:40 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: O0vFQbc7MZW0FFNbD5rHHhF6RHpC4ITkNGQV12MhOKHqB7mqrrFqKw==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 21:47:22 GMT
age: 28241
etag: "b0a20213cdedc7fa472dbdad4e1152152009433e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51792f65-6e89-49e5-9135-0a8a2de2ab9c.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51792f65-6e89-49e5-9135-0a8a2de2ab9c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c3c8c476db4c44614c4ba79f584acf65
35318fa392a72f49f293bfd582960d195065403a
61af67d251bb0523cbf938ed497f540a7529d8130b1950bde9ce2bf8cef3dcfc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51792f65-6e89-49e5-9135-0a8a2de2ab9c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6953
x-amzn-requestid: b224cf31-9132-4af2-b4ad-0fde224e7222
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b3jZmEXoIAMFvoQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63794c3d-3b19e98831138506588e2229;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 21:35:57 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 2ef6C4hpAZo72BfD46AxHqw-Pd4ywBJxE9FkQRGu31ymPd0zRuz4PA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 21:41:31 GMT
age: 28592
etag: "35318fa392a72f49f293bfd582960d195065403a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0833d789-8445-4e80-b0eb-1e10cae0bb40.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0833d789-8445-4e80-b0eb-1e10cae0bb40.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f20a7024c2ecc1c25005c8980869d26f
bcd84cccde34e1a0b98ff4dd62ab3ce6b0109a96
ece715cb21d6e34b61394c2bdd9849d47587d6ca82374a9a0a37a1b689386d2f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0833d789-8445-4e80-b0eb-1e10cae0bb40.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9373
x-amzn-requestid: 93aba2c1-d970-4c6e-8450-82179595ab62
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b3izpHh1IAMFpXg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63794b4a-3cad7b63642e5c8f358b039c;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 21:31:54 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: doty3OI-I3Tq4T_OxSkVK799L7kb2jDFEr1o1o-H2KoJmq_Mnn9HNw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 21:57:12 GMT
age: 27651
etag: "bcd84cccde34e1a0b98ff4dd62ab3ce6b0109a96"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0462940-45e8-4d33-a7a0-3f46adc95afd.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0462940-45e8-4d33-a7a0-3f46adc95afd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3ea0ef1cd4a68ea5c5cf768e3311ef5f
fe87b0a911dbcaaf2c48df2b609adbb67408fee5
c1c2a50ba11ffc6e4d7bcf44e6674ae259469be690c06091ece8e74a144c15d7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0462940-45e8-4d33-a7a0-3f46adc95afd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7053
x-amzn-requestid: a6cdb52c-9303-4453-bbad-2d3575b1c04a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b3jaKH1RIAMFdzg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63794c40-59cae7127e40d2407c233fe7;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 21:36:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: jaMDJ63leIRCKibSLw_M7iX7qVInfEfStQrZBil5pcORxZPkjttsPg==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 21:58:16 GMT
etag: "fe87b0a911dbcaaf2c48df2b609adbb67408fee5"
content-type: image/jpeg
age: 27587
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F032a7640-4af2-49ea-b184-de5b0ed996a4.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F032a7640-4af2-49ea-b184-de5b0ed996a4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 79ccaf63b8e37223509518f540b26f54
fd48bd3737d35bc53a0ec4593c8769ea9fe1cc71
950ae082472515d39c9e3440cee399376e99840651ff04c4d2581951e44163de
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F032a7640-4af2-49ea-b184-de5b0ed996a4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9653
x-amzn-requestid: 06932e2b-59fa-4e05-aad3-65d7e2045e13
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b3i5fHJEoAMF8Mw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63794b6f-0062640e7868cf664bcf26d2;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 21:32:31 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 6eFgEWflu3zqDd4J838DeZiPxNafliBVrce95D_29-oviwINWR2bkw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 21:41:31 GMT
etag: "fd48bd3737d35bc53a0ec4593c8769ea9fe1cc71"
content-type: image/jpeg
age: 28592
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c8f6118fc03f31862ff68fef8a2b9a7f
318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73
cdd4d44f05cc524d7f2b1d6d792ecd8a9a933e52ecb7685a7d7ea786a510ef39
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8089
x-amzn-requestid: f3c55266-9b03-4b7f-b076-fdf56704318e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b0QQyECioAMFzdQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6377fa6b-3e10cef6117a10a4115cfce7;Sampled=0
x-amzn-remapped-date: Fri, 18 Nov 2022 21:34:35 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ngJvyUydpRDSiYy9kfeh8JmydmR_K8mjfZtGLgT0qeE2JaABbDMSaQ==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 21:36:28 GMT
age: 28895
etag: "318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ouo.press/cdn-cgi/challenge-platform/h/b/flow/ov1/0.710115296297177:1668920741:4BhpWKYRPbXHoJxG8urG1-TdntTEiL4IlSacwVCIr2c/76ced6439d5b0b3d/3efb8e6f0b84ee6
104.22.59.251200 OK 2.1 kB URL HTTP/1.1 ouo.press/cdn-cgi/challenge-platform/h/b/flow/ov1/0.710115296297177:1668920741:4BhpWKYRPbXHoJxG8urG1-TdntTEiL4IlSacwVCIr2c/76ced6439d5b0b3d/3efb8e6f0b84ee6
IP 104.22.59.251:0
File type ASCII text, with very long lines (2692), with no line terminators
Hash 21e7f8d27a93e0b94ed0fa051e08cc93
c0613df238c1b2d3e8f62f2e27c30650e6bea63e
9d9bb1fbc61465957d30be914ec12b663230d2e3e8bb46ec4e7450b05b4a784c
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/0.710115296297177:1668920741:4BhpWKYRPbXHoJxG8urG1-TdntTEiL4IlSacwVCIr2c/76ced6439d5b0b3d/3efb8e6f0b84ee6 HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ouo.press/E8qPJV
Content-type: application/x-www-form-urlencoded
CF-Challenge: 3efb8e6f0b84ee6
Content-Length: 16858
Origin: http://ouo.press
Connection: keep-alive
HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 05:38:04 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf_chl_out: xj+kWwJBAevlQMLXSNae7jAsTmEchle4npoWTd+J31j8L32RGMsUvtleUFvrH0GB7TIIEVrvLhms1BceffbbnA==$R6yAPqFCaRfgGZO/gDMx1Q==
cf_chl_out_s: iToqaGfQ0CBq5bKDfiYpwehuUhGqU4i0I80q3qOj1LKB9bWvGZsI+lnbKMkI+BKiSJz4a+H3bUQhXTcuaOrRXBVVk3HzU0Sxti3ysCzMOf7EjpMCT6ajITnlSm4h5b2Ht7Gszj1vGdfzBXlEjMQyt5ChhLJCelpiCUuQo7jmhXKsKy8Sr3guWLiQNQVVZ7DN$d7hBx/Zz6oxu/A4mJEehZA==
set-cookie: cf_chl_rc_m=;Expires=Sat, 19 Nov 2022 05:38:04 GMT;SameSite=Strict
__cf_bm=RZRNgCj81LLiBD1Pwe61XNnT.X3PyxmETJlI3t2uXnE-1668922684-0-AeBFHsNuVP/s0gU04xsXxZlIvI5uMm1yD/bgv6d2DBC+KdXgMicPvqprKAHy7aEDwBFU8Gn3FmpEZ1CtouTJpaA=; path=/; expires=Sun, 20-Nov-22 06:08:04 GMT; domain=.ouo.press; HttpOnly; SameSite=None
Server: cloudflare
CF-RAY: 76ced6552e0b0b51-OSL
Content-Encoding: gzip
ouo.press/E8qPJV
104.22.59.251200 OK 3.4 kB IP 104.22.59.251:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1938)
Hash dcd471a45c761433c9de8cf89225f028
98e2dabbbd6af520400699467585dbe71539f318
38694eec9b9a5f6cd37dd5f4913da07e7c3c51ba356fb06f54d6b0700ea73c70
POST /E8qPJV HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ouo.press/E8qPJV?__cf_chl_tk=7Ey7jib5_TG9J1PRFrPC_ozmXJDnBHw2U_U6_KkzfQo-1668922680-0-gaNycGzNAv0
Content-Type: application/x-www-form-urlencoded
Content-Length: 1760
Origin: http://ouo.press
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 05:38:04 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
CF-Cache-Status: DYNAMIC
Set-Cookie: cf_clearance=MdRq4Og0OcTRWbd6dV_U3HTU_lqnkF5.kl7FXut1ILI-1668922684-0-250; path=/; expires=Mon, 20-Nov-23 05:38:04 GMT; domain=.ouo.press; HttpOnly
ouoio_session=eyJpdiI6Ik5GXC9seWhcL0tzRWwzZURUakhKZ1MzRzJnbndIZW13ME4zYkxwRWs0SUJkOD0iLCJ2YWx1ZSI6Inh5MjdxUVU2SkNVUHZLdzlqUW53V1BDclZqTjlLZ0p0OTRFUjVkSjRcL3NGQnpPZWxcL0lnMGliTnc2Nkp2RHdNbVYwUDZFQ1wvaUVuK3hLSTVqeTlBbXhRPT0iLCJtYWMiOiIyNDcyZGI4ODY1ZDA4Mzk3OTQzNGIyMmRhZGY1Y2QyMzg2NjlmNmViOTc3YzEzODAxYzJiZjM5OTBmZDk5ZGMwIn0%3D; path=/; httponly
language=eyJpdiI6IkkwTDQrUjJDdWJjZVl0Tkp4TTlicytyK0FpZnk4cWtodm85Nll5Zk5BRFU9IiwidmFsdWUiOiJIZ2JHeXA1aEJJaTRHdU1rSWJqZWV6QWhEWXB0Qnh6b05oMDB5TWtxS1Y4PSIsIm1hYyI6Ijc4NzkyODY1N2IzZTg5OGM4NTIwMTA0Nzg4NTc3ODM3ZTNiMDM1MzQ0ZjI1MTU3MjQzOTliNjBjOTc2YzY4MDIifQ%3D%3D; expires=Fri, 19-Nov-2027 05:38:04 GMT; Max-Age=157680000; path=/; httponly
019e36ed30516cbb5c48398105e941f19caa3489=eyJpdiI6InVFNkVlQjJBQUNITmdcL1UwVURoVzFPNzVoUUgxOE5VNUtKaWx1WTJlanRnPSIsInZhbHVlIjoiU0h3TnZ1eDdiYWNoQ3dkNktnTFF2UjJHMlpVMGUzUkljNHFDRGhMMUNBS1JmQWVNOWF0SWNmZ1JyNFFMQ3RpQUhRRStVTFhnVXV0aThpc3JjZTRzTCtISzZjKytiaERtdWlTdklFZkpFYXI2cG1lcXZFXC9KMXRDT1A5RjB0MHlJTWhBTVJ2Wm04U3ZhRWpsU21yUldHRFJSQWg0SDRDWDllTWlPVWRFXC9tRFo3VzAzNVV1cHIrRmtPZ2k1bXBtWmJ1K0UxS3BtMG9tRzNzeUFGaWx6dUNqNDVoZkYzMDFxYTE3T2VrMDdKdFpkVlJ5ZVZOazBTTzFKNnVtTUd5VEdSOUlsRnB5NnNlOTUyVjRoUlpYTDdQZkM2RmxXY2pwb1htN1V6ekp1WTI0VVQ3ZFBEV2JqZW5GSnVXNG1jbEsxbU12MFg3YmRoXC9mTTkwVGJZOEpmcG96eFRhdzhGWWhnQjlBdzFRNUs3QmViZEhHc0hlQlwvQUQxMURPeVZVc0t3UyIsIm1hYyI6IjZmN2E0MTkyMGVjM2QzN2FhYWIwNjdlZGNhNDU1YzA3MjE1NTZmYjg2NzFhNzIxZjkyNDNkZjU1MmZlZmY1N2MifQ%3D%3D; expires=Sun, 20-Nov-2022 07:38:04 GMT; Max-Age=7200; path=/; httponly
__cf_bm=UolZ4FSJZOAuZRJSKHe3TRojaUZYm9SIbgCmewSEZnI-1668922684-0-AaWSuFWR2v3nnWyDqREvzZTONpQXLyH24x/daRVttCD1MNrkmt2Ux6tbVvBHWNi9NawPW0PJUyhTUNLhADI6gbM=; path=/; expires=Sun, 20-Nov-22 06:08:04 GMT; domain=.ouo.press; HttpOnly; SameSite=None
Server: cloudflare
CF-RAY: 76ced657def80b51-OSL
Content-Encoding: gzip
ouo.press/css/bootstrap.css
104.22.59.251200 OK 18 kB URL HTTP/1.1 ouo.press/css/bootstrap.css
IP 104.22.59.251:0
File type ASCII text, with very long lines (65452)
Hash ecd7a3b8fdf856cece681f760bad623c
3c16d8b0523e3c6de3b20f7c7f9de2ae48a2949a
40f5215bfeb4c595389b7d02127c47c94e173dbca21022c9f67eca101d03ab92
GET /css/bootstrap.css HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/E8qPJV
Cookie: cf_clearance=MdRq4Og0OcTRWbd6dV_U3HTU_lqnkF5.kl7FXut1ILI-1668922684-0-250; ouoio_session=eyJpdiI6Ik5GXC9seWhcL0tzRWwzZURUakhKZ1MzRzJnbndIZW13ME4zYkxwRWs0SUJkOD0iLCJ2YWx1ZSI6Inh5MjdxUVU2SkNVUHZLdzlqUW53V1BDclZqTjlLZ0p0OTRFUjVkSjRcL3NGQnpPZWxcL0lnMGliTnc2Nkp2RHdNbVYwUDZFQ1wvaUVuK3hLSTVqeTlBbXhRPT0iLCJtYWMiOiIyNDcyZGI4ODY1ZDA4Mzk3OTQzNGIyMmRhZGY1Y2QyMzg2NjlmNmViOTc3YzEzODAxYzJiZjM5OTBmZDk5ZGMwIn0%3D; language=eyJpdiI6IkkwTDQrUjJDdWJjZVl0Tkp4TTlicytyK0FpZnk4cWtodm85Nll5Zk5BRFU9IiwidmFsdWUiOiJIZ2JHeXA1aEJJaTRHdU1rSWJqZWV6QWhEWXB0Qnh6b05oMDB5TWtxS1Y4PSIsIm1hYyI6Ijc4NzkyODY1N2IzZTg5OGM4NTIwMTA0Nzg4NTc3ODM3ZTNiMDM1MzQ0ZjI1MTU3MjQzOTliNjBjOTc2YzY4MDIifQ%3D%3D; 019e36ed30516cbb5c48398105e941f19caa3489=eyJpdiI6InVFNkVlQjJBQUNITmdcL1UwVURoVzFPNzVoUUgxOE5VNUtKaWx1WTJlanRnPSIsInZhbHVlIjoiU0h3TnZ1eDdiYWNoQ3dkNktnTFF2UjJHMlpVMGUzUkljNHFDRGhMMUNBS1JmQWVNOWF0SWNmZ1JyNFFMQ3RpQUhRRStVTFhnVXV0aThpc3JjZTRzTCtISzZjKytiaERtdWlTdklFZkpFYXI2cG1lcXZFXC9KMXRDT1A5RjB0MHlJTWhBTVJ2Wm04U3ZhRWpsU21yUldHRFJSQWg0SDRDWDllTWlPVWRFXC9tRFo3VzAzNVV1cHIrRmtPZ2k1bXBtWmJ1K0UxS3BtMG9tRzNzeUFGaWx6dUNqNDVoZkYzMDFxYTE3T2VrMDdKdFpkVlJ5ZVZOazBTTzFKNnVtTUd5VEdSOUlsRnB5NnNlOTUyVjRoUlpYTDdQZkM2RmxXY2pwb1htN1V6ekp1WTI0VVQ3ZFBEV2JqZW5GSnVXNG1jbEsxbU12MFg3YmRoXC9mTTkwVGJZOEpmcG96eFRhdzhGWWhnQjlBdzFRNUs3QmViZEhHc0hlQlwvQUQxMURPeVZVc0t3UyIsIm1hYyI6IjZmN2E0MTkyMGVjM2QzN2FhYWIwNjdlZGNhNDU1YzA3MjE1NTZmYjg2NzFhNzIxZjkyNDNkZjU1MmZlZmY1N2MifQ%3D%3D
HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 05:38:04 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=86400
Cf-Bgj: minify
Cf-Polished: origSize=109522
ETag: W/"54def1fc-1abd2"
Expires: Sun, 20 Nov 2022 09:29:22 GMT
Last-Modified: Sat, 14 Feb 2015 06:58:04 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
CF-Cache-Status: HIT
Age: 29322
Set-Cookie: __cf_bm=mbbg_8fEDGBFyvMYGxj0hISeYS1fFzzXyNhjpMOLFRY-1668922684-0-AZOLd/jH8cZV/hzT+F+jrs8XJyM353WeBjElR0v+PqbGKqCaMCaZvbaGKt+2FbJcIo5lxpG1Dcg2W3g50ia9+T4=; path=/; expires=Sun, 20-Nov-22 06:08:04 GMT; domain=.ouo.press; HttpOnly; SameSite=None
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76ced6594f6a0b51-OSL
Content-Encoding: gzip
ouo.press/css/link-safe.css
104.22.59.251200 OK 1.8 kB URL HTTP/1.1 ouo.press/css/link-safe.css
IP 104.22.59.251:0
Hash d91a45478adaa488ef4f1733dfa3c44c
3686ea901ce8ca85bb82f42bf0a8d39095ebf73d
4bb66b15dd5791ec4c9867c3a89ee2ef9bdb5f0bbd0d442a1fbfe2c34e9bc86b
GET /css/link-safe.css HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/E8qPJV
Cookie: cf_clearance=MdRq4Og0OcTRWbd6dV_U3HTU_lqnkF5.kl7FXut1ILI-1668922684-0-250; ouoio_session=eyJpdiI6Ik5GXC9seWhcL0tzRWwzZURUakhKZ1MzRzJnbndIZW13ME4zYkxwRWs0SUJkOD0iLCJ2YWx1ZSI6Inh5MjdxUVU2SkNVUHZLdzlqUW53V1BDclZqTjlLZ0p0OTRFUjVkSjRcL3NGQnpPZWxcL0lnMGliTnc2Nkp2RHdNbVYwUDZFQ1wvaUVuK3hLSTVqeTlBbXhRPT0iLCJtYWMiOiIyNDcyZGI4ODY1ZDA4Mzk3OTQzNGIyMmRhZGY1Y2QyMzg2NjlmNmViOTc3YzEzODAxYzJiZjM5OTBmZDk5ZGMwIn0%3D; language=eyJpdiI6IkkwTDQrUjJDdWJjZVl0Tkp4TTlicytyK0FpZnk4cWtodm85Nll5Zk5BRFU9IiwidmFsdWUiOiJIZ2JHeXA1aEJJaTRHdU1rSWJqZWV6QWhEWXB0Qnh6b05oMDB5TWtxS1Y4PSIsIm1hYyI6Ijc4NzkyODY1N2IzZTg5OGM4NTIwMTA0Nzg4NTc3ODM3ZTNiMDM1MzQ0ZjI1MTU3MjQzOTliNjBjOTc2YzY4MDIifQ%3D%3D; 019e36ed30516cbb5c48398105e941f19caa3489=eyJpdiI6InVFNkVlQjJBQUNITmdcL1UwVURoVzFPNzVoUUgxOE5VNUtKaWx1WTJlanRnPSIsInZhbHVlIjoiU0h3TnZ1eDdiYWNoQ3dkNktnTFF2UjJHMlpVMGUzUkljNHFDRGhMMUNBS1JmQWVNOWF0SWNmZ1JyNFFMQ3RpQUhRRStVTFhnVXV0aThpc3JjZTRzTCtISzZjKytiaERtdWlTdklFZkpFYXI2cG1lcXZFXC9KMXRDT1A5RjB0MHlJTWhBTVJ2Wm04U3ZhRWpsU21yUldHRFJSQWg0SDRDWDllTWlPVWRFXC9tRFo3VzAzNVV1cHIrRmtPZ2k1bXBtWmJ1K0UxS3BtMG9tRzNzeUFGaWx6dUNqNDVoZkYzMDFxYTE3T2VrMDdKdFpkVlJ5ZVZOazBTTzFKNnVtTUd5VEdSOUlsRnB5NnNlOTUyVjRoUlpYTDdQZkM2RmxXY2pwb1htN1V6ekp1WTI0VVQ3ZFBEV2JqZW5GSnVXNG1jbEsxbU12MFg3YmRoXC9mTTkwVGJZOEpmcG96eFRhdzhGWWhnQjlBdzFRNUs3QmViZEhHc0hlQlwvQUQxMURPeVZVc0t3UyIsIm1hYyI6IjZmN2E0MTkyMGVjM2QzN2FhYWIwNjdlZGNhNDU1YzA3MjE1NTZmYjg2NzFhNzIxZjkyNDNkZjU1MmZlZmY1N2MifQ%3D%3D
HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 05:38:04 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=86400
Cf-Bgj: minify
Cf-Polished: status=cannot_optimize
ETag: W/"5d951ace-1830"
Expires: Sun, 20 Nov 2022 12:07:59 GMT
Last-Modified: Wed, 02 Oct 2019 21:46:54 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
CF-Cache-Status: HIT
Age: 19805
Set-Cookie: __cf_bm=5pN_Zjog0wJvxAF_0XksqgQLGg7Yyxu1YT3vYU0YBzA-1668922684-0-AQPr8d/wgAAUWcyihXTzAB2mnj8SW9CupzDrjraRVsyjtyKkYlQDbomlkGSTZObDI+iLZCbUgo1Cww3gdtfTlrw=; path=/; expires=Sun, 20-Nov-22 06:08:04 GMT; domain=.ouo.press; HttpOnly; SameSite=None
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76ced6594889b523-OSL
Content-Encoding: gzip
ouo.press/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
104.22.59.251200 OK 655 B URL HTTP/1.1 ouo.press/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP 104.22.59.251:0
File type HTML document, ASCII text, with very long lines (1238)
Hash bc3ba461c8a309acf61b6d9c41cb6236
88482306ecc9258d5e9cbb9ba5314dab223a5db4
31331f1b1519882d2f2fb60367708fd56a7a1ec0bddd0554c635547179c7dc8f
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/E8qPJV
Cookie: cf_clearance=MdRq4Og0OcTRWbd6dV_U3HTU_lqnkF5.kl7FXut1ILI-1668922684-0-250; ouoio_session=eyJpdiI6Ik5GXC9seWhcL0tzRWwzZURUakhKZ1MzRzJnbndIZW13ME4zYkxwRWs0SUJkOD0iLCJ2YWx1ZSI6Inh5MjdxUVU2SkNVUHZLdzlqUW53V1BDclZqTjlLZ0p0OTRFUjVkSjRcL3NGQnpPZWxcL0lnMGliTnc2Nkp2RHdNbVYwUDZFQ1wvaUVuK3hLSTVqeTlBbXhRPT0iLCJtYWMiOiIyNDcyZGI4ODY1ZDA4Mzk3OTQzNGIyMmRhZGY1Y2QyMzg2NjlmNmViOTc3YzEzODAxYzJiZjM5OTBmZDk5ZGMwIn0%3D; language=eyJpdiI6IkkwTDQrUjJDdWJjZVl0Tkp4TTlicytyK0FpZnk4cWtodm85Nll5Zk5BRFU9IiwidmFsdWUiOiJIZ2JHeXA1aEJJaTRHdU1rSWJqZWV6QWhEWXB0Qnh6b05oMDB5TWtxS1Y4PSIsIm1hYyI6Ijc4NzkyODY1N2IzZTg5OGM4NTIwMTA0Nzg4NTc3ODM3ZTNiMDM1MzQ0ZjI1MTU3MjQzOTliNjBjOTc2YzY4MDIifQ%3D%3D; 019e36ed30516cbb5c48398105e941f19caa3489=eyJpdiI6InVFNkVlQjJBQUNITmdcL1UwVURoVzFPNzVoUUgxOE5VNUtKaWx1WTJlanRnPSIsInZhbHVlIjoiU0h3TnZ1eDdiYWNoQ3dkNktnTFF2UjJHMlpVMGUzUkljNHFDRGhMMUNBS1JmQWVNOWF0SWNmZ1JyNFFMQ3RpQUhRRStVTFhnVXV0aThpc3JjZTRzTCtISzZjKytiaERtdWlTdklFZkpFYXI2cG1lcXZFXC9KMXRDT1A5RjB0MHlJTWhBTVJ2Wm04U3ZhRWpsU21yUldHRFJSQWg0SDRDWDllTWlPVWRFXC9tRFo3VzAzNVV1cHIrRmtPZ2k1bXBtWmJ1K0UxS3BtMG9tRzNzeUFGaWx6dUNqNDVoZkYzMDFxYTE3T2VrMDdKdFpkVlJ5ZVZOazBTTzFKNnVtTUd5VEdSOUlsRnB5NnNlOTUyVjRoUlpYTDdQZkM2RmxXY2pwb1htN1V6ekp1WTI0VVQ3ZFBEV2JqZW5GSnVXNG1jbEsxbU12MFg3YmRoXC9mTTkwVGJZOEpmcG96eFRhdzhGWWhnQjlBdzFRNUs3QmViZEhHc0hlQlwvQUQxMURPeVZVc0t3UyIsIm1hYyI6IjZmN2E0MTkyMGVjM2QzN2FhYWIwNjdlZGNhNDU1YzA3MjE1NTZmYjg2NzFhNzIxZjkyNDNkZjU1MmZlZmY1N2MifQ%3D%3D
HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 05:38:04 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 15 Nov 2022 18:10:02 GMT
ETag: W/"6373d5fa-4d7"
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76ced6594cccb51b-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Expires: Tue, 22 Nov 2022 05:38:04 GMT
Cache-Control: max-age=172800, public
Content-Encoding: gzip
hhklc.com/c.js
104.21.70.122301 Moved Permanently 0 B IP 104.21.70.122:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.js HTTP/1.1
Host: hhklc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 301 Moved Permanently
Date: Sun, 20 Nov 2022 05:38:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 20 Nov 2022 06:38:04 GMT
Location: https://hhklc.com/c.js
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xjEJNykmDM3q5qw5ke%2Fgd1eYEmQkmkVxZTwNJiNZKQ07qihgoqd%2FOzfb7IIZaUDSykevuwgjyJWif%2BJPgcAe3xP%2Fgxh73VKDCjzSFFn7wASyhM4FAgQM2%2FhLAg4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76ced6594fdeb506-OSL
alt-svc: h2=":443"; ma=60
fonts.googleapis.com/css?family=Questrial
142.250.74.10200 OK 387 B URL HTTP/1.1 fonts.googleapis.com/css?family=Questrial
IP 142.250.74.10:0
Hash 7b73b3eed6a43db40b0640388112329f
ad4bb62a66f1f95c0a252f83345b40d40dcd5bb4
1776d3903d4f6fb36773bac4ccb4b86c0658838f29674d1fb506859506a41bc3
GET /css?family=Questrial HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Sun, 20 Nov 2022 05:38:04 GMT
Date: Sun, 20 Nov 2022 05:38:04 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
ecdn.analysis.fi/static/js/fab.js
54.230.111.87200 OK 4.3 kB URL HTTP/1.1 ecdn.analysis.fi/static/js/fab.js
IP 54.230.111.87:0
File type PNG image data, 16 x 47, 8-bit/color RGB, non-interlaced\012- data
Hash 887ad0addfef4a24b83d66b7649f2484
445362649f9bc83f56660bd715c19e6e0047b8f8
4561d4610e2ff1e3da7cb9e7614e1461ea255e70a19daf5ca4919b0441a04d99
GET /static/js/fab.js HTTP/1.1
Host: ecdn.analysis.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 4240
Connection: keep-alive
Server: nginx/1.20.0
Last-Modified: Tue, 14 Dec 2021 15:30:51 GMT
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Date: Sun, 20 Nov 2022 05:23:11 GMT
Expires: Sun, 20 Nov 2022 06:23:10 GMT
Cache-Control: max-age=3600
ETag: "61b8b8ab-1090"
X-Cache: Hit from cloudfront
Via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: FMQvdqQkR2tIfRM9kt7woyuZ4hEZPau_0Fx8KVNqOpL25e0Dkg5Cew==
Age: 894
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash ecf20bb738504255b997d0f8d32f84da
4083bb312c0263ccdbccdd6e157060d3f85996c7
65a66ce857bb2fd22d467c16a4f405faf4a50700a8fd1a4b8c5b903df10c4aaf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 05:38:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ecdn.firstimpression.io/fi_client.js
54.230.111.89200 OK 100 kB URL HTTP/1.1 ecdn.firstimpression.io/fi_client.js
IP 54.230.111.89:0
File type ASCII text, with very long lines (618)
Size 100 kB (100173 bytes)
Hash 637608e63b3c027b89a4482a05fd975d
b211531de2343ae41f90fff08a64e43969d744fc
af02b7a80ca78b557be31668493803880b32badb14cd610b64669799238a26b2
GET /fi_client.js HTTP/1.1
Host: ecdn.firstimpression.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Date: Sun, 20 Nov 2022 05:11:17 GMT
Server: nginx/1.20.0
X-Powered-By: PHP/8.0.14
X-XSS-Protection: 0
Last-Modified: Sun, 20 Nov 2022 05:11:17 UTC
ETag: W/"03cd8708a0b1469e324d73dabde6b71d"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: bvdp8frHphdXQn2YfDAXSj0f6nXUCoZyFNpOGXfWlbQm3gYwa143SA==
Age: 1607
tv.gourdycortes.com/1clkn/48786
172.255.6.123200 OK 26 B URL HTTP/1.1 tv.gourdycortes.com/1clkn/48786
IP 172.255.6.123:0
File type ASCII text, with no line terminators
Hash 414a242a6fee8464282857e475d3ef61
f669890350347f53aa9bd19c1a355692e8d17d2f
d4914e81dd0b4c1d8ee8e789f6b369d107b93ac886f862930e1a98580e79aafa
GET /1clkn/48786 HTTP/1.1
Host: tv.gourdycortes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 20 Nov 2022 05:38:04 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Set-Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; expires=Mon, 21-Nov-2022 05:38:04 GMT; Max-Age=86400; path=/
GL_GI10=eJxNjM0KgkAYRW0qSwrjQg%2FQC2T%2Fi7bVMnThAwxmXzFg84kz%2FdjTpwbR5nI4cK7jOGLsQ6gcw%2B0i2M6D9TJYbNZoX4khwgjDlO%2FaFqXUyY3ghlw8kxJuQVfFGmK%2BwuDLMuUzoRtG0z%2FXRIPIZDzZ1z8lOqmqt1bwav52vaprXFuZHP4uU69JzNndVi8GniYrTU50hrdPThnNDvER%2Fs82H24LfWVkXvCrrHhk1Y3erEny5WLIVqr1cMUHDLFHVQ%3D%3D; expires=Mon, 21-Nov-2022 05:38:04 GMT; Max-Age=86400; path=/
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
www.google.com/recaptcha/api.js?render=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x
142.250.74.164200 OK 582 B URL HTTP/2 www.google.com/recaptcha/api.js?render=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x
IP 142.250.74.164:0
File type ASCII text, with very long lines (884), with no line terminators
Hash 729acee2a72aedc9406dba71bf4c1d00
e7f1dea037aaa2df1c1e5b884dc5d73b7bc35e82
7e9b8e953f317a7a47db6df1d1ac8be5c78e9a9524a0a07755c748c2198f816a
GET /recaptcha/api.js?render=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Sun, 20 Nov 2022 05:38:04 GMT
date: Sun, 20 Nov 2022 05:38:04 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 582
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 45 kB IP 93.184.220.29:0
Hash edc6c35bffb9e481dbc9d30f79227c00
824db3fc3deb2fbb3aea3b011128a80ed9481920
9177edea171184dbd7a50bbfd751cf907d1add05b58167ad2ea3b93cc997eeef
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4140
Cache-Control: max-age=163195
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 05:38:04 GMT
Etag: "6379878b-116"
Expires: Tue, 22 Nov 2022 02:57:59 GMT
Last-Modified: Sun, 20 Nov 2022 01:48:59 GMT
Server: ECS (amb/6B73)
X-Cache: HIT
Content-Length: 278
ouo.press/images/world.png
104.22.59.251200 OK 5.7 kB URL HTTP/1.1 ouo.press/images/world.png
IP 104.22.59.251:0
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 4eea420a8830a6d695114427bf52b556
35579e7f1a656beb3a07a7093166ff37c634bade
70f03c74cc197cf154af36fa552a448d9ffebb55081c96e55ef4cf469123fe22
GET /images/world.png HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/E8qPJV
Cookie: cf_clearance=MdRq4Og0OcTRWbd6dV_U3HTU_lqnkF5.kl7FXut1ILI-1668922684-0-250; ouoio_session=eyJpdiI6Ik5GXC9seWhcL0tzRWwzZURUakhKZ1MzRzJnbndIZW13ME4zYkxwRWs0SUJkOD0iLCJ2YWx1ZSI6Inh5MjdxUVU2SkNVUHZLdzlqUW53V1BDclZqTjlLZ0p0OTRFUjVkSjRcL3NGQnpPZWxcL0lnMGliTnc2Nkp2RHdNbVYwUDZFQ1wvaUVuK3hLSTVqeTlBbXhRPT0iLCJtYWMiOiIyNDcyZGI4ODY1ZDA4Mzk3OTQzNGIyMmRhZGY1Y2QyMzg2NjlmNmViOTc3YzEzODAxYzJiZjM5OTBmZDk5ZGMwIn0%3D; language=eyJpdiI6IkkwTDQrUjJDdWJjZVl0Tkp4TTlicytyK0FpZnk4cWtodm85Nll5Zk5BRFU9IiwidmFsdWUiOiJIZ2JHeXA1aEJJaTRHdU1rSWJqZWV6QWhEWXB0Qnh6b05oMDB5TWtxS1Y4PSIsIm1hYyI6Ijc4NzkyODY1N2IzZTg5OGM4NTIwMTA0Nzg4NTc3ODM3ZTNiMDM1MzQ0ZjI1MTU3MjQzOTliNjBjOTc2YzY4MDIifQ%3D%3D; 019e36ed30516cbb5c48398105e941f19caa3489=eyJpdiI6InVFNkVlQjJBQUNITmdcL1UwVURoVzFPNzVoUUgxOE5VNUtKaWx1WTJlanRnPSIsInZhbHVlIjoiU0h3TnZ1eDdiYWNoQ3dkNktnTFF2UjJHMlpVMGUzUkljNHFDRGhMMUNBS1JmQWVNOWF0SWNmZ1JyNFFMQ3RpQUhRRStVTFhnVXV0aThpc3JjZTRzTCtISzZjKytiaERtdWlTdklFZkpFYXI2cG1lcXZFXC9KMXRDT1A5RjB0MHlJTWhBTVJ2Wm04U3ZhRWpsU21yUldHRFJSQWg0SDRDWDllTWlPVWRFXC9tRFo3VzAzNVV1cHIrRmtPZ2k1bXBtWmJ1K0UxS3BtMG9tRzNzeUFGaWx6dUNqNDVoZkYzMDFxYTE3T2VrMDdKdFpkVlJ5ZVZOazBTTzFKNnVtTUd5VEdSOUlsRnB5NnNlOTUyVjRoUlpYTDdQZkM2RmxXY2pwb1htN1V6ekp1WTI0VVQ3ZFBEV2JqZW5GSnVXNG1jbEsxbU12MFg3YmRoXC9mTTkwVGJZOEpmcG96eFRhdzhGWWhnQjlBdzFRNUs3QmViZEhHc0hlQlwvQUQxMURPeVZVc0t3UyIsIm1hYyI6IjZmN2E0MTkyMGVjM2QzN2FhYWIwNjdlZGNhNDU1YzA3MjE1NTZmYjg2NzFhNzIxZjkyNDNkZjU1MmZlZmY1N2MifQ%3D%3D
HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 05:38:04 GMT
Content-Type: image/png
Content-Length: 5692
Connection: keep-alive
Cache-Control: max-age=2592000
Cf-Bgj: imgq:85,h2pri
Cf-Polished: status=not_needed
ETag: "5549a07c-163c"
Expires: Sat, 03 Dec 2022 22:33:44 GMT
Last-Modified: Wed, 06 May 2015 05:02:52 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
CF-Cache-Status: HIT
Age: 1407860
Accept-Ranges: bytes
Set-Cookie: __cf_bm=O1h5c4xK32oqkhA4R8gWhfKaQOz_Uhi8bb58wNMFe2g-1668922684-0-AV178SEbH/TnsV70KCqW5F99sLzjxJUOTcAcrFMRCgBaoClhlHIyP62kSWYz+dkSQL+YXKC/BeZkj9RkrrJQZGQ=; path=/; expires=Sun, 20-Nov-22 06:08:04 GMT; domain=.ouo.press; HttpOnly; SameSite=None
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76ced65a1fb90b51-OSL
hhklc.com/c.js
104.21.70.122200 OK 2.7 kB IP 104.21.70.122:0
File type ASCII text, with very long lines (8728), with no line terminators
Hash 5afde9e5b97c533ed8390f3550a13cc5
7aa9591327a2c07f3623a88e34d88d03543e0a35
6f87b9d97b8741e27eb0ba267aef4baf27531deea9401758d17b0b4d389640e8
GET /c.js HTTP/1.1
Host: hhklc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ouo.press/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 20 Nov 2022 05:38:04 GMT
content-type: application/javascript
last-modified: Fri, 11 Nov 2022 16:10:23 GMT
etag: W/"636e73ef-2218"
server-asp-net: Asp Net
expires: Sun, 20 Nov 2022 05:58:35 GMT
cache-control: public, max-age=14400
cf-cache-status: HIT
age: 1468
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UdbsXdXzDKoUBwlNxe2kSfb5Jnz%2B3FkceUA2SqQ%2B0hK52FxVHBonfTXq99zizYLmWr5hKTSwwpS3%2B12fuomT84hhxRdZz6GktINFjIJdVZlGlcnJi6jNoVy9oFM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ced65a2e7ffac4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 801bfa5219b8edbae22ab4be73ea5f1b
6795d174c6af1841ff34a78c0723c8fd9a69bdce
5288c50ab4af870e03058d86bbf4fca0cb0cbb10136580858cb7c05e91605805
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 05:38:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
itineraryupper.com/ed/36/01/ed36014633829dc70a42dccaefdf3f11.js
173.233.137.44200 OK 13 kB URL HTTP/1.1 itineraryupper.com/ed/36/01/ed36014633829dc70a42dccaefdf3f11.js
IP 173.233.137.44:0
File type ASCII text, with very long lines (37150), with no line terminators
Hash 9a4aca57b0f5b4239476fa81137f7f6d
77ff9fb449010399d97910f6db473d27aaefe2bf
9b7a4f02de506daaf7c69cda4855a138f5d421f6f7c130a80e9a443a44596ec5
GET /ed/36/01/ed36014633829dc70a42dccaefdf3f11.js HTTP/1.1
Host: itineraryupper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 20 Nov 2022 05:38:04 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4e87a0161fd515bfea5227cba3b66cd6
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
fonts.gstatic.com/s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2
216.58.207.195200 OK 19 kB URL HTTP/1.1 fonts.gstatic.com/s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 19292, version 1.0\012- data
Hash 19007b17e56daa60133bce9e9b352a95
bac1384caeae5762e7a1d8c18037f69c8cd21bc4
fd88a03358ba14440b78c6329717bdf6ed1a9fe97c3ad4e0a0a39d31fb1ac546
GET /s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://ouo.press
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 19292
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 17 Nov 2022 15:32:26 GMT
Expires: Fri, 17 Nov 2023 15:32:26 GMT
Cache-Control: public, max-age=31536000
Age: 223538
Last-Modified: Wed, 27 Apr 2022 16:12:54 GMT
Content-Type: font/woff2
friendshipmale.com/sfp.js
172.64.141.24200 OK 28 kB URL HTTP/1.1 friendshipmale.com/sfp.js
IP 172.64.141.24:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash b1fa950e77a7db5425f9a5257af02e9c
2d5580451f34ad96218f8b97edf9708f9ee1be87
d999c4320df27dc4a1d3de5aec22bb3ef201560b47a7eff3f28f4133c1997a14
Analyzer Verdict Alert quad9 Sinkholed
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 05:38:05 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: max-age=14400
X-Request-ID: 46ed37ec277dbfea190e8b210eaa50ec
Strict-Transport-Security: max-age=0; includeSubdomains
CF-Cache-Status: EXPIRED
Last-Modified: Sun, 20 Nov 2022 05:38:04 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Iv4vSh7ccamW3vT4DfbbJebDgLXe8jn9IXPHY%2FiIyy12ABBbjENbg6h8YVuEUtNRpFGMJG%2FvIrr6otvHKrSaZeoImu24qazDaYhSAdz6WChzbSpuHPimgivVwYVWpKMaDJySuCo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76ced65d08c6407e-LHR
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 0f162707471b694d9472aaa730586029
8e772c5ff60be51dbae5fb8e630f1f832f5138a6
8dbe631994a2b21d73969d226fc7cc6a17961a9fd4cc0c2656bd858761441ddc
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=121167
Date: Sun, 20 Nov 2022 05:38:05 GMT
Etag: "6378da9a-1d7"
Expires: Mon, 21 Nov 2022 15:17:32 GMT
Last-Modified: Sat, 19 Nov 2022 13:31:06 GMT
Server: ECS (nyb/1D2B)
X-Cache: Miss from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: DY8WU5I5qUudzp0-OVU3xzvrE24CzrppLL9Cg7Fn4CnEbei7uwp7fQ==
Age: 6386
simplewebanalysis.com/stats
18.185.190.54200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 18.185.190.54:0
File type ASCII text, with no line terminators
Hash f341a476fc6cffcc18ad942d4603c2d7
58fa32f5df3a89fa6d888fcfa34bce668f4b3685
bb71d3f77791d15cc2cb5159859f8570de28ff8f7c811e84ec52f8a65eadeaf3
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 20 Nov 2022 05:38:05 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://ouo.press
access-control-allow-credentials: true
set-cookie: uid_id2=38ca5ef8-22a2-426e-a1b8-402975f76ccc:2:1; expires=Wed, 17 Nov 2032 05:38:05 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
widgets.outbrain.com/images/widgetIcons/achoice.svg
23.38.201.81200 OK 2.7 kB URL HTTP/2 widgets.outbrain.com/images/widgetIcons/achoice.svg
IP 23.38.201.81:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2290)
Hash 9d26fa4e7238ed94f1d0d92afb453b3e
ae18efe7d09337bf2f580b3f5bc912284aad7821
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
GET /images/widgetIcons/achoice.svg HTTP/1.1
Host: widgets.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/svg+xml
etag: "9d26fa4e7238ed94f1d0d92afb453b3e:1662969032.874716"
last-modified: Mon, 12 Sep 2022 07:37:47 GMT
server: AkamaiNetStorage
content-length: 2735
cache-control: max-age=2592000
expires: Tue, 20 Dec 2022 05:38:05 GMT
date: Sun, 20 Nov 2022 05:38:05 GMT
timing-allow-origin: *, *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 31a83b4485ec788d1b2edf7f4db2fc69
df444fb902d3e71b6ce9036178065282b55e6c3f
f873afa22e47b4fdf60b9748f0e7f9ada82da134217a7e6a023fed2756149867
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5163
Cache-Control: max-age=140071
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 05:38:05 GMT
Etag: "63792939-116"
Expires: Mon, 21 Nov 2022 20:32:36 GMT
Last-Modified: Sat, 19 Nov 2022 19:06:33 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 278
jsc.adskeeper.co.uk/o/u/ouo.press.911109.js
172.64.153.20200 OK 929 B URL HTTP/2 jsc.adskeeper.co.uk/o/u/ouo.press.911109.js
IP 172.64.153.20:0
File type ASCII text, with very long lines (2380)
Hash 9f75706e49f33292121c21bb951a5e01
0d60dba153c2a297297158c430169312229d3c81
d5662e39ad5b6728cc878ba9ceb261ed5ecedf798c625119687339edeacee44b
GET /o/u/ouo.press.911109.js HTTP/1.1
Host: jsc.adskeeper.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 20 Nov 2022 05:38:05 GMT
content-type: text/javascript
content-length: 929
x-amz-id-2: vtn72bRmUV1i15SpQCdNuWH0xMJDxDYz07bZIht2oPQArC1gEiRra7yanwv+yUbg36svxSlF1s8=
x-amz-request-id: FPYKY5WP0W3DNCR7
last-modified: Thu, 03 Nov 2022 14:14:00 GMT
etag: "9f75706e49f33292121c21bb951a5e01"
content-encoding: gzip
x-amz-version-id: UO4is2f5stlkwNTZ1YnKhqwTJdu4VZO9
cf-cache-status: HIT
age: 6215
expires: Sun, 20 Nov 2022 09:38:05 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ced65e3d5fb529-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
jsc.adskeeper.co.uk/o/u/ouo.press.911109.es6.js
172.64.153.20200 OK 81 kB URL HTTP/2 jsc.adskeeper.co.uk/o/u/ouo.press.911109.es6.js
IP 172.64.153.20:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (32075)
Hash ed41bdebc66520dc5a317ff36d8bfdab
49b816858579e71b4a7cb8f2539ffca02498d91f
e734df14e38d127889d14db050450745f4cefe94e95209e2ffe9d509788c90fa
GET /o/u/ouo.press.911109.es6.js HTTP/1.1
Host: jsc.adskeeper.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 20 Nov 2022 05:38:05 GMT
content-type: text/javascript
content-length: 81189
x-amz-id-2: uBwKbib6rRKXAPfhmLsUl1hOTcelcDiS0MSbLSTLPOIUFkXNAkPVqEqe8OFoRdEeDJ408DumWus=
x-amz-request-id: CEGXGFN12H2GTA2V
last-modified: Thu, 03 Nov 2022 14:14:00 GMT
etag: "ed41bdebc66520dc5a317ff36d8bfdab"
content-encoding: gzip
x-amz-version-id: ky9s_6H_PYoqTimaHwDEpTBaosPbnmGt
cf-cache-status: HIT
age: 6214
expires: Sun, 20 Nov 2022 09:38:05 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ced65e5d6ab529-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
472 B IP :0
Hash 90715aa046abff979e36577f3247abb6
03edc43eb58ea3ea7cd3c87edeb700ef62bc7c5c
e059962a100bbbe671b29a701c93d67b8441b778e597acc8f2993710eef5c477
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash d561fb4c2606ae6f3e27b550aac78eb1
08fab66de067ec1b26229eb8ca8025228b1e77df
696702c1838990050310f6b21658aa22f4e5d69921a3043ad0f07923db441688
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 05:38:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
142.250.74.102200 OK 104 B URL HTTP/2 ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
IP 142.250.74.102:0
File type MS Windows icon resource - 2 icons, 16x16, 16 colors, 32x32, 16 colors\012- data
Hash 32ac8a9b81788b981a3a7e13c14082d4
fbfd48a2bfe8d4247a975176f88d18c3c2ad1952
00cc7617e054596ff0aaabd8a93a9214dc5304bfe317316022dbf4fb3ea073d2
GET /favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250 HTTP/1.1
Host: ad.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 104
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Sat, 19 Nov 2022 11:00:31 GMT
expires: Sun, 20 Nov 2022 11:00:31 GMT
cache-control: public, max-age=86400
age: 67054
last-modified: Tue, 08 May 2012 13:08:06 GMT
content-type: image/x-icon
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
142.250.74.163200 OK 163 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (730)
Size 163 kB (162976 bytes)
Hash 79d18cf4265108d7cecca1bf4ada6109
e51d0285a545381d4c39e9e0292a650ffeeecbb9
59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6
GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Nov 2022 15:30:33 GMT
expires: Fri, 17 Nov 2023 15:30:33 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
age: 223652
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 90715aa046abff979e36577f3247abb6
03edc43eb58ea3ea7cd3c87edeb700ef62bc7c5c
e059962a100bbbe671b29a701c93d67b8441b778e597acc8f2993710eef5c477
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 05:38:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash d561fb4c2606ae6f3e27b550aac78eb1
08fab66de067ec1b26229eb8ca8025228b1e77df
696702c1838990050310f6b21658aa22f4e5d69921a3043ad0f07923db441688
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 05:38:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash c28dcab32cb68e75be2f9d541e417a3c
7e94e4d48e4004090b100451a37752a7ae691550
fe2434a22cb390d054adcb47b67cbc3d1141a753f87839723554dd1bced75e45
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 05:38:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
142.250.74.10200 OK 1.0 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
IP 142.250.74.10:0
Hash b2e89f0ce3978679f36ba3cdab42f974
a6b8e54f9f69d348d7c1bec33dcedc3f9dfe4723
16861c6aefad4bc9aa52be20f87dd247d9b1592dd04668cb75df5887d3da0254
GET /css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 20 Nov 2022 05:38:05 GMT
date: Sun, 20 Nov 2022 05:38:05 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash c28dcab32cb68e75be2f9d541e417a3c
7e94e4d48e4004090b100451a37752a7ae691550
fe2434a22cb390d054adcb47b67cbc3d1141a753f87839723554dd1bced75e45
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 05:38:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
c.amazon-adsystem.com/aax2/apstag.js
143.204.46.73301 Moved Permanently 167 B URL HTTP/2 c.amazon-adsystem.com/aax2/apstag.js
IP 143.204.46.73:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /aax2/apstag.js HTTP/1.1
Host: c.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
content-type: text/html
content-length: 167
location: https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
server: CloudFront
date: Sat, 19 Nov 2022 22:27:06 GMT
via: 1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront), 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA60-P1, OSL50-C1
x-amz-cf-id: KMy6GjuxF6-dfZtudAjQtPQgVjJLWpPccwrXkgyCWWe5vnzRRMvyJQ==
age: 25859
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
151.101.85.229200 OK 9.2 kB URL HTTP/2 cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
IP 151.101.85.229:0
File type ASCII text, with very long lines (27677)
Hash 644ba7e773cf65b0bad3e0bfd876fadb
62e327afb13b45d6bd9cdb5b77259f4c48667ca5
44e73c184d22730c0b64b805501bad4b2bbbfc4e6a56de8832f0e5c0a211cb52
GET /npm/prebid-universal-creative@latest/dist/creative.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.14.1
x-jsd-version-type: version
etag: W/"6c5a-y+sK0xXzH8ASLq957N20gljeHO8"
content-encoding: gzip
accept-ranges: bytes
date: Sun, 20 Nov 2022 05:38:05 GMT
age: 40458
x-served-by: cache-fra-eddf8230118-FRA, cache-bma1625-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 9244
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.20.226:0
Hash 46eb78b5fd68b90f84f87e990cc81083
47b798fac5f2fdca57d4935ea9e82ee22c5f100f
9b532b0c0c7c9368c0d4fffac3321265aac51e159eb79fb4c2a22ecf7ca16963
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 05:38:05 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "360BA29E574C17609D9E22F15E0C710B43AF6353"
Expires: Sun, 20 Nov 2022 17:00:00 GMT
Last-Modified: Sun, 20 Nov 2022 05:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 23
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76ced661afa2b51e-OSL
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 511badbf81adc2c87961b101d3611b54
c263b51bd0a9eedbec02a04941178a371e19579e
a426e4610ad3636c6cb72f99072319cddd86e3c0e70482280519cd7c80eef6f1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2535
Cache-Control: max-age=108657
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 05:38:06 GMT
Etag: "6378b8c8-139"
Expires: Mon, 21 Nov 2022 11:49:03 GMT
Last-Modified: Sat, 19 Nov 2022 11:06:48 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash feccbd2ef60f05c7e36ec8465b44f65c
226420c672d48e98f4a4c0832db2b31d9163df09
0cd6ff678ff7efbab09293c1ff1c12c72743a27b70df0a20b708de952ea04737
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5264
Cache-Control: max-age=161793
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 05:38:06 GMT
Etag: "63797daf-1d7"
Expires: Tue, 22 Nov 2022 02:34:39 GMT
Last-Modified: Sun, 20 Nov 2022 01:06:55 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
bidder.criteo.com/cdb?profileId=207&av=34&wv=6.2.0&cb=64139819494
178.250.0.165200 OK 44 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=6.2.0&cb=64139819494
IP 178.250.0.165:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5f1dcf53824ce88cdb7941d34db3f19d
4164a13e3f53e1f002606a807d64a92620720fb0
3a803b7520764b5266cfac90aa9f9b2ff931109f489d9a1deb24aa686c239a74
POST /cdb?profileId=207&av=34&wv=6.2.0&cb=64139819494 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 484
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 20 Nov 2022 05:38:05 GMT
vary: Origin
server: Finatra
content-type: application/json; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: http://ouo.press
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-encoding: gzip
content-length: 44
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18438&site_id=202928&zone_id=1317174&size_id=2&rp_schain=1.0,1!firstimpression.io,7419,1,,,&rf=http%3A%2F%2Fouo.press%2FE8qPJV&kw=ouo.press%2Cshortlinks%2Clinkshortener%2CfreeURLshortener&tg_i.ref=http%3A%2F%2Fouo.press%2FE8qPJV&tg_i.page=http%3A%2F%2Fouo.press%2FE8qPJV&tg_i.domain=ouo.press&tg_i.figroup=a9&tk_flint=pbjs_lite_v6.2.0&x_source.tid=bbf8c456-68ab-4259-bcfc-ee525ae495e4&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3344974372340377
213.19.162.41200 OK 346 B URL HTTP/2 fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18438&site_id=202928&zone_id=1317174&size_id=2&rp_schain=1.0,1!firstimpression.io,7419,1,,,&rf=http%3A%2F%2Fouo.press%2FE8qPJV&kw=ouo.press%2Cshortlinks%2Clinkshortener%2CfreeURLshortener&tg_i.ref=http%3A%2F%2Fouo.press%2FE8qPJV&tg_i.page=http%3A%2F%2Fouo.press%2FE8qPJV&tg_i.domain=ouo.press&tg_i.figroup=a9&tk_flint=pbjs_lite_v6.2.0&x_source.tid=bbf8c456-68ab-4259-bcfc-ee525ae495e4&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3344974372340377
IP 213.19.162.41:0
File type JSON data\012- , ASCII text, with very long lines (346), with no line terminators
Hash 90a49c66cc35e664b277c5bdaa46de32
b92cfe68e5dde7a4b0a7b02ebc4df318a070b37e
45e08257f049d906e7ac6baa71d5f9f13032ae24fee5c63f7f6a8faeed62b1bc
GET /a/api/fastlane.json?account_id=18438&site_id=202928&zone_id=1317174&size_id=2&rp_schain=1.0,1!firstimpression.io,7419,1,,,&rf=http%3A%2F%2Fouo.press%2FE8qPJV&kw=ouo.press%2Cshortlinks%2Clinkshortener%2CfreeURLshortener&tg_i.ref=http%3A%2F%2Fouo.press%2FE8qPJV&tg_i.page=http%3A%2F%2Fouo.press%2FE8qPJV&tg_i.domain=ouo.press&tg_i.figroup=a9&tk_flint=pbjs_lite_v6.2.0&x_source.tid=bbf8c456-68ab-4259-bcfc-ee525ae495e4&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3344974372340377 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.21.4
date: Sun, 20 Nov 2022 05:38:06 GMT
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-credentials: true
access-control-allow-origin: http://ouo.press
pragma: no-cache
vary: Accept-Encoding
set-cookie: khaos=LAOXH69Q-17-7LNP; Domain=.rubiconproject.com; Path=/; Expires=Mon, 20-Nov-2023 05:38:06 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|naVuGyos1qqSCbMawrxRku9DtVM30fCgnj+jX/vsGdbf4DSyJW8ftpZjSCqH74hcJhsHlJbldDdJwe9iGXKQTKZr5ZVxLWDe; Domain=.rubiconproject.com; Path=/; Expires=Mon, 20-Nov-2023 05:38:06 GMT; Max-Age=31536000; SameSite=None; Secure
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 346
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
185.89.210.90200 OK 145 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 185.89.210.90:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 1761a9965cb4216c31fb761051ecb437
8cc34a07a6955dacce8a012975dd94b3c2ec07b7
7cba6ab4cd19f87810d93d3437c542e7d574bbc6a4fcb17c2c5ba05a3db0c3aa
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 679
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 20 Nov 2022 05:38:06 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 145
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://ouo.press
AN-X-Request-Uuid: 3c02a609-4097-4e3c-90eb-babadb02d93b
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/ut/v3/prebid
185.89.210.90200 OK 145 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 185.89.210.90:0
File type JSON data\012- , ASCII text, with no line terminators
Hash ab7ee450782ad6769af808517b042ccb
64b005688c9765570fe6c83b6c0ba64d8a163569
baf92a40d12514d85bdf9c7230f63e985e13943f64b87f6d5f4131b5f3f9b0f0
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 559
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 20 Nov 2022 05:38:06 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 145
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://ouo.press
AN-X-Request-Uuid: 4da1f5f5-c63d-4bea-b49f-336977805af8
Set-Cookie: icu=ChgIw6tREAoYASABKAEwvvrmmwY4AUABSAEQvvrmmwYYAA..; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 18-Feb-2023 05:38:06 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=644776124526217683; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 18-Feb-2023 05:38:06 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
unseenreport.com/pxf.gif?uuid=38ca5ef8-22a2-426e-a1b8-402975f76ccc&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=ed36014633829dc70a42dccaefdf3f11&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=5
192.243.59.20200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=38ca5ef8-22a2-426e-a1b8-402975f76ccc&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=ed36014633829dc70a42dccaefdf3f11&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=5
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=38ca5ef8-22a2-426e-a1b8-402975f76ccc&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=ed36014633829dc70a42dccaefdf3f11&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=5 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Sun, 20 Nov 2022 05:38:06 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a75db14dd4ab33aa8bec71dc5c80299e
Strict-Transport-Security: max-age=0; includeSubdomains
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 4b48af2c89252613771b8cae29f772ed
bdf2912eb99053166888eb9e4e4e06fee3078fc9
da9736796d6aeb85730c148ea3fc234e7d668c7236691a92ca93b20491dd741c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 05:38:06 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 19 Nov 2022 13:55:55 GMT
Expires: Sat, 26 Nov 2022 13:55:54 GMT
Etag: "bdf2912eb99053166888eb9e4e4e06fee3078fc9"
Cache-Control: max-age=547667,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76ced664acf8b50c-OSL
tag.1rx.io/rmp/212927/0/mvo?z=1r&hbv=6.2,2.1
213.19.147.43204 No Content 0 B URL HTTP/2 tag.1rx.io/rmp/212927/0/mvo?z=1r&hbv=6.2,2.1
IP 213.19.147.43:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /rmp/212927/0/mvo?z=1r&hbv=6.2,2.1 HTTP/1.1
Host: tag.1rx.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 616
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 20 Nov 2022 05:38:06 GMT
access-control-allow-origin: http://ouo.press
access-control-allow-credentials: true
pragma: no-cache
cache-control: private, max-age=0, no-cache, no-store
X-Firefox-Spdy: h2
cdn.firstimpression.io/delivery/lg.php?bannerid=65637%7C65638%7C65639%7C83411%7C93863%7C100721&campaignid=18%7C15%7C9%7C44%7C43%7C22&zoneid=110459%7C110459%7C110459%7C110459%7C110459%7C110459
54.230.111.89200 OK 2.7 kB URL HTTP/2 cdn.firstimpression.io/delivery/lg.php?bannerid=65637%7C65638%7C65639%7C83411%7C93863%7C100721&campaignid=18%7C15%7C9%7C44%7C43%7C22&zoneid=110459%7C110459%7C110459%7C110459%7C110459%7C110459
IP 54.230.111.89:0
File type ASCII text, with very long lines (6483), with no line terminators
Hash bd3397ccdcc1957209000b274a54e938
dab32b89fecb0e85a11926a61854336aa76c6282
048cd263965723420ef9f45c703d2b5a3a137fa73552c5c09914e6226d5be0e2
POST /delivery/lg.php?bannerid=65637%7C65638%7C65639%7C83411%7C93863%7C100721&campaignid=18%7C15%7C9%7C44%7C43%7C22&zoneid=110459%7C110459%7C110459%7C110459%7C110459%7C110459 HTTP/1.1
Host: cdn.firstimpression.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Cookie: OAID=GDPR
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
date: Sun, 20 Nov 2022 05:38:06 GMT
server: nginx/1.20.0
vary: Accept-Encoding
x-powered-by: PHP/8.0.14
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
expires: 0
access-control-allow-origin: http://ouo.press
p3p: CP="CUR ADM OUR NOR STA NID"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Ol-lO-BSh9mVsiaJtYcB8HBr96t58ERwh51kpYcKir_a_ArtkWY7SQ==
X-Firefox-Spdy: h2
c.amazon-adsystem.com/cdn/prod/config?src=600&u=http%3A%2F%2Fouo.press&pubid=4cd01fd0-0780-4b33-a4da-c39467660185
143.204.46.73204 No Content 0 B URL HTTP/2 c.amazon-adsystem.com/cdn/prod/config?src=600&u=http%3A%2F%2Fouo.press&pubid=4cd01fd0-0780-4b33-a4da-c39467660185
IP 143.204.46.73:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cdn/prod/config?src=600&u=http%3A%2F%2Fouo.press&pubid=4cd01fd0-0780-4b33-a4da-c39467660185 HTTP/1.1
Host: c.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
access-control-allow-origin: http://ouo.press
access-control-allow-credentials: true
cache-control: max-age=21550, s-maxage=21600
date: Sun, 20 Nov 2022 05:38:06 GMT
server: Server
x-cache: Miss from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: eNJYZLaBti5grZuSWloQTYvzgk7QGkI_ZOmazJYRjKhRdWJPHf1qcg==
X-Firefox-Spdy: h2
aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=http%3A%2F%2Fouo.press%2FE8qPJV&pr=http%3A%2F%2Fouo.press%2FE8qPJV%3F__cf_chl_tk%3D7Ey7jib5_TG9J1PRFrPC_ozmXJDnBHw2U_U6_KkzfQo-1668922680-0-gaNycGzNAv0&pid=Mc1arOgQJZF10&cb=0&ws=728x90&v=22.1107.1609&t=2000&slots=%5B%7B%22sd%22%3A%2293863%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%5D&schain=1.0%2C1!firstimpression.io%2C7419%2C1%2C%2C%2C&pubid=4cd01fd0-0780-4b33-a4da-c39467660185&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
143.204.52.189200 OK 165 B URL HTTP/2 aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=http%3A%2F%2Fouo.press%2FE8qPJV&pr=http%3A%2F%2Fouo.press%2FE8qPJV%3F__cf_chl_tk%3D7Ey7jib5_TG9J1PRFrPC_ozmXJDnBHw2U_U6_KkzfQo-1668922680-0-gaNycGzNAv0&pid=Mc1arOgQJZF10&cb=0&ws=728x90&v=22.1107.1609&t=2000&slots=%5B%7B%22sd%22%3A%2293863%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%5D&schain=1.0%2C1!firstimpression.io%2C7419%2C1%2C%2C%2C&pubid=4cd01fd0-0780-4b33-a4da-c39467660185&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
IP 143.204.52.189:0
File type ASCII text, with no line terminators
Hash 524702d9c4ac8c61e27c3d850412f10f
199d4d5b602799e1a01577115d249b9707dbf37a
7e4302335da0ce23c817a82d8d34836aef6ef7fb136f731d4ba29a7e4d762a7b
GET /e/dtb/bid?src=600&u=http%3A%2F%2Fouo.press%2FE8qPJV&pr=http%3A%2F%2Fouo.press%2FE8qPJV%3F__cf_chl_tk%3D7Ey7jib5_TG9J1PRFrPC_ozmXJDnBHw2U_U6_KkzfQo-1668922680-0-gaNycGzNAv0&pid=Mc1arOgQJZF10&cb=0&ws=728x90&v=22.1107.1609&t=2000&slots=%5B%7B%22sd%22%3A%2293863%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%5D&schain=1.0%2C1!firstimpression.io%2C7419%2C1%2C%2C%2C&pubid=4cd01fd0-0780-4b33-a4da-c39467660185&gdprl=%7B%22status%22%3A%22no-cmp%22%7D HTTP/1.1
Host: aax-dtb-cf.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
content-length: 165
server: Server
date: Sun, 20 Nov 2022 05:38:06 GMT
x-amz-rid: VJ0EHVG3RFX1G5Q0P0XV
access-control-allow-origin: http://ouo.press
access-control-allow-credentials: true
timing-allow-origin: *
strict-transport-security: max-age=47474747; includeSubDomains; preload
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: wQ6ERzEt4YBx98EdAqqMwl3cIYD6RNIAwm03cz_G8MRiMKivccKtWA==
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 15ee34946fa8b3741ff57c87a0396369
c5e3c28380c118a4ef10e84f77d6dc80a827d16a
1ba3003ac07cacc944cf6adf0af91fdcfae0314c7ee8e59bb7946f0112c5c900
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BA3003AC07CACC944CF6ADF0AF91FDCFAE0314C7EE8E59BB7946F0112C5C900"
Last-Modified: Sat, 19 Nov 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8104
Expires: Sun, 20 Nov 2022 07:53:10 GMT
Date: Sun, 20 Nov 2022 05:38:06 GMT
Connection: keep-alive
moleconcern.com/sbar.json?key=ed36014633829dc70a42dccaefdf3f11&uuid=38ca5ef8-22a2-426e-a1b8-402975f76ccc%3A2%3A1
173.233.137.36200 OK 3.0 kB URL HTTP/1.1 moleconcern.com/sbar.json?key=ed36014633829dc70a42dccaefdf3f11&uuid=38ca5ef8-22a2-426e-a1b8-402975f76ccc%3A2%3A1
IP 173.233.137.36:0
File type JSON data\012- , ASCII text, with very long lines (5818), with no line terminators
Hash 2a35fd686417d328e4fce9e86809312c
50afe09f6f3a4a4afa241e53614c9c66ad7c98a7
0c09805a2ea5ad493014776d0c7d54292d8e8030aad5ae5942fb2e6cf6a9a214
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=ed36014633829dc70a42dccaefdf3f11&uuid=38ca5ef8-22a2-426e-a1b8-402975f76ccc%3A2%3A1 HTTP/1.1
Host: moleconcern.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 20 Nov 2022 05:38:07 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://ouo.press
Access-Control-Allow-Origin: http://ouo.press
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=15424691; expires=Mon, 21 Nov 2022 05:38:07 GMT; secure; SameSite=None
uid_id2=38ca5ef8-22a2-426e-a1b8-402975f76ccc:2:1; expires=Sun, 27 Nov 2022 05:38:07 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 21 Nov 2022 05:38:07 GMT; secure; SameSite=None
uncs=1; expires=Mon, 21 Nov 2022 05:38:07 GMT; secure; SameSite=None
pdhtkv29=true; expires=Mon, 21 Nov 2022 05:38:07 GMT; secure; SameSite=None
uncs29=1; expires=Mon, 21 Nov 2022 05:38:07 GMT; secure; SameSite=None
sleced36014633829dc70a42dccaefdf3f11=[3789937]; expires=Sun, 20 Nov 2022 05:38:12 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d3d4059af5cc0f92ddd96c414f08e2f6
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 848c991d2cfac8736cbff644cdc171e3
912c6d636148f6c7269602166d62eacf81426270
7f102f0dcda5d31f36af051fb9f5970ebcad56d230daba65cd52e1be38050084
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7F102F0DCDA5D31F36AF051FB9F5970EBCAD56D230DABA65CD52E1BE38050084"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1944
Expires: Sun, 20 Nov 2022 06:10:31 GMT
Date: Sun, 20 Nov 2022 05:38:07 GMT
Connection: keep-alive
moleconcern.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skxR%2Btznf38FUQFC8elEE8KJhJ%2F5pf7mExrpFgTMLuSi4erK6qnpSp7mqruqcnOQUXlz2ON4%2BdN8mG1UVcPC8rEy8SEDIKSxDzD3gRhD3LTEYGP4f%2BfN7ndcF7r%2BruQXFBXBT0fPMjvSeVokuNult7c0umXJe2tn675rl191ptS6bN8FqtP%2FmY3jue26i7b9U%2BEGxHL%2Fmu57qe69VWpBGx7i9NWcjsYcerd9x66Ne9Roi%2B%2BS%2B2hQNLHfDeBXkJko%2Bvbv%2F8CJKNkCbf3xB2J9fZ2%2B8nhaK5Nujx44%2FTnVSXKZL5GBsHcXo8%2Bxvajgn5egE6PZ45gO4dThwgkmPiPPUQpcczmYh6R5dKIwWRIuLPo%2ByNINQIko7A9B1IfkYAxrG%2BgTS5v65NSXcvWTphx%2BTKs78hyzG58sfLSJPvlpXs125pVeRSpxb9uILsjyC7I2TFCfI9B7I8Acu%2FgOS%2FkKVna0iTww2rNCQ%2FfyNoM9oQcXvR96m%2FGPpNsUi9qL0Yun6n1YhbTcbYNCIpR5DxCEoMQO0CCuugkA6K2EGROUj4eY02OrHrtuIoDoJ2yBgLAsYa7SZv8CBsxy4KNvEwQJ4NwNQAzOwjM%2FvYkQOY4kfY7QqWO7A5QY9XKAVBaQlKSlBKgjInKHvVEVfWt9V9rmwRebPuz3pQDXXePaBHOu%2BKlBxkF%2BTFaXB%2FfvIDdsR5TfCg6XphMwjafoezlktDnzNGRczjIPY8WFlB2gVQ62BPnr3wFJk8%2B3%2BFiJ7AqhMw%2BTpo8SpoOWz5Luj2MGy72Esf6ELXMyOsBdcVsvwq8l3nQF2QV6YCOr99DsFOyazATIXMVPhM%2FkTQVfeGN3VJDm%2Fq0pJHG1kuE7lHJ7d6K6e5cL75UOyW2vDVG3bw4F02ISbjw9vC5ms05TLtWvLtsuRcmBVtmCCPV%2B2WiDYLu71cmLTI1jbfW1lNpgKlTkeg8uzTJ2ByTJ5L7k7f62u%2FfwlpRjBFhaSYK5X6BCzbh83mO6sJjJrjKHNQFtXQ%2BNF8qSSBEnNMowpWnD75699D8%2FnA3kPXOKD5HaRJhZ6p0FMVqBrAFv8b5pk5vf5rMC1EyhlGyjiHkTLqq8torTyviUbsxsL1RRR3orhFXd6Jw05EO55oRQ3qIbdjtvv4%2Bj8AAAD%2F%2FwEAAP%2F%2FZ2hTPocEAAA%3D
173.233.137.36200 OK 7 B URL HTTP/1.1 moleconcern.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skxR%2Btznf38FUQFC8elEE8KJhJ%2F5pf7mExrpFgTMLuSi4erK6qnpSp7mqruqcnOQUXlz2ON4%2BdN8mG1UVcPC8rEy8SEDIKSxDzD3gRhD3LTEYGP4f%2BfN7ndcF7r%2BruQXFBXBT0fPMjvSeVokuNult7c0umXJe2tn675rl191ptS6bN8FqtP%2FmY3jue26i7b9U%2BEGxHL%2Fmu57qe69VWpBGx7i9NWcjsYcerd9x66Ne9Roi%2B%2BS%2B2hQNLHfDeBXkJko%2Bvbv%2F8CJKNkCbf3xB2J9fZ2%2B8nhaK5Nujx44%2FTnVSXKZL5GBsHcXo8%2Bxvajgn5egE6PZ45gO4dThwgkmPiPPUQpcczmYh6R5dKIwWRIuLPo%2ByNINQIko7A9B1IfkYAxrG%2BgTS5v65NSXcvWTphx%2BTKs78hyzG58sfLSJPvlpXs125pVeRSpxb9uILsjyC7I2TFCfI9B7I8Acu%2FgOS%2FkKVna0iTww2rNCQ%2FfyNoM9oQcXvR96m%2FGPpNsUi9qL0Yun6n1YhbTcbYNCIpR5DxCEoMQO0CCuugkA6K2EGROUj4eY02OrHrtuIoDoJ2yBgLAsYa7SZv8CBsxy4KNvEwQJ4NwNQAzOwjM%2FvYkQOY4kfY7QqWO7A5QY9XKAVBaQlKSlBKgjInKHvVEVfWt9V9rmwRebPuz3pQDXXePaBHOu%2BKlBxkF%2BTFaXB%2FfvIDdsR5TfCg6XphMwjafoezlktDnzNGRczjIPY8WFlB2gVQ62BPnr3wFJk8%2B3%2BFiJ7AqhMw%2BTpo8SpoOWz5Luj2MGy72Esf6ELXMyOsBdcVsvwq8l3nQF2QV6YCOr99DsFOyazATIXMVPhM%2FkTQVfeGN3VJDm%2Fq0pJHG1kuE7lHJ7d6K6e5cL75UOyW2vDVG3bw4F02ISbjw9vC5ms05TLtWvLtsuRcmBVtmCCPV%2B2WiDYLu71cmLTI1jbfW1lNpgKlTkeg8uzTJ2ByTJ5L7k7f62u%2FfwlpRjBFhaSYK5X6BCzbh83mO6sJjJrjKHNQFtXQ%2BNF8qSSBEnNMowpWnD75699D8%2FnA3kPXOKD5HaRJhZ6p0FMVqBrAFv8b5pk5vf5rMC1EyhlGyjiHkTLqq8torTyviUbsxsL1RRR3orhFXd6Jw05EO55oRQ3qIbdjtvv4%2Bj8AAAD%2F%2FwEAAP%2F%2FZ2hTPocEAAA%3D
IP 173.233.137.36:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skxR%2Btznf38FUQFC8elEE8KJhJ%2F5pf7mExrpFgTMLuSi4erK6qnpSp7mqruqcnOQUXlz2ON4%2BdN8mG1UVcPC8rEy8SEDIKSxDzD3gRhD3LTEYGP4f%2BfN7ndcF7r%2BruQXFBXBT0fPMjvSeVokuNult7c0umXJe2tn675rl191ptS6bN8FqtP%2FmY3jue26i7b9U%2BEGxHL%2Fmu57qe69VWpBGx7i9NWcjsYcerd9x66Ne9Roi%2B%2BS%2B2hQNLHfDeBXkJko%2Bvbv%2F8CJKNkCbf3xB2J9fZ2%2B8nhaK5Nujx44%2FTnVSXKZL5GBsHcXo8%2Bxvajgn5egE6PZ45gO4dThwgkmPiPPUQpcczmYh6R5dKIwWRIuLPo%2ByNINQIko7A9B1IfkYAxrG%2BgTS5v65NSXcvWTphx%2BTKs78hyzG58sfLSJPvlpXs125pVeRSpxb9uILsjyC7I2TFCfI9B7I8Acu%2FgOS%2FkKVna0iTww2rNCQ%2FfyNoM9oQcXvR96m%2FGPpNsUi9qL0Yun6n1YhbTcbYNCIpR5DxCEoMQO0CCuugkA6K2EGROUj4eY02OrHrtuIoDoJ2yBgLAsYa7SZv8CBsxy4KNvEwQJ4NwNQAzOwjM%2FvYkQOY4kfY7QqWO7A5QY9XKAVBaQlKSlBKgjInKHvVEVfWt9V9rmwRebPuz3pQDXXePaBHOu%2BKlBxkF%2BTFaXB%2FfvIDdsR5TfCg6XphMwjafoezlktDnzNGRczjIPY8WFlB2gVQ62BPnr3wFJk8%2B3%2BFiJ7AqhMw%2BTpo8SpoOWz5Luj2MGy72Esf6ELXMyOsBdcVsvwq8l3nQF2QV6YCOr99DsFOyazATIXMVPhM%2FkTQVfeGN3VJDm%2Fq0pJHG1kuE7lHJ7d6K6e5cL75UOyW2vDVG3bw4F02ISbjw9vC5ms05TLtWvLtsuRcmBVtmCCPV%2B2WiDYLu71cmLTI1jbfW1lNpgKlTkeg8uzTJ2ByTJ5L7k7f62u%2FfwlpRjBFhaSYK5X6BCzbh83mO6sJjJrjKHNQFtXQ%2BNF8qSSBEnNMowpWnD75699D8%2FnA3kPXOKD5HaRJhZ6p0FMVqBrAFv8b5pk5vf5rMC1EyhlGyjiHkTLqq8torTyviUbsxsL1RRR3orhFXd6Jw05EO55oRQ3qIbdjtvv4%2Bj8AAAD%2F%2FwEAAP%2F%2FZ2hTPocEAAA%3D HTTP/1.1
Host: moleconcern.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ouo.press/
Cookie: u_pl=15424691; uid_id2=38ca5ef8-22a2-426e-a1b8-402975f76ccc:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleced36014633829dc70a42dccaefdf3f11=[3789937]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 20 Nov 2022 05:38:07 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7f4b41d10d21bb5ed4eaa9f1fe95b186
Strict-Transport-Security: max-age=0; includeSubdomains
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 03a91498bb5c902fd8900cec3af9299d
2d7f9203166e5b15ff31de68929155e44e285e98
5d2c8c4facc6a4f2a3a6876cf43fd5ff9bb58b8e4fb3577427744c3b75c98558
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "5D2C8C4FACC6A4F2A3A6876CF43FD5FF9BB58B8E4FB3577427744C3B75C98558"
Last-Modified: Fri, 18 Nov 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19570
Expires: Sun, 20 Nov 2022 11:04:17 GMT
Date: Sun, 20 Nov 2022 05:38:07 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 03a91498bb5c902fd8900cec3af9299d
2d7f9203166e5b15ff31de68929155e44e285e98
5d2c8c4facc6a4f2a3a6876cf43fd5ff9bb58b8e4fb3577427744c3b75c98558
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "5D2C8C4FACC6A4F2A3A6876CF43FD5FF9BB58B8E4FB3577427744C3B75C98558"
Last-Modified: Fri, 18 Nov 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19570
Expires: Sun, 20 Nov 2022 11:04:17 GMT
Date: Sun, 20 Nov 2022 05:38:07 GMT
Connection: keep-alive
cdn.creative-bars1.com/sb/notifications/games/hentai-heroes/us/adult/desc/1/img/CLOSE.png
172.64.108.13200 OK 7.0 kB URL HTTP/2 cdn.creative-bars1.com/sb/notifications/games/hentai-heroes/us/adult/desc/1/img/CLOSE.png
IP 172.64.108.13:0
File type PNG image data, 46 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash bff204d9ae1fa57a3f99f5699abe32c2
6f6ba7ca538b3164fa18d6b0a612bf10eb9b6404
1ac1d5aa4b673a0d1e87ac7bf4c4fcca0d38070329342ce456db34f1179404ca
GET /sb/notifications/games/hentai-heroes/us/adult/desc/1/img/CLOSE.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 20 Nov 2022 05:38:07 GMT
content-type: image/png
content-length: 6989
last-modified: Thu, 18 Aug 2022 09:43:01 GMT
etag: "62fe09a5-1b4d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 402344
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L37D%2F7ZI%2Bc7qsEFtDVHptRHbUt3eCb7Kti0%2Fd%2FzNKLR8H%2FAAIR1TCS9Jwu0p7VoewMqao%2BY%2B1gPeMcIROb2%2BJE9ePXo4qyzmKqTHiiQA%2BPliypWesvTMHbOV3C%2Fn1zqWkrR4JEbqzjnV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ced66c8943e66c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/games/hentai-heroes/us/adult/desc/1/img/base.png
172.64.108.13200 OK 26 kB URL HTTP/2 cdn.creative-bars1.com/sb/notifications/games/hentai-heroes/us/adult/desc/1/img/base.png
IP 172.64.108.13:0
File type PNG image data, 367 x 224, 8-bit/color RGBA, non-interlaced\012- data
Hash 5d72b18d01abc22c598d778e38097686
f37829f41642cd9dfc081e56907db5b76683bb0a
f04bd4b97deb48d1864f36b341e4599d8652f6264637f8c6fb6bf0bf2493e3b8
GET /sb/notifications/games/hentai-heroes/us/adult/desc/1/img/base.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 20 Nov 2022 05:38:07 GMT
content-type: image/png
content-length: 25927
last-modified: Thu, 18 Aug 2022 09:43:00 GMT
etag: "62fe09a4-6547"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 402344
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oBwglpodrl2t9Is3%2FV9GOoJIkTEurmtlEw48FaONiz%2BoVQ4FdwwUgaDHzt2qOIWVIQr%2FHYFnbIXzm5zQ6A2i0hMSDBqnhgnlU7TBpxc8jiMSKxsBh1iWCPlO4WZ98pM7Sk1Szx31h2Ge"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ced66c9946e66c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/games/hentai-heroes/us/adult/desc/1/img/play.png
172.64.108.13200 OK 15 kB URL HTTP/2 cdn.creative-bars1.com/sb/notifications/games/hentai-heroes/us/adult/desc/1/img/play.png
IP 172.64.108.13:0
File type PNG image data, 112 x 112, 8-bit/color RGBA, non-interlaced\012- data
Hash 179a02e1eff01a29bea0b1252324937e
921b511757b312246303d4bf8d0f542afa3399c3
e8f1574434b503e8bdf0510cfde2b732e2ebea6bee22d1c23e199be3dda25e64
GET /sb/notifications/games/hentai-heroes/us/adult/desc/1/img/play.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 20 Nov 2022 05:38:07 GMT
content-type: image/png
content-length: 15132
last-modified: Thu, 18 Aug 2022 09:43:00 GMT
etag: "62fe09a4-3b1c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 402344
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TicI2hppikRFmiJb5JDFaGi7nV5gfOTSjXH9ySqWfgNDktPxmxSnG62TxSpXzX9vQglr8PQlYVNd0j3Eta1tvKt0bFdwahfBNMhxQsHjl5tEYY9rXJTWe6sRBpyJpCCP8ZUhuuc%2FV87p"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ced66c9949e66c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/games/hentai-heroes/us/adult/desc/1/img/girl.png
172.64.108.13200 OK 89 kB URL HTTP/2 cdn.creative-bars1.com/sb/notifications/games/hentai-heroes/us/adult/desc/1/img/girl.png
IP 172.64.108.13:0
File type PNG image data, 175 x 282, 8-bit/color RGBA, non-interlaced\012- data
Hash 237adbb16774eca98f1bfd9d75d48db8
c9d428429ef2bc4628286d69c85956a5572e3de8
926a625cbb91d166cf89240e99d97868d02ff0567ee3486ad8492ce905076b76
GET /sb/notifications/games/hentai-heroes/us/adult/desc/1/img/girl.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 20 Nov 2022 05:38:07 GMT
content-type: image/png
content-length: 88721
last-modified: Thu, 18 Aug 2022 09:43:00 GMT
etag: "62fe09a4-15a91"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 402344
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mqTEIFN7bSPNgZy09p0PjMXfwwC7Q6LZREGEya1x7gZh9FLS1at0xxcVE%2BWZH9rVU%2B1Lw0LYRVIJofecQJrhYrjT42S%2FdX8QsA0md%2B7AcOYbpsmKIKkL%2B8RPe%2FqADhhY1yRa2YsQkU%2BN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ced66c9948e66c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
moleconcern.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fnotifications%2Fgames%2Fhentai-heroes%2Fus%2Fadult%2Fdesc%2F1%2Findex.html&l=1604&fd=128
173.233.137.36200 OK 0 B URL HTTP/1.1 moleconcern.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fnotifications%2Fgames%2Fhentai-heroes%2Fus%2Fadult%2Fdesc%2F1%2Findex.html&l=1604&fd=128
IP 173.233.137.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fnotifications%2Fgames%2Fhentai-heroes%2Fus%2Fadult%2Fdesc%2F1%2Findex.html&l=1604&fd=128 HTTP/1.1
Host: moleconcern.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 20 Nov 2022 05:38:07 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 03a91498bb5c902fd8900cec3af9299d
2d7f9203166e5b15ff31de68929155e44e285e98
5d2c8c4facc6a4f2a3a6876cf43fd5ff9bb58b8e4fb3577427744c3b75c98558
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "5D2C8C4FACC6A4F2A3A6876CF43FD5FF9BB58B8E4FB3577427744C3B75C98558"
Last-Modified: Fri, 18 Nov 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19570
Expires: Sun, 20 Nov 2022 11:04:17 GMT
Date: Sun, 20 Nov 2022 05:38:07 GMT
Connection: keep-alive
cdn.creative-bars1.com/sb/notifications/games/hentai-heroes/us/adult/desc/1/js/jquery.min.js
172.64.108.13200 OK 32 kB URL HTTP/2 cdn.creative-bars1.com/sb/notifications/games/hentai-heroes/us/adult/desc/1/js/jquery.min.js
IP 172.64.108.13:0
File type ASCII text, with very long lines (65451)
Hash c1fcfdd480feeb47a41cfc787b7346e4
e5fd5e809695ffc4c9ba9ac6fbc5a8bd79483e11
fb47644686a2ccbd35fd6316eabfff765993e80a872c3a16da6268c0cc36a879
GET /sb/notifications/games/hentai-heroes/us/adult/desc/1/js/jquery.min.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 20 Nov 2022 05:38:07 GMT
content-type: application/javascript
last-modified: Thu, 18 Aug 2022 09:43:04 GMT
etag: W/"62fe09a8-15d94"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 402344
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mj3XwP%2FY4lSarEBgDmIL0crigoBvLhrJsM4mO6vvvb0iCMp%2Fu7nVr%2Fq5M%2BmqZo2Gt0gL4RAKUtPuGoCjMkyEBIKhIdqvwuGBB7CQmK9Nh%2Bt%2F2kNO%2FB92qCt6Q%2FLaC7tvYjLzBcTtU6YG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ced66c994ae66c-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
moleconcern.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgames%2Fhentai-heroes%2Fus%2Fadult%2Fdesc%2F1%2Fcss%2Fanimate.css&l=79245&fd=357
173.233.137.36200 OK 0 B URL HTTP/1.1 moleconcern.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgames%2Fhentai-heroes%2Fus%2Fadult%2Fdesc%2F1%2Fcss%2Fanimate.css&l=79245&fd=357
IP 173.233.137.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgames%2Fhentai-heroes%2Fus%2Fadult%2Fdesc%2F1%2Fcss%2Fanimate.css&l=79245&fd=357 HTTP/1.1
Host: moleconcern.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 20 Nov 2022 05:38:07 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
moleconcern.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgames%2Fhentai-heroes%2Fus%2Fadult%2Fdesc%2F1%2Fjs%2Fscript.js&l=4111&fd=282
173.233.137.36200 OK 0 B URL HTTP/1.1 moleconcern.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgames%2Fhentai-heroes%2Fus%2Fadult%2Fdesc%2F1%2Fjs%2Fscript.js&l=4111&fd=282
IP 173.233.137.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgames%2Fhentai-heroes%2Fus%2Fadult%2Fdesc%2F1%2Fjs%2Fscript.js&l=4111&fd=282 HTTP/1.1
Host: moleconcern.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 20 Nov 2022 05:38:07 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
moleconcern.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skxR%2Btznf38FUQFC8elEE8KJhJ%2F5pf7mExrpFgTMLuSi4erK6qnpSp7mqruqcnOQUXlz2ON4%2BdN8mG1UVcPC8rEy8SEDIKSxDzD3gRhD3LTEYGP4f%2BfN7ndcF7r%2BruQXFBXBT0fPMjvSeVokuNult7c0umXJe2tn675rl191ptS6bN8FqtP%2FmY3jue26i7b9U%2BEGxHL%2Fmu57qe69VWpBGx7i9NWcjsYcerd9x66Ne9Roi%2B%2BS%2B2hQNLHfDeBXkJko%2Bvbv%2F8CJKNkCbf3xB2J9fZ2%2B8nhaK5Nujx44%2FTnVSXKZL5GBsHcXo8%2Bxvajgn5egE6PZ45gO4dThwgkmPiPPUQpcczmYh6R5dKIwWRIuLPo%2ByNINQIko7A9B1IfkYAxrG%2BgTS5v65NSXcvWTphx%2BTKs78hyzG58sfLSJPvlpXs125pVeRSpxb9uILsjyC7I2TFCfI9B7I8Acu%2FgOS%2FkKVna0iTww2rNCQ%2FfyNoM9oQcXvR96m%2FGPpNsUi9qL0Yun6n1YhbTcbYNCIpR5DxCEoMQO0CCuugkA6K2EGROUj4eY02OrHrtuIoDoJ2yBgLAsYa7SZv8CBsxy4KNvEwQJ4NwNQAzOwjM%2FvYkQOY4kfY7QqWO7A5QY9XKAVBaQlKSlBKgjInKHvVEVfWt9V9rmwRebPuz3pQDXXePaBHOu%2BKlBxkF%2BTFaXB%2FfvIDdsR5TfCg6XphMwjafoezlktDnzNGRczjIPY8WFlB2gVQ62BPnr3wFJk8%2B3%2BFiJ7AqhMw%2BTpo8SpoOWz5Luj2MGy72Esf6ELXMyOsBdcVsvwq8l3nQF2QV6YCOr99DsFOyazATIXMVPhM%2FkTQVfeGN3VJDm%2Fq0pJHG1kuE7lHJ7d6K6e5cL75UOyW2vDVG3bw4F02ISbjw9vC5ms05TLtWvLtsuRcmBVtmCCPV%2B2WiDYLu71cmLTI1jbfW1lNpgKlTkeg8uzTJ2ByTJ5L7k7f62u%2FfwlpRjBFhaSYK5X6BCzbh83mO6sJjJrjKHNQFtXQ%2BNF8qSSBEnNMowpWnD75699D8%2FnA3kPXOKD5HaRJhZ6p0FMVqBrAFv8b5pk5vf5rMC1EyhlGyjiHkTLqq8torTyvNbxQtKN2i3EeCca9lh%2B0A9f1OQ9bHeF1kNsx2318%2FR8AAAD%2F%2FwEAAP%2F%2Fc2Dd2IcEAAA%3D
173.233.137.36200 OK 7 B URL HTTP/1.1 moleconcern.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skxR%2Btznf38FUQFC8elEE8KJhJ%2F5pf7mExrpFgTMLuSi4erK6qnpSp7mqruqcnOQUXlz2ON4%2BdN8mG1UVcPC8rEy8SEDIKSxDzD3gRhD3LTEYGP4f%2BfN7ndcF7r%2BruQXFBXBT0fPMjvSeVokuNult7c0umXJe2tn675rl191ptS6bN8FqtP%2FmY3jue26i7b9U%2BEGxHL%2Fmu57qe69VWpBGx7i9NWcjsYcerd9x66Ne9Roi%2B%2BS%2B2hQNLHfDeBXkJko%2Bvbv%2F8CJKNkCbf3xB2J9fZ2%2B8nhaK5Nujx44%2FTnVSXKZL5GBsHcXo8%2Bxvajgn5egE6PZ45gO4dThwgkmPiPPUQpcczmYh6R5dKIwWRIuLPo%2ByNINQIko7A9B1IfkYAxrG%2BgTS5v65NSXcvWTphx%2BTKs78hyzG58sfLSJPvlpXs125pVeRSpxb9uILsjyC7I2TFCfI9B7I8Acu%2FgOS%2FkKVna0iTww2rNCQ%2FfyNoM9oQcXvR96m%2FGPpNsUi9qL0Yun6n1YhbTcbYNCIpR5DxCEoMQO0CCuugkA6K2EGROUj4eY02OrHrtuIoDoJ2yBgLAsYa7SZv8CBsxy4KNvEwQJ4NwNQAzOwjM%2FvYkQOY4kfY7QqWO7A5QY9XKAVBaQlKSlBKgjInKHvVEVfWt9V9rmwRebPuz3pQDXXePaBHOu%2BKlBxkF%2BTFaXB%2FfvIDdsR5TfCg6XphMwjafoezlktDnzNGRczjIPY8WFlB2gVQ62BPnr3wFJk8%2B3%2BFiJ7AqhMw%2BTpo8SpoOWz5Luj2MGy72Esf6ELXMyOsBdcVsvwq8l3nQF2QV6YCOr99DsFOyazATIXMVPhM%2FkTQVfeGN3VJDm%2Fq0pJHG1kuE7lHJ7d6K6e5cL75UOyW2vDVG3bw4F02ISbjw9vC5ms05TLtWvLtsuRcmBVtmCCPV%2B2WiDYLu71cmLTI1jbfW1lNpgKlTkeg8uzTJ2ByTJ5L7k7f62u%2FfwlpRjBFhaSYK5X6BCzbh83mO6sJjJrjKHNQFtXQ%2BNF8qSSBEnNMowpWnD75699D8%2FnA3kPXOKD5HaRJhZ6p0FMVqBrAFv8b5pk5vf5rMC1EyhlGyjiHkTLqq8torTyvNbxQtKN2i3EeCca9lh%2B0A9f1OQ9bHeF1kNsx2318%2FR8AAAD%2F%2FwEAAP%2F%2Fc2Dd2IcEAAA%3D
IP 173.233.137.36:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skxR%2Btznf38FUQFC8elEE8KJhJ%2F5pf7mExrpFgTMLuSi4erK6qnpSp7mqruqcnOQUXlz2ON4%2BdN8mG1UVcPC8rEy8SEDIKSxDzD3gRhD3LTEYGP4f%2BfN7ndcF7r%2BruQXFBXBT0fPMjvSeVokuNult7c0umXJe2tn675rl191ptS6bN8FqtP%2FmY3jue26i7b9U%2BEGxHL%2Fmu57qe69VWpBGx7i9NWcjsYcerd9x66Ne9Roi%2B%2BS%2B2hQNLHfDeBXkJko%2Bvbv%2F8CJKNkCbf3xB2J9fZ2%2B8nhaK5Nujx44%2FTnVSXKZL5GBsHcXo8%2Bxvajgn5egE6PZ45gO4dThwgkmPiPPUQpcczmYh6R5dKIwWRIuLPo%2ByNINQIko7A9B1IfkYAxrG%2BgTS5v65NSXcvWTphx%2BTKs78hyzG58sfLSJPvlpXs125pVeRSpxb9uILsjyC7I2TFCfI9B7I8Acu%2FgOS%2FkKVna0iTww2rNCQ%2FfyNoM9oQcXvR96m%2FGPpNsUi9qL0Yun6n1YhbTcbYNCIpR5DxCEoMQO0CCuugkA6K2EGROUj4eY02OrHrtuIoDoJ2yBgLAsYa7SZv8CBsxy4KNvEwQJ4NwNQAzOwjM%2FvYkQOY4kfY7QqWO7A5QY9XKAVBaQlKSlBKgjInKHvVEVfWt9V9rmwRebPuz3pQDXXePaBHOu%2BKlBxkF%2BTFaXB%2FfvIDdsR5TfCg6XphMwjafoezlktDnzNGRczjIPY8WFlB2gVQ62BPnr3wFJk8%2B3%2BFiJ7AqhMw%2BTpo8SpoOWz5Luj2MGy72Esf6ELXMyOsBdcVsvwq8l3nQF2QV6YCOr99DsFOyazATIXMVPhM%2FkTQVfeGN3VJDm%2Fq0pJHG1kuE7lHJ7d6K6e5cL75UOyW2vDVG3bw4F02ISbjw9vC5ms05TLtWvLtsuRcmBVtmCCPV%2B2WiDYLu71cmLTI1jbfW1lNpgKlTkeg8uzTJ2ByTJ5L7k7f62u%2FfwlpRjBFhaSYK5X6BCzbh83mO6sJjJrjKHNQFtXQ%2BNF8qSSBEnNMowpWnD75699D8%2FnA3kPXOKD5HaRJhZ6p0FMVqBrAFv8b5pk5vf5rMC1EyhlGyjiHkTLqq8torTyvNbxQtKN2i3EeCca9lh%2B0A9f1OQ9bHeF1kNsx2318%2FR8AAAD%2F%2FwEAAP%2F%2Fc2Dd2IcEAAA%3D HTTP/1.1
Host: moleconcern.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ouo.press/
Cookie: u_pl=15424691; uid_id2=38ca5ef8-22a2-426e-a1b8-402975f76ccc:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleced36014633829dc70a42dccaefdf3f11=[3789937]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 20 Nov 2022 05:38:08 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3889fc5ccfdc444b707a3390842f9381
Strict-Transport-Security: max-age=0; includeSubdomains
cdn.creative-bars1.com/sb/notifications/games/hentai-heroes/us/adult/desc/1/js/script.js
172.64.108.13200 OK 2.2 kB URL HTTP/2 cdn.creative-bars1.com/sb/notifications/games/hentai-heroes/us/adult/desc/1/js/script.js
IP 172.64.108.13:0
Hash 99d47fa2265cc40274c0a4216395fa37
bdc3b19cec6922414664ca4cd6a1cdaf3469b233
1cfe7cc2f2b47c4367baca329fbd92032c478717506f49d885b3ed2dcb6bf036
GET /sb/notifications/games/hentai-heroes/us/adult/desc/1/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 20 Nov 2022 05:38:07 GMT
content-type: application/javascript
last-modified: Wed, 21 Sep 2022 06:42:58 GMT
etag: W/"632ab272-121a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WbSJlZWtnDxa1oivtiX4yi1XzZVmw8xf8NSIvHgMzwOCG2RrBzyH%2BecZ8R%2FdxsGl37QLLHy2bZtm99NxnlJiRTNct4imTdsmxNpqi9c0qa%2F8bfDS9Sa5LmFk8o0INS26N7iFpjIDl2ad"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ced66d4988e66c-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/games/hentai-heroes/us/adult/desc/1/font/chewy-regular-webfont.woff
172.64.108.13200 OK 38 kB URL HTTP/2 cdn.creative-bars1.com/sb/notifications/games/hentai-heroes/us/adult/desc/1/font/chewy-regular-webfont.woff
IP 172.64.108.13:0
File type Web Open Font Format, TrueType, length 37760, version 1.0\012- data
Hash 921df56b088307e7bc0b7965ff013e34
c60d4616e71c4bcfd22f52e6b1ff4a207f9504d9
c5941fd9c393afc6fe10c13849530a382cc1abae63b91e432877531b72cfaca6
GET /sb/notifications/games/hentai-heroes/us/adult/desc/1/font/chewy-regular-webfont.woff HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://ouo.press
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 20 Nov 2022 05:38:08 GMT
content-type: application/font-woff
content-length: 37760
last-modified: Thu, 18 Aug 2022 09:42:55 GMT
etag: "62fe099f-9380"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w1U5idRt5d3ckNJysbayDyYt5osV1axTFXOvDLO0Qt4Sdb%2F%2BtcXWI9oo17JNnpYUMIiDKXRXkEK7xZJf8ifklw5K5ClRGEaNccvoFToHEczg7awbNNeEbmZIzDS58MhaYst5xxrsq3RD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ced6726b4be66c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/games/hentai-heroes/us/adult/desc/1/font/MyriadProRegular.woff
172.64.108.13200 OK 60 kB URL HTTP/2 cdn.creative-bars1.com/sb/notifications/games/hentai-heroes/us/adult/desc/1/font/MyriadProRegular.woff
IP 172.64.108.13:0
File type Web Open Font Format, CFF, length 59864, version 2.37\012- data
Hash 73a75a41596f80a2907891bcac8dde7b
5c615ff2a3505398d560f516cea822d244ffbb86
1480dded4b7ef65f3f3f28acd39d61e1d3a8cd9424079cba2099e54b85d3008e
GET /sb/notifications/games/hentai-heroes/us/adult/desc/1/font/MyriadProRegular.woff HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://ouo.press
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 20 Nov 2022 05:38:08 GMT
content-type: application/font-woff
content-length: 59864
last-modified: Thu, 18 Aug 2022 09:42:57 GMT
etag: "62fe09a1-e9d8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zyJe0Xpv%2BC7pxP2Rnuz7CdIuU7jMHtqmdo04%2F1vrB5J8d8L6teoDtMYhlxL2i%2F4O8EP8WqhrPtkCJA7o832rS8qDV5zk5MIMhcvoOviyUeArz7q3VkflJCTjgLuFws%2B5rM2RQiyFYu78"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ced6726b4ce66c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
challenges.cloudflare.com/turnstile/v0/75e640aa/api.js?onload=_cf_chl_turnstile_l&render=explicit
104.18.6.185200 OK 0 B URL HTTP/2 challenges.cloudflare.com/turnstile/v0/75e640aa/api.js?onload=_cf_chl_turnstile_l&render=explicit
IP 104.18.6.185:0
GET /turnstile/v0/75e640aa/api.js?onload=_cf_chl_turnstile_l&render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 20 Nov 2022 05:38:02 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ced64e2a34b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ecdn.firstimpression.io/static/js/prebidamp.js
54.230.111.89200 OK 0 B URL HTTP/2 ecdn.firstimpression.io/static/js/prebidamp.js
IP 54.230.111.89:0
GET /static/js/prebidamp.js HTTP/1.1
Host: ecdn.firstimpression.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
server: nginx/1.20.0
last-modified: Tue, 14 Dec 2021 15:30:51 GMT
access-control-allow-origin: *
content-encoding: gzip
date: Sun, 20 Nov 2022 05:10:40 GMT
expires: Sun, 20 Nov 2022 06:10:31 GMT
cache-control: max-age=3600
etag: W/"61b8b8ab-4e128"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: _57HDexRBl5GanoIF92ymZ6UfIqCkfu27TanJm1763_RLjVMUevgqw==
age: 1654
X-Firefox-Spdy: h2
cdn.barscreative1.com/sb/notifications/games/hentai-heroes/us/adult/desc/1/index.html
45.133.44.4200 OK 0 B URL HTTP/2 cdn.barscreative1.com/sb/notifications/games/hentai-heroes/us/adult/desc/1/index.html
IP 45.133.44.4:0
ASN #39572 DataWeb Global Group B.V.
Analyzer Verdict Alert fortinet Phishing
GET /sb/notifications/games/hentai-heroes/us/adult/desc/1/index.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 20 Nov 2022 05:38:07 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Thu, 18 Aug 2022 09:45:04 GMT
etag: W/"62fe0a20-644"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Sun, 20 Nov 2022 06:38:07 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/games/hentai-heroes/us/adult/desc/1/css/animate.css
172.64.108.13200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/notifications/games/hentai-heroes/us/adult/desc/1/css/animate.css
IP 172.64.108.13:0
GET /sb/notifications/games/hentai-heroes/us/adult/desc/1/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 20 Nov 2022 05:38:07 GMT
content-type: text/css
last-modified: Thu, 18 Aug 2022 09:42:50 GMT
etag: W/"62fe099a-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BTo0KtX8n8DtQZQiKveYHxMPLpcfjUyYdI0IYRF605pc77y5GTnBZQnSmehm4n%2BuUjTDOXH1uvzpc%2FtASYTqaZFrRb%2Bp6kPxPNNKg0tMmhZiKVHuCcCwRpW3Bgl5qU4yAfB0MVfq6x0C"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ced66c7939e66c-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cloudflare.hcaptcha.com/1/api.js?endpoint=https%3A%2F%2Fcloudflare.hcaptcha.com&assethost=https%3A%2F%2Fcf-assets.hcaptcha.com&imghost=https%3A%2F%2Fcf-imgs.hcaptcha.com&render=explicit&recaptchacompat=off&onload=_cf_chl_hload
104.18.18.132200 OK 0 B URL HTTP/2 cloudflare.hcaptcha.com/1/api.js?endpoint=https%3A%2F%2Fcloudflare.hcaptcha.com&assethost=https%3A%2F%2Fcf-assets.hcaptcha.com&imghost=https%3A%2F%2Fcf-imgs.hcaptcha.com&render=explicit&recaptchacompat=off&onload=_cf_chl_hload
IP 104.18.18.132:0
GET /1/api.js?endpoint=https%3A%2F%2Fcloudflare.hcaptcha.com&assethost=https%3A%2F%2Fcf-assets.hcaptcha.com&imghost=https%3A%2F%2Fcf-imgs.hcaptcha.com&render=explicit&recaptchacompat=off&onload=_cf_chl_hload HTTP/1.1
Host: cloudflare.hcaptcha.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 20 Nov 2022 05:38:01 GMT
content-type: application/javascript
cf-ray: 76ced6476bf5b521-OSL
access-control-allow-origin: *
age: 0
cache-control: max-age=120
etag: W/"cba895d710939d3f383adf1461af832f"
last-modified: Wed, 09 Nov 2022 04:14:07 GMT
strict-transport-security: max-age=0
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-id: yADmpMRcJu2yASGV_gZ-qxqQqgO1sLRsGfYPN6mnohLS_b0Zg8KMPA==
x-amz-cf-pop: OSL50-P1
x-cache: Hit from cloudfront
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.firstimpression.io/delivery/spc_fi.php?id=7419&url=%2FE8qPJV&charset=UTF-8&ch=5&ref=ouo.press&viewerId=null&referer=http://ouo.press/E8qPJV?__cf_chl_tk=7Ey7jib5_TG9J1PRFrPC_ozmXJDnBHw2U_U6_KkzfQo-1668922680-0-gaNycGzNAv0&_firid=37453923
54.230.111.89200 OK 0 B URL HTTP/2 cdn.firstimpression.io/delivery/spc_fi.php?id=7419&url=%2FE8qPJV&charset=UTF-8&ch=5&ref=ouo.press&viewerId=null&referer=http://ouo.press/E8qPJV?__cf_chl_tk=7Ey7jib5_TG9J1PRFrPC_ozmXJDnBHw2U_U6_KkzfQo-1668922680-0-gaNycGzNAv0&_firid=37453923
IP 54.230.111.89:0
GET /delivery/spc_fi.php?id=7419&url=%2FE8qPJV&charset=UTF-8&ch=5&ref=ouo.press&viewerId=null&referer=http://ouo.press/E8qPJV?__cf_chl_tk=7Ey7jib5_TG9J1PRFrPC_ozmXJDnBHw2U_U6_KkzfQo-1668922680-0-gaNycGzNAv0&_firid=37453923 HTTP/1.1
Host: cdn.firstimpression.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
date: Sun, 20 Nov 2022 05:38:05 GMT
server: nginx/1.20.0
vary: Accept-Encoding
x-powered-by: PHP/8.0.14
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
expires: 0
access-control-allow-origin: http://ouo.press
access-control-allow-credentials: true
p3p: CP="CUR ADM OUR NOR STA NID"
set-cookie: OAID=GDPR; expires=Mon, 20-Nov-2023 05:38:05 GMT; Max-Age=31536000; path=/; secure; SameSite=none
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Zw1XUfunxvaDQwz5Pu8_C8GPImGBQtHr8VE4l7pkETd27oG5T2MKkw==
X-Firefox-Spdy: h2
ecdn.firstimpression.io/static/js/fiamp.js
54.230.111.89200 OK 0 B URL HTTP/2 ecdn.firstimpression.io/static/js/fiamp.js
IP 54.230.111.89:0
GET /static/js/fiamp.js HTTP/1.1
Host: ecdn.firstimpression.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
server: nginx/1.20.0
last-modified: Fri, 08 Apr 2022 08:48:22 GMT
access-control-allow-origin: *
content-encoding: gzip
date: Sun, 20 Nov 2022 05:30:30 GMT
expires: Sun, 20 Nov 2022 06:29:57 GMT
cache-control: max-age=3600
etag: W/"624ff6d6-1b8e9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: WE-fSZLlHB-wXA8UqSQXamLdaKAbeni3-T11V7wVm08TqiYrrGKbHw==
age: 488
X-Firefox-Spdy: h2
d3div1mtym39ic.cloudfront.net/aax2/apstag.js
54.230.245.230200 OK 0 B URL HTTP/2 d3div1mtym39ic.cloudfront.net/aax2/apstag.js
IP 54.230.245.230:0
GET /aax2/apstag.js HTTP/1.1
Host: d3div1mtym39ic.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ouo.press/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 09 Nov 2022 20:51:49 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Sun, 20 Nov 2022 04:47:38 GMT
cache-control: public, max-age=3600
etag: W/"fa24fe2b94a2fc864b1ec67f32e8db32"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: WBdmINw9rddgKWRQyNDfOBYeeGRaq2_uUheWXbtGTGzbaLPAlCqBvQ==
age: 3028
X-Firefox-Spdy: h2