ouo.io/FzXjX0
301 Moved Permanently 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /FzXjX0 HTTP/1.1
Host: ouo.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 07 Oct 2022 05:00:33 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 07 Oct 2022 06:00:33 GMT
Location: https://ouo.io/FzXjX0
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 756412e60b50b4f1-OSL
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=259200
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 05 Oct 2022 15:47:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 0y91iziNIuSm1sxU7EFrpnGXcQ-jV86Ge3zuFI7j0onmwr5x1kHMPA==
Age: 133995
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 282f6e1328452c1cb41f6a6272fff757
20b9ff1b5f4f81b645769bd4b4cf7bf7dfc16262
6a8070ebe51259cb11db68cca2c81f3c7408fad481d8c14cc1c38912442c63f4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A8070EBE51259CB11DB68CCA2C81F3C7408FAD481D8C14CC1C38912442C63F4"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7380
Expires: Fri, 07 Oct 2022 07:03:33 GMT
Date: Fri, 07 Oct 2022 05:00:33 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 4ab7d8709d334de0e46dcb86aabfbff1
f221138a8ad9d0bfa3c054370dcdb363a67dc310
b91d37f606eaf448b9c7dfc05566a11de004ce44503409e1a776288ee2622805
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B91D37F606EAF448B9C7DFC05566A11DE004CE44503409E1A776288EE2622805"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3257
Expires: Fri, 07 Oct 2022 05:54:50 GMT
Date: Fri, 07 Oct 2022 05:00:33 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: RfOp2owk6WMiBs6x6mB+nXf/kLPas6GeE3spBUxQM0zSnq2zcnE+OwAFNUrxK2jOD5d/Q7z0CYU=
x-amz-request-id: 23G473SZH6RYFC05
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 07 Oct 2022 04:31:03 GMT
age: 1770
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 07 Oct 2022 05:00:33 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Fri, 07 Oct 2022 04:29:41 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Fri, 07 Oct 2022 05:14:50 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 86UkG_8e3MQyNIu9KsXchRLK3GJlVTxOXdqnsUdmHmXdq2-vTyUbDQ==
Age: 1853
ocsp.digicert.com/
200 OK 471 B IP
Hash 8be5570b9a5ca76c580da007a824b029
38840f2ac6476bdd5608121c5653e338c7ad9715
0b94e05080ef85432b1815eb3c6c7594c9613cfde1b51eeabee46d0d9fde64b2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4316
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 05:00:34 GMT
Last-Modified: Fri, 07 Oct 2022 03:48:38 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
ouo.press/images/world.png
200 OK 5.7 kB URL HTTP/2 ouo.press/images/world.png
IP
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 4eea420a8830a6d695114427bf52b556
35579e7f1a656beb3a07a7093166ff37c634bade
70f03c74cc197cf154af36fa552a448d9ffebb55081c96e55ef4cf469123fe22
GET /images/world.png HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/FzXjX0
Cookie: ouoio_session=eyJpdiI6Im1ET1RZa05MRFhYMXlmYXZEN1BYdnRXWGRoU3lBWXdmOUo3MVFtSHJicmM9IiwidmFsdWUiOiJuUUxYa1phd3JIZ2gwbGc5alN6dERSQThhWEdIak1pS0YxYVlydkUweW9TV3hZdWVSVm9zek1wSUFpSVpsTHYrdzIzQ2FUN3YyWGNpd29CMWIyV0diZz09IiwibWFjIjoiZGUwYTY3OTBkY2QwM2Y0OWY5ZmEzMDMzMTQ4ZTE3YzAwZTI2ZTBjYTEwNDAzOGUwMzU1MjcxOGNiOTFhY2UyNyJ9; language=eyJpdiI6InpWMnpWSm1ZcFJFM3Vna3BzNXlKMkY0TDFOZVpxN3hIcmNtN3JWQk11aFU9IiwidmFsdWUiOiJ0RmFRaDZoRWdQSU9FeXhoRmVaZ0VxSERiZnJ5d3NhdXUxOVdcL3NOVHdlTT0iLCJtYWMiOiJlYmJlZTE5YmMzMGRhMzIxNmZkM2MzMWMwMDdkMWM3Y2U4MmRhYzZhZGMzNGQwY2VmZjZhZTA3Y2YyNzg3ZGQzIn0%3D; 3e3fa9243d3ce630fa1ac4d3377a492fb069d836=eyJpdiI6ImwxMklsYmpxTStidUFWaTFseER5Z3YyR3dLcld3WWlCYlY0XC9Xd2h6R1JnPSIsInZhbHVlIjoiT0U2TEhMYWlDR2RyMGtFR2hEdGltRFpvYSttUHNcL1BVVWgzSjhINnBaQk5HQXB4d2tqUVdlQmV4NnNjamM3N3hJazR2eDlueVVjR1JwY29jOFdyZk1zVzBiTkdXZmFRS1k3RXM1dkd4SHFOb09IVnd2aHRWcE9qc09iaWFlVittUFFkZGF3UlNSMWhMTDZrZVhaeTRSRFNFa2lKV1BJVUNcL2FcL0JyajZFOE5QN2dTdVFJNDdPVGFha3ZsSGpWQklodUs1cmhydGJYdm51Rjh5ejVrcDk0OHFUS1hcL1wvQUNFYXNSZ2RtRHJvZVFRSjFcL0pHbkFkamlzRFh3UDFUR2M3QlArcktEUXVLUGM2WnhUSDRpbEVCT3N4N1htNmQzYUZjMFZuQjdKZnlhZlBnZUpRaUJaUXd4Vzc5dkhqNGlyVWppTUJDdGNPK1R3OTlcL3BFSXhOMG1ya2ZUWVY4ZGJJSENudkRkT2hMY0FiUlM1emhsRVl1N2NrZHAxZnlqNzlVUCIsIm1hYyI6IjY0ZWUwYWY5MjBlNWJkNGE1MTcwZWVkOGFiYzE4ODJjZjY5MTFkODEzYTYyODE2NGM1ZGUzNzg1MjY3YTQ2ZjgifQ%3D%3D; __cf_bm=vVldOULf6k_DMe6E2OXvE51Q.IkM1m9uz9ArEhwOQyo-1665118834-0-AYQvcmZ/RySxMtdBSnU2HLIt2SUHN1uyoOSzVW9mEzeSEL9QYrspc5M16pX7E1ZnzNL3rFni4QZ75TUlLnuNfIw=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 05:00:34 GMT
content-type: image/png
content-length: 5692
cache-control: max-age=2592000
cf-bgj: imgq:85,h2pri
cf-polished: status=not_needed
etag: "5549a07c-163c"
expires: Thu, 03 Nov 2022 22:32:37 GMT
last-modified: Wed, 06 May 2015 05:02:52 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 196077
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 756412ed2af5b511-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 18e0e019cd697bb16806d8f00408a319
60ceb13c31595e6cf9bb6800657e4593a1fbd670
7cb0778c80be637b67a5d198ca180a76bbfa4c32e502a0fa472a4c6946ffb56e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 05:00:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 38c8ed81c69d2af0003394c9fb9274c5
a71c6fb6d685275f8a8c7d9d87860df08a450038
fdff30d374603ecd62c6d244a1175731787725dba48777122802055969be28f4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 05:00:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: tFQRG1sLH+E7LrR8Rk0k0g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: qKNlTJPYkvJa04fLIwi+Ft8KCxk=
www.google.com/recaptcha/api.js?render=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x
200 OK 584 B URL HTTP/2 www.google.com/recaptcha/api.js?render=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x
IP
File type ASCII text, with very long lines (884), with no line terminators
Hash dd3d1e5f8845bf089f0b2dc8c5760061
e467369bce153f2394381a2f581f28a30e76717b
9d9099b4e89458ab643153b23f181daad5bed54fa9beed1d7c1eacd55eb34bd1
GET /recaptcha/api.js?render=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Fri, 07 Oct 2022 05:00:34 GMT
date: Fri, 07 Oct 2022 05:00:34 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 584
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 20b753da99e84031eb9efdf8df9c9bce
1e72d4b1d73255cb0d9cfe5865bb0b9765f9c332
5665e076a771d63c14f95aae5125139f8a41e50e551e7f5ebc3bb82546993a18
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5665E076A771D63C14F95AAE5125139F8A41E50E551E7F5EBC3BB82546993A18"
Last-Modified: Fri, 07 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14838
Expires: Fri, 07 Oct 2022 09:07:52 GMT
Date: Fri, 07 Oct 2022 05:00:34 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 18e0e019cd697bb16806d8f00408a319
60ceb13c31595e6cf9bb6800657e4593a1fbd670
7cb0778c80be637b67a5d198ca180a76bbfa4c32e502a0fa472a4c6946ffb56e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 05:00:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Questrial
200 OK 859 B URL HTTP/2 fonts.googleapis.com/css?family=Questrial
IP
Hash b9e5498ac31b024cc05f82394468a6bd
c3d5e927fb536dbd990f544f0afed0adea718aef
0e7122fcbabcc6f22236cda5362559320c4a43439f735b44292ccb0bd491b743
GET /css?family=Questrial HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 07 Oct 2022 05:00:34 GMT
date: Fri, 07 Oct 2022 05:00:34 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tv.gourdycortes.com/1clkn/48786
200 OK 26 B URL HTTP/1.1 tv.gourdycortes.com/1clkn/48786
IP
File type ASCII text, with no line terminators
Hash 414a242a6fee8464282857e475d3ef61
f669890350347f53aa9bd19c1a355692e8d17d2f
d4914e81dd0b4c1d8ee8e789f6b369d107b93ac886f862930e1a98580e79aafa
GET /1clkn/48786 HTTP/1.1
Host: tv.gourdycortes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 07 Oct 2022 05:00:34 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Set-Cookie: GL_UI4=eJw9jUtOwzAYhPMOVUnESDkAR2gi0rRLNqy4Q%2BTYf4Jp4r9y3Ae3xyDBbh6fZoIgiKoS4TWLEV9Ei%2BejGru9pJrkoW6a%2BuXQyLEdRDfWqunqdoeNXnsnhplcgseJDFkte8mKCjz56i85Gb6ZBOlghVEF0sUTc4F8sHxbyVYxEiMWQv6mLY1894T4ZIvouPdSGy%2FDHSJeq7jcIH3X5nIvt1lQFlmA7XkWbmS79Fp5m05WKEL4igcpHE1sv5ArWk%2BOzwDPqv%2Fnfz%2FT%2BWcNmaKrlt6y%2ByD7DTb9Sx8%3D; expires=Sat, 08-Oct-2022 05:00:34 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJxNjMFqg0AURXXSTCOK5UI%2FID9Qk7R2kW3TZdGFHzBY8xIGzDxxJm0mX181ULK5HA6cGwSBeE4hdIdku8m26yx%2FzTbvOWZHYoiiRNLw2bjeK1OfCLLg%2Frf2kD0dNRuI9RviG6uG94R5Ub7cuSmKS9vycjf%2BeDw0etxRIRr51j0O3eRm2nZIP1p9WVbcnt3wYhEZcsp2RHtEu%2Fq7pdVn9YX0304fMsRCW9X1fPEDPzl9oisbUnw4WHJSIPyR4g8Mt0dW; expires=Sat, 08-Oct-2022 05:00:34 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash b0bae1266502e6a602de9f4c4b495ebc
c80d1b856451cf8263331cd5d337e17bf76a4486
58bd915b7afae507f1131a05f294bf1ba5ceb5390886da9e27a3ca0be07a89f7
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 07 Oct 2022 05:00:34 GMT
Last-Modified: Fri, 07 Oct 2022 03:42:58 GMT
Server: ECS (dcb/7ECB)
X-Cache: Miss from cloudfront
Via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: a8IeK6SOsDYfySO_ajR1SYOduAzs_H83Hm4eFPbA6XG6p7hl3wGQSg==
Age: 4656
ecdn.analysis.fi/static/js/fab.js
200 OK 4.2 kB URL HTTP/2 ecdn.analysis.fi/static/js/fab.js
IP
File type ASCII text, with very long lines (574)
Hash 28a0bef1ecb63168106f97b637ab3414
e577575dd115f6a95aea8c2ae87d2c30c8464728
d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6
GET /static/js/fab.js HTTP/1.1
Host: ecdn.analysis.fi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 4240
server: nginx/1.20.0
last-modified: Tue, 14 Dec 2021 15:30:51 GMT
access-control-allow-origin: *
accept-ranges: bytes
date: Fri, 07 Oct 2022 04:40:29 GMT
expires: Fri, 07 Oct 2022 05:40:24 GMT
cache-control: max-age=3600
etag: "61b8b8ab-1090"
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: -oaWzrJWTaBo1xeKt4PQpbPR39SCwck4KqbWmoo7KoKILMmK8XgLAg==
age: 1211
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 74417b04caffb69a4fad4740b361314b
52809bb779b70ef2a3cfd07642d8b739d45142a8
0d11349932097eec378688e1412045454d7053da1cc3bccaf3c53f9412721751
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0D11349932097EEC378688E1412045454D7053DA1CC3BCCAF3C53F9412721751"
Last-Modified: Wed, 05 Oct 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=43
Expires: Fri, 07 Oct 2022 05:01:18 GMT
Date: Fri, 07 Oct 2022 05:00:35 GMT
Connection: keep-alive
itineraryupper.com/ed/36/01/ed36014633829dc70a42dccaefdf3f11.js
200 OK 13 kB URL HTTP/1.1 itineraryupper.com/ed/36/01/ed36014633829dc70a42dccaefdf3f11.js
IP
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (37146), with no line terminators
Hash 548433ce4fd95194e6d5fb849484a8d1
1cbfd4adb14a59650f5fe8e07f78df869c7f8ed8
1d9fdff3657ce1d242ed0e83cd622949d0e09f88550d5a8a1ac5c7c5acd4f4a9
Analyzer Verdict Alert fortinet Malware
GET /ed/36/01/ed36014633829dc70a42dccaefdf3f11.js HTTP/1.1
Host: itineraryupper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Fri, 07 Oct 2022 05:00:35 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2b79c00c53f9f7de8430ad21c16c6805
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ouo.press/css/link-safe.css
200 OK 2.2 kB URL HTTP/2 ouo.press/css/link-safe.css
IP
Hash f682ea1dda97ee6441e2990cc13e49d3
0f8da35d1dff829dc3b7055b610095706e5a6ac5
48ccaa6ac8da08f2461525038558812df9a3773263d4f34a45274564c440249f
GET /css/link-safe.css HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/FzXjX0
Cookie: ouoio_session=eyJpdiI6Im1ET1RZa05MRFhYMXlmYXZEN1BYdnRXWGRoU3lBWXdmOUo3MVFtSHJicmM9IiwidmFsdWUiOiJuUUxYa1phd3JIZ2gwbGc5alN6dERSQThhWEdIak1pS0YxYVlydkUweW9TV3hZdWVSVm9zek1wSUFpSVpsTHYrdzIzQ2FUN3YyWGNpd29CMWIyV0diZz09IiwibWFjIjoiZGUwYTY3OTBkY2QwM2Y0OWY5ZmEzMDMzMTQ4ZTE3YzAwZTI2ZTBjYTEwNDAzOGUwMzU1MjcxOGNiOTFhY2UyNyJ9; language=eyJpdiI6InpWMnpWSm1ZcFJFM3Vna3BzNXlKMkY0TDFOZVpxN3hIcmNtN3JWQk11aFU9IiwidmFsdWUiOiJ0RmFRaDZoRWdQSU9FeXhoRmVaZ0VxSERiZnJ5d3NhdXUxOVdcL3NOVHdlTT0iLCJtYWMiOiJlYmJlZTE5YmMzMGRhMzIxNmZkM2MzMWMwMDdkMWM3Y2U4MmRhYzZhZGMzNGQwY2VmZjZhZTA3Y2YyNzg3ZGQzIn0%3D; 3e3fa9243d3ce630fa1ac4d3377a492fb069d836=eyJpdiI6ImwxMklsYmpxTStidUFWaTFseER5Z3YyR3dLcld3WWlCYlY0XC9Xd2h6R1JnPSIsInZhbHVlIjoiT0U2TEhMYWlDR2RyMGtFR2hEdGltRFpvYSttUHNcL1BVVWgzSjhINnBaQk5HQXB4d2tqUVdlQmV4NnNjamM3N3hJazR2eDlueVVjR1JwY29jOFdyZk1zVzBiTkdXZmFRS1k3RXM1dkd4SHFOb09IVnd2aHRWcE9qc09iaWFlVittUFFkZGF3UlNSMWhMTDZrZVhaeTRSRFNFa2lKV1BJVUNcL2FcL0JyajZFOE5QN2dTdVFJNDdPVGFha3ZsSGpWQklodUs1cmhydGJYdm51Rjh5ejVrcDk0OHFUS1hcL1wvQUNFYXNSZ2RtRHJvZVFRSjFcL0pHbkFkamlzRFh3UDFUR2M3QlArcktEUXVLUGM2WnhUSDRpbEVCT3N4N1htNmQzYUZjMFZuQjdKZnlhZlBnZUpRaUJaUXd4Vzc5dkhqNGlyVWppTUJDdGNPK1R3OTlcL3BFSXhOMG1ya2ZUWVY4ZGJJSENudkRkT2hMY0FiUlM1emhsRVl1N2NrZHAxZnlqNzlVUCIsIm1hYyI6IjY0ZWUwYWY5MjBlNWJkNGE1MTcwZWVkOGFiYzE4ODJjZjY5MTFkODEzYTYyODE2NGM1ZGUzNzg1MjY3YTQ2ZjgifQ%3D%3D; __cf_bm=vVldOULf6k_DMe6E2OXvE51Q.IkM1m9uz9ArEhwOQyo-1665118834-0-AYQvcmZ/RySxMtdBSnU2HLIt2SUHN1uyoOSzVW9mEzeSEL9QYrspc5M16pX7E1ZnzNL3rFni4QZ75TUlLnuNfIw=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 05:00:34 GMT
content-type: text/css
cache-control: max-age=86400
cf-bgj: minify
cf-polished: status=cannot_optimize
etag: W/"5d951ace-1830"
expires: Fri, 07 Oct 2022 16:56:01 GMT
last-modified: Wed, 02 Oct 2019 21:46:54 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 273
vary: Accept-Encoding
server: cloudflare
cf-ray: 756412ed2aeeb511-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.gstatic.com/s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2
200 OK 19 kB URL HTTP/2 fonts.gstatic.com/s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 19292, version 1.0\012- data
Hash 19007b17e56daa60133bce9e9b352a95
bac1384caeae5762e7a1d8c18037f69c8cd21bc4
fd88a03358ba14440b78c6329717bdf6ed1a9fe97c3ad4e0a0a39d31fb1ac546
GET /s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ouo.press
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19292
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 03 Oct 2022 20:03:19 GMT
expires: Tue, 03 Oct 2023 20:03:19 GMT
cache-control: public, max-age=31536000
age: 291436
last-modified: Wed, 27 Apr 2022 16:12:54 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash aea480478c3be7392d09e8a92826542f
b660fb42c8122efb07b3d1de1a8907ad1f6e1a60
ee691969e4d61ba3145fe90b28c5051367c223f31c0e0ee001d8481035090760
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 05:00:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 0487695e0218f07012260b1c4679cfb2
2ef42a2e4d45ec28d1811f8f435e8357054601c8
094e6e226db6fe1a0739438731be603ebeca76abe32254cc54b23bd2e7589efb
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 07 Oct 2022 05:00:35 GMT
Last-Modified: Fri, 07 Oct 2022 04:29:43 GMT
Server: ECS (bsa/EB1D)
X-Cache: Miss from cloudfront
Via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: NdCYW5ztTWQAOTO51gj3Nn9bYCiHvqE0e6UbK76Np6_JbZ15LnTUgg==
Age: 1852
simplewebanalysis.com/stats
200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP
File type ASCII text, with no line terminators
Hash fc790fc316889022fb2084d5529cafbd
b14b583c71303135e00a73596b21cf0d33d9ee2d
1d46e9401482ee168862cd5cce174e2a4064aa8238ea08f1d8c290f96b9fc5f7
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 07 Oct 2022 05:00:35 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
set-cookie: uid_id2=fb0bb7ea-4b82-4c0a-ad16-601673f87a96:2:1; expires=Mon, 04 Oct 2032 05:00:35 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
ouo.press/favicon.ico
200 OK 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/FzXjX0
Cookie: ouoio_session=eyJpdiI6Im1ET1RZa05MRFhYMXlmYXZEN1BYdnRXWGRoU3lBWXdmOUo3MVFtSHJicmM9IiwidmFsdWUiOiJuUUxYa1phd3JIZ2gwbGc5alN6dERSQThhWEdIak1pS0YxYVlydkUweW9TV3hZdWVSVm9zek1wSUFpSVpsTHYrdzIzQ2FUN3YyWGNpd29CMWIyV0diZz09IiwibWFjIjoiZGUwYTY3OTBkY2QwM2Y0OWY5ZmEzMDMzMTQ4ZTE3YzAwZTI2ZTBjYTEwNDAzOGUwMzU1MjcxOGNiOTFhY2UyNyJ9; language=eyJpdiI6InpWMnpWSm1ZcFJFM3Vna3BzNXlKMkY0TDFOZVpxN3hIcmNtN3JWQk11aFU9IiwidmFsdWUiOiJ0RmFRaDZoRWdQSU9FeXhoRmVaZ0VxSERiZnJ5d3NhdXUxOVdcL3NOVHdlTT0iLCJtYWMiOiJlYmJlZTE5YmMzMGRhMzIxNmZkM2MzMWMwMDdkMWM3Y2U4MmRhYzZhZGMzNGQwY2VmZjZhZTA3Y2YyNzg3ZGQzIn0%3D; 3e3fa9243d3ce630fa1ac4d3377a492fb069d836=eyJpdiI6ImwxMklsYmpxTStidUFWaTFseER5Z3YyR3dLcld3WWlCYlY0XC9Xd2h6R1JnPSIsInZhbHVlIjoiT0U2TEhMYWlDR2RyMGtFR2hEdGltRFpvYSttUHNcL1BVVWgzSjhINnBaQk5HQXB4d2tqUVdlQmV4NnNjamM3N3hJazR2eDlueVVjR1JwY29jOFdyZk1zVzBiTkdXZmFRS1k3RXM1dkd4SHFOb09IVnd2aHRWcE9qc09iaWFlVittUFFkZGF3UlNSMWhMTDZrZVhaeTRSRFNFa2lKV1BJVUNcL2FcL0JyajZFOE5QN2dTdVFJNDdPVGFha3ZsSGpWQklodUs1cmhydGJYdm51Rjh5ejVrcDk0OHFUS1hcL1wvQUNFYXNSZ2RtRHJvZVFRSjFcL0pHbkFkamlzRFh3UDFUR2M3QlArcktEUXVLUGM2WnhUSDRpbEVCT3N4N1htNmQzYUZjMFZuQjdKZnlhZlBnZUpRaUJaUXd4Vzc5dkhqNGlyVWppTUJDdGNPK1R3OTlcL3BFSXhOMG1ya2ZUWVY4ZGJJSENudkRkT2hMY0FiUlM1emhsRVl1N2NrZHAxZnlqNzlVUCIsIm1hYyI6IjY0ZWUwYWY5MjBlNWJkNGE1MTcwZWVkOGFiYzE4ODJjZjY5MTFkODEzYTYyODE2NGM1ZGUzNzg1MjY3YTQ2ZjgifQ%3D%3D; __cf_bm=vVldOULf6k_DMe6E2OXvE51Q.IkM1m9uz9ArEhwOQyo-1665118834-0-AYQvcmZ/RySxMtdBSnU2HLIt2SUHN1uyoOSzVW9mEzeSEL9QYrspc5M16pX7E1ZnzNL3rFni4QZ75TUlLnuNfIw=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 05:00:35 GMT
content-type: image/x-icon
content-length: 0
last-modified: Sat, 14 Feb 2015 06:41:24 GMT
etag: "54deee14-0"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=86400
cf-cache-status: HIT
age: 6221
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 756412f35f72b511-OSL
X-Firefox-Spdy: h2
widgets.outbrain.com/images/widgetIcons/achoice.svg
200 OK 2.7 kB URL HTTP/2 widgets.outbrain.com/images/widgetIcons/achoice.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2290)
Hash 9d26fa4e7238ed94f1d0d92afb453b3e
ae18efe7d09337bf2f580b3f5bc912284aad7821
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
GET /images/widgetIcons/achoice.svg HTTP/1.1
Host: widgets.outbrain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/svg+xml
etag: "9d26fa4e7238ed94f1d0d92afb453b3e:1662969032.874716"
last-modified: Mon, 12 Sep 2022 07:37:47 GMT
server: AkamaiNetStorage
content-length: 2735
cache-control: max-age=2592000
expires: Sun, 06 Nov 2022 05:00:35 GMT
date: Fri, 07 Oct 2022 05:00:35 GMT
timing-allow-origin: *, *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
200 OK 80 kB URL HTTP/2 ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 6a4ce36b0d03543974d71b88fa37145d
a5c1750aab7489f287c98bae25f5afff0ed16ce8
30fb02ff951a4220268d02c95e2dbd16adfad28b179a89e9643d75ade8809aaf
GET /AdServer/js/pwt/155495/4202/pwt.js HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Wed, 27 Oct 2021 05:33:12 GMT
server: Apache
etag: "1241a12-3fca8-5cf4eee137dd8"
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: https://ci-va2qa-mgmt.pubmatic.com
x-xss-protection: 1; mode=block
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type: application/javascript
content-length: 80538
cache-control: max-age=151309
expires: Sat, 08 Oct 2022 23:02:24 GMT
date: Fri, 07 Oct 2022 05:00:35 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
creepingbrings.com/sfp.js
200 OK 186 kB URL HTTP/2 creepingbrings.com/sfp.js
IP
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size 186 kB (185963 bytes)
Hash 8b64ee8a2997a18d926d5138007cb02f
ecff8620353db226202f0b1969c4e2cda5b28af3
2b373784412fb6e8ed28ac06b425eddf938d85a8813b4c1b8924435a8d854ab3
GET /sfp.js HTTP/1.1
Host: creepingbrings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 07 Oct 2022 05:00:35 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: e48788e23c798accb26fb85cbb4dd191
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Fri, 07 Oct 2022 05:00:35 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WMXjPDsfQbqQJjvL4gaYTPtXhCckBgK%2B1gfVfGJfJQU236dCWHm5wsnUkB1Qn4Ys6HTEGn%2FRCKECK6M%2FOng9wkxpfayfHvT2P44H2PznQzW%2FrQctLZlXxQnG2Dmy1MhuBTU9MIU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 756412f28f9f8892-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ouo.io/FzXjX0
302 Found 3.0 kB IP
Hash 29081b41981c00c91f0508ee6b38d79e
c06f7b996268372d34e8fd58889bbc13a24d2e50
a8babd8e5f774e94ccaaaf25bcf23a501dfb0455df377b1ad3c2291ebfac24aa
GET /FzXjX0 HTTP/1.1
Host: ouo.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Fri, 07 Oct 2022 05:00:34 GMT
content-type: text/html; charset=UTF-8
location: https://ouo.press/FzXjX0
cache-control: no-cache
set-cookie: ouoio_session=eyJpdiI6Ikdzblo2WmJoZVNBXC9qRXB6MHZTYXA1SlUxTER3eG8wajlDZUtFSUFuYURZPSIsInZhbHVlIjoiYU0xek5weU5XRXp0STBcL09BRng0dXY4ZDg5TG81YnIzRHdtUklIek9JZEFPRks2RUZ3S1h6U0YrRFlTeVppbDhkVWI4VGtiV3JwTmlDRWtNMEM3cnFBPT0iLCJtYWMiOiIwZDRkYzA2NDQ0YjZiY2Q3ZmI4ZTY0NDMzZjM2MjBlNThhZTk0MzFhMmUzNmZmMWFjOGVjYzFkYTBkMGIxYzZjIn0%3D; path=/; httponly
language=eyJpdiI6InJJTWF3OFBuZnpvR2lYamNKQWtVdUZNdk1ZRXJMbWhycWhxQm9lTFU0d1U9IiwidmFsdWUiOiJuQnlTQzFXamt5Y1wvTGlFdmc4NEJ4MWxLb1doRlJLQ2NnSFM5K1lwaHBSaz0iLCJtYWMiOiI2ZDU5NDQ4YTcyMDk3ODljYmQ0YjhlMTFkMGNkM2EyNjg4ZmExODI4MTU3ZDViMGM1NDhmN2NjNGM3MzZmYzI2In0%3D; expires=Wed, 06-Oct-2027 05:00:34 GMT; Max-Age=157680000; path=/; httponly
78acfb1fe7f0a797e9327f3a363ac265ec4333ba=eyJpdiI6ImRCMlplN09RMTIxWExkMHBPeDFZVWNQV3dxQWZSWnJ6SHFuMzdKMXk0bUU9IiwidmFsdWUiOiI0R1wvVnM5K24xeU1wNGRodmMwQ3VRNDFFUFJOSytGT21Ga3BIQmJFM24xSGE3Z1g1eUd0ZWNqKzhRK05jaEpUckZIYWZUK2p4NFl2dzhQRkplRmhmT1NTUGliYWsyOThyQkRkU0F4TnpjTVBQa0NtZHV1MHZ1a0lBR2R4dXdqMmtSbzRweU9udzY4SzFPV0pabmxrQnNRSm1SK1ExcUQ4Y2lGUTNoUllXU3dEbERLeXkzbXlpQzFMb2h0bmRvaEV3NGp2STlhdG9rNUhwbzQ4UTVyMWNyQVNMdGZFNUl0V1U0Wkt4eU9HcXdrNW9HdWNLUWw4cjBCMnBYNHhFMlVzWFdNTXVxMjMyV2ZSNU11RWxDUmQ5SW1MOG5xMHpYa0pkQ1lic3k0UDRKdlhWZHhwRmlEd1R1V29XeFwvRUZVakhTa3pJWDc5eFI1d1MrRCtoMXYxbjBGUT09IiwibWFjIjoiNjllMzg0ZDU2ZTVjMTVjNjU4YmZiNjQ5ZWZhYWY3NzYwOWQ5MzIxMGYxNWFlNjVmZmY3NTFlOTM2YTA2YmVhNSJ9; expires=Fri, 07-Oct-2022 07:00:34 GMT; Max-Age=7200; path=/; httponly
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 756412e7b94e0b69-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 5eee2baed68ec922370bd283860860fd
7d1e7dfdb9577dcd11587bb162e17c56eaf8e4c4
7931afabb9286276c385564aa73ed67927d31e12ab35eb92da84048a7896f27d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 05:00:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=GTM-NPLC9ST
200 OK 46 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=GTM-NPLC9ST
IP
File type ASCII text, with very long lines (2039)
Hash 0aec1b5256d13bed6650cd0a329cc0d3
d222237d1451d75c9cc4c4c5a02d8dff269b3757
00d109c3baf784a288344ed4addc4a3aaac5b8ed6d5d6c8f7ddd08acbe53a6e6
GET /gtag/js?id=GTM-NPLC9ST HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.adtrue.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 07 Oct 2022 05:00:35 GMT
expires: Fri, 07 Oct 2022 05:00:35 GMT
cache-control: private, max-age=900
last-modified: Fri, 07 Oct 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 45731
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 96423370618a4e8cef79532d1bebee5b
4c0a07466a54f9355819062fb899f86f21716876
1c6ca25ca73d54ab1186a44ef9b3d3ac75d936a4acc11e4d3dbb103a8cb150e2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 05:00:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 5eee2baed68ec922370bd283860860fd
7d1e7dfdb9577dcd11587bb162e17c56eaf8e4c4
7931afabb9286276c385564aa73ed67927d31e12ab35eb92da84048a7896f27d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 05:00:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
status.geotrust.com/
200 OK 471 B IP
Hash 394043f4d265cf7c25605fc2a791636f
0b36ccfe99a4945a45d131daa50cf0b7b4e4f910
af5b32e0001ea8033028342efaef3f8a614206c750e75260db3bc483d548571d
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3402
Cache-Control: max-age=121851
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 05:00:35 GMT
Etag: "633ede24-1d7"
Expires: Sat, 08 Oct 2022 14:51:26 GMT
Last-Modified: Thu, 06 Oct 2022 13:54:44 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
fptadtrue-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fouo.press%2FFzXjX0&ch=UTF-8&res=1280x1024x24&ifr=true&tz=0&tws=1280x939&be=1&bc=hb_pb_3.0.3&dddid=a58c75fa-8a60-4d49-8e13-daf16cb03a2d&nocache=1665118835835&aus=300x250&divids=adtrue_ads_12953_766h43ixy2tnr3hb9xn&aucs=adtrue_ads_12953_766h43ixy2tnr3hb9xn&auid=557936314&aumfs=100
200 OK 79 B URL HTTP/2 fptadtrue-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fouo.press%2FFzXjX0&ch=UTF-8&res=1280x1024x24&ifr=true&tz=0&tws=1280x939&be=1&bc=hb_pb_3.0.3&dddid=a58c75fa-8a60-4d49-8e13-daf16cb03a2d&nocache=1665118835835&aus=300x250&divids=adtrue_ads_12953_766h43ixy2tnr3hb9xn&aucs=adtrue_ads_12953_766h43ixy2tnr3hb9xn&auid=557936314&aumfs=100
IP
File type JSON data\012- , ASCII text
Hash fa45a6f7e71822245fe01ca8d7b3adaf
57cb6a7f9bf81142b7baf0ccc9f41f3e4dddb752
1989ed8af58a54c59fbccb01c56385c99ba98e9e59a9f6d57ebad60f6c8f961c
GET /w/1.0/arj?ju=https%3A%2F%2Fouo.press%2FFzXjX0&ch=UTF-8&res=1280x1024x24&ifr=true&tz=0&tws=1280x939&be=1&bc=hb_pb_3.0.3&dddid=a58c75fa-8a60-4d49-8e13-daf16cb03a2d&nocache=1665118835835&aus=300x250&divids=adtrue_ads_12953_766h43ixy2tnr3hb9xn&aucs=adtrue_ads_12953_766h43ixy2tnr3hb9xn&auid=557936314&aumfs=100 HTTP/1.1
Host: fptadtrue-d.openx.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept, Accept-Encoding
server: OXGW/0.0.0
pragma: no-cache
p3p: CP="CUR ADM OUR NOR STA NID"
expires: Mon, 26 Jul 1997 05:00:00 GMT
date: Fri, 07 Oct 2022 05:00:35 GMT
content-type: application/json
content-length: 79
content-encoding: gzip
cache-control: private, max-age=0, no-cache
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 312 B IP
Hash f74c27d0f1b4a4dd7f8ee2b10a846acc
dd592ca806cc6e656607926e0d8fbaee04ae635f
e1f081ff60943f0b6eca6017670de2ef36767e50cf8d8376678bb37e2d53346b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4624
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 05:00:35 GMT
Last-Modified: Fri, 07 Oct 2022 03:43:31 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 312
ocsp.digicert.com/
200 OK 471 B IP
Hash c3a1d995c14f6697159764b39fb7440f
b191833749f9211030a943a4ab7a29a008fbd450
08a352ea9b14dddd1e28275f25c95744162663f4af6a2b7b35cb409ad37b3bea
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6271
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 05:00:36 GMT
Last-Modified: Fri, 07 Oct 2022 03:16:05 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
status.geotrust.com/
200 OK 471 B IP
Hash 394043f4d265cf7c25605fc2a791636f
0b36ccfe99a4945a45d131daa50cf0b7b4e4f910
af5b32e0001ea8033028342efaef3f8a614206c750e75260db3bc483d548571d
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3931
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 05:00:36 GMT
Last-Modified: Fri, 07 Oct 2022 03:55:05 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
bidder.criteo.com/cdb?profileId=207&av=34&wv=7.12.0-pre&cb=48111272317&lsavail=0
204 No Content 0 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=7.12.0-pre&cb=48111272317&lsavail=0
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdb?profileId=207&av=34&wv=7.12.0-pre&cb=48111272317&lsavail=0 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 406
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 07 Oct 2022 05:00:35 GMT
vary: Origin
server: Finatra
timing-allow-origin: *
access-control-allow-origin: https://ouo.press
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
hbopenbid.pubmatic.com/translator?source=prebid-client
204 No Content 0 B URL HTTP/2 hbopenbid.pubmatic.com/translator?source=prebid-client
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /translator?source=prebid-client HTTP/1.1
Host: hbopenbid.pubmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 857
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://ouo.press
cache-control: no-cache, no-store, must-revalidate
date: Fri, 07 Oct 2022 05:00:36 GMT
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.adtrue.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Fri, 07 Oct 2022 04:41:09 GMT
expires: Fri, 07 Oct 2022 06:41:09 GMT
cache-control: public, max-age=7200
age: 1167
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.firstimpression.io/delivery/spc_fi.php?id=7419&url=%2FFzXjX0&charset=UTF-8&ch=5&ref=ouo.press&viewerId=null&referer=&_firid=26389750
200 OK 6.2 kB URL HTTP/2 cdn.firstimpression.io/delivery/spc_fi.php?id=7419&url=%2FFzXjX0&charset=UTF-8&ch=5&ref=ouo.press&viewerId=null&referer=&_firid=26389750
IP
Hash 6c0831170f427834e40daeb979e046f2
d5a37c7033fef5572d2e0f20413fd2b6d1cf70cf
78c5d611977f4404b3fe649302a49d18d94e7daba488cb6fd48f9f95ee174c03
GET /delivery/spc_fi.php?id=7419&url=%2FFzXjX0&charset=UTF-8&ch=5&ref=ouo.press&viewerId=null&referer=&_firid=26389750 HTTP/1.1
Host: cdn.firstimpression.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
date: Fri, 07 Oct 2022 05:00:36 GMT
server: nginx/1.20.0
vary: Accept-Encoding
x-powered-by: PHP/8.0.14
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
expires: 0
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
p3p: CP="CUR ADM OUR NOR STA NID"
set-cookie: OAID=GDPR; expires=Sat, 07-Oct-2023 05:00:36 GMT; Max-Age=31536000; path=/; secure; SameSite=none
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: VzdElXhIPsCex2nvtb9ppCfuFm1Pu9qFgXB8Qii2GEKn8BkW-P8g9g==
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7358
Expires: Fri, 07 Oct 2022 07:03:14 GMT
Date: Fri, 07 Oct 2022 05:00:36 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7358
Expires: Fri, 07 Oct 2022 07:03:14 GMT
Date: Fri, 07 Oct 2022 05:00:36 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0b7bc4b-b79a-4bab-9bec-87695d757b08.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0b7bc4b-b79a-4bab-9bec-87695d757b08.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 53b7ffdc3799e0ac7a225145242579ef
c47f0525fe5354ee13fe63c0ec31f0f826a58005
4bb518afc9b3e7bfb976d343e46b306155834adbe71fa35b0d6f509959f78aca
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0b7bc4b-b79a-4bab-9bec-87695d757b08.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10987
x-amzn-requestid: c2ab1012-1afd-4d74-8114-97977b43da24
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZgCHwGdGoAMFvyg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633cb097-3237927a0c1e081d22c902f7;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 22:15:51 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: iClOZEPMiFmpeprT8McJ2HI0dCmyxkhEdfYr0qP0YK3U_Pcd9N0Fhg==
via: 1.1 3dde68f1f52282c9e1ee336d97233b0a.cloudfront.net (CloudFront), 1.1 b47618c03bd47cf085f27b1e215f76cc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 11:10:12 GMT
age: 64224
etag: "c47f0525fe5354ee13fe63c0ec31f0f826a58005"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F41249b23-0479-4820-9c68-da428c1d2faa.jpeg
200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F41249b23-0479-4820-9c68-da428c1d2faa.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash caf0e5e75898e70a4f2caa2a707c7af9
25a573f90d12a42a6e63c65485be5fc325b0bfde
cec7ab3a7f6e02b57ee72ca7eee70c16b9026679aa7cd6c0739669731ccc94d5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F41249b23-0479-4820-9c68-da428c1d2faa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8090
x-amzn-requestid: 7aeb8664-0241-40e1-ac8d-aef56b2a1847
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZmirBHS9IAMFYKg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4b13-19caf51e2f8b7df363293db3;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:39:31 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: -Y3Utot6t5i9ws9JDG4eGGQYEzrN5d48KD9rZ0p1mscrMzOXBTsp1Q==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 7f06047c304d80ea094816a27c933914.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 21:44:25 GMT
etag: "25a573f90d12a42a6e63c65485be5fc325b0bfde"
content-type: image/jpeg
age: 26171
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4cfb29b1-34eb-4ec3-8390-1145a644534c.jpeg
200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4cfb29b1-34eb-4ec3-8390-1145a644534c.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 06283ec49d3981b60b28731fd8a9940d
10c0d991f7ad234557792c175fdbf81e3356416a
0d8d932cd46fa377ce3dfe5fe1287ab1cd0daad0ef52a42baad2462d10e5a80f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4cfb29b1-34eb-4ec3-8390-1145a644534c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6052
x-amzn-requestid: 6c8abd32-7499-4636-bf8a-3baaa88bf1ff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zmhi-HWOoAMFalA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4946-464364630dd2dbfa0d69f6f5;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:31:50 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: L13zNwITYkfg7x7UlAs_eVjJWRJsdxV5R7g5GHSAE8BgjN-1FB1AHQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 1352c0a623ff0601dd16439f3f225f70.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 22:08:16 GMT
etag: "10c0d991f7ad234557792c175fdbf81e3356416a"
content-type: image/jpeg
age: 24740
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F38d969a0-82cd-4d27-8f25-f1b95cacc89f.webp
200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F38d969a0-82cd-4d27-8f25-f1b95cacc89f.webp
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ed3fa86bbe319c9a2f81ff625e677cb0
e3d5210207f6ff922bc28e328285059c19a523a4
5919694bd942a4f25d5b7ffc3f8aee1af6cdb8461d4ba3dba9a2e72cf19164c8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F38d969a0-82cd-4d27-8f25-f1b95cacc89f.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7261
x-amzn-requestid: e1bdf299-b29e-4f58-9c8a-33f5dacdb081
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZmirBELYoAMFfgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4b13-1969b32c6f4f7e5749e7caa0;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:39:31 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: V3fTgH8URZ1iWMxWPy49--20mtdJvMK6XTG_aPKk68pvwCxPl8lULw==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 583992e175976bd59a21b4416890271e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 21:44:18 GMT
age: 26178
etag: "e3d5210207f6ff922bc28e328285059c19a523a4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2da6f7a-675a-45e2-af30-4afd851d825d.jpeg
200 OK 2.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2da6f7a-675a-45e2-af30-4afd851d825d.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 17df62c3e2ed48ba9c788f5e1b3b702f
854c326016059d67fae42cc34905d0feb58cb6fc
d0bee7a7e629f6594a79bad563bb91c71a17768c2f347fd4a366f7f0daf94fda
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2da6f7a-675a-45e2-af30-4afd851d825d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2478
x-amzn-requestid: ed2a2dca-5367-42c1-b982-07a39762063e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZmigWFvGIAMF9CQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4ace-6fabb7845e4d04613897a866;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:38:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: GFxAiO1AQfV1-pVy0NBmc9VoQoxBuBeOWsbPkVpOuT06D8Tw_YuZfA==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 de8fc80b494d3d381f7e006918dcc588.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 22:08:09 GMT
etag: "854c326016059d67fae42cc34905d0feb58cb6fc"
content-type: image/jpeg
age: 24747
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F773e2560-6c32-4224-8404-2794a40799cd.jpeg
200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F773e2560-6c32-4224-8404-2794a40799cd.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 39cf77bd6009d3c538455b3846680278
ad0ed304e5173bdb8f08254c2e4a5032e8fcafa5
792997f1f9a485ca57d274c7899e4f526476bf15ed564a8b74d248c4458b188f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F773e2560-6c32-4224-8404-2794a40799cd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9564
x-amzn-requestid: 38d87e57-3600-4e0e-bd24-a8f857800bc6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZmhkGHtZIAMFz0w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f494d-21b041d97b406dea36b9f35b;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:31:57 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: DNBjRFbLHdYGd4-klRgAiRXPCq2_uOMh5LGi9udoD1c0eSVXJ6h4xw==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 ca66331b52971370c4e54619e8a952cc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 21:44:18 GMT
age: 26178
etag: "ad0ed304e5173bdb8f08254c2e4a5032e8fcafa5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
200 OK 144 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 2103428bc78ca6da5e8936f5f44f0dbb
b90d58537027e5d23e42aaefd60595123be46c3f
354e4201f1ccf507237c0d698870753bd37afe1805b7e0490a07d31478c1bba4
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 534
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Fri, 07 Oct 2022 05:00:36 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 144
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://ouo.press
AN-X-Request-Uuid: 8eaa30a5-1aa2-4563-bed5-7ac69bafe558
Set-Cookie: icu=ChkItZqGARAKGAEgASgBMPTk_pkGOAFAAUgBEPTk_pkGGAA.; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 05-Jan-2023 05:00:36 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=8837979790595121777; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 05-Jan-2023 05:00:36 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
200 OK 8.9 kB URL HTTP/2 cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
IP
File type ASCII text, with very long lines (26606)
Hash 77019dfea792351eb58beb264f808970
106d35ea53f5a6e4024ba9bfafe6b0bd0551771f
ca2b0e50ed967336aea35965d7a99b4986429c5c5984f8de96d92b2c573b7bef
GET /npm/prebid-universal-creative@latest/dist/creative.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.13.0
x-jsd-version-type: version
etag: W/"682b-2ihEYwqesMldd0dS8BiHEV2ELiA"
content-encoding: gzip
accept-ranges: bytes
date: Fri, 07 Oct 2022 05:00:36 GMT
age: 28216
x-served-by: cache-fra19167-FRA, cache-bma1654-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 8874
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP
Hash c6caf0678cdcdc27fcd2a516d47b3c56
cd500ad90fec85cb73f4ad2182ee190cf85ec7f2
2f7ba0eb0d5b901b7379e4b73565337138779859e8fe70d1124e38435f533117
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 05:00:36 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "2CB962798177B291A2CE1D5C17A6EE30EB31293F"
Expires: Fri, 07 Oct 2022 15:00:00 GMT
Last-Modified: Fri, 07 Oct 2022 03:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 3462
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 756412f74b37fabc-OSL
jsc.adskeeper.com/a/d/adtrue.ouo.press.991771.js
200 OK 908 B URL HTTP/2 jsc.adskeeper.com/a/d/adtrue.ouo.press.991771.js
IP
File type ASCII text, with very long lines (2337)
Hash 4f8f059fbf3b6b0e3a37926f648a3993
83b61eb9d45cdf8f7c708bf4e148d7cab569c596
69190d6c2b78d7b0de0a44dbdde96bb7cf6c793f52481633b4f26ca2cfefcd4e
GET /a/d/adtrue.ouo.press.991771.js HTTP/1.1
Host: jsc.adskeeper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 07 Oct 2022 05:00:36 GMT
content-type: text/javascript
content-length: 908
x-amz-id-2: KAIZM6A8DwIAkmj6PcpKt7XAkOnCDR2Vdq3o2u42jw4XGTvjXjI5FY0S9m8p5l/IwYhKctdrvKM=
x-amz-request-id: 0N7TAAT995RR1W31
last-modified: Wed, 24 Aug 2022 10:09:53 GMT
etag: "4f8f059fbf3b6b0e3a37926f648a3993"
content-encoding: gzip
x-amz-version-id: vjUfJ7PUwRKr5ZG64ubE4TU9vAV4Ff_Q
cf-cache-status: HIT
expires: Fri, 07 Oct 2022 09:00:36 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 756412f7a8651c0e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bidder.criteo.com/cdb?profileId=207&av=34&wv=6.2.0&cb=2087177740
200 OK 44 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=6.2.0&cb=2087177740
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 5f1dcf53824ce88cdb7941d34db3f19d
4164a13e3f53e1f002606a807d64a92620720fb0
3a803b7520764b5266cfac90aa9f9b2ff931109f489d9a1deb24aa686c239a74
POST /cdb?profileId=207&av=34&wv=6.2.0&cb=2087177740 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 487
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 05:00:36 GMT
vary: Origin
server: Finatra
content-type: application/json; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: https://ouo.press
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-encoding: gzip
content-length: 44
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
cdn.adskeeper.co.uk/images/adskeeper_svg.svg
200 OK 1.5 kB URL HTTP/2 cdn.adskeeper.co.uk/images/adskeeper_svg.svg
IP
Hash 59f9d21eb233ce965e2fbdbb887eccfd
f49c40b95acbdeaf45e9a8c40f009002b634a607
032ad74d90d17d5e789a8403efd57d77d19853c12388586044e3f0b39a5aea37
GET /images/adskeeper_svg.svg HTTP/1.1
Host: cdn.adskeeper.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 07 Oct 2022 05:00:36 GMT
content-type: image/svg+xml
x-amz-id-2: 9+wK7//B9wiKymVhwJBS49yIWsknA1BYnHtl2rpiLd1F4bVgMRR1xL0U37+qHDuhswdKTk5XkFw=
x-amz-request-id: P23ZACW8NK08CPPP
last-modified: Tue, 08 Dec 2020 08:34:59 GMT
etag: W/"93f6d1136fb77e38a0a2c72108588f09"
x-amz-meta-s3cmd-attrs: atime:1607416491/ctime:1607416491/gid:0/gname:root/md5:93f6d1136fb77e38a0a2c72108588f09/mode:33206/mtime:1607416491/uid:0/uname:root
x-amz-version-id: null
cf-cache-status: HIT
age: 4082
expires: Fri, 07 Oct 2022 09:00:36 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
server: cloudflare
cf-ray: 756412fa3afb0b61-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
200 OK 144 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 8309c23594179bc6b1c6e65880a58461
83e94127db4f903af4ba5d0fa5c09f82947d7a5a
6b8c1e34189b5faed7202eaf5ca6ad92372c7bb921485b56ad4ed4ac4526ad08
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 561
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Fri, 07 Oct 2022 05:00:36 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 144
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://ouo.press
AN-X-Request-Uuid: 2f682a08-5c1d-4f2b-b541-9da4ab114916
Set-Cookie: icu=ChgIw6tREAoYASABKAEw9OT-mQY4AUABSAEQ9OT-mQYYAA..; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 05-Jan-2023 05:00:36 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=6389557027685958877; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 05-Jan-2023 05:00:36 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ecdn.firstimpression.io/static/js/fiamp.js
200 OK 36 kB URL HTTP/2 ecdn.firstimpression.io/static/js/fiamp.js
IP
Hash 8eafd8dceacda5c396738e6ea4d298e7
df936b81b08894c31c26534a0597907df905116c
86a1bba3aa921570f7851dfc3e26b0b652c8a2dcb1d9bb41d78789be76e82719
GET /static/js/fiamp.js HTTP/1.1
Host: ecdn.firstimpression.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
server: nginx/1.20.0
last-modified: Fri, 08 Apr 2022 08:48:22 GMT
access-control-allow-origin: *
content-encoding: gzip
date: Fri, 07 Oct 2022 04:45:43 GMT
expires: Fri, 07 Oct 2022 05:45:39 GMT
cache-control: max-age=3600
etag: W/"624ff6d6-1b8e9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: M0GyUYawIie7x1G6TnXmjGz8Sq9ZUH0nVXqjmN2g5JCI4B_8BGLHRg==
age: 897
X-Firefox-Spdy: h2
ads.pubmatic.com/AdServer/js/pwt/161673/7165/pwt.js
200 OK 73 kB URL HTTP/2 ads.pubmatic.com/AdServer/js/pwt/161673/7165/pwt.js
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 06cd2eddf805cce44a8cb5178e00d7de
4450e085f121f57255512d5f7c8d4bcffbf77bc5
8c41037c0b242f0fe65640486379d7f6cd91c55f8edd998ea285d8f994ec48f7
GET /AdServer/js/pwt/161673/7165/pwt.js HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 23 Sep 2022 12:15:31 GMT
server: Apache
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type: application/javascript
content-length: 73257
cache-control: max-age=86015
expires: Sat, 08 Oct 2022 04:54:11 GMT
date: Fri, 07 Oct 2022 05:00:36 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
tag.1rx.io/rmp/212927/0/mvo?z=1r&hbv=6.2,2.1
204 No Content 0 B URL HTTP/2 tag.1rx.io/rmp/212927/0/mvo?z=1r&hbv=6.2,2.1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /rmp/212927/0/mvo?z=1r&hbv=6.2,2.1 HTTP/1.1
Host: tag.1rx.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 606
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 07 Oct 2022 05:00:36 GMT
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
pragma: no-cache
cache-control: private, max-age=0, no-cache, no-store
X-Firefox-Spdy: h2
s-img.adskeeper.com/g/13268955/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNi8xMDE5MjQvMmMxOTY0ZWMzZTYwYThiNzk0MzEwYjBlZWFiNDNiMzUuanBlZw.webp?v=1665118836-Tidr74gMuCQDNf4r7eGGnb0ILkvoYr6QAMM0jnWoZnQ
200 OK 11 kB URL HTTP/2 s-img.adskeeper.com/g/13268955/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNi8xMDE5MjQvMmMxOTY0ZWMzZTYwYThiNzk0MzEwYjBlZWFiNDNiMzUuanBlZw.webp?v=1665118836-Tidr74gMuCQDNf4r7eGGnb0ILkvoYr6QAMM0jnWoZnQ
IP
File type gzip compressed data, from Unix\012- data
Hash 31eeb851ad2382ae42bab6e5b31d4604
884a823f2db72e3ca4bf56ba739a114a59b38e5c
7c2cddfddda45c801e98bbddf46c9c1fff8a3239995923324955221242180f3d
GET /g/13268955/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNi8xMDE5MjQvMmMxOTY0ZWMzZTYwYThiNzk0MzEwYjBlZWFiNDNiMzUuanBlZw.webp?v=1665118836-Tidr74gMuCQDNf4r7eGGnb0ILkvoYr6QAMM0jnWoZnQ HTTP/1.1
Host: s-img.adskeeper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 07 Oct 2022 05:00:36 GMT
content-type: image/webp
content-length: 9862
x-mg-request-uuid: 5f936428-013b-4467-a77f-e064a6b1fe08
access-control-allow-origin: *
last-modified: Thu, 16 Jun 2022 11:47:10 GMT
cache-control: immutable, max-age=31536000
cf-cache-status: HIT
age: 1603639
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 756412faca12b505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 313 B IP
Hash da24c3d35c9aa2a337a9a13ce1c0a8b6
f2de820375a4a3ba63e75bb07b4c1512ee847375
86358a176fd39e47744821766b318dcf7dd4aa9903f27b6221ea55075c3f5655
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1989
Cache-Control: max-age=131957
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 05:00:36 GMT
Etag: "633f0b24-139"
Expires: Sat, 08 Oct 2022 17:39:53 GMT
Last-Modified: Thu, 06 Oct 2022 17:06:44 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 313
c.amazon-adsystem.com/aax2/apstag.js
200 OK 45 kB URL HTTP/2 c.amazon-adsystem.com/aax2/apstag.js
IP
Hash 34797b179f117129518214b8fc23f0fc
b8125ba905874b52a1aaeb66ee53fcaf42c9dce4
c7aee9cd966ee61331a78923fa69a000ce073fb250df8aa94a212fdf0097b17b
GET /aax2/apstag.js HTTP/1.1
Host: c.amazon-adsystem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Fri, 07 Oct 2022 04:28:36 GMT
last-modified: Thu, 06 Oct 2022 22:15:21 GMT
etag: W/"4c87a00941c1aa3dcbab77fc8dc08ec0"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600
server: AmazonS3
content-encoding: gzip
via: 1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront), 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA60-P1, OSL50-P1
x-amz-cf-id: F_zYtNtOPkOXMk7ozDgiBNJHTtYwww7_JjvyNnoU3KJ2msBG7w9o7w==
age: 1921
X-Firefox-Spdy: h2
fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18438&site_id=202928&zone_id=1317174&size_id=2&rp_schain=1.0,1!firstimpression.io,7419,1,,,&rf=https%3A%2F%2Fouo.press%2FFzXjX0&kw=ouo.press%2Cshortlinks%2Clinkshortener%2CfreeURLshortener&tg_i.ref=https%3A%2F%2Fouo.press%2FFzXjX0&tg_i.page=https%3A%2F%2Fouo.press%2FFzXjX0&tg_i.domain=ouo.press&tg_i.figroup=a9&tk_flint=pbjs_lite_v6.2.0&x_source.tid=632ba4dc-340a-42a1-8761-5472dad0e0cf&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.15998919640560738
200 OK 348 B URL HTTP/1.1 fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18438&site_id=202928&zone_id=1317174&size_id=2&rp_schain=1.0,1!firstimpression.io,7419,1,,,&rf=https%3A%2F%2Fouo.press%2FFzXjX0&kw=ouo.press%2Cshortlinks%2Clinkshortener%2CfreeURLshortener&tg_i.ref=https%3A%2F%2Fouo.press%2FFzXjX0&tg_i.page=https%3A%2F%2Fouo.press%2FFzXjX0&tg_i.domain=ouo.press&tg_i.figroup=a9&tk_flint=pbjs_lite_v6.2.0&x_source.tid=632ba4dc-340a-42a1-8761-5472dad0e0cf&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.15998919640560738
IP
File type JSON data\012- , ASCII text, with very long lines (348), with no line terminators
Hash 9c51c5c71840a67c2b51b2be712ab60b
b5a1d1c91e209be4a4e38c3794649e83151aadc5
7f1ef2b871da6bdce4c0499f19f52873ffa03c3dd8b48e3bd53880912f2c19a5
GET /a/api/fastlane.json?account_id=18438&site_id=202928&zone_id=1317174&size_id=2&rp_schain=1.0,1!firstimpression.io,7419,1,,,&rf=https%3A%2F%2Fouo.press%2FFzXjX0&kw=ouo.press%2Cshortlinks%2Clinkshortener%2CfreeURLshortener&tg_i.ref=https%3A%2F%2Fouo.press%2FFzXjX0&tg_i.page=https%3A%2F%2Fouo.press%2FFzXjX0&tg_i.domain=ouo.press&tg_i.figroup=a9&tk_flint=pbjs_lite_v6.2.0&x_source.tid=632ba4dc-340a-42a1-8761-5472dad0e0cf&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.15998919640560738 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.4
Date: Fri, 07 Oct 2022 05:00:36 GMT
Content-Type: application/json
Content-Length: 348
Connection: keep-alive
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Expires: Wed, 17 Sep 1975 21:32:10 GMT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://ouo.press
Pragma: no-cache
Vary: Accept-Encoding
Set-Cookie: khaos=L8Y0RHCH-9-F827; Domain=.rubiconproject.com; Path=/; Expires=Sat, 07-Oct-2023 05:00:36 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|naVuGyos1qrgHtUBHKzrRe9DtVM30fCg9e/wzbfbfdwUXz9gJ4adHpZjSCqH74hcJhsHlJbldDdJwe9iGXKQTKZr5ZVxLWDe; Domain=.rubiconproject.com; Path=/; Expires=Sat, 07-Oct-2023 05:00:36 GMT; Max-Age=31536000; SameSite=None; Secure
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
static.criteo.net/js/ld/publishertag.prebid.123.js
200 OK 29 kB URL HTTP/2 static.criteo.net/js/ld/publishertag.prebid.123.js
IP
File type ASCII text, with very long lines (65354)
Hash 20ac2c4462879de5e87bb093a87877fb
0f5424e096ba541b4789ed910e7257493be343cd
cd064793ed5ae178ceaee41fc363174391f70a5813e33124c8483ecf68c0268b
GET /js/ld/publishertag.prebid.123.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 07 Oct 2022 05:00:36 GMT
content-type: text/javascript
last-modified: Tue, 03 May 2022 11:21:03 GMT
etag: W/"6271101f-15b58"
expires: Sat, 08 Oct 2022 05:00:36 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3714da7cb6c371956b3d34ea5e62266a
7e17d3e8c8d0b5ca1650b7e427a0d6d3ec39efc6
57b7e44f4ef9b743018f8ef2d0b03682ee089307a85d2f1d69903114a11101a7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "57B7E44F4EF9B743018F8EF2D0B03682EE089307A85D2F1D69903114A11101A7"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6235
Expires: Fri, 07 Oct 2022 06:44:32 GMT
Date: Fri, 07 Oct 2022 05:00:37 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3714da7cb6c371956b3d34ea5e62266a
7e17d3e8c8d0b5ca1650b7e427a0d6d3ec39efc6
57b7e44f4ef9b743018f8ef2d0b03682ee089307a85d2f1d69903114a11101a7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "57B7E44F4EF9B743018F8EF2D0B03682EE089307A85D2F1D69903114A11101A7"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6235
Expires: Fri, 07 Oct 2022 06:44:32 GMT
Date: Fri, 07 Oct 2022 05:00:37 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 313 B IP
Hash be35127b8c26584bcaa488cc5cf04d30
db6f464fed7250ce37b1355fef95155b48824292
ffa5581ed5d5990cec95b847c02ce562c1a3090240db245f68a8ddae59e1af4d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4355
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 05:00:37 GMT
Last-Modified: Fri, 07 Oct 2022 03:48:02 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 313
lbs.eu-1-id5-sync.com/lbs/v1
200 OK 34 B URL HTTP/1.1 lbs.eu-1-id5-sync.com/lbs/v1
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 54eca8e36a376d253ea4d49112d3b041
82278a087fb88ec8cb7b2371052ed4200f0e54aa
68a77b2d486306c79b36b261a8f3da0934c91d491e82e7c6517d28f8b63b37af
GET /lbs/v1 HTTP/1.1
Host: lbs.eu-1-id5-sync.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Fri, 7 Oct 2022 05:00:37 GMT
access-control-allow-origin: https://ouo.press
vary: Origin
content-type: application/json
content-length: 34
lb.eu-1-id5-sync.com/lb/v1
200 33 B URL HTTP/1.1 lb.eu-1-id5-sync.com/lb/v1
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash e9b73a9b3bd282888fc1a39eac81fa82
7aee8f9a0466749e95e82819c65a6bbf8c3600e3
a8f28092684af3b42bd546fd5337497bf22121d1a9d6cbfaa9913a06c358dc6b
GET /lb/v1 HTTP/1.1
Host: lb.eu-1-id5-sync.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://ouo.press
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Fri, 07 Oct 2022 05:00:36 GMT
c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
200 OK 7.7 kB URL HTTP/2 c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
IP
File type ASCII text, with very long lines (13465)
Hash 4a9ed3c0ed0b28dae1eb01edd9c94a25
0b89ef35c706830834e7301b0913fd64781dfc24
d9cf3ba464947aa89c9ccf99a5cf2d83066d896b7168b7ea9e49fce8a9a97d20
GET /bao-csm/aps-comm/aps_csm.js HTTP/1.1
Host: c.amazon-adsystem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Thu, 06 Oct 2022 01:32:47 GMT
x-amz-version-id: YousslGi_alc9N7i1PBVBMNtdY1LkTzi
server: AmazonS3
content-encoding: gzip
date: Fri, 07 Oct 2022 01:36:24 GMT
cache-control: public, max-age=86400
etag: W/"a4d296427fc806b21335359e398c025c"
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: B7SIq-fXVFryLLN25DgTn5gmnPoopUXl30DTeQQv3sd871Ou7p12QA==
age: 12459
X-Firefox-Spdy: h2
aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fouo.press%2FFzXjX0&pid=DeCtskEvbnTqA&cb=0&ws=728x90&v=22.10.32118&t=2000&slots=%5B%7B%22sd%22%3A%2293863%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%5D&schain=1.0%2C1!firstimpression.io%2C7419%2C1%2C%2C%2C&pubid=4cd01fd0-0780-4b33-a4da-c39467660185&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
200 OK 154 B URL HTTP/2 aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fouo.press%2FFzXjX0&pid=DeCtskEvbnTqA&cb=0&ws=728x90&v=22.10.32118&t=2000&slots=%5B%7B%22sd%22%3A%2293863%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%5D&schain=1.0%2C1!firstimpression.io%2C7419%2C1%2C%2C%2C&pubid=4cd01fd0-0780-4b33-a4da-c39467660185&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
IP
File type ASCII text, with no line terminators
Hash bb7b4ee21d41485b3c8d171a7bf8b853
04fdbd451ad2cf3aceb697a99ea093fa4c7b4522
5b74ca7f2f7320a7821eedeecfc6bc9cf4c5b0364ae656e62b66657c227aae7e
GET /e/dtb/bid?src=600&u=https%3A%2F%2Fouo.press%2FFzXjX0&pid=DeCtskEvbnTqA&cb=0&ws=728x90&v=22.10.32118&t=2000&slots=%5B%7B%22sd%22%3A%2293863%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%5D&schain=1.0%2C1!firstimpression.io%2C7419%2C1%2C%2C%2C&pubid=4cd01fd0-0780-4b33-a4da-c39467660185&gdprl=%7B%22status%22%3A%22no-cmp%22%7D HTTP/1.1
Host: aax-dtb-cf.amazon-adsystem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
content-length: 154
server: Server
date: Fri, 07 Oct 2022 05:00:37 GMT
x-amz-rid: 9HAE89J4N7YXP3CZ8YCJ
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
timing-allow-origin: *
strict-transport-security: max-age=47474747; includeSubDomains; preload
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: yrNYoUQlKpeDNMGvEzcGhIiwPCK6CGrdhR0cmytOloGT4GZqOf1d3w==
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 312 B IP
Hash 05dc820485b100917b39e380e671871b
6dca69ce616fa5117b14fada8f8bbb56b642e33a
ddf9c2a955809b79e558b01a6db113bbb4f66708c87ec690fd29fb7fbe761105
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3265
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 05:00:37 GMT
Last-Modified: Fri, 07 Oct 2022 04:06:12 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 312
dnacdn.net/dna
200 OK 440 B IP
Hash c43c44ba3e6d9906edc4c8ec67b1dd78
73507d0d9a4eea14fb88a2b93bb7b76060235d6c
8e74a1e58a931533a37ea03db28031b63c85a84a1580a6c82c9ec93174aec946
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=cQgjgl80M0RITmhlJTJCZkMwOUJGQlhaMUN2czR2NDU4SWJlaU5FcGJITkk5clFGVXVhWDV6SFBBVWM4b2J0bmZBUDBVWlk
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 05:00:36 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=876O8180M0RITmhlJTJCZkMwOUJGQlhaMUN2czR2NDU4SWJlaU5FcGJITkk5clFGVXZIcTBvbkVISFFjUyUyQkFiQ3hYMlJobw; expires=Wed, 01 Nov 2023 05:00:37 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 389733
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7a8d56b8fb764f042c7906ff7b4c883b
d32e9f75abd2746eb6628ceb7d48d8f84478058d
da9b33a251b164c5e18a975d183ca0c96025b123d5934510f591d179998b9431
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA9B33A251B164C5E18A975D183CA0C96025B123D5934510F591D179998B9431"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6467
Expires: Fri, 07 Oct 2022 06:48:24 GMT
Date: Fri, 07 Oct 2022 05:00:37 GMT
Connection: keep-alive
id5-sync.com/g/v2/231.json
200 216 B URL HTTP/1.1 id5-sync.com/g/v2/231.json
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 906c6c8c4d4d43f3b79bf10691b8ba51
610ac892c36ee3cd94c0c5e5e83b3605a2ea139e
ca3f4a0e148b21f6a3d56640ff90caaea92c9a4d3476a1b7cb35e60201e6bda6
POST /g/v2/231.json HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 337
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Fri, 07 Oct 2022 05:00:36 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
gem.gbc.criteo.com/newidsd
200 OK 543 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP
Hash 8a19ad3ad16e664734b711e2d0807eab
a232f2572c2e18aff7a169e6a0766ec4cf54b965
481506e35f4cc0f1100a1104bbe28cc9394891a517956b57246441b0b2ba9149
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Fri, 07 Oct 2022 05:00:36 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 142615
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
unseenreport.com/pxf.gif?uuid=fb0bb7ea-4b82-4c0a-ad16-601673f87a96&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=ed36014633829dc70a42dccaefdf3f11&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=5
200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=fb0bb7ea-4b82-4c0a-ad16-601673f87a96&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=ed36014633829dc70a42dccaefdf3f11&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=5
IP
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=fb0bb7ea-4b82-4c0a-ad16-601673f87a96&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=ed36014633829dc70a42dccaefdf3f11&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=5 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Fri, 07 Oct 2022 05:00:37 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9d603c0a627a032671e65ad5b6d65949
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3ca3a3b3550d3f6a31fe6b2ab1456d21
7bcdc08de95fa15181655e2b5fd6bfdcb4329d90
22004aa6985b23cc8769493bb1fe3d4e4d900c012f2042c5ad4c92232b604711
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22004AA6985B23CC8769493BB1FE3D4E4D900C012F2042C5AD4C92232B604711"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7266
Expires: Fri, 07 Oct 2022 07:01:43 GMT
Date: Fri, 07 Oct 2022 05:00:37 GMT
Connection: keep-alive
gum.criteo.com/sid/json?origin=publishertag&domain=ouo.press&sn=FirefoxSyncframe&so=3&topUrl=ouo.press&bundle=DYPycF9TOTRzQVJoT0dIbE8lMkZwV05iMFhNYTB4YWwlMkI3dVc4U1M2VWx4clcwOE9KdGlmdm9KN2FSV2x5akJZOUxkSk5JSTMlMkIwazRkU1k1NncwVk54YyUyQjliYlVtb0Vxa2toMk1CQlp2UDl3UW91M3FYRncxc2ViNjBtZGVqQ3lLcVZMUWNh&info=876O8180M0RITmhlJTJCZkMwOUJGQlhaMUN2czR2NDU4SWJlaU5FcGJITkk5clFGVXZIcTBvbkVISFFjUyUyQkFiQ3hYMlJobw&idsd=-1462897256,-1194455352&cw=1&lsw=1
200 OK 355 B URL HTTP/2 gum.criteo.com/sid/json?origin=publishertag&domain=ouo.press&sn=FirefoxSyncframe&so=3&topUrl=ouo.press&bundle=DYPycF9TOTRzQVJoT0dIbE8lMkZwV05iMFhNYTB4YWwlMkI3dVc4U1M2VWx4clcwOE9KdGlmdm9KN2FSV2x5akJZOUxkSk5JSTMlMkIwazRkU1k1NncwVk54YyUyQjliYlVtb0Vxa2toMk1CQlp2UDl3UW91M3FYRncxc2ViNjBtZGVqQ3lLcVZMUWNh&info=876O8180M0RITmhlJTJCZkMwOUJGQlhaMUN2czR2NDU4SWJlaU5FcGJITkk5clFGVXZIcTBvbkVISFFjUyUyQkFiQ3hYMlJobw&idsd=-1462897256,-1194455352&cw=1&lsw=1
IP
Hash 1c9fa6490d8e81ace84c6977a7ba18e5
d9258e36e72e3b2917bc35ccad6af1eeafde1218
2b90c65519e375de57326ea6c05978f659837dffd08d029cdfad4ac54f301e1b
GET /sid/json?origin=publishertag&domain=ouo.press&sn=FirefoxSyncframe&so=3&topUrl=ouo.press&bundle=DYPycF9TOTRzQVJoT0dIbE8lMkZwV05iMFhNYTB4YWwlMkI3dVc4U1M2VWx4clcwOE9KdGlmdm9KN2FSV2x5akJZOUxkSk5JSTMlMkIwazRkU1k1NncwVk54YyUyQjliYlVtb0Vxa2toMk1CQlp2UDl3UW91M3FYRncxc2ViNjBtZGVqQ3lLcVZMUWNh&info=876O8180M0RITmhlJTJCZkMwOUJGQlhaMUN2czR2NDU4SWJlaU5FcGJITkk5clFGVXZIcTBvbkVISFFjUyUyQkFiQ3hYMlJobw&idsd=-1462897256,-1194455352&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ouo.press
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 05:00:36 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 1135673
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
id5-sync.com/g/v2/806.json
200 216 B URL HTTP/1.1 id5-sync.com/g/v2/806.json
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 0fa875e3e5357ebfce1cc27dda18f39f
3ba127b42df6e1b37165aec48cf8ae8129ca2550
757773d46b71932dea291e7113f5e477bb29a2e36455a464018695c4ae7d459d
POST /g/v2/806.json HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 193
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Fri, 07 Oct 2022 05:00:37 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
peeredgerman.com/sbar.json?key=ed36014633829dc70a42dccaefdf3f11&uuid=fb0bb7ea-4b82-4c0a-ad16-601673f87a96%3A2%3A1
200 OK 3.8 kB URL HTTP/1.1 peeredgerman.com/sbar.json?key=ed36014633829dc70a42dccaefdf3f11&uuid=fb0bb7ea-4b82-4c0a-ad16-601673f87a96%3A2%3A1
IP
File type JSON data\012- , ASCII text, with very long lines (5654), with no line terminators
Hash 02bdf84a5f33343a2e638df7d27c0230
8b2a932a8648f57fc4df9c0d2f1e7ae7fd5285cd
e0ab9bb51f03c8ac4c98761259c4621f3265018608689c9ba55099d4dc8260e5
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=ed36014633829dc70a42dccaefdf3f11&uuid=fb0bb7ea-4b82-4c0a-ad16-601673f87a96%3A2%3A1 HTTP/1.1
Host: peeredgerman.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 07 Oct 2022 05:00:37 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://ouo.press
Access-Control-Allow-Origin: https://ouo.press
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=15424691; expires=Sat, 08 Oct 2022 05:00:37 GMT; secure; SameSite=None
uid_id2=fb0bb7ea-4b82-4c0a-ad16-601673f87a96:2:1; expires=Fri, 14 Oct 2022 05:00:37 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 08 Oct 2022 05:00:37 GMT; secure; SameSite=None
uncs=1; expires=Sat, 08 Oct 2022 05:00:37 GMT; secure; SameSite=None
pdhtkv29=true; expires=Sat, 08 Oct 2022 05:00:37 GMT; secure; SameSite=None
uncs29=1; expires=Sat, 08 Oct 2022 05:00:37 GMT; secure; SameSite=None
sleced36014633829dc70a42dccaefdf3f11=[3357660]; expires=Fri, 07 Oct 2022 05:00:42 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ddf10a94e3cbbe69a83f6a5524758123
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.sectigo.com/
200 OK 471 B IP
Hash da760bd41ef8ff9370254bfa22f58538
d2913d670acf488ba2460758095e8238c1d47966
92af768a29358479e72788fbbb20cfd27aad26588b07a3218968710da11a2d37
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 05:00:37 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 05 Oct 2022 13:42:54 GMT
Expires: Wed, 12 Oct 2022 13:42:53 GMT
Etag: "d2913d670acf488ba2460758095e8238c1d47966"
Cache-Control: max-age=462735,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7564130118aeb51e-OSL
ocsp.globalsign.com/gsgccr3dvtlsca2020
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
Hash 84f17ccdd1bdee12f179d485f5488313
f93d4fd7d03d0a4f2f50e9c3dcae0ddf06dccb42
dfe0947c12cf118c0fc80eb69570b9282fcbd58efd53369fd0f7f49f89ab8e6f
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 05:00:38 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Tue, 11 Oct 2022 03:45:34 GMT
ETag: "f93d4fd7d03d0a4f2f50e9c3dcae0ddf06dccb42"
Last-Modified: Fri, 07 Oct 2022 03:45:35 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1530
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 756413018eb8fabc-OSL
ocsp.digicert.com/
200 OK 279 B IP
Hash b775d6c88f4a45316c1c349524612975
9bd094bc5eaa63e5577dd4bce357fe7c0e065fc7
c6de78e375d38ab778cc5d69c6195821fd25017ed5ab2729fd2b6419007031d7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2258
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 05:00:38 GMT
Last-Modified: Fri, 07 Oct 2022 04:23:00 GMT
Server: ECS (amb/6B71)
X-Cache: HIT
Content-Length: 279
api.rlcdn.com/api/identity/envelope?pid=1258
401 Unauthorized 19 B URL HTTP/2 api.rlcdn.com/api/identity/envelope?pid=1258
IP
Hash 63dfbd2b39fe4f536a04e7b32ada47b4
207298c4a215ad5d97d888522927910ae772ba48
26e51290d12b4fea0bb98da3ed118837b744555ba723061771ab3df30000b6b7
GET /api/identity/envelope?pid=1258 HTTP/1.1
Host: api.rlcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 401 Unauthorized
content-type: text/plain; charset=utf-8
x-content-type-options: nosniff
date: Fri, 07 Oct 2022 05:00:38 GMT
content-length: 19
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
200 OK 471 B URL HTTP/2 match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
IP
Hash 159be23ea0e00a47ad9ce38648a9a4f3
92549d07061a00c5d12f723cf7268ad45d99dc6c
b78d73b6ee1c8e2a1aa2c70d62022ec790c20fb5da99476722105bea56926cc2
GET /track/rid?ttd_pid=pubmatic&fmt=json HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 07 Oct 2022 05:00:38 GMT
content-type: application/json; charset=utf-8
content-length: 63
cache-control: private
expires: Sun, 06 Nov 2022 05:00:38 GMT
vary: Origin
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
x-aspnet-version: 4.0.30319
X-Firefox-Spdy: h2
peeredgerman.com/ren.gif?sid=H4sIAAAAAAAC%2F1SST2skRRjGq3dXUARB2YuCMogHBTPpP7PdM%2B5hcY2RYHaz7CoKClpdVT0pU9PVVHVNT3IKLsgex2%2FQeSbZEF3EP2cXmSzsISBkPEhA8wU8ibAnDzKzwdH38r5vPc%2FhV0%2FVFzvulPhw9GTpmt6SStHFS02%2F8eqHQXC5sSpzN2gM2vEncetyw%2FTf6MRN%2F7XGO4Jt6MXQD3w%2F8IPGsjQi04PFqQhZ3OsEzY7fbIXN4FILA%2FP%2F3ToPlnrg%2FVPyHCSfXHjgXYRkY%2BS9b5eE3Sh18frbPadoqQ36fP%2F9fCPXVY7efMyMhyzfP3ND2%2BPl%2B9D53gwXuv%2BvMZUT4j28jzTfP4NE2t%2BdcaYKIkfKn0bVH0OoMSQdg%2BnbkPyYAIzj%2Bhry3t3r2lR087FKp%2BqEXHj0F2Q1IRd%2Bv4i8981VJQeNW1q5UurcYpDVkIMxZHeMwh2i3DoHWR2ClZ9D8p%2FJ4qNV5L3dNas0JD95JUv9NE0EXWil7XChxXy6QHkQL8R%2BECdR1k5oJ54FJOUYMhtDiSGoPQdnPTjpwWUeXOGhx08aLAiCxOeM%2Bu0OYxFPRBpzP6BJFtDAj9twbHqHIcpiCKaGYGYbhdnGhhzCuJ9g12tY7sGWBH1eoxIElSWoKEElCaqSoOrXe1zZ0NZ3ubIuDc56eNajeqTL7g7d02VX5GSnOCXPzoL74%2BMfsCFOGoJHsR%2B04ihqhx3OEp%2B2Qs4YFRnPoiwIYGUNac%2BBWg9b8viZX1HI46dqpPQQVh2CyZdB3Yug1SgJfdD1UavtYys%2F0E43CyOsBdc1ivIJlJvejjolz88Aosu%2FQbCjK5%2Bm1yZ%2FHvwNZmoUpsZn8gFBV90Z3dQV2b2pK0u%2BWytK2ZNbdPqqt0paivNfvSs2K234ypIdHrzJpsJ0vPeesOUqzbnMu5Z8fVVyLsyyNkyQH1fsByK94ez6VWdyV6zeeGt5pTcDlDofg8oJIQ%2BPwOSEPMmr2Yd9wX4EacYwrkbPHZGzgtSHYMU2bDHnt%2Fo8jJp70sJD5eqRCdP5oZIESsx3mtaw%2F9nT%2Bbxj76BrXgItbyPv1eibGn1Vg6ohrDs%2FKgtzdOWXaFZIlTdKlfF2U2XUl4%2FDtfKkkUSRT%2BPOpSBJqEjSVtjO4oBTGrbiMI5phNJO2JXv3T8AAAD%2F%2FwEAAP%2F%2FTxXxQ3sEAAA%3D
200 OK 7 B URL HTTP/1.1 peeredgerman.com/ren.gif?sid=H4sIAAAAAAAC%2F1SST2skRRjGq3dXUARB2YuCMogHBTPpP7PdM%2B5hcY2RYHaz7CoKClpdVT0pU9PVVHVNT3IKLsgex2%2FQeSbZEF3EP2cXmSzsISBkPEhA8wU8ibAnDzKzwdH38r5vPc%2FhV0%2FVFzvulPhw9GTpmt6SStHFS02%2F8eqHQXC5sSpzN2gM2vEncetyw%2FTf6MRN%2F7XGO4Jt6MXQD3w%2F8IPGsjQi04PFqQhZ3OsEzY7fbIXN4FILA%2FP%2F3ToPlnrg%2FVPyHCSfXHjgXYRkY%2BS9b5eE3Sh18frbPadoqQ36fP%2F9fCPXVY7efMyMhyzfP3ND2%2BPl%2B9D53gwXuv%2BvMZUT4j28jzTfP4NE2t%2BdcaYKIkfKn0bVH0OoMSQdg%2BnbkPyYAIzj%2Bhry3t3r2lR087FKp%2BqEXHj0F2Q1IRd%2Bv4i8981VJQeNW1q5UurcYpDVkIMxZHeMwh2i3DoHWR2ClZ9D8p%2FJ4qNV5L3dNas0JD95JUv9NE0EXWil7XChxXy6QHkQL8R%2BECdR1k5oJ54FJOUYMhtDiSGoPQdnPTjpwWUeXOGhx08aLAiCxOeM%2Bu0OYxFPRBpzP6BJFtDAj9twbHqHIcpiCKaGYGYbhdnGhhzCuJ9g12tY7sGWBH1eoxIElSWoKEElCaqSoOrXe1zZ0NZ3ubIuDc56eNajeqTL7g7d02VX5GSnOCXPzoL74%2BMfsCFOGoJHsR%2B04ihqhx3OEp%2B2Qs4YFRnPoiwIYGUNac%2BBWg9b8viZX1HI46dqpPQQVh2CyZdB3Yug1SgJfdD1UavtYys%2F0E43CyOsBdc1ivIJlJvejjolz88Aosu%2FQbCjK5%2Bm1yZ%2FHvwNZmoUpsZn8gFBV90Z3dQV2b2pK0u%2BWytK2ZNbdPqqt0paivNfvSs2K234ypIdHrzJpsJ0vPeesOUqzbnMu5Z8fVVyLsyyNkyQH1fsByK94ez6VWdyV6zeeGt5pTcDlDofg8oJIQ%2BPwOSEPMmr2Yd9wX4EacYwrkbPHZGzgtSHYMU2bDHnt%2Fo8jJp70sJD5eqRCdP5oZIESsx3mtaw%2F9nT%2Bbxj76BrXgItbyPv1eibGn1Vg6ohrDs%2FKgtzdOWXaFZIlTdKlfF2U2XUl4%2FDtfKkkUSRT%2BPOpSBJqEjSVtjO4oBTGrbiMI5phNJO2JXv3T8AAAD%2F%2FwEAAP%2F%2FTxXxQ3sEAAA%3D
IP
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1SST2skRRjGq3dXUARB2YuCMogHBTPpP7PdM%2B5hcY2RYHaz7CoKClpdVT0pU9PVVHVNT3IKLsgex2%2FQeSbZEF3EP2cXmSzsISBkPEhA8wU8ibAnDzKzwdH38r5vPc%2FhV0%2FVFzvulPhw9GTpmt6SStHFS02%2F8eqHQXC5sSpzN2gM2vEncetyw%2FTf6MRN%2F7XGO4Jt6MXQD3w%2F8IPGsjQi04PFqQhZ3OsEzY7fbIXN4FILA%2FP%2F3ToPlnrg%2FVPyHCSfXHjgXYRkY%2BS9b5eE3Sh18frbPadoqQ36fP%2F9fCPXVY7efMyMhyzfP3ND2%2BPl%2B9D53gwXuv%2BvMZUT4j28jzTfP4NE2t%2BdcaYKIkfKn0bVH0OoMSQdg%2BnbkPyYAIzj%2Bhry3t3r2lR087FKp%2BqEXHj0F2Q1IRd%2Bv4i8981VJQeNW1q5UurcYpDVkIMxZHeMwh2i3DoHWR2ClZ9D8p%2FJ4qNV5L3dNas0JD95JUv9NE0EXWil7XChxXy6QHkQL8R%2BECdR1k5oJ54FJOUYMhtDiSGoPQdnPTjpwWUeXOGhx08aLAiCxOeM%2Bu0OYxFPRBpzP6BJFtDAj9twbHqHIcpiCKaGYGYbhdnGhhzCuJ9g12tY7sGWBH1eoxIElSWoKEElCaqSoOrXe1zZ0NZ3ubIuDc56eNajeqTL7g7d02VX5GSnOCXPzoL74%2BMfsCFOGoJHsR%2B04ihqhx3OEp%2B2Qs4YFRnPoiwIYGUNac%2BBWg9b8viZX1HI46dqpPQQVh2CyZdB3Yug1SgJfdD1UavtYys%2F0E43CyOsBdc1ivIJlJvejjolz88Aosu%2FQbCjK5%2Bm1yZ%2FHvwNZmoUpsZn8gFBV90Z3dQV2b2pK0u%2BWytK2ZNbdPqqt0paivNfvSs2K234ypIdHrzJpsJ0vPeesOUqzbnMu5Z8fVVyLsyyNkyQH1fsByK94ez6VWdyV6zeeGt5pTcDlDofg8oJIQ%2BPwOSEPMmr2Yd9wX4EacYwrkbPHZGzgtSHYMU2bDHnt%2Fo8jJp70sJD5eqRCdP5oZIESsx3mtaw%2F9nT%2Bbxj76BrXgItbyPv1eibGn1Vg6ohrDs%2FKgtzdOWXaFZIlTdKlfF2U2XUl4%2FDtfKkkUSRT%2BPOpSBJqEjSVtjO4oBTGrbiMI5phNJO2JXv3T8AAAD%2F%2FwEAAP%2F%2FTxXxQ3sEAAA%3D HTTP/1.1
Host: peeredgerman.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Cookie: u_pl=15424691; uid_id2=fb0bb7ea-4b82-4c0a-ad16-601673f87a96:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleced36014633829dc70a42dccaefdf3f11=[3357660]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 07 Oct 2022 05:00:38 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d902eb115e97d8f40d8053f55a48e4f3
Strict-Transport-Security: max-age=0; includeSubdomains
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash cd3e7133a860358bdbc1538daa220575
8085ec8a1c8a833b6e3ed14d94451f291145fd90
392c52e4858e99db049e3f7c171e19c5984f47bf0cf86b2209582d3c5d865d7e
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 07 Oct 2022 05:00:37 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 07 Oct 2022 00:06:20 GMT
Expires: Sat, 08 Oct 2022 00:06:20 GMT
ETag: "8085ec8a1c8a833b6e3ed14d94451f291145fd90"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
e1.o.lencr.org/
200 OK 346 B IP
ASN #20940 Akamai International B.V.
Hash da32fcedc22c3f8071079610e24227d2
b80c8b3315fe0dfdbf02cb1e46ec49fce2e6d858
3dbffb2bb666ae31dbbb9611ad68b92c6bc7da1750d5bac1c0dea372f34f39e8
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "3DBFFB2BB666AE31DBBB9611AD68B92C6BC7DA1750D5BAC1C0DEA372F34F39E8"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7641
Expires: Fri, 07 Oct 2022 07:07:59 GMT
Date: Fri, 07 Oct 2022 05:00:38 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 346 B IP
ASN #20940 Akamai International B.V.
Hash da32fcedc22c3f8071079610e24227d2
b80c8b3315fe0dfdbf02cb1e46ec49fce2e6d858
3dbffb2bb666ae31dbbb9611ad68b92c6bc7da1750d5bac1c0dea372f34f39e8
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "3DBFFB2BB666AE31DBBB9611AD68B92C6BC7DA1750D5BAC1C0DEA372F34F39E8"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7641
Expires: Fri, 07 Oct 2022 07:07:59 GMT
Date: Fri, 07 Oct 2022 05:00:38 GMT
Connection: keep-alive
peeredgerman.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F7%2Findex.html&l=2186&fd=87
200 OK 0 B URL HTTP/1.1 peeredgerman.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F7%2Findex.html&l=2186&fd=87
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F7%2Findex.html&l=2186&fd=87 HTTP/1.1
Host: peeredgerman.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Cookie: u_pl=15424691; uid_id2=fb0bb7ea-4b82-4c0a-ad16-601673f87a96:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleced36014633829dc70a42dccaefdf3f11=[3357660]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 07 Oct 2022 05:00:38 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
id.crwdcntrl.net/id
200 OK 63 B IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 39cebfb7a0e9f558d4a75200b63a8bce
d63890c8c2fa5880f0fde26885f45d036633cbb5
521df4c61a012c09b9fe5ac2dde6048e8a8d5046201e880e3812ff2d5201c2c4
GET /id HTTP/1.1
Host: id.crwdcntrl.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 07 Oct 2022 05:00:38 GMT
content-type: application/json;charset=utf-8
content-length: 63
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.0.163
access-control-allow-credentials: true
access-control-allow-origin: https://ouo.press
server: Jetty(9.4.38.v20210224)
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/img/close.png
200 OK 6.0 kB URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/img/close.png
IP
File type PNG image data, 522 x 391, 8-bit/color RGBA, non-interlaced\012- data
Hash c489ce2c491a22ee37a55e26a92dfd73
2fa588ab09e94dd902e5bd24b48f98ad1949c9d6
1eed147c7d5de6291c25fbc5274830c12d5549262fb144271576d4e15966e5bd
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/img/close.png HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 05:00:38 GMT
content-type: image/png
content-length: 5982
last-modified: Fri, 21 May 2021 10:10:48 GMT
etag: "60a78728-175e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 5597761
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r%2BkJPXG0Yofy9ZltmItdsZFv%2BDVH6AAB%2BVNnUAbCZ3tVnODM18LQn9lfj123OcZe%2FyApBBlh%2FxZQZaraYdX9sKboz4BOBJP%2BykJ2cTaH3Mg%2BwNeFyRho%2BmfJ6xg%2BVv%2BC5Gk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75641302acf8754d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/img/number.png
200 OK 1.1 kB URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/img/number.png
IP
File type PNG image data, 43 x 43, 8-bit/color RGBA, non-interlaced\012- data
Hash 9e4414e85c588bf7db195e49c02ab2bb
09254e79b255f1b2dfe45adbbe44583a4b433782
0b977ec6e7cf5d35df03cd3a8041f5f523f5d4059ac67c152c0a7b613e20b762
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/img/number.png HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 05:00:38 GMT
content-type: image/png
content-length: 1138
last-modified: Fri, 21 May 2021 10:10:48 GMT
etag: "60a78728-472"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 5597761
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D%2FsE%2BZdXxxANiRFPhsH1rPib4IkWKzcaTrpwjuf70EW25rCW4BY%2B0KaaglfTRe8VbZZt9MN6e0z%2BolMDv02%2BXtJ8MFEXEyWNzl%2BPSHsztRqHtafbped1NiOsPSHAitCZpw0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75641302acfb754d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/img/arrow.png
200 OK 2.0 kB URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/img/arrow.png
IP
File type PNG image data, 52 x 81, 8-bit/color RGBA, non-interlaced\012- data
Hash ef2bad0eceeff00bf615df0a433a5bff
a910af81d23d78c96283b46c241d3d9652562009
9c362044a93ac6919b7174a1620d4d82dbe1940a450aea1abca32a48fd160d40
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/img/arrow.png HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 05:00:38 GMT
content-type: image/png
content-length: 2008
last-modified: Fri, 21 May 2021 10:10:48 GMT
etag: "60a78728-7d8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4307661
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TUNgdU5QierigyTcZo6L%2FkDuVCCxcSB3qrMqjshzcDBGad%2B%2FIYZrS6OJRiruUa2DjUEvI7cE8goTslLyWQ4yt4FPht%2FsL2KVxH1vCCMdQt%2BhvDwgK2d0w8yi4GFhI5MoNSg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75641302acfa754d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/img/icon.png
200 OK 46 kB URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/img/icon.png
IP
File type PNG image data, 340 x 340, 8-bit/color RGB, non-interlaced\012- data
Hash 0d687af39faa7241d1a584f1c3eec050
ccd68a2138d3da9c44c93a139a72fcd8fd750614
cdd30ab847b158f337faaca366647fa594365de0c63b58c9e8243dec575df329
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/img/icon.png HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 05:00:38 GMT
content-type: image/png
content-length: 45627
last-modified: Tue, 01 Feb 2022 11:50:51 GMT
etag: "61f91e9b-b23b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 5597761
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z0Lv%2F%2BAwrQHFQRqiVE4kk%2BPPL04Xls5Q4LtSe%2F4nXJ2KI2E8lstKVE%2BkJGF373np0Gu5Q3M8w%2F9YQkDJkCp39CD5cHInlNvAMu5HH%2FUw4OAFcmZKz0rzlVTQQtd%2BM4cGfeE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75641302acfd754d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 346 B IP
ASN #20940 Akamai International B.V.
Hash da32fcedc22c3f8071079610e24227d2
b80c8b3315fe0dfdbf02cb1e46ec49fce2e6d858
3dbffb2bb666ae31dbbb9611ad68b92c6bc7da1750d5bac1c0dea372f34f39e8
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "3DBFFB2BB666AE31DBBB9611AD68B92C6BC7DA1750D5BAC1C0DEA372F34F39E8"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7641
Expires: Fri, 07 Oct 2022 07:07:59 GMT
Date: Fri, 07 Oct 2022 05:00:38 GMT
Connection: keep-alive
ocsp.sectigo.com/
200 OK 471 B IP
Hash da760bd41ef8ff9370254bfa22f58538
d2913d670acf488ba2460758095e8238c1d47966
92af768a29358479e72788fbbb20cfd27aad26588b07a3218968710da11a2d37
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 05:00:38 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 05 Oct 2022 13:42:54 GMT
Expires: Wed, 12 Oct 2022 13:42:53 GMT
Etag: "d2913d670acf488ba2460758095e8238c1d47966"
Cache-Control: max-age=462734,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75641301f938b51e-OSL
peeredgerman.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F7%2Fcss%2Fanimate.css&l=79249&fd=130
200 OK 660 B URL HTTP/1.1 peeredgerman.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F7%2Fcss%2Fanimate.css&l=79249&fd=130
IP
File type gzip compressed data, max compression\012- data
Hash 5860c780c8e9daa4f852038f02b5bdc2
c75c8b4db36bffe075ce493f06d011f855d5541a
f11b9f8e851e15c0c6abd53a9994c6dcef78ceeebd0f0b8bbde610fec8332c85
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F7%2Fcss%2Fanimate.css&l=79249&fd=130 HTTP/1.1
Host: peeredgerman.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Cookie: u_pl=15424691; uid_id2=fb0bb7ea-4b82-4c0a-ad16-601673f87a96:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleced36014633829dc70a42dccaefdf3f11=[3357660]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 07 Oct 2022 05:00:38 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
peeredgerman.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F7%2Fcss%2Fstyle.css&l=9494&fd=140
200 OK 0 B URL HTTP/1.1 peeredgerman.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F7%2Fcss%2Fstyle.css&l=9494&fd=140
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F7%2Fcss%2Fstyle.css&l=9494&fd=140 HTTP/1.1
Host: peeredgerman.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Cookie: u_pl=15424691; uid_id2=fb0bb7ea-4b82-4c0a-ad16-601673f87a96:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleced36014633829dc70a42dccaefdf3f11=[3357660]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 07 Oct 2022 05:00:38 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
peeredgerman.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F7%2Fjs%2Fscript.js&l=711&fd=35
200 OK 0 B URL HTTP/1.1 peeredgerman.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F7%2Fjs%2Fscript.js&l=711&fd=35
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F7%2Fjs%2Fscript.js&l=711&fd=35 HTTP/1.1
Host: peeredgerman.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Cookie: u_pl=15424691; uid_id2=fb0bb7ea-4b82-4c0a-ad16-601673f87a96:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleced36014633829dc70a42dccaefdf3f11=[3357660]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 07 Oct 2022 05:00:38 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ouo.press
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 19:34:08 GMT
expires: Thu, 05 Oct 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 120390
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ouo.press
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 19:34:08 GMT
expires: Thu, 05 Oct 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 120390
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
peeredgerman.com/impr.gif?sid=H4sIAAAAAAAC%2F1SSzWskRRjGq3dXUARB2YuCMogHBTPpnpnMhzkEY4wEs5tlV1FQ0PrqSZnqrqaqa3qSU3BB9jj%2BB51nkg3RRfw4u8hkYQ8BIeNBApp%2FwJMIe%2FIgMxscfS%2Fv%2B9bzHH71VH2x589JCE%2FPVq6ZHaU1nV%2BohpVXP4yixcq6Sn2%2F0m83P2k2Fiu290anWQ1fq7wj%2BZaZr4VRGEZhVFlVVsamPz8RobJ7najaCauNWjVaaKBv%2F787H8DRAKJ3Tp6DEuMrD4KrUHyENPl2Rbqt3GSvv514TXNj0ROH76dbqSlSJLMxtgHi9PDCDeNOV%2B%2FDpAdTXJjev0amxiR4eB8sPbyABOvtTzmZhkzBxNMoeiNIPYKiI3BzG0qcEoALXN9Amty9bmxBtx%2BrdKKOyZVHf0EVY3Ll96tIk2%2BWtepXbhntc2VSh35cQvVHUN0RMn%2BMfOcSVHEMnn8OJX4m84%2FWkSb7G04bKHH2SsxCxlqSzjVYuzbX4CGdoyJqzjXDqNmqx%2B0W7TSnASk1gopH0HIA6i7BuwBeBfBxAJ8FSMRZhUdR1AoFp2G7w3ldtCRrijCirTiiUdhsw%2FPJHQbIswG4HoDbXWR2F1tqAOt%2Fgtss4UQAlxP0RIlCEhSOoKAEhSIocoKiVx4I7WquvCu08yy66LWLXi%2BHJu%2Fu0QOTd2VK9rJz8uw0uD8%2B%2FgFb8qwiRb0ZRo1mvd6udQRvhbRRE5xTGYu4HkcRnCqh3CVQF2BHnT7zKzJ1%2BlQJRo%2Fh9DG4ehnUvwhaDFu1EHRz2GiH2EmPjDfVzErnIEyJLH8C%2BXawp8%2FJ81OA%2BuJvkPxk6VN2bfzn0d%2FgtkRmS3ymHhB09Z3hTVOQ%2FZumcOS7jSxXidqhk1e9ldNcXv7qXbldGCvWVtzg6E0%2BESbjvfeky9dpKlTadeTrZSWEtKvGckl%2BXHMfSHbDu81lb1Ofrd94a3UtmQIqk45A1ZiQhyfgakyeFMX0w77gPoKyI1hfIvEn5KKgzDF4tguXzfiduQyrZx6WBSh8ObQ1NjvUikDL2U5ZCfefnc3mPXcHXfsSaH4baVKiZ0v0dAmqB3D%2B8jDP7MnSL%2FVpgelgyLQN9pm2%2BsvH4Tp1VqmHosVkLFtMNhYaseSCLSywkMec1UW7zZG7MV%2F63v8DAAD%2F%2FwEAAP%2F%2Fz8Ekq3sEAAA%3D
200 OK 7 B URL HTTP/1.1 peeredgerman.com/impr.gif?sid=H4sIAAAAAAAC%2F1SSzWskRRjGq3dXUARB2YuCMogHBTPpnpnMhzkEY4wEs5tlV1FQ0PrqSZnqrqaqa3qSU3BB9jj%2BB51nkg3RRfw4u8hkYQ8BIeNBApp%2FwJMIe%2FIgMxscfS%2Fv%2B9bzHH71VH2x589JCE%2FPVq6ZHaU1nV%2BohpVXP4yixcq6Sn2%2F0m83P2k2Fiu290anWQ1fq7wj%2BZaZr4VRGEZhVFlVVsamPz8RobJ7najaCauNWjVaaKBv%2F787H8DRAKJ3Tp6DEuMrD4KrUHyENPl2Rbqt3GSvv514TXNj0ROH76dbqSlSJLMxtgHi9PDCDeNOV%2B%2FDpAdTXJjev0amxiR4eB8sPbyABOvtTzmZhkzBxNMoeiNIPYKiI3BzG0qcEoALXN9Amty9bmxBtx%2BrdKKOyZVHf0EVY3Ll96tIk2%2BWtepXbhntc2VSh35cQvVHUN0RMn%2BMfOcSVHEMnn8OJX4m84%2FWkSb7G04bKHH2SsxCxlqSzjVYuzbX4CGdoyJqzjXDqNmqx%2B0W7TSnASk1gopH0HIA6i7BuwBeBfBxAJ8FSMRZhUdR1AoFp2G7w3ldtCRrijCirTiiUdhsw%2FPJHQbIswG4HoDbXWR2F1tqAOt%2Fgtss4UQAlxP0RIlCEhSOoKAEhSIocoKiVx4I7WquvCu08yy66LWLXi%2BHJu%2Fu0QOTd2VK9rJz8uw0uD8%2B%2FgFb8qwiRb0ZRo1mvd6udQRvhbRRE5xTGYu4HkcRnCqh3CVQF2BHnT7zKzJ1%2BlQJRo%2Fh9DG4ehnUvwhaDFu1EHRz2GiH2EmPjDfVzErnIEyJLH8C%2BXawp8%2FJ81OA%2BuJvkPxk6VN2bfzn0d%2FgtkRmS3ymHhB09Z3hTVOQ%2FZumcOS7jSxXidqhk1e9ldNcXv7qXbldGCvWVtzg6E0%2BESbjvfeky9dpKlTadeTrZSWEtKvGckl%2BXHMfSHbDu81lb1Ofrd94a3UtmQIqk45A1ZiQhyfgakyeFMX0w77gPoKyI1hfIvEn5KKgzDF4tguXzfiduQyrZx6WBSh8ObQ1NjvUikDL2U5ZCfefnc3mPXcHXfsSaH4baVKiZ0v0dAmqB3D%2B8jDP7MnSL%2FVpgelgyLQN9pm2%2BsvH4Tp1VqmHosVkLFtMNhYaseSCLSywkMec1UW7zZG7MV%2F63v8DAAD%2F%2FwEAAP%2F%2Fz8Ekq3sEAAA%3D
IP
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1SSzWskRRjGq3dXUARB2YuCMogHBTPpnpnMhzkEY4wEs5tlV1FQ0PrqSZnqrqaqa3qSU3BB9jj%2BB51nkg3RRfw4u8hkYQ8BIeNBApp%2FwJMIe%2FIgMxscfS%2Fv%2B9bzHH71VH2x589JCE%2FPVq6ZHaU1nV%2BohpVXP4yixcq6Sn2%2F0m83P2k2Fiu290anWQ1fq7wj%2BZaZr4VRGEZhVFlVVsamPz8RobJ7najaCauNWjVaaKBv%2F787H8DRAKJ3Tp6DEuMrD4KrUHyENPl2Rbqt3GSvv514TXNj0ROH76dbqSlSJLMxtgHi9PDCDeNOV%2B%2FDpAdTXJjev0amxiR4eB8sPbyABOvtTzmZhkzBxNMoeiNIPYKiI3BzG0qcEoALXN9Amty9bmxBtx%2BrdKKOyZVHf0EVY3Ll96tIk2%2BWtepXbhntc2VSh35cQvVHUN0RMn%2BMfOcSVHEMnn8OJX4m84%2FWkSb7G04bKHH2SsxCxlqSzjVYuzbX4CGdoyJqzjXDqNmqx%2B0W7TSnASk1gopH0HIA6i7BuwBeBfBxAJ8FSMRZhUdR1AoFp2G7w3ldtCRrijCirTiiUdhsw%2FPJHQbIswG4HoDbXWR2F1tqAOt%2Fgtss4UQAlxP0RIlCEhSOoKAEhSIocoKiVx4I7WquvCu08yy66LWLXi%2BHJu%2Fu0QOTd2VK9rJz8uw0uD8%2B%2FgFb8qwiRb0ZRo1mvd6udQRvhbRRE5xTGYu4HkcRnCqh3CVQF2BHnT7zKzJ1%2BlQJRo%2Fh9DG4ehnUvwhaDFu1EHRz2GiH2EmPjDfVzErnIEyJLH8C%2BXawp8%2FJ81OA%2BuJvkPxk6VN2bfzn0d%2FgtkRmS3ymHhB09Z3hTVOQ%2FZumcOS7jSxXidqhk1e9ldNcXv7qXbldGCvWVtzg6E0%2BESbjvfeky9dpKlTadeTrZSWEtKvGckl%2BXHMfSHbDu81lb1Ofrd94a3UtmQIqk45A1ZiQhyfgakyeFMX0w77gPoKyI1hfIvEn5KKgzDF4tguXzfiduQyrZx6WBSh8ObQ1NjvUikDL2U5ZCfefnc3mPXcHXfsSaH4baVKiZ0v0dAmqB3D%2B8jDP7MnSL%2FVpgelgyLQN9pm2%2BsvH4Tp1VqmHosVkLFtMNhYaseSCLSywkMec1UW7zZG7MV%2F63v8DAAD%2F%2FwEAAP%2F%2Fz8Ekq3sEAAA%3D HTTP/1.1
Host: peeredgerman.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Cookie: u_pl=15424691; uid_id2=fb0bb7ea-4b82-4c0a-ad16-601673f87a96:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleced36014633829dc70a42dccaefdf3f11=[3357660]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 07 Oct 2022 05:00:38 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d5cc2295413e5a2523d4ef23840b7aa9
Strict-Transport-Security: max-age=0; includeSubdomains
peeredgerman.com/pixel/sbs?c=1
200 OK 0 B URL HTTP/1.1 peeredgerman.com/pixel/sbs?c=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: peeredgerman.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Cookie: u_pl=15424691; uid_id2=fb0bb7ea-4b82-4c0a-ad16-601673f87a96:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleced36014633829dc70a42dccaefdf3f11=[3357660]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 07 Oct 2022 05:00:38 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155495
200 OK 5.5 kB URL HTTP/2 ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155495
IP
File type HTML document text\012- HTML document, ASCII text, with very long lines (15844), with no line terminators
Hash 7725e8e949141c8ded449d86975d4c04
8cd8c314a2002cc26f821d331ab9512f52a551a2
a0c49aacf6f552bce544eb8516404f696918253cd934a6404ebeafd71f8780ae
GET /AdServer/js/user_sync.html?kdntuid=1&p=155495 HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
server: Apache
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5549
content-type: text/html; charset=UTF-8
cache-control: max-age=127791
expires: Sat, 08 Oct 2022 16:30:30 GMT
date: Fri, 07 Oct 2022 05:00:39 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&pbt=1&lsw=1
200 OK 82 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&pbt=1&lsw=1
IP
Hash 73d30886451938ec2f5bb76d61c4fce2
eb035663b1fc19e9b78c579ba396f87e7ac8a434
054e599679b15e4aef532b5ca6d051684d731fb909e40e42a203cabe25063e32
OPTIONS /sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&pbt=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://ouo.press/
Origin: https://ouo.press
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 05:00:38 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://ouo.press
server-processing-duration-in-ticks: 340578
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
ecdn.firstimpression.io/fi_client.js
200 OK 0 B URL HTTP/2 ecdn.firstimpression.io/fi_client.js
IP
GET /fi_client.js HTTP/1.1
Host: ecdn.firstimpression.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Fri, 07 Oct 2022 04:34:42 GMT
server: nginx/1.20.0
x-powered-by: PHP/8.0.14
x-xss-protection: 0
last-modified: Fri, 07 Oct 2022 04:34:42 UTC
etag: W/"67076a1d98496181c9d00d7b29f18baf"
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: fVX09L02PhaXxNMQMKJFojMj6rS4keXXkYIcHAA4XPb77wSgtLPPSQ==
age: 1552
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/css/animate.css
200 OK 0 B URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/css/animate.css
IP
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/css/animate.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 07 Oct 2022 05:00:38 GMT
content-type: text/css
last-modified: Fri, 21 May 2021 10:10:46 GMT
etag: W/"60a78726-13591"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 5597723
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h%2FA3b4AW%2BP1kaPR8jIYNeLa6r857dwHKYuu1vwkWkvibsAhnxZtBB8%2BuIOMlHazug0IaiUoVr0EbYF3EITso7k9VOFS9vJyqsE5R91LQvX0GRWB%2FkPz74GKda21%2FpBtfBxY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 756413029cea754d-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/js/jquery.min.js
200 OK 0 B URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/js/jquery.min.js
IP
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/js/jquery.min.js HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 05:00:38 GMT
content-type: application/javascript
last-modified: Fri, 21 May 2021 10:10:50 GMT
etag: W/"60a7872a-15d94"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 5597761
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FeT0lVI8sLtYBVSDNRAliZW1zrFa8YvklM%2FdPac7ez5KrUZ3R1sPUmeoHFnPcS9owyc6nE5t4DQXX4fjnUcT5sPLmiwULM%2F2xNsazGncPLkPjZiqDqklWas8WavbsGShgss%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75641302acfe754d-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/js/script.js
200 OK 0 B URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/js/script.js
IP
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/js/script.js HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 05:00:38 GMT
content-type: application/javascript
last-modified: Fri, 21 May 2021 10:10:50 GMT
etag: W/"60a7872a-2c7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1918086
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mljy0n45SkpyW5rAZz3lrG1ZcJ4eMfoFoThy0X7xiQ%2BbNNRCD%2F7tDNyr%2Boa2kQR0x1oJWeska2dMnI7TBRhQFuOrrynMIwKekeJuVmEWJyUHdW4DwS1sQqZ3LWm0O8KKsfw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 756413032d8e754d-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&pbt=1&lsw=1
200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&pbt=1&lsw=1
IP
GET /sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&pbt=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 05:00:38 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://ouo.press
server-processing-duration-in-ticks: 861873
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
ouo.press/FzXjX0
200 OK 0 B IP
GET /FzXjX0 HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Fri, 07 Oct 2022 05:00:34 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
set-cookie: ouoio_session=eyJpdiI6Im1ET1RZa05MRFhYMXlmYXZEN1BYdnRXWGRoU3lBWXdmOUo3MVFtSHJicmM9IiwidmFsdWUiOiJuUUxYa1phd3JIZ2gwbGc5alN6dERSQThhWEdIak1pS0YxYVlydkUweW9TV3hZdWVSVm9zek1wSUFpSVpsTHYrdzIzQ2FUN3YyWGNpd29CMWIyV0diZz09IiwibWFjIjoiZGUwYTY3OTBkY2QwM2Y0OWY5ZmEzMDMzMTQ4ZTE3YzAwZTI2ZTBjYTEwNDAzOGUwMzU1MjcxOGNiOTFhY2UyNyJ9; path=/; httponly
language=eyJpdiI6InpWMnpWSm1ZcFJFM3Vna3BzNXlKMkY0TDFOZVpxN3hIcmNtN3JWQk11aFU9IiwidmFsdWUiOiJ0RmFRaDZoRWdQSU9FeXhoRmVaZ0VxSERiZnJ5d3NhdXUxOVdcL3NOVHdlTT0iLCJtYWMiOiJlYmJlZTE5YmMzMGRhMzIxNmZkM2MzMWMwMDdkMWM3Y2U4MmRhYzZhZGMzNGQwY2VmZjZhZTA3Y2YyNzg3ZGQzIn0%3D; expires=Wed, 06-Oct-2027 05:00:34 GMT; Max-Age=157680000; path=/; httponly
3e3fa9243d3ce630fa1ac4d3377a492fb069d836=eyJpdiI6ImwxMklsYmpxTStidUFWaTFseER5Z3YyR3dLcld3WWlCYlY0XC9Xd2h6R1JnPSIsInZhbHVlIjoiT0U2TEhMYWlDR2RyMGtFR2hEdGltRFpvYSttUHNcL1BVVWgzSjhINnBaQk5HQXB4d2tqUVdlQmV4NnNjamM3N3hJazR2eDlueVVjR1JwY29jOFdyZk1zVzBiTkdXZmFRS1k3RXM1dkd4SHFOb09IVnd2aHRWcE9qc09iaWFlVittUFFkZGF3UlNSMWhMTDZrZVhaeTRSRFNFa2lKV1BJVUNcL2FcL0JyajZFOE5QN2dTdVFJNDdPVGFha3ZsSGpWQklodUs1cmhydGJYdm51Rjh5ejVrcDk0OHFUS1hcL1wvQUNFYXNSZ2RtRHJvZVFRSjFcL0pHbkFkamlzRFh3UDFUR2M3QlArcktEUXVLUGM2WnhUSDRpbEVCT3N4N1htNmQzYUZjMFZuQjdKZnlhZlBnZUpRaUJaUXd4Vzc5dkhqNGlyVWppTUJDdGNPK1R3OTlcL3BFSXhOMG1ya2ZUWVY4ZGJJSENudkRkT2hMY0FiUlM1emhsRVl1N2NrZHAxZnlqNzlVUCIsIm1hYyI6IjY0ZWUwYWY5MjBlNWJkNGE1MTcwZWVkOGFiYzE4ODJjZjY5MTFkODEzYTYyODE2NGM1ZGUzNzg1MjY3YTQ2ZjgifQ%3D%3D; expires=Fri, 07-Oct-2022 07:00:34 GMT; Max-Age=7200; path=/; httponly
__cf_bm=vVldOULf6k_DMe6E2OXvE51Q.IkM1m9uz9ArEhwOQyo-1665118834-0-AYQvcmZ/RySxMtdBSnU2HLIt2SUHN1uyoOSzVW9mEzeSEL9QYrspc5M16pX7E1ZnzNL3rFni4QZ75TUlLnuNfIw=; path=/; expires=Fri, 07-Oct-22 05:30:34 GMT; domain=.ouo.press; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 756412ea38fdb511-OSL
content-encoding: br
X-Firefox-Spdy: h2
ouo.press/css/bootstrap.css
200 OK 0 B URL HTTP/2 ouo.press/css/bootstrap.css
IP
GET /css/bootstrap.css HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/FzXjX0
Cookie: ouoio_session=eyJpdiI6Im1ET1RZa05MRFhYMXlmYXZEN1BYdnRXWGRoU3lBWXdmOUo3MVFtSHJicmM9IiwidmFsdWUiOiJuUUxYa1phd3JIZ2gwbGc5alN6dERSQThhWEdIak1pS0YxYVlydkUweW9TV3hZdWVSVm9zek1wSUFpSVpsTHYrdzIzQ2FUN3YyWGNpd29CMWIyV0diZz09IiwibWFjIjoiZGUwYTY3OTBkY2QwM2Y0OWY5ZmEzMDMzMTQ4ZTE3YzAwZTI2ZTBjYTEwNDAzOGUwMzU1MjcxOGNiOTFhY2UyNyJ9; language=eyJpdiI6InpWMnpWSm1ZcFJFM3Vna3BzNXlKMkY0TDFOZVpxN3hIcmNtN3JWQk11aFU9IiwidmFsdWUiOiJ0RmFRaDZoRWdQSU9FeXhoRmVaZ0VxSERiZnJ5d3NhdXUxOVdcL3NOVHdlTT0iLCJtYWMiOiJlYmJlZTE5YmMzMGRhMzIxNmZkM2MzMWMwMDdkMWM3Y2U4MmRhYzZhZGMzNGQwY2VmZjZhZTA3Y2YyNzg3ZGQzIn0%3D; 3e3fa9243d3ce630fa1ac4d3377a492fb069d836=eyJpdiI6ImwxMklsYmpxTStidUFWaTFseER5Z3YyR3dLcld3WWlCYlY0XC9Xd2h6R1JnPSIsInZhbHVlIjoiT0U2TEhMYWlDR2RyMGtFR2hEdGltRFpvYSttUHNcL1BVVWgzSjhINnBaQk5HQXB4d2tqUVdlQmV4NnNjamM3N3hJazR2eDlueVVjR1JwY29jOFdyZk1zVzBiTkdXZmFRS1k3RXM1dkd4SHFOb09IVnd2aHRWcE9qc09iaWFlVittUFFkZGF3UlNSMWhMTDZrZVhaeTRSRFNFa2lKV1BJVUNcL2FcL0JyajZFOE5QN2dTdVFJNDdPVGFha3ZsSGpWQklodUs1cmhydGJYdm51Rjh5ejVrcDk0OHFUS1hcL1wvQUNFYXNSZ2RtRHJvZVFRSjFcL0pHbkFkamlzRFh3UDFUR2M3QlArcktEUXVLUGM2WnhUSDRpbEVCT3N4N1htNmQzYUZjMFZuQjdKZnlhZlBnZUpRaUJaUXd4Vzc5dkhqNGlyVWppTUJDdGNPK1R3OTlcL3BFSXhOMG1ya2ZUWVY4ZGJJSENudkRkT2hMY0FiUlM1emhsRVl1N2NrZHAxZnlqNzlVUCIsIm1hYyI6IjY0ZWUwYWY5MjBlNWJkNGE1MTcwZWVkOGFiYzE4ODJjZjY5MTFkODEzYTYyODE2NGM1ZGUzNzg1MjY3YTQ2ZjgifQ%3D%3D; __cf_bm=vVldOULf6k_DMe6E2OXvE51Q.IkM1m9uz9ArEhwOQyo-1665118834-0-AYQvcmZ/RySxMtdBSnU2HLIt2SUHN1uyoOSzVW9mEzeSEL9QYrspc5M16pX7E1ZnzNL3rFni4QZ75TUlLnuNfIw=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 05:00:34 GMT
content-type: text/css
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=109522
etag: W/"54def1fc-1abd2"
expires: Fri, 07 Oct 2022 12:08:19 GMT
last-modified: Sat, 14 Feb 2015 06:58:04 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 17535
vary: Accept-Encoding
server: cloudflare
cf-ray: 756412ed2aecb511-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.id5-sync.com/api/1.0/id5-api.js
200 OK 0 B URL HTTP/2 cdn.id5-sync.com/api/1.0/id5-api.js
IP
GET /api/1.0/id5-api.js HTTP/1.1
Host: cdn.id5-sync.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 07 Oct 2022 05:00:36 GMT
content-type: text/javascript;charset=utf-8
x-amz-id-2: xquZ6QoBGtIgECOlulfi9qoPm7v0WWNvgdo/gHYkJool7qqKRJv1p7VLfgECP96SCtmXrsRKKZg=
x-amz-request-id: NB2A206MY26ZNA92
last-modified: Thu, 22 Sep 2022 13:13:44 GMT
etag: W/"68154020ef14b5881614607902c7c21b"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600
cf-cache-status: HIT
age: 1783
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 756412fae9621c12-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
static.criteo.net/js/ld/publishertag.prebid.js
200 OK 0 B URL HTTP/2 static.criteo.net/js/ld/publishertag.prebid.js
IP
GET /js/ld/publishertag.prebid.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 07 Oct 2022 05:00:37 GMT
content-type: text/javascript
last-modified: Sat, 01 Oct 2022 02:55:29 GMT
etag: W/"6337ac21-161a8"
expires: Sat, 08 Oct 2022 05:00:37 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ouo.press/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
200 OK 0 B URL HTTP/2 ouo.press/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/FzXjX0
Cookie: ouoio_session=eyJpdiI6Im1ET1RZa05MRFhYMXlmYXZEN1BYdnRXWGRoU3lBWXdmOUo3MVFtSHJicmM9IiwidmFsdWUiOiJuUUxYa1phd3JIZ2gwbGc5alN6dERSQThhWEdIak1pS0YxYVlydkUweW9TV3hZdWVSVm9zek1wSUFpSVpsTHYrdzIzQ2FUN3YyWGNpd29CMWIyV0diZz09IiwibWFjIjoiZGUwYTY3OTBkY2QwM2Y0OWY5ZmEzMDMzMTQ4ZTE3YzAwZTI2ZTBjYTEwNDAzOGUwMzU1MjcxOGNiOTFhY2UyNyJ9; language=eyJpdiI6InpWMnpWSm1ZcFJFM3Vna3BzNXlKMkY0TDFOZVpxN3hIcmNtN3JWQk11aFU9IiwidmFsdWUiOiJ0RmFRaDZoRWdQSU9FeXhoRmVaZ0VxSERiZnJ5d3NhdXUxOVdcL3NOVHdlTT0iLCJtYWMiOiJlYmJlZTE5YmMzMGRhMzIxNmZkM2MzMWMwMDdkMWM3Y2U4MmRhYzZhZGMzNGQwY2VmZjZhZTA3Y2YyNzg3ZGQzIn0%3D; 3e3fa9243d3ce630fa1ac4d3377a492fb069d836=eyJpdiI6ImwxMklsYmpxTStidUFWaTFseER5Z3YyR3dLcld3WWlCYlY0XC9Xd2h6R1JnPSIsInZhbHVlIjoiT0U2TEhMYWlDR2RyMGtFR2hEdGltRFpvYSttUHNcL1BVVWgzSjhINnBaQk5HQXB4d2tqUVdlQmV4NnNjamM3N3hJazR2eDlueVVjR1JwY29jOFdyZk1zVzBiTkdXZmFRS1k3RXM1dkd4SHFOb09IVnd2aHRWcE9qc09iaWFlVittUFFkZGF3UlNSMWhMTDZrZVhaeTRSRFNFa2lKV1BJVUNcL2FcL0JyajZFOE5QN2dTdVFJNDdPVGFha3ZsSGpWQklodUs1cmhydGJYdm51Rjh5ejVrcDk0OHFUS1hcL1wvQUNFYXNSZ2RtRHJvZVFRSjFcL0pHbkFkamlzRFh3UDFUR2M3QlArcktEUXVLUGM2WnhUSDRpbEVCT3N4N1htNmQzYUZjMFZuQjdKZnlhZlBnZUpRaUJaUXd4Vzc5dkhqNGlyVWppTUJDdGNPK1R3OTlcL3BFSXhOMG1ya2ZUWVY4ZGJJSENudkRkT2hMY0FiUlM1emhsRVl1N2NrZHAxZnlqNzlVUCIsIm1hYyI6IjY0ZWUwYWY5MjBlNWJkNGE1MTcwZWVkOGFiYzE4ODJjZjY5MTFkODEzYTYyODE2NGM1ZGUzNzg1MjY3YTQ2ZjgifQ%3D%3D; __cf_bm=vVldOULf6k_DMe6E2OXvE51Q.IkM1m9uz9ArEhwOQyo-1665118834-0-AYQvcmZ/RySxMtdBSnU2HLIt2SUHN1uyoOSzVW9mEzeSEL9QYrspc5M16pX7E1ZnzNL3rFni4QZ75TUlLnuNfIw=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 05:00:34 GMT
content-type: application/javascript
last-modified: Tue, 04 Oct 2022 15:38:08 GMT
etag: W/"633c5360-4d7"
vary: Accept-Encoding
server: cloudflare
cf-ray: 756412ed2af8b511-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Sun, 09 Oct 2022 05:00:34 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2
ecdn.firstimpression.io/static/js/prebidamp.js
200 OK 0 B URL HTTP/2 ecdn.firstimpression.io/static/js/prebidamp.js
IP
GET /static/js/prebidamp.js HTTP/1.1
Host: ecdn.firstimpression.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
server: nginx/1.20.0
last-modified: Tue, 14 Dec 2021 15:30:51 GMT
access-control-allow-origin: *
content-encoding: gzip
date: Fri, 07 Oct 2022 04:55:50 GMT
expires: Fri, 07 Oct 2022 05:55:48 GMT
cache-control: max-age=3600
etag: W/"61b8b8ab-4e128"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 6ry-4RPMxnb9iA5Df6tZj_q4jLwfie-0JO18jUowWZ00IAFvoYojpQ==
age: 288
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/css/style.css
200 OK 0 B URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/css/style.css
IP
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/css/style.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 07 Oct 2022 05:00:38 GMT
content-type: text/css
last-modified: Mon, 31 Jan 2022 14:46:40 GMT
etag: W/"61f7f650-2516"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 5597723
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1TxqWo46ddCY2qT9l4v%2F70zL2vzniN1SA14dvaWqSgnKzyzBakcwy6YZgVJpbBHpiGJ6%2FsPCM9DTOCPBsco45Xn6OUCErYjPHy5W730IrBkaV645RAMY6%2BBCR%2FSEEcGvo5Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75641302acf6754d-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
simage4.pubmatic.com/AdServer/SPug?o=1&p=155495&sc=1&u=6EB86E61-34A4-41E8-85C2-D817A200EEB4&rs=3&gdpr=0&gdpr_consent=&us_privacy=
200 OK 0 B URL HTTP/2 simage4.pubmatic.com/AdServer/SPug?o=1&p=155495&sc=1&u=6EB86E61-34A4-41E8-85C2-D817A200EEB4&rs=3&gdpr=0&gdpr_consent=&us_privacy=
IP
GET /AdServer/SPug?o=1&p=155495&sc=1&u=6EB86E61-34A4-41E8-85C2-D817A200EEB4&rs=3&gdpr=0&gdpr_consent=&us_privacy= HTTP/1.1
Host: simage4.pubmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
date: Fri, 07 Oct 2022 05:00:39 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1
200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1
IP
OPTIONS /sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://ouo.press/
Origin: https://ouo.press
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 07 Oct 2022 05:00:35 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://ouo.press
server-processing-duration-in-ticks: 461147
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1
200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1
IP
GET /sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 05:00:35 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://ouo.press
server-processing-duration-in-ticks: 1253634
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
cdn.yourwebbars.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/index.html
200 OK 0 B URL HTTP/2 cdn.yourwebbars.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/index.html
IP
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/index.html HTTP/1.1
Host: cdn.yourwebbars.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 07 Oct 2022 05:00:38 GMT
content-type: text/html
last-modified: Tue, 01 Feb 2022 13:22:32 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1868772
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v6XuQmRDQWI0RH88v8l8pVS9%2BqvT0kzBQjasUmriTZFflceaWIWTG6lSF9yXqfrMmJY5epzagIcgZG6ET%2FaEo02VLMHLk5biX8X0%2BBmJIvqbeul9UMayoGwjMMhSs4NUId1tRTE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75641301cf23b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.firstimpression.io/delivery/lg.php?bannerid=65637%7C65638%7C65639%7C83411%7C93863%7C100721&campaignid=18%7C15%7C9%7C44%7C43%7C22&zoneid=110459%7C110459%7C110459%7C110459%7C110459%7C110459
200 OK 0 B URL HTTP/2 cdn.firstimpression.io/delivery/lg.php?bannerid=65637%7C65638%7C65639%7C83411%7C93863%7C100721&campaignid=18%7C15%7C9%7C44%7C43%7C22&zoneid=110459%7C110459%7C110459%7C110459%7C110459%7C110459
IP
POST /delivery/lg.php?bannerid=65637%7C65638%7C65639%7C83411%7C93863%7C100721&campaignid=18%7C15%7C9%7C44%7C43%7C22&zoneid=110459%7C110459%7C110459%7C110459%7C110459%7C110459 HTTP/1.1
Host: cdn.firstimpression.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Cookie: OAID=GDPR
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
date: Fri, 07 Oct 2022 05:00:36 GMT
server: nginx/1.20.0
vary: Accept-Encoding
x-powered-by: PHP/8.0.14
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
expires: 0
access-control-allow-origin: https://ouo.press
p3p: CP="CUR ADM OUR NOR STA NID"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Csl4Nni0vAXNmdMY29qT1J7FuAPvrRIz6zT1z9C2V0olwu9qmaZBmg==
X-Firefox-Spdy: h2
ag.gbc.criteo.com/newidsd
200 OK 0 B URL HTTP/2 ag.gbc.criteo.com/newidsd
IP
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Fri, 07 Oct 2022 05:00:36 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 92184
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
104.22.22.162
44.236.232.139
52.212.137.183
104.18.21.226
178.250.2.130
37.252.172.250
23.38.201.81
213.19.147.42
172.255.6.227
151.101.85.229