ouo.io/4srK5m
172.67.6.151301 Moved Permanently 0 B IP 172.67.6.151:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /4srK5m HTTP/1.1
Host: ouo.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 14 Nov 2022 00:06:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 14 Nov 2022 01:06:06 GMT
Location: https://ouo.io/4srK5m
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 769b7fd59e501c16-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3d0727e32cd103ddd4b73f28c81758aa
197a7bf43d63723fc532c23c6dced68d5cc36652
d3f75d03561d6a47d19370292e821a86e58381466f0c69386a21175de55882ff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D3F75D03561D6A47D19370292E821A86E58381466F0C69386A21175DE55882FF"
Last-Modified: Fri, 11 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11449
Expires: Mon, 14 Nov 2022 03:16:56 GMT
Date: Mon, 14 Nov 2022 00:06:07 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b1e969be0f3201087da138cbc8b89f10
d0a27f525f2b242b5dafa157f126c2ba880c8809
f7e5f39372b5adcc30c27e727eee1b19e6d13ed1b54fa1ad67235dc8ee08ac51
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3326
Cache-Control: max-age=127240
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 00:06:07 GMT
Etag: "6370c779-1d7"
Expires: Tue, 15 Nov 2022 11:26:47 GMT
Last-Modified: Sun, 13 Nov 2022 10:31:21 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8c15cef160d1514fc977ed4c4e97086c
ffe4ce3199658a1fc7a45d1607df40ef3911621d
db1a82d8a2bacc0257b87efec0c365c1b769700fa27ce928321e082505f1d72a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DB1A82D8A2BACC0257B87EFEC0C365C1B769700FA27CE928321E082505F1D72A"
Last-Modified: Sun, 13 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13442
Expires: Mon, 14 Nov 2022 03:50:09 GMT
Date: Mon, 14 Nov 2022 00:06:07 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 11813671b0c5751515ac041dd9b50f5b
21dd2b9fe91db66634e251f6881dacad152646a5
210bad1394c0fca0ed507c67d9a1fc9eaffcfd1c2561306a053d6204186dc1a9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2813
Cache-Control: max-age=165555
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 00:06:07 GMT
Etag: "63715f25-117"
Expires: Tue, 15 Nov 2022 22:05:22 GMT
Last-Modified: Sun, 13 Nov 2022 21:18:29 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4736bac84ca28f2b1e961159fb4ea098
1319612979f53896fcfeacd4215c2715d4951e4c
5e81213e111ddf68c7f884f72b4e06fc4dc95eb902c3cf0762236b2418840dba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 13 Nov 2022 23:44:28 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1299
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: r5HJbxX60nc5awfTwYIQJl+jkyNkc18mrAoQGVNbX2D3xL0h0RonJMvhmNjVvJzl06i5gAo0YRU=
x-amz-request-id: S6HMGPRYEG98D9H4
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 13 Nov 2022 23:13:37 GMT
age: 3150
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 14 Nov 2022 00:06:07 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 47d760ed72aebba8f662dde2ea45a6e6
e5c4ed14bd6a0620a8fe464e3308f1cccd38e20f
a3c3abe02d90a5b25cfad514ba3bdb9e85e81a1af3510f203435b09c390aa74b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3468
Cache-Control: max-age=154692
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 00:06:07 GMT
Etag: "63713227-117"
Expires: Tue, 15 Nov 2022 19:04:19 GMT
Last-Modified: Sun, 13 Nov 2022 18:06:31 GMT
Server: ECS (amb/6BC2)
X-Cache: HIT
Content-Length: 279
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Cache-Control, Pragma, Retry-After, ETag, Alert, Expires, Backoff, Content-Type, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 13 Nov 2022 23:44:48 GMT
cache-control: public,max-age=3600
age: 1279
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0a9a357f652868f9317812b8103ba15d
95a90c7a07b591dce7f39c6f9ab27974d1a1ed2a
16fd52c7ee6806455e724f30af8d58630a141a8a3823c48c20b5da3a71f066da
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2209
Cache-Control: max-age=121054
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 00:06:07 GMT
Etag: "6370b3ac-1d7"
Expires: Tue, 15 Nov 2022 09:43:41 GMT
Last-Modified: Sun, 13 Nov 2022 09:06:52 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
ouo.press/images/world.png
104.22.59.251200 OK 5.7 kB URL HTTP/2 ouo.press/images/world.png
IP 104.22.59.251:0
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 4eea420a8830a6d695114427bf52b556
35579e7f1a656beb3a07a7093166ff37c634bade
70f03c74cc197cf154af36fa552a448d9ffebb55081c96e55ef4cf469123fe22
GET /images/world.png HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/4srK5m
Cookie: ouoio_session=eyJpdiI6IlpFQWJ0STh5eHJcLzlvQlFnQTI2TjRNRnRHUjA1NkZONU1JQ1R4eWtmM25RPSIsInZhbHVlIjoiYThyMElleVZlOTRpZzJzdlJ1WnN0RmtUeDN5UHRvZ2VLWENnQ3hDV3BWSmlsXC9VTDR2cXJnXC9zQW9ES2N3VnVMV1RqQ1wvS3o4ZHJhSXdaUnJXOGhYaFE9PSIsIm1hYyI6ImY4NGZmN2JjN2U4YTAwNzBkMzgzYTU3NGNjNDk4M2E3OGIyYzhhMjhkZGUxZjYzMDFmZGViOTEyNTllZjY0NmEifQ%3D%3D; language=eyJpdiI6IkpzUG5HRDV4aDhYTkhGQnIrbjUwcmJybWVaa2tDUW1ZdVBEQXdQWTEwMEk9IiwidmFsdWUiOiJBWmwyaVBPaFZhdzdZcExRZ0F4MDg1MitqdkV4RWtmc0JvV09hNjRVclI0PSIsIm1hYyI6IjA4N2Y5MDM4ZjYyODY4MGIxYTA0YmMzNTM2ODc1ZWQ1YmQxOTBmNGEyZDVlYzYyZDA5MTY0YjZiMDRkOTVkYTUifQ%3D%3D; 5ba8b62927e00b8057a297eec9e7a05be63bb59b=eyJpdiI6InNGTW5ud05lZ0lMNVk5NmxGQ08xdlZGWlBNcHBMU05LbDY0K2pJNks0bU09IiwidmFsdWUiOiJkQTdOSVI5VEZjTlVlNEdRbk11WVg4R3I4OFhYUXdvQnV2MW9MVk9uSTFIMGQ3cUZSZ21PMFByazRwdU83cnJnN2tIVlh2cWtzUkNwSXVnYzVXUTB5dkQrbXNiUStiWW9HQ3pkOTN2Mkl1WXJyZ2lYcWhXQWRaUHVKaDcxUXZ3UlY2dW9YVXVXTytBQ0sySVwvOG9ycjlMbStaNW5BY0ZyMkJ0S2pPOTNVQUlXYVBwY2VHZDdhU1hrUVwvYVU1MGJQZllkNVo1M2Jzb2swQzVxV2dacjhJcTdIc0RYRzNHZCttcGRxeE5TUVlkSzRFSlh6dTBycGdFMDZkdEZGRmlsRW9nd0o5QlwvNktmbFdPTDh1SndzSldzNnpYa3MybTBTeHk0WGdyZWIydnA5VFF1dG1ZMDRhQmJZZ3R6Zzh6ZU5BSFwvSnBcL3Q2UnFieHJySlJ5eXkyUFFoQzFOa0JMN3hENTlHRVVxMkVobzhpZDlkYVAwTVFPR0w0dEdWN2VDQ0NVZyIsIm1hYyI6ImUzMWEwYTQ0MzZmZDc0NmU2YjA5OThiODg1ODg5YWJjNjhkZmFkYmYzZmVhZTVmYjAyZTFlMWEzN2MyOTZlNTIifQ%3D%3D; __cf_bm=e1BY1z4aiEZdm_u9__P1nDDQDy8AEL5BFH7CW1vKFE4-1668384367-0-AUR87nU8Kskw6novGgqPTgTsyB0n0c/IrP0EgCWNpxhmOI6amoPUFJVDzJdQd+9lcGjcd+GIJRyI2epm6iLdcmk=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 14 Nov 2022 00:06:08 GMT
content-type: image/png
content-length: 5692
cache-control: max-age=2592000
cf-bgj: imgq:85,h2pri
cf-polished: status=not_needed
etag: "5549a07c-163c"
expires: Sat, 03 Dec 2022 22:33:44 GMT
last-modified: Wed, 06 May 2015 05:02:52 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 869544
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 769b7fdc7bff0b3d-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash bc49d7a510846ce4c52fc2bcf19c591c
42189d9ddeba55c15da20ab02c8ccad4a8ad7ae2
86ce259086857d53f246aa21f8cb5dc2be85435601b687f727d3a5a2e38ec406
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 00:06:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 4722898b2ecfc3336bffd81595076234
57898d7d4fe7954d73d16f9e7494ccd82b8da3a7
48e019f35cf17215eb663c8c1d23613cb493811ccc8e75d0c0f5a366fa2a1789
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2953
Cache-Control: max-age=95524
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 00:06:08 GMT
Etag: "63704d0b-117"
Expires: Tue, 15 Nov 2022 02:38:12 GMT
Last-Modified: Sun, 13 Nov 2022 01:48:59 GMT
Server: ECS (amb/6BC2)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash a635b6112e22763022c9bce0e9141fae
13ba9e635ad5bf7bb57c39a154eec28c4b326801
4b22d01fc2179a0a13fd70d7e80b98f0b865397af369c2dc03678b072b7f7e90
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 00:06:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?render=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x
142.250.74.164200 OK 585 B URL HTTP/2 www.google.com/recaptcha/api.js?render=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x
IP 142.250.74.164:0
File type ASCII text, with very long lines (884), with no line terminators
Hash d36fbadc19583158e0e17f2600407814
e99295beaa7c52e0b1f42759c67b40aebe4bab10
dbf530370a0136951085663be32f33ad5e3a01e1a2883eebbd518fbee9816f50
GET /recaptcha/api.js?render=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Mon, 14 Nov 2022 00:06:08 GMT
date: Mon, 14 Nov 2022 00:06:08 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 585
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.adtrue.com/rtb/async.js
104.21.81.154200 OK 2.9 kB URL HTTP/2 cdn.adtrue.com/rtb/async.js
IP 104.21.81.154:0
File type HTML document, ASCII text, with very long lines (7327), with no line terminators
Hash bcd0a7775f7857f298253e6c78d474ff
1387db80dce5acd842a2de58c797312d288e1f24
f8a18b94aef42c6a5273f30a66d7560f49614b872665d95d5763db353167816c
GET /rtb/async.js HTTP/1.1
Host: cdn.adtrue.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 14 Nov 2022 00:06:08 GMT
content-type: application/javascript
last-modified: Mon, 16 Nov 2020 01:20:45 GMT
etag: W/"5fb1d3ed-1c9f"
expires: Sun, 24 Sep 2023 03:46:20 GMT
cache-control: max-age=31104000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3961188
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s10BYaavYvxbpzrVb%2F0vhKs91YzsYgkuhg3Z6tN0aWQgNBFifs0GdagivvPfluxv%2BvQ75Z2Vl2cM31UgLm%2BkLBPaWuVsZBUwiAQyUt9dHLinxAb0h2XZp%2B4y8b6STXrHyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 769b7fdcaa6f0b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 344468c9e972a7081d46df64e7aa54fb
379416c4dde4055bb0a7eeb4f791eb24f64023ed
8fc87491c7123547d40904b193d58aabdddb4746e268e3569ad9b9e4b52cc029
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8FC87491C7123547D40904B193D58AABDDDB4746E268E3569AD9B9E4B52CC029"
Last-Modified: Sun, 13 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6778
Expires: Mon, 14 Nov 2022 01:59:06 GMT
Date: Mon, 14 Nov 2022 00:06:08 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash bc49d7a510846ce4c52fc2bcf19c591c
42189d9ddeba55c15da20ab02c8ccad4a8ad7ae2
86ce259086857d53f246aa21f8cb5dc2be85435601b687f727d3a5a2e38ec406
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 00:06:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 8407d0e10edccb49f0046879825b7141
c9c4dcfc9e674053ed246cc99500d4dd10065bce
9e41f526c12734040e62aac8d4b8b093f60977d9b00feb10e81f78db19de8c26
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 00:06:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
54.191.222.112101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.191.222.112:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 0ReaaARAlnw4wF9fsSIrlw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: o6yLF1plX7WhTSMwcShiMPPkIXQ=
tv.gourdycortes.com/1clkn/16562
142.91.159.136200 OK 26 B URL HTTP/1.1 tv.gourdycortes.com/1clkn/16562
IP 142.91.159.136:0
File type ASCII text, with no line terminators
Hash 414a242a6fee8464282857e475d3ef61
f669890350347f53aa9bd19c1a355692e8d17d2f
d4914e81dd0b4c1d8ee8e789f6b369d107b93ac886f862930e1a98580e79aafa
GET /1clkn/16562 HTTP/1.1
Host: tv.gourdycortes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 14 Nov 2022 00:06:08 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Set-Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; expires=Tue, 15-Nov-2022 00:06:08 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJxNjM0KgkAYRW0qSwrjQg%2FQC2T%2Fi7bVMnThAwxmXzFg84kz%2FdjTpwbR5nI4cK7jOGLsQ6gcw%2B0i2M6D9TJYbNZoX4khwgjDlO%2FaFqXUyY3ghlw8kxJuQVfFGmK%2BwuDLMuUzoRtG0z%2FXRIPIZDzZ1z8lOqmqt1bwav52vaprXFuZHP4uU69JzNndVi8GniYrTU50hrdPThnNDvER%2Fs82H24LfWVkXvCrrHhk1Y3erEny5WLIVqr1cMUHDLFHVQ%3D%3D; expires=Tue, 15-Nov-2022 00:06:08 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
ecdn.analysis.fi/static/js/fab.js
13.224.222.76200 OK 4.2 kB URL HTTP/2 ecdn.analysis.fi/static/js/fab.js
IP 13.224.222.76:0
File type ASCII text, with very long lines (574)
Hash 28a0bef1ecb63168106f97b637ab3414
e577575dd115f6a95aea8c2ae87d2c30c8464728
d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6
GET /static/js/fab.js HTTP/1.1
Host: ecdn.analysis.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 4240
server: nginx/1.20.0
last-modified: Tue, 14 Dec 2021 15:30:51 GMT
access-control-allow-origin: *
accept-ranges: bytes
date: Mon, 14 Nov 2022 00:03:25 GMT
expires: Mon, 14 Nov 2022 01:03:25 GMT
cache-control: max-age=3600
etag: "61b8b8ab-1090"
x-cache: Hit from cloudfront
via: 1.1 6b08baae6d8fdc124eeea9f6d807fa9a.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
x-amz-cf-id: jIdLHX4WgWbzUUqVnS3ZkLAoa7tL6HVl2A5JqVx74D33tdV80FlKdA==
age: 163
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9da45a2226c918d8943d03e55f0c267c
93c5dc7c634f55135bef8ba586ff97f06bbb6b25
3ea31de73e4587903b8d8fe9d7a318e5497e6838a8c0dd6db12265661e76d63e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3EA31DE73E4587903B8D8FE9D7A318E5497E6838A8C0DD6DB12265661E76D63E"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1606
Expires: Mon, 14 Nov 2022 00:32:54 GMT
Date: Mon, 14 Nov 2022 00:06:08 GMT
Connection: keep-alive
itineraryupper.com/ed/36/01/ed36014633829dc70a42dccaefdf3f11.js
192.243.59.13403 Forbidden 0 B URL HTTP/1.1 itineraryupper.com/ed/36/01/ed36014633829dc70a42dccaefdf3f11.js
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /ed/36/01/ed36014633829dc70a42dccaefdf3f11.js HTTP/1.1
Host: itineraryupper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 403 Forbidden
Server: nginx/1.17.6
Date: Mon, 14 Nov 2022 00:06:08 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
fonts.googleapis.com/css?family=Questrial
142.250.74.10200 OK 388 B URL HTTP/2 fonts.googleapis.com/css?family=Questrial
IP 142.250.74.10:0
Hash 6715cb5ad932a6a0f0f0850a35bd7373
88d1757dbd1a3623cb3d47ad5c8ed7d8eb3ddcf7
75b777fa1bbd77be24004ffe1f51817e02866f3aa86f5b76fffcd2ea5f5d51f6
GET /css?family=Questrial HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 14 Nov 2022 00:06:08 GMT
date: Mon, 14 Nov 2022 00:06:08 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
widgets.outbrain.com/images/widgetIcons/achoice.svg
23.38.201.81200 OK 2.7 kB URL HTTP/2 widgets.outbrain.com/images/widgetIcons/achoice.svg
IP 23.38.201.81:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2290)
Hash 9d26fa4e7238ed94f1d0d92afb453b3e
ae18efe7d09337bf2f580b3f5bc912284aad7821
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
GET /images/widgetIcons/achoice.svg HTTP/1.1
Host: widgets.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/svg+xml
etag: "9d26fa4e7238ed94f1d0d92afb453b3e:1662969032.874716"
last-modified: Mon, 12 Sep 2022 07:37:47 GMT
server: AkamaiNetStorage
content-length: 2735
cache-control: max-age=2592000
expires: Wed, 14 Dec 2022 00:06:08 GMT
date: Mon, 14 Nov 2022 00:06:08 GMT
timing-allow-origin: *, *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 35ad471bf7f157abedbe322e59bb00ae
6f8c57f1c20377b6a1f74fd06849705a6370e291
b51251f347677a52f08a4a7c0d9ff0effed121992b6dc7fa709e33c400042e63
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 00:06:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash f7d94e96a88cb28c894fe4d8d5f66fcd
93e3c0fb77100bae593efd2d0043ccb39be596bd
086478278bf7236ca0110c7a8f4960f440541def70f6439b07273dcec30f72e4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 00:06:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ecdn.firstimpression.io/fi_client.js
18.244.179.8200 OK 94 kB URL HTTP/2 ecdn.firstimpression.io/fi_client.js
IP 18.244.179.8:0
File type ASCII text, with very long lines (618)
Hash 2e762d324cfb5e3ba5abb34c586dc77b
48f20fe58810e412e4e3ccb9d056cfc8f6ac3bfc
8c155e1765f0e8c8a932db78a7726e7cb71f441ab31baf82e26d0ac775411226
GET /fi_client.js HTTP/1.1
Host: ecdn.firstimpression.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Sun, 13 Nov 2022 23:53:15 GMT
server: nginx/1.20.0
x-powered-by: PHP/8.0.14
x-xss-protection: 0
last-modified: Sun, 13 Nov 2022 23:53:15 UTC
etag: W/"5344dc196069cd485335159be5845921"
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 bbbe898c37f359830da5060db9384004.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P7
x-amz-cf-id: wphZcaxVa5dm5Z8w6TTu4YNPJbnmntEWUSRrDpDeJKZLC9M51Q2g2w==
age: 773
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 3723d23fdcd3f3d34132d56faae4428b
4bf9c6e15b8de24fc7387ce145382f9b3e9cb1c8
4bc047ec725bd4d99c9dd4fa11edc91702f722d16e53b5eef0920cb5dc7e7ca8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 00:06:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2
216.58.207.195200 OK 19 kB URL HTTP/2 fonts.gstatic.com/s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 19292, version 1.0\012- data
Hash 19007b17e56daa60133bce9e9b352a95
bac1384caeae5762e7a1d8c18037f69c8cd21bc4
fd88a03358ba14440b78c6329717bdf6ed1a9fe97c3ad4e0a0a39d31fb1ac546
GET /s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ouo.press
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19292
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Nov 2022 20:03:35 GMT
expires: Tue, 07 Nov 2023 20:03:35 GMT
cache-control: public, max-age=31536000
age: 532953
last-modified: Wed, 27 Apr 2022 16:12:54 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/recaptcha__en.js
142.250.74.163200 OK 163 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/recaptcha__en.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (668)
Size 163 kB (162590 bytes)
Hash 70dc760a0efad09d703883a39f7683b2
2bc70f2a100ff27d27a89d563dfe279590c8336b
2bc59eab94309c59fba62afa40dfd841fb83760714e9ec7248ce3e10ae05fd19
GET /recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162590
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 13 Nov 2022 09:37:41 GMT
expires: Mon, 13 Nov 2023 09:37:41 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 07 Nov 2022 23:32:29 GMT
content-type: text/javascript
age: 52107
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 3723d23fdcd3f3d34132d56faae4428b
4bf9c6e15b8de24fc7387ce145382f9b3e9cb1c8
4bc047ec725bd4d99c9dd4fa11edc91702f722d16e53b5eef0920cb5dc7e7ca8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 00:06:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash c032f30e41c8a71a7610a7be9f7b6255
01daaa4dbbb0e2d2402e4796c37843f01464c813
bcefb7ad2179e9704c340d8cefc2de63aac8e9e35c10433090127cd7e323bb7c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 00:06:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 3723d23fdcd3f3d34132d56faae4428b
4bf9c6e15b8de24fc7387ce145382f9b3e9cb1c8
4bc047ec725bd4d99c9dd4fa11edc91702f722d16e53b5eef0920cb5dc7e7ca8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 00:06:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
hhklc.com/c.js
172.67.223.102200 OK 83 kB IP 172.67.223.102:0
File type ASCII text, with very long lines (8728), with no line terminators
Hash 3db7a42e41b40697933a266d07bff1ea
99ee231ec5e5bc6f4a353a2097c82c7def7f3644
a57eca38a0f1ee78c1c7fb1116a8b143f67e53498872cf9f1636187f5e999104
GET /c.js HTTP/1.1
Host: hhklc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 14 Nov 2022 00:06:08 GMT
content-type: application/javascript
last-modified: Fri, 11 Nov 2022 16:10:23 GMT
etag: W/"636e73ef-2218"
server-asp-net: Asp Net
expires: Mon, 14 Nov 2022 00:09:22 GMT
cache-control: public, max-age=14400
cf-cache-status: HIT
age: 2505
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bGVb9GP3PNbKBtzI%2FpNoV3URhg4gsM%2FGvxi6MLtOSbHAVJhoztJeePbtbnJqTSlw0zTAeRoDbV34i5rdl2DWeKDvnf1yZrJJofcybbqf3CRbyV5rrUZFZ2vqb%2BU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 769b7fdcccbdb523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash d6dcd32d23f1840e1ed591b30b098bb6
98defcbcd3ae6d45e12b7ed0a55d7d32da675289
f7a78d0502af553972a836a0deb4a0239a3506fcf962f23f58c73fbb84c2313b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 00:06:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ouo.press/4srK5m
104.22.59.251200 OK 69 kB IP 104.22.59.251:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1938)
Hash 7f8991927ca5905c97501d4cbf46ccd5
aa1281a1d30aa2bef10bc0700c5a338ed67250fc
c279652b3e0836048d1a911bfb0f57a61a964e0e45eb2a7dc2fde8cf9b7f1d80
GET /4srK5m HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Mon, 14 Nov 2022 00:06:07 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
set-cookie: ouoio_session=eyJpdiI6IlpFQWJ0STh5eHJcLzlvQlFnQTI2TjRNRnRHUjA1NkZONU1JQ1R4eWtmM25RPSIsInZhbHVlIjoiYThyMElleVZlOTRpZzJzdlJ1WnN0RmtUeDN5UHRvZ2VLWENnQ3hDV3BWSmlsXC9VTDR2cXJnXC9zQW9ES2N3VnVMV1RqQ1wvS3o4ZHJhSXdaUnJXOGhYaFE9PSIsIm1hYyI6ImY4NGZmN2JjN2U4YTAwNzBkMzgzYTU3NGNjNDk4M2E3OGIyYzhhMjhkZGUxZjYzMDFmZGViOTEyNTllZjY0NmEifQ%3D%3D; path=/; httponly
language=eyJpdiI6IkpzUG5HRDV4aDhYTkhGQnIrbjUwcmJybWVaa2tDUW1ZdVBEQXdQWTEwMEk9IiwidmFsdWUiOiJBWmwyaVBPaFZhdzdZcExRZ0F4MDg1MitqdkV4RWtmc0JvV09hNjRVclI0PSIsIm1hYyI6IjA4N2Y5MDM4ZjYyODY4MGIxYTA0YmMzNTM2ODc1ZWQ1YmQxOTBmNGEyZDVlYzYyZDA5MTY0YjZiMDRkOTVkYTUifQ%3D%3D; expires=Sat, 13-Nov-2027 00:06:07 GMT; Max-Age=157680000; path=/; httponly
5ba8b62927e00b8057a297eec9e7a05be63bb59b=eyJpdiI6InNGTW5ud05lZ0lMNVk5NmxGQ08xdlZGWlBNcHBMU05LbDY0K2pJNks0bU09IiwidmFsdWUiOiJkQTdOSVI5VEZjTlVlNEdRbk11WVg4R3I4OFhYUXdvQnV2MW9MVk9uSTFIMGQ3cUZSZ21PMFByazRwdU83cnJnN2tIVlh2cWtzUkNwSXVnYzVXUTB5dkQrbXNiUStiWW9HQ3pkOTN2Mkl1WXJyZ2lYcWhXQWRaUHVKaDcxUXZ3UlY2dW9YVXVXTytBQ0sySVwvOG9ycjlMbStaNW5BY0ZyMkJ0S2pPOTNVQUlXYVBwY2VHZDdhU1hrUVwvYVU1MGJQZllkNVo1M2Jzb2swQzVxV2dacjhJcTdIc0RYRzNHZCttcGRxeE5TUVlkSzRFSlh6dTBycGdFMDZkdEZGRmlsRW9nd0o5QlwvNktmbFdPTDh1SndzSldzNnpYa3MybTBTeHk0WGdyZWIydnA5VFF1dG1ZMDRhQmJZZ3R6Zzh6ZU5BSFwvSnBcL3Q2UnFieHJySlJ5eXkyUFFoQzFOa0JMN3hENTlHRVVxMkVobzhpZDlkYVAwTVFPR0w0dEdWN2VDQ0NVZyIsIm1hYyI6ImUzMWEwYTQ0MzZmZDc0NmU2YjA5OThiODg1ODg5YWJjNjhkZmFkYmYzZmVhZTVmYjAyZTFlMWEzN2MyOTZlNTIifQ%3D%3D; expires=Mon, 14-Nov-2022 02:06:07 GMT; Max-Age=7200; path=/; httponly
__cf_bm=e1BY1z4aiEZdm_u9__P1nDDQDy8AEL5BFH7CW1vKFE4-1668384367-0-AUR87nU8Kskw6novGgqPTgTsyB0n0c/IrP0EgCWNpxhmOI6amoPUFJVDzJdQd+9lcGjcd+GIJRyI2epm6iLdcmk=; path=/; expires=Mon, 14-Nov-22 00:36:07 GMT; domain=.ouo.press; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 769b7fd97a800b3d-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash d6dcd32d23f1840e1ed591b30b098bb6
98defcbcd3ae6d45e12b7ed0a55d7d32da675289
f7a78d0502af553972a836a0deb4a0239a3506fcf962f23f58c73fbb84c2313b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 00:06:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1aaa0d7f949c990b7600853893b1d55a
3fdc165fd25e4addb831dbf79a0c492bb4096632
d61dd04a5dfa076b16a7bf29d18c0fcad74377b8a4e757c8b6aabf8982df2da2
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2746
Cache-Control: max-age=142465
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 00:06:09 GMT
Etag: "63710538-1d7"
Expires: Tue, 15 Nov 2022 15:40:34 GMT
Last-Modified: Sun, 13 Nov 2022 14:54:48 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
fptadtrue-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fouo.press%2F4srK5m&ch=UTF-8&res=1280x1024x24&ifr=true&tz=0&tws=1280x939&be=1&bc=hb_pb_3.0.3&dddid=409653df-dcd2-44e1-9589-b978d21e1dcf&nocache=1668384367613&aus=300x250&divids=adtrue_ads_12953_sy1kko740rzo5fun1t&aucs=adtrue_ads_12953_sy1kko740rzo5fun1t&auid=558223497&aumfs=100
34.98.64.218200 OK 78 B URL HTTP/2 fptadtrue-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fouo.press%2F4srK5m&ch=UTF-8&res=1280x1024x24&ifr=true&tz=0&tws=1280x939&be=1&bc=hb_pb_3.0.3&dddid=409653df-dcd2-44e1-9589-b978d21e1dcf&nocache=1668384367613&aus=300x250&divids=adtrue_ads_12953_sy1kko740rzo5fun1t&aucs=adtrue_ads_12953_sy1kko740rzo5fun1t&auid=558223497&aumfs=100
IP 34.98.64.218:0
File type JSON data\012- , ASCII text
Hash 8dfe12505f4ed84841402fc32264884e
cb03972d44143dc6843c26f9a164cfc6c92e35d1
30252910db2adfa7e6300316b3c222662ad1613f8e7d98637428053db548ea8a
GET /w/1.0/arj?ju=https%3A%2F%2Fouo.press%2F4srK5m&ch=UTF-8&res=1280x1024x24&ifr=true&tz=0&tws=1280x939&be=1&bc=hb_pb_3.0.3&dddid=409653df-dcd2-44e1-9589-b978d21e1dcf&nocache=1668384367613&aus=300x250&divids=adtrue_ads_12953_sy1kko740rzo5fun1t&aucs=adtrue_ads_12953_sy1kko740rzo5fun1t&auid=558223497&aumfs=100 HTTP/1.1
Host: fptadtrue-d.openx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept, Accept-Encoding
server: OXGW/0.0.0
pragma: no-cache
p3p: CP="CUR ADM OUR NOR STA NID"
expires: Mon, 26 Jul 1997 05:00:00 GMT
date: Mon, 14 Nov 2022 00:06:09 GMT
content-type: application/json
content-length: 78
content-encoding: gzip
cache-control: private, max-age=0, no-cache
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash d83720271d08cfda417f8b35c6039d55
5be2b580be284e71a108b377ae35bc49bb48d90d
d2f9d19ef64f2f71f178170b4a13ecb8c73d22aa4bd926e327a0bb4367833b54
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5605
Cache-Control: max-age=131655
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 00:06:09 GMT
Etag: "6370cfd3-139"
Expires: Tue, 15 Nov 2022 12:40:24 GMT
Last-Modified: Sun, 13 Nov 2022 11:06:59 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 313
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1aaa0d7f949c990b7600853893b1d55a
3fdc165fd25e4addb831dbf79a0c492bb4096632
d61dd04a5dfa076b16a7bf29d18c0fcad74377b8a4e757c8b6aabf8982df2da2
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2764
Cache-Control: max-age=142483
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 00:06:09 GMT
Etag: "63710538-1d7"
Expires: Tue, 15 Nov 2022 15:40:52 GMT
Last-Modified: Sun, 13 Nov 2022 14:54:48 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
ouo.press/css/link-safe.css
104.22.59.251200 OK 11 kB URL HTTP/2 ouo.press/css/link-safe.css
IP 104.22.59.251:0
Hash 2f7478df405aab473f7d6cdf7e390dca
da8967f48f6b4c59b185ec2886e11afb1c0f7b92
414fc491f1f2c974c749e7502cc88094b6c322559fa69b11f91aaa3e86acf73f
GET /css/link-safe.css HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/4srK5m
Cookie: ouoio_session=eyJpdiI6IlpFQWJ0STh5eHJcLzlvQlFnQTI2TjRNRnRHUjA1NkZONU1JQ1R4eWtmM25RPSIsInZhbHVlIjoiYThyMElleVZlOTRpZzJzdlJ1WnN0RmtUeDN5UHRvZ2VLWENnQ3hDV3BWSmlsXC9VTDR2cXJnXC9zQW9ES2N3VnVMV1RqQ1wvS3o4ZHJhSXdaUnJXOGhYaFE9PSIsIm1hYyI6ImY4NGZmN2JjN2U4YTAwNzBkMzgzYTU3NGNjNDk4M2E3OGIyYzhhMjhkZGUxZjYzMDFmZGViOTEyNTllZjY0NmEifQ%3D%3D; language=eyJpdiI6IkpzUG5HRDV4aDhYTkhGQnIrbjUwcmJybWVaa2tDUW1ZdVBEQXdQWTEwMEk9IiwidmFsdWUiOiJBWmwyaVBPaFZhdzdZcExRZ0F4MDg1MitqdkV4RWtmc0JvV09hNjRVclI0PSIsIm1hYyI6IjA4N2Y5MDM4ZjYyODY4MGIxYTA0YmMzNTM2ODc1ZWQ1YmQxOTBmNGEyZDVlYzYyZDA5MTY0YjZiMDRkOTVkYTUifQ%3D%3D; 5ba8b62927e00b8057a297eec9e7a05be63bb59b=eyJpdiI6InNGTW5ud05lZ0lMNVk5NmxGQ08xdlZGWlBNcHBMU05LbDY0K2pJNks0bU09IiwidmFsdWUiOiJkQTdOSVI5VEZjTlVlNEdRbk11WVg4R3I4OFhYUXdvQnV2MW9MVk9uSTFIMGQ3cUZSZ21PMFByazRwdU83cnJnN2tIVlh2cWtzUkNwSXVnYzVXUTB5dkQrbXNiUStiWW9HQ3pkOTN2Mkl1WXJyZ2lYcWhXQWRaUHVKaDcxUXZ3UlY2dW9YVXVXTytBQ0sySVwvOG9ycjlMbStaNW5BY0ZyMkJ0S2pPOTNVQUlXYVBwY2VHZDdhU1hrUVwvYVU1MGJQZllkNVo1M2Jzb2swQzVxV2dacjhJcTdIc0RYRzNHZCttcGRxeE5TUVlkSzRFSlh6dTBycGdFMDZkdEZGRmlsRW9nd0o5QlwvNktmbFdPTDh1SndzSldzNnpYa3MybTBTeHk0WGdyZWIydnA5VFF1dG1ZMDRhQmJZZ3R6Zzh6ZU5BSFwvSnBcL3Q2UnFieHJySlJ5eXkyUFFoQzFOa0JMN3hENTlHRVVxMkVobzhpZDlkYVAwTVFPR0w0dEdWN2VDQ0NVZyIsIm1hYyI6ImUzMWEwYTQ0MzZmZDc0NmU2YjA5OThiODg1ODg5YWJjNjhkZmFkYmYzZmVhZTVmYjAyZTFlMWEzN2MyOTZlNTIifQ%3D%3D; __cf_bm=e1BY1z4aiEZdm_u9__P1nDDQDy8AEL5BFH7CW1vKFE4-1668384367-0-AUR87nU8Kskw6novGgqPTgTsyB0n0c/IrP0EgCWNpxhmOI6amoPUFJVDzJdQd+9lcGjcd+GIJRyI2epm6iLdcmk=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 14 Nov 2022 00:06:08 GMT
content-type: text/css
cache-control: max-age=86400
cf-bgj: minify
cf-polished: status=cannot_optimize
etag: W/"5d951ace-1830"
expires: Mon, 14 Nov 2022 11:27:13 GMT
last-modified: Wed, 02 Oct 2019 21:46:54 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 2335
vary: Accept-Encoding
server: cloudflare
cf-ray: 769b7fdc7bf70b3d-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.adtrue.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sun, 13 Nov 2022 22:41:09 GMT
expires: Mon, 14 Nov 2022 00:41:09 GMT
cache-control: public, max-age=7200
age: 5100
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bidder.criteo.com/cdb?profileId=207&av=34&wv=7.12.0-pre&cb=23614799015&lsavail=0
178.250.2.131204 No Content 0 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=7.12.0-pre&cb=23614799015&lsavail=0
IP 178.250.2.131:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdb?profileId=207&av=34&wv=7.12.0-pre&cb=23614799015&lsavail=0 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 404
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 14 Nov 2022 00:06:08 GMT
vary: Origin
server: Finatra
timing-allow-origin: *
access-control-allow-origin: https://ouo.press
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 929d046b7cbed155022099e982ba0592
18ff58f5b4d98748552d6604bdcba9c57eb8f412
3c70c27c11afeaea96e782a0e7b7ae9c2f3ed35c94673fcd4361cb7406b078a9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C70C27C11AFEAEA96E782A0E7B7AE9C2F3ED35C94673FCD4361CB7406B078A9"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11514
Expires: Mon, 14 Nov 2022 03:18:03 GMT
Date: Mon, 14 Nov 2022 00:06:09 GMT
Connection: keep-alive
hbopenbid.pubmatic.com/translator?source=prebid-client
185.64.190.77204 No Content 0 B URL HTTP/2 hbopenbid.pubmatic.com/translator?source=prebid-client
IP 185.64.190.77:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /translator?source=prebid-client HTTP/1.1
Host: hbopenbid.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 867
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://ouo.press
cache-control: no-cache, no-store, must-revalidate
date: Mon, 14 Nov 2022 00:06:08 GMT
X-Firefox-Spdy: h2
c.amazon-adsystem.com/aax2/apstag.js
13.249.251.38301 Moved Permanently 167 B URL HTTP/2 c.amazon-adsystem.com/aax2/apstag.js
IP 13.249.251.38:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /aax2/apstag.js HTTP/1.1
Host: c.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
content-type: text/html
content-length: 167
location: https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js?upapi=true
server: CloudFront
date: Sun, 13 Nov 2022 00:35:27 GMT
via: 1.1 01f803d1e7c713d110bffe7b82d3cb2c.cloudfront.net (CloudFront), 1.1 50ef760066390594318a8cc54c245fd2.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-pop: LHR62-C4, LHR61-P2
x-amz-cf-id: jjyDt390A-KaKPolsmFo2JKM2FDZXitLrGd4DGg8uX8hXY7APmG6WA==
age: 84642
X-Firefox-Spdy: h2
cdn.firstimpression.io/delivery/spc_fi.php?id=7419&url=%2F4srK5m&charset=UTF-8&ch=0&ref=ouo.press&viewerId=null&referer=&_firid=16626944
18.244.179.8200 OK 103 kB URL HTTP/2 cdn.firstimpression.io/delivery/spc_fi.php?id=7419&url=%2F4srK5m&charset=UTF-8&ch=0&ref=ouo.press&viewerId=null&referer=&_firid=16626944
IP 18.244.179.8:0
Size 103 kB (102575 bytes)
Hash abdef997ef1669d56e2f811eabf6e5d3
bc950b0ca2b3a0fa63bec74c50b8bc354a45ddd7
e67b9b13470d247eb7708696d363c2a713fe0f6a885c73f02a688d629d6ad956
GET /delivery/spc_fi.php?id=7419&url=%2F4srK5m&charset=UTF-8&ch=0&ref=ouo.press&viewerId=null&referer=&_firid=16626944 HTTP/1.1
Host: cdn.firstimpression.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
date: Mon, 14 Nov 2022 00:06:08 GMT
server: nginx/1.20.0
vary: Accept-Encoding
x-powered-by: PHP/8.0.14
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
expires: 0
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
p3p: CP="CUR ADM OUR NOR STA NID"
set-cookie: OAID=GDPR; expires=Tue, 14-Nov-2023 00:06:08 GMT; Max-Age=31536000; path=/; secure; SameSite=none
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 bbbe898c37f359830da5060db9384004.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P7
x-amz-cf-id: h0rJhvUmSOkAY9vu8Qrd8jJEMwC72dAWq0KWO5BvzxXzaSAVOr4DOA==
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F702f26c8-d862-4990-8495-2cead297cba5.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F702f26c8-d862-4990-8495-2cead297cba5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bfd7b84df82a13b2ea007322eab69b77
e2803d3c0c7dfe4c052b3159f2d54cc66a379d5d
c38b65bba8ec8817930831c76c09b4dd620c8f5394d87c3b60e1753a0ee0ef60
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F702f26c8-d862-4990-8495-2cead297cba5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9595
x-amzn-requestid: 4c6840b8-17b3-425e-9b9f-3a44f6a1f53f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bjybyH8hoAMFWCw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6371644b-18076898244705c50282e0c1;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 21:40:27 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 5hFnfiQW9lh7eMkBGqkHJAkMcokct21U6V7927YNiQTVLdU6Xph1lQ==
via: 1.1 f6fac6150e74e246a088cfa5c1ab6452.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 13 Nov 2022 22:28:12 GMT
age: 5877
etag: "e2803d3c0c7dfe4c052b3159f2d54cc66a379d5d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F03b751df-18d0-4e56-8d74-5d8e8d02f241.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F03b751df-18d0-4e56-8d74-5d8e8d02f241.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dfc7286992b2cebdf1ebb58f85576e61
a49a1bf9716e32979810931d04d1f84216d096c1
7c5288d4ae39202e00c7fd482faa10b5610d31edf0bba9fc69fa4fc1f422b837
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F03b751df-18d0-4e56-8d74-5d8e8d02f241.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7494
x-amzn-requestid: b07e424a-c11e-442f-8636-e0670cb6f864
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bd8heGBtoAMFYQA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636f0e09-7dcda14e5077563d726752ae;Sampled=0
x-amzn-remapped-date: Sat, 12 Nov 2022 03:07:53 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: VXu3wEUmBJjK6YiXRFYVAuZ3h-ApKkvK1miRBXpo6faKsx8OOXu0JQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Sun, 13 Nov 2022 03:16:13 GMT
age: 74996
etag: "a49a1bf9716e32979810931d04d1f84216d096c1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ae99eef-8784-4c1a-8c91-bd4ef21987a2.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ae99eef-8784-4c1a-8c91-bd4ef21987a2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f4ac79607215beb845b6e7bf1e92506b
d4ac19f0373649804e9747b30552897a453db42d
ec4691a0573471e50dce4bd5db454dcd0498939aa6d1d9d39a1221ad01578a45
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ae99eef-8784-4c1a-8c91-bd4ef21987a2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7632
x-amzn-requestid: 2b3de800-a50f-4872-8a7c-54ec33923739
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bjzJYFCdIAMFmLQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6371656f-1ee2b3f21d22619e3381e1a4;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 21:45:19 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Dr0oeNxvib4qjo6CAg6YPyXkypbU5eF6GLLK1mN3jJer6G22pE8jLQ==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Sun, 13 Nov 2022 22:01:14 GMT
age: 7495
etag: "d4ac19f0373649804e9747b30552897a453db42d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.20.226:0
Hash 9c763b8b90a6b47e832fb94bf16c515b
d2e01f05b7efcfff13d5b7ce218477f943aa1fe8
8df755a4fdbc76c6450700fed4cd6822bd14805fb28b9a22278472dd0e9f7042
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 00:06:09 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "32B92182EC49FD40ECF6C3B36F0AEDF161F2FA76"
Expires: Mon, 14 Nov 2022 10:00:00 GMT
Last-Modified: Sun, 13 Nov 2022 22:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2560
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 769b7fe3ff101c06-OSL
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8e07f52c-038a-455c-999e-d73d0eb46026.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8e07f52c-038a-455c-999e-d73d0eb46026.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 558f53737293f89e6ac57744a92fa0af
f943dc15ce5f4b1810d81cb35d03e8961b990abb
33a031ace07e6918493684847ba4b4596ce8cfcd3740d62cc8cc85021f3788e6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8e07f52c-038a-455c-999e-d73d0eb46026.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7362
x-amzn-requestid: eee8797a-33b0-43a5-9ea6-d5678b166289
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bZ3beEiPoAMFfJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636d6c49-48ad19f870be15bd639da9f6;Sampled=0
x-amzn-remapped-date: Thu, 10 Nov 2022 21:25:29 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: tTVFFElm6FsUpU3hgfjA3-PjOf_mcEQ9nsRcT2UhtW4aqwmGOneMiw==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 13 Nov 2022 18:09:15 GMT
age: 21414
etag: "f943dc15ce5f4b1810d81cb35d03e8961b990abb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92501a28-163f-4c6e-aed7-d31c29354d1e.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92501a28-163f-4c6e-aed7-d31c29354d1e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 032386e5c9dffff1ba1ee5e8a322d438
dd4fd6c803a9b333bace9a541c6bd183d0c56bb9
0e9f559a0aa7e114c5810a27ba243c0da7b44dc0bf7aec2b7ab32b8f0e2b536c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92501a28-163f-4c6e-aed7-d31c29354d1e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11667
x-amzn-requestid: 4778d1bd-28c3-4665-89da-046e356087f0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bjyD1HE-oAMF0QQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637163b1-53c7330c5fd36d3c4d9e6aed;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 21:37:53 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: zAh7IawFpIJIJCMTeWKn99lx_R-88IOn5u8zRTMtzlDYEEqXSOyhGg==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Sun, 13 Nov 2022 21:57:55 GMT
age: 7694
etag: "dd4fd6c803a9b333bace9a541c6bd183d0c56bb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
37.252.171.53200 OK 144 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 37.252.171.53:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 690dd529a1ea4f9e3ce0aa0e5a71edde
711a1c4622511452999e4a539f2d1d5b1a1b20a4
16a7f1ee1a3f6d4a14b8ad3af48d57df91161b6f3f9937f93bdb2325dce46e23
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 533
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Mon, 14 Nov 2022 00:06:09 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 144
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://ouo.press
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: baf21191-37e9-49c4-abd0-73c0dba9d381
Set-Cookie: icu=ChkItZqGARAKGAEgASgBMPGMxpsGOAFAAUgBEPGMxpsGGAA.; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 12-Feb-2023 00:06:09 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=275119381114266317; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 12-Feb-2023 00:06:09 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
bidder.criteo.com/cdb?profileId=207&av=34&wv=6.2.0&cb=63454746508
178.250.2.131200 OK 44 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=6.2.0&cb=63454746508
IP 178.250.2.131:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5f1dcf53824ce88cdb7941d34db3f19d
4164a13e3f53e1f002606a807d64a92620720fb0
3a803b7520764b5266cfac90aa9f9b2ff931109f489d9a1deb24aa686c239a74
POST /cdb?profileId=207&av=34&wv=6.2.0&cb=63454746508 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 486
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 14 Nov 2022 00:06:08 GMT
vary: Origin
server: Finatra
content-type: application/json; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: https://ouo.press
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-encoding: gzip
content-length: 44
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 081d2418427845a1f400f88c0add2835
58b642e1fe3880cd90cd0f0b9d53ec95517f3c26
8d0bd9aa0a67fac44ec26efe9f9c03308e36b541b564ac1a60ea91c2288df22b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1714
Cache-Control: max-age=105464
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 00:06:09 GMT
Etag: "637078b7-117"
Expires: Tue, 15 Nov 2022 05:23:53 GMT
Last-Modified: Sun, 13 Nov 2022 04:55:19 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
jsc.adskeeper.com/a/d/adtrue.ouo.press.991771.js
104.18.4.42200 OK 931 B URL HTTP/2 jsc.adskeeper.com/a/d/adtrue.ouo.press.991771.js
IP 104.18.4.42:0
File type ASCII text, with very long lines (2388)
Hash 8e8d7a0a62663d5f7c415376384593c2
f7cd825a352266b8c5b4b0dfea749c967d26b22d
222d7503ac4a040176b2029a74c3fda84012d21742a4b7deca73243d521fc3de
GET /a/d/adtrue.ouo.press.991771.js HTTP/1.1
Host: jsc.adskeeper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 14 Nov 2022 00:06:09 GMT
content-type: text/javascript
content-length: 931
x-amz-id-2: DpAKct+ZZ8szDYgVNbB8CXlKoVt69Zzm6eUVI25PqgSFU4H5qOaoZOc2FaKbUe1Lt6Kn8tZGGlY=
x-amz-request-id: C76KDVMKZRK8NR4W
last-modified: Thu, 03 Nov 2022 11:38:04 GMT
etag: "8e8d7a0a62663d5f7c415376384593c2"
content-encoding: gzip
x-amz-version-id: SBZDoO6KUGsi9aXrwr03p7YsWy_YVSlV
cf-cache-status: HIT
age: 4240
expires: Mon, 14 Nov 2022 04:06:09 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 769b7fe5ab87b518-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
jsc.adskeeper.com/a/d/adtrue.ouo.press.991771.es6.js
104.18.4.42200 OK 77 kB URL HTTP/2 jsc.adskeeper.com/a/d/adtrue.ouo.press.991771.es6.js
IP 104.18.4.42:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (33588)
Hash 230cc82ca6b0866e990314cbc9027a3a
82d5affc0fcc38fc96045c481adf1da072ac1d3f
7d10f7267c9a69a121fd36026a7b5f25e9e94b310a9ea25e7b554507d02ba5a3
GET /a/d/adtrue.ouo.press.991771.es6.js HTTP/1.1
Host: jsc.adskeeper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 14 Nov 2022 00:06:09 GMT
content-type: text/javascript
content-length: 77407
x-amz-id-2: WWd9x0Gq6FvGsNtCKDMctOFIq+uCBEfh9T/M/AdM6C8Q45tvN/NL0hn3dvzjvhsTm8Q8n1X6W6CfG6NVPxWmcg==
x-amz-request-id: ZQANRS00VQFHFH7W
last-modified: Thu, 03 Nov 2022 14:15:36 GMT
etag: "230cc82ca6b0866e990314cbc9027a3a"
content-encoding: gzip
x-amz-version-id: lLRYvMywT8mphRmbRVyHVkxgXiOMWoKg
cf-cache-status: HIT
age: 1523
expires: Mon, 14 Nov 2022 04:06:09 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 769b7fe5cba0b518-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 87cc3448203e2dd0c5fcdb38e6982bd9
e6487f7e47c00488271fb9584a6b1fc8d204cb2a
8561f9703c6c25d26b03f4c0fce350ba3c41350789555081bb83889d801c9122
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2002
Cache-Control: max-age=92052
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 00:06:09 GMT
Etag: "63704333-1d7"
Expires: Tue, 15 Nov 2022 01:40:21 GMT
Last-Modified: Sun, 13 Nov 2022 01:06:59 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
ib.adnxs.com/ut/v3/prebid
37.252.171.53200 OK 144 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 37.252.171.53:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 6f9b92aaf007c325f4445f131f959a4a
e7b286c4e2c2f66ff2e94e91b8a16f8ddcfb0a39
df075252b7703fbf8ff09769434edafcadc57a51a7d96e1db389be1cddbeb476
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 561
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Mon, 14 Nov 2022 00:06:09 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 144
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://ouo.press
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 3f4155c1-b380-449c-9a6a-cbb6dbd2947a
Set-Cookie: icu=ChgIw6tREAoYASABKAEw8YzGmwY4AUABSAEQ8YzGmwYYAA..; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 12-Feb-2023 00:06:09 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=8285723448752455391; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 12-Feb-2023 00:06:09 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ib.adnxs.com/ut/v3/prebid
37.252.171.53200 OK 145 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 37.252.171.53:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 35ec21a8223d037a0781e1ec49fccce8
6833028a22f36a8bd43c872c313e874879bb0fa0
29f752816848dd33545bcc7464982369d0f97d96ef06f065d5d8d2f600b50fe4
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 682
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Mon, 14 Nov 2022 00:06:09 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 145
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://ouo.press
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: bf7b978f-62ff-4610-823a-e22378e5e9b0
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18438&site_id=202928&zone_id=1317174&size_id=2&rp_schain=1.0,1!firstimpression.io,7419,1,,,&rf=https%3A%2F%2Fouo.press%2F4srK5m&kw=ouo.press%2Cshortlinks%2Clinkshortener%2CfreeURLshortener&tg_i.ref=https%3A%2F%2Fouo.press%2F4srK5m&tg_i.page=https%3A%2F%2Fouo.press%2F4srK5m&tg_i.domain=ouo.press&tg_i.figroup=a9&tk_flint=pbjs_lite_v6.2.0&x_source.tid=b3011690-4694-400d-b34a-a8536f4c8655&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.04617495877226163
213.19.162.51200 OK 348 B URL HTTP/1.1 fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18438&site_id=202928&zone_id=1317174&size_id=2&rp_schain=1.0,1!firstimpression.io,7419,1,,,&rf=https%3A%2F%2Fouo.press%2F4srK5m&kw=ouo.press%2Cshortlinks%2Clinkshortener%2CfreeURLshortener&tg_i.ref=https%3A%2F%2Fouo.press%2F4srK5m&tg_i.page=https%3A%2F%2Fouo.press%2F4srK5m&tg_i.domain=ouo.press&tg_i.figroup=a9&tk_flint=pbjs_lite_v6.2.0&x_source.tid=b3011690-4694-400d-b34a-a8536f4c8655&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.04617495877226163
IP 213.19.162.51:0
File type JSON data\012- , ASCII text, with very long lines (348), with no line terminators
Hash 4e4c2c06bc91af15ab108c30fe5a9433
5d029fdf80c11e487c911047809b06cabf5d0663
9c3f145d4b2a69dd2a05645856737338fd089c239ad800ef4ea15aae1f810fe2
GET /a/api/fastlane.json?account_id=18438&site_id=202928&zone_id=1317174&size_id=2&rp_schain=1.0,1!firstimpression.io,7419,1,,,&rf=https%3A%2F%2Fouo.press%2F4srK5m&kw=ouo.press%2Cshortlinks%2Clinkshortener%2CfreeURLshortener&tg_i.ref=https%3A%2F%2Fouo.press%2F4srK5m&tg_i.page=https%3A%2F%2Fouo.press%2F4srK5m&tg_i.domain=ouo.press&tg_i.figroup=a9&tk_flint=pbjs_lite_v6.2.0&x_source.tid=b3011690-4694-400d-b34a-a8536f4c8655&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.04617495877226163 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.4
Date: Mon, 14 Nov 2022 00:06:09 GMT
Content-Type: application/json
Content-Length: 348
Connection: keep-alive
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Expires: Wed, 17 Sep 1975 21:32:10 GMT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://ouo.press
Pragma: no-cache
Vary: Accept-Encoding
Set-Cookie: khaos=LAG0Z6J8-H-EHA7; Domain=.rubiconproject.com; Path=/; Expires=Tue, 14-Nov-2023 00:06:09 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|naVuGyos1qr13kfptNtpSu9DtVM30fCgA9CwQtC3eTyRbI+42ZeATZZjSCqH74hcJhsHlJbldDdJwe9iGXKQTKZr5ZVxLWDe; Domain=.rubiconproject.com; Path=/; Expires=Tue, 14-Nov-2023 00:06:09 GMT; Max-Age=31536000; SameSite=None; Secure
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 22abb59740bb3d4173d5b5633dc14fbd
e343ed173717c9ac3594fc7c8dc9873ee88f5f8d
db3c7cc7ea70604ec1bae2703f729c65cf122dc284ecbe50003a0c805ff929bf
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 00:06:09 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 12 Nov 2022 13:55:53 GMT
Expires: Sat, 19 Nov 2022 13:55:52 GMT
Etag: "e343ed173717c9ac3594fc7c8dc9873ee88f5f8d"
Cache-Control: max-age=481182,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 769b7fe5dfbfb511-OSL
d3div1mtym39ic.cloudfront.net/aax2/apstag.js?upapi=true
18.244.183.218200 OK 45 kB URL HTTP/2 d3div1mtym39ic.cloudfront.net/aax2/apstag.js?upapi=true
IP 18.244.183.218:0
File type ASCII text, with very long lines (65456)
Hash 3acb4063e8dfa5b2e3cc5eaa8a9a7547
e5f4e114728d083c119d8703ac9bfffb35c8fb3f
6931ff0218c4e6d17a54d5190b979edbda736abd0575d641134f20e35821671f
GET /aax2/apstag.js?upapi=true HTTP/1.1
Host: d3div1mtym39ic.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ouo.press/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 09 Nov 2022 20:51:50 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Sun, 13 Nov 2022 23:46:56 GMT
cache-control: public, max-age=3600
etag: W/"fa24fe2b94a2fc864b1ec67f32e8db32"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 697d4bd23eb9c2b8ceb5e7a65e15f560.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P7
x-amz-cf-id: g5igOtI-DAHQEK0fNIE-GSk7iqvcp64PHjjkgGoA1rNEz7KZ-aD4vg==
age: 1154
X-Firefox-Spdy: h2
c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fouo.press&pubid=4cd01fd0-0780-4b33-a4da-c39467660185
13.249.251.38204 No Content 0 B URL HTTP/2 c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fouo.press&pubid=4cd01fd0-0780-4b33-a4da-c39467660185
IP 13.249.251.38:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cdn/prod/config?src=600&u=https%3A%2F%2Fouo.press&pubid=4cd01fd0-0780-4b33-a4da-c39467660185 HTTP/1.1
Host: c.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
cache-control: max-age=21550, s-maxage=21600
date: Sun, 13 Nov 2022 18:53:33 GMT
server: Server
x-cache: Hit from cloudfront
via: 1.1 50ef760066390594318a8cc54c245fd2.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P2
x-amz-cf-id: I3Wkb225t3ivF2mOfh4xTMMVlQDNzXUaRaxAveCHl16fureV8mB45Q==
age: 18755
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 7ac53f5545f87fd18074d17386f98b16
1792092f698a9ee02e91a1e611dbd3457847bb75
352456273421d57a712f8444e073297a87c2c91ced93d71f220af246945611df
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 923
Cache-Control: max-age=165116
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 00:06:10 GMT
Etag: "637164d3-139"
Expires: Tue, 15 Nov 2022 21:58:06 GMT
Last-Modified: Sun, 13 Nov 2022 21:42:43 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 313
aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fouo.press%2F4srK5m&pid=dxnQyG3JkvwYt&cb=0&ws=728x90&v=22.1107.1609&t=2000&slots=%5B%7B%22sd%22%3A%2293863%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%5D&schain=1.0%2C1!firstimpression.io%2C7419%2C1%2C%2C%2C&pubid=4cd01fd0-0780-4b33-a4da-c39467660185&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
13.224.231.160200 OK 165 B URL HTTP/2 aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fouo.press%2F4srK5m&pid=dxnQyG3JkvwYt&cb=0&ws=728x90&v=22.1107.1609&t=2000&slots=%5B%7B%22sd%22%3A%2293863%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%5D&schain=1.0%2C1!firstimpression.io%2C7419%2C1%2C%2C%2C&pubid=4cd01fd0-0780-4b33-a4da-c39467660185&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
IP 13.224.231.160:0
File type ASCII text, with no line terminators
Hash 524702d9c4ac8c61e27c3d850412f10f
199d4d5b602799e1a01577115d249b9707dbf37a
7e4302335da0ce23c817a82d8d34836aef6ef7fb136f731d4ba29a7e4d762a7b
GET /e/dtb/bid?src=600&u=https%3A%2F%2Fouo.press%2F4srK5m&pid=dxnQyG3JkvwYt&cb=0&ws=728x90&v=22.1107.1609&t=2000&slots=%5B%7B%22sd%22%3A%2293863%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%5D&schain=1.0%2C1!firstimpression.io%2C7419%2C1%2C%2C%2C&pubid=4cd01fd0-0780-4b33-a4da-c39467660185&gdprl=%7B%22status%22%3A%22no-cmp%22%7D HTTP/1.1
Host: aax-dtb-cf.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
content-length: 165
server: Server
date: Mon, 14 Nov 2022 00:06:10 GMT
x-amz-rid: S1CHJA2H1Z1W46Q2CMQM
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
timing-allow-origin: *
strict-transport-security: max-age=47474747; includeSubDomains; preload
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
via: 1.1 ec1080f781e2e3f66cbfcee94de754cc.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
x-amz-cf-id: L-53HtdXFSh-SUSAjzlV9Osn653cgJd4-37Z9vZDioSnpkp7MHFNUQ==
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash e4ca8fc16522e72f7cb12b7020125bd7
2d4f037eebffc95dab5614ca5b837e1ac1633e23
51db146e76c488fb8961c5918261f3db117eb86bc69a18c3f7dd3cebc01c0e39
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5737
Cache-Control: max-age=155559
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 00:06:10 GMT
Etag: "63712cb0-13a"
Expires: Tue, 15 Nov 2022 19:18:49 GMT
Last-Modified: Sun, 13 Nov 2022 17:43:12 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 314
gum.criteo.com/syncframe?origin=publishertag&topUrl=ouo.press
178.250.0.157200 OK 5.1 kB URL HTTP/2 gum.criteo.com/syncframe?origin=publishertag&topUrl=ouo.press
IP 178.250.0.157:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (13465)
Hash 2cf12a61c5f3f23abe6f26d2181f908c
7cc44e27a14d87f3a8180a7b3a99f6fbc52f99c8
f0b7a85374c53a3a5e3dc9074aa1587df2e43cbd4835cb777f23ae7492cf2041
GET /syncframe?origin=publishertag&topUrl=ouo.press HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 14 Nov 2022 00:06:10 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=c137fb61-c481-4215-9ee4-13ff76bcf222; expires=Sat, 09 Dec 2023 00:06:09 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 589248
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash 0472ca550409a6f2265b9d551a7377fd
1e01a28c0c19e7fd8666ac04af6462fca157c519
56022428c1981001b5812e9e1b9ec9fe78c01605c6e65543a4f096698deda6f0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 745
Cache-Control: max-age=122845
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 00:06:10 GMT
Etag: "6370c066-138"
Expires: Tue, 15 Nov 2022 10:13:35 GMT
Last-Modified: Sun, 13 Nov 2022 10:01:10 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 312
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash 0472ca550409a6f2265b9d551a7377fd
1e01a28c0c19e7fd8666ac04af6462fca157c519
56022428c1981001b5812e9e1b9ec9fe78c01605c6e65543a4f096698deda6f0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 745
Cache-Control: max-age=122845
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 00:06:10 GMT
Etag: "6370c066-138"
Expires: Tue, 15 Nov 2022 10:13:35 GMT
Last-Modified: Sun, 13 Nov 2022 10:01:10 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 312
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a1396dd932795f6d020b49c6622b350e
c8abde6783228e7b699a52abf37f11586df44f2f
681ae9e615bc2fda7c42e0f061e813467c5f83c634c51a64618762eff892caae
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "681AE9E615BC2FDA7C42E0F061E813467C5F83C634C51A64618762EFF892CAAE"
Last-Modified: Sat, 12 Nov 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6353
Expires: Mon, 14 Nov 2022 01:52:04 GMT
Date: Mon, 14 Nov 2022 00:06:11 GMT
Connection: keep-alive
gum.criteo.com/sid/json?origin=publishertag&domain=ouo.press&sn=FirefoxSyncframe&so=3&topUrl=ouo.press&bundle=pthcwF9hRXBiRU9MTGRqc0dFJTJCMmw4WXVRTVdQbjA0SW5SZHZaWEt1Z3hLbGNMNE1XQTVjamROQmJwcG5wM3dBSFY5R2gwVjRvJTJGQUhlZVI3aFpJVGpiRGxMeVZ2V1BRVCUyRm9mR1VHeU5kb3laRTBkUExOejV5SjhRMlRQdVdKN3VsSFVXWQ&info=NuHEFl80M0RITmhlJTJCZkMwOUJGQlhaMUN2cyUyQjNTUkRGVjJodFVwV1pyZ2RCNEhLVlhHRkowMXdJY3pTbVo5aXZKeWt6aA&idsd=1362115961,506457392&cw=1&lsw=1
178.250.0.157200 OK 537 B URL HTTP/2 gum.criteo.com/sid/json?origin=publishertag&domain=ouo.press&sn=FirefoxSyncframe&so=3&topUrl=ouo.press&bundle=pthcwF9hRXBiRU9MTGRqc0dFJTJCMmw4WXVRTVdQbjA0SW5SZHZaWEt1Z3hLbGNMNE1XQTVjamROQmJwcG5wM3dBSFY5R2gwVjRvJTJGQUhlZVI3aFpJVGpiRGxMeVZ2V1BRVCUyRm9mR1VHeU5kb3laRTBkUExOejV5SjhRMlRQdVdKN3VsSFVXWQ&info=NuHEFl80M0RITmhlJTJCZkMwOUJGQlhaMUN2cyUyQjNTUkRGVjJodFVwV1pyZ2RCNEhLVlhHRkowMXdJY3pTbVo5aXZKeWt6aA&idsd=1362115961,506457392&cw=1&lsw=1
IP 178.250.0.157:0
Hash f85f0c8cb655c5ffc83324c4f5cc993f
c4ac0f0d415949fe25e022920abc5b493e32593f
9ca85c2ab60fdebca8116a947c8ed637e23199d3591336c94e2b1e460336fab3
GET /sid/json?origin=publishertag&domain=ouo.press&sn=FirefoxSyncframe&so=3&topUrl=ouo.press&bundle=pthcwF9hRXBiRU9MTGRqc0dFJTJCMmw4WXVRTVdQbjA0SW5SZHZaWEt1Z3hLbGNMNE1XQTVjamROQmJwcG5wM3dBSFY5R2gwVjRvJTJGQUhlZVI3aFpJVGpiRGxMeVZ2V1BRVCUyRm9mR1VHeU5kb3laRTBkUExOejV5SjhRMlRQdVdKN3VsSFVXWQ&info=NuHEFl80M0RITmhlJTJCZkMwOUJGQlhaMUN2cyUyQjNTUkRGVjJodFVwV1pyZ2RCNEhLVlhHRkowMXdJY3pTbVo5aXZKeWt6aA&idsd=1362115961,506457392&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ouo.press
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 14 Nov 2022 00:06:10 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 887665
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash fc4165acc838314f1ae74949aac5f646
377d2d0adbaf98270146c77d4b207004b82564a2
a4704c24b65c901a9d34c3727d65eae1d421c6a08ad802e8e3fb6d09db03072b
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 00:06:11 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Thu, 17 Nov 2022 20:50:57 GMT
ETag: "377d2d0adbaf98270146c77d4b207004b82564a2"
Last-Modified: Sun, 13 Nov 2022 20:50:58 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 469
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 769b7fef9bbc1c06-OSL
match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
15.197.193.217200 OK 63 B URL HTTP/2 match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
IP 15.197.193.217:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 214ed9b60f0d17ef2ea8683b83cde457
a91c9d9ed716c9001e1b2983f84f96368fbcdf25
0b4a87e80821bcec7fa3719cd27e18ef431d34bd1cf4324a02b9634b2ee46f6e
GET /track/rid?ttd_pid=pubmatic&fmt=json HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 14 Nov 2022 00:06:11 GMT
content-type: application/json; charset=utf-8
content-length: 63
cache-control: private
expires: Wed, 14 Dec 2022 00:06:11 GMT
vary: Origin
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
x-aspnet-version: 4.0.30319
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.24200 OK 1.8 kB IP 192.124.249.24:0
Hash 63bd3020bbba650b2617c748c9899170
729f1223394f800beac9a23d12d447b06ac0aa07
4c5e4df2c7460285e88e4fa21cb12973ac4b9eec150021794552d14e839dce31
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Mon, 14 Nov 2022 00:06:11 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sun, 13 Nov 2022 21:20:59 GMT
Expires: Mon, 14 Nov 2022 21:20:59 GMT
ETag: "729f1223394f800beac9a23d12d447b06ac0aa07"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 5c139d38ea1ee095f9564c4fe250d485
ef7551f02d61e49ccbbd7c76687225092d8cea28
29733c80821606f15580c60a6eb359913480e933e69d4471095eb4931563d76b
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 00:06:11 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 13 Nov 2022 02:41:37 GMT
Expires: Sun, 20 Nov 2022 02:41:36 GMT
Etag: "ef7551f02d61e49ccbbd7c76687225092d8cea28"
Cache-Control: max-age=527124,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 769b7fef2dd2b511-OSL
api.rlcdn.com/api/identity/envelope?pid=1258
34.120.133.55401 Unauthorized 19 B URL HTTP/2 api.rlcdn.com/api/identity/envelope?pid=1258
IP 34.120.133.55:0
Hash 63dfbd2b39fe4f536a04e7b32ada47b4
207298c4a215ad5d97d888522927910ae772ba48
26e51290d12b4fea0bb98da3ed118837b744555ba723061771ab3df30000b6b7
GET /api/identity/envelope?pid=1258 HTTP/1.1
Host: api.rlcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 401 Unauthorized
content-type: text/plain; charset=utf-8
x-content-type-options: nosniff
date: Mon, 14 Nov 2022 00:06:11 GMT
content-length: 19
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
id.crwdcntrl.net/id
52.49.181.242200 OK 43 B IP 52.49.181.242:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 90eeff5111bbbdce769d4130cc3cca3c
d62886c1a85d51814cb7f124761c5e6aca6d8933
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
GET /id HTTP/1.1
Host: id.crwdcntrl.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 14 Nov 2022 00:06:11 GMT
content-type: application/json;charset=utf-8
content-length: 43
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.15.98
access-control-allow-credentials: true
access-control-allow-origin: https://ouo.press
server: Jetty(9.4.38.v20210224)
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 5c139d38ea1ee095f9564c4fe250d485
ef7551f02d61e49ccbbd7c76687225092d8cea28
29733c80821606f15580c60a6eb359913480e933e69d4471095eb4931563d76b
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 00:06:11 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 13 Nov 2022 02:41:37 GMT
Expires: Sun, 20 Nov 2022 02:41:36 GMT
Etag: "ef7551f02d61e49ccbbd7c76687225092d8cea28"
Cache-Control: max-age=527124,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 769b7ff0cf02b511-OSL
ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155495
23.38.200.201200 OK 5.5 kB URL HTTP/2 ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155495
IP 23.38.200.201:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (15844), with no line terminators
Hash 7725e8e949141c8ded449d86975d4c04
8cd8c314a2002cc26f821d331ab9512f52a551a2
a0c49aacf6f552bce544eb8516404f696918253cd934a6404ebeafd71f8780ae
GET /AdServer/js/user_sync.html?kdntuid=1&p=155495 HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
server: Apache
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5549
content-type: text/html; charset=UTF-8
cache-control: max-age=42036
expires: Mon, 14 Nov 2022 11:46:48 GMT
date: Mon, 14 Nov 2022 00:06:12 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
image6.pubmatic.com/AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB
185.64.190.78200 OK 60 B URL HTTP/2 image6.pubmatic.com/AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB
IP 185.64.190.78:0
File type ASCII text, with no line terminators
Hash de37d3f7b77c4ea5ff0d1533519211fb
b63047ec18d1288606ca63940f5aca078ada7d25
a7632b846e792b4ef869ce8485259d8f5339aa579be038b2824f496a6aaaa126
GET /AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB HTTP/1.1
Host: image6.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.pubmatic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
cache-control: private
content-type: text/html; charset=UTF-8
expires: Sat, 11 Feb 2023 15:45:56 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Mon, 14 Nov 2022 00:06:10 GMT
content-length: 60
X-Firefox-Spdy: h2
simage4.pubmatic.com/AdServer/SPug?o=1&p=155495&sc=1&u=EBED1F54-B2EB-4EF4-BFF1-68566A5400AE&rs=3&gdpr=0&gdpr_consent=&us_privacy=
185.64.190.81200 OK 1.3 kB URL HTTP/2 simage4.pubmatic.com/AdServer/SPug?o=1&p=155495&sc=1&u=EBED1F54-B2EB-4EF4-BFF1-68566A5400AE&rs=3&gdpr=0&gdpr_consent=&us_privacy=
IP 185.64.190.81:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (1720)
Hash f5997b6e8387e4d52807cf9116a43f6b
f8756d991bbeb4bd64e6087f2b170ef927ae6a20
5536a8bfd2998f7fec61ed1913c02d1c7b5fbcfaba87d91c824b49600fa93c7d
GET /AdServer/SPug?o=1&p=155495&sc=1&u=EBED1F54-B2EB-4EF4-BFF1-68566A5400AE&rs=3&gdpr=0&gdpr_consent=&us_privacy= HTTP/1.1
Host: simage4.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
date: Mon, 14 Nov 2022 00:06:12 GMT
content-type: text/html; charset=utf-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
content-encoding: gzip
X-Firefox-Spdy: h2
c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
13.249.251.38200 OK 0 B URL HTTP/2 c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
IP 13.249.251.38:0
GET /bao-csm/aps-comm/aps_csm.js HTTP/1.1
Host: c.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 08 Nov 2022 20:12:15 GMT
x-amz-version-id: 73Lfxs6DHpOgTaZAZUymb39ifEt2PRR2
server: AmazonS3
content-encoding: gzip
date: Sun, 13 Nov 2022 22:35:08 GMT
cache-control: public, max-age=86400
etag: W/"a4d296427fc806b21335359e398c025c"
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
via: 1.1 50ef760066390594318a8cc54c245fd2.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P2
x-amz-cf-id: U9O8HptvG8iGDk9MIbnUGmOJnIZUXqRNXefH9EBiZX3z40jNQeAWYQ==
age: 81215
X-Firefox-Spdy: h2
ag.gbc.criteo.com/newidsd
178.250.6.226200 OK 0 B URL HTTP/2 ag.gbc.criteo.com/newidsd
IP 178.250.6.226:0
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Mon, 14 Nov 2022 00:06:09 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 94716
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&pbt=1&lsw=1
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&pbt=1&lsw=1
IP 178.250.0.157:0
GET /sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&pbt=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 14 Nov 2022 00:06:11 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://ouo.press
server-processing-duration-in-ticks: 1516480
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
ouo.io/4srK5m
172.67.6.151302 Found 0 B IP 172.67.6.151:0
GET /4srK5m HTTP/1.1
Host: ouo.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Mon, 14 Nov 2022 00:06:07 GMT
content-type: text/html; charset=UTF-8
location: https://ouo.press/4srK5m
cache-control: no-cache
set-cookie: ouoio_session=eyJpdiI6InpNSXY5Rk9uUnBZOVlQT2o2NVE3MnpUTjE0akw4SXVrTkFlTDQ2RE15eFE9IiwidmFsdWUiOiJUcjZBWDZHRVRWZzdHaW5SNUdkd0lTQWcxb09GeldQQ3ZRNzhcLzdRYkhpRE16dWMyck12NER6UDBuVWVaNGpXazh5MFZkeGtBYlwvK1QxRXZcL1VJMmFRQT09IiwibWFjIjoiMDg5YzVmZTRjODBjMzdiNmFhNjNkNWQyMDc1MDQ5ZjZiZGE3MmM3NzczMmQ1YjI3Y2RjZjY1NTc0M2ViMjU0OCJ9; path=/; httponly
language=eyJpdiI6IjUyYmsyOVZSVU80UUZhQnFjWUZTcDBnZlEwNzRxaitTZ1lpWjE2YjNIRlE9IiwidmFsdWUiOiJISFVBK0tlczlmcXFSaG1lZE9BVGRBdGRKWDhqNEhqTjgrazY5czZ4aGNRPSIsIm1hYyI6ImQyNDkyNzE4ZWMxNjY0ZTQ5Yzg5ZTQ2OTk4MDRkNDQ0OWNmODE4MjMyNjRiNDM1NjlmNGJmNGYzOGI2YWUwMWUifQ%3D%3D; expires=Sat, 13-Nov-2027 00:06:07 GMT; Max-Age=157680000; path=/; httponly
a91d7b8fc0357b00304725a460be8de39577725d=eyJpdiI6Im9aSUxHR1hVVVBzUEJQcFB5aGtIdmV4S3pLajRJQzdiYnpKRDRcL1h1TEw4PSIsInZhbHVlIjoiTnROcHhCYUNBTmFtNDJFQmlvZk4zb2dYXC9oeW1wOWdaQ1lOSDFCcTlLMFNDa3Q2R3h3ekdzQXowNHNwOGxZcjNoRlp2TkdCOU5LbEN6OU9GYjA3T0pKWktUYnlPMHVNQ2k4U1lOZTU0eWxzSFhHTm0wMHpQekNhSHVpNG1rTlVlV0VqcExaT0tjQmJxYlwvN3VTWHNGRG1BNDVRbXN6Qk9tSDU5T05icDltQURybDFQcVFLZ2RrWjNxOUZBTWh0algzMjFFSjdYNkhaUXFaVXNoXC9EN3oydm5wcGhhWjVFMStWUjFvRGJ4TVRmK2puWlpqajR3cHVxaStaQmQwWFp1M3lBdkRCQnNFZmIwNlJKSzJFRXl0NHBoS0RjMFdSXC81UDg3dTBMMFUwR2RxME9yY1NaXC9mbUxQU1J2aVErWVRjUHFaWkd2QWxxVERiWlFcL3E0bENFWmJBPT0iLCJtYWMiOiIzN2FmNzIzNThmZDFkMTUxYWExZmEwZDUyYzY4YWRiZTRiNTQxYWE1MTFiZGQ0YjJiMGYwNWQ2YzNlMzJhZmFkIn0%3D; expires=Mon, 14-Nov-2022 02:06:07 GMT; Max-Age=7200; path=/; httponly
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 769b7fd73adcb521-OSL
X-Firefox-Spdy: h2
ecdn.firstimpression.io/static/js/fiamp.js
18.244.179.8200 OK 0 B URL HTTP/2 ecdn.firstimpression.io/static/js/fiamp.js
IP 18.244.179.8:0
GET /static/js/fiamp.js HTTP/1.1
Host: ecdn.firstimpression.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
server: nginx/1.20.0
last-modified: Fri, 08 Apr 2022 08:48:22 GMT
access-control-allow-origin: *
content-encoding: gzip
date: Sun, 13 Nov 2022 23:21:56 GMT
expires: Mon, 14 Nov 2022 00:21:54 GMT
cache-control: max-age=3600
etag: W/"624ff6d6-1b8e9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 bbbe898c37f359830da5060db9384004.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P7
x-amz-cf-id: bek1IXu8FFAaBfJbGQxR8OVe-Q7T503JAmnQ3dr5JippkF71CTZa4w==
age: 2655
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.0.157200 OK 0 B IP 178.250.0.157:0
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=NIAZcF80M0RITmhlJTJCZkMwOUJGQlhaMUN2cyUyQjNTUkRGVjJodFVwV1pyZ2RCNEhLVUFONFo0ZDRDNDdKZ1Zqdm02OFI5ag
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 14 Nov 2022 00:06:09 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=NuHEFl80M0RITmhlJTJCZkMwOUJGQlhaMUN2cyUyQjNTUkRGVjJodFVwV1pyZ2RCNEhLVlhHRkowMXdJY3pTbVo5aXZKeWt6aA; expires=Sat, 09 Dec 2023 00:06:10 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 243252
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
static.criteo.net/js/ld/publishertag.prebid.js
178.250.2.130200 OK 0 B URL HTTP/2 static.criteo.net/js/ld/publishertag.prebid.js
IP 178.250.2.130:0
GET /js/ld/publishertag.prebid.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 14 Nov 2022 00:06:10 GMT
content-type: text/javascript
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
etag: W/"6356752f-16294"
expires: Tue, 15 Nov 2022 00:06:10 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&pbt=1&lsw=1
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&pbt=1&lsw=1
IP 178.250.0.157:0
OPTIONS /sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&pbt=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://ouo.press/
Origin: https://ouo.press
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 14 Nov 2022 00:06:12 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://ouo.press
server-processing-duration-in-ticks: 506624
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.0.157200 OK 0 B IP 178.250.0.157:0
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Cookie: browser_data=NuHEFl80M0RITmhlJTJCZkMwOUJGQlhaMUN2cyUyQjNTUkRGVjJodFVwV1pyZ2RCNEhLVlhHRkowMXdJY3pTbVo5aXZKeWt6aA
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 14 Nov 2022 00:06:12 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=rPY2y180M0RITmhlJTJCZkMwOUJGQlhaMUN2cyUyQjNTUkRGVjJodFVwV1pyZ2RCNEhLVmpPZExPZEdSVzIyc2tmZ2ZLekJPag; expires=Sat, 09 Dec 2023 00:06:12 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://ouo.press
server-processing-duration-in-ticks: 305645
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 0 B IP 93.184.220.29:0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4839
Cache-Control: max-age=125458
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 00:06:09 GMT
Etag: "6370ba9d-1d7"
Expires: Tue, 15 Nov 2022 10:57:07 GMT
Last-Modified: Sun, 13 Nov 2022 09:36:29 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1
IP 178.250.0.157:0
OPTIONS /sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://ouo.press/
Origin: https://ouo.press
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 14 Nov 2022 00:06:08 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://ouo.press
server-processing-duration-in-ticks: 390807
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
ouo.press/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
104.22.59.251200 OK 0 B URL HTTP/2 ouo.press/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP 104.22.59.251:0
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/4srK5m
Cookie: ouoio_session=eyJpdiI6IlpFQWJ0STh5eHJcLzlvQlFnQTI2TjRNRnRHUjA1NkZONU1JQ1R4eWtmM25RPSIsInZhbHVlIjoiYThyMElleVZlOTRpZzJzdlJ1WnN0RmtUeDN5UHRvZ2VLWENnQ3hDV3BWSmlsXC9VTDR2cXJnXC9zQW9ES2N3VnVMV1RqQ1wvS3o4ZHJhSXdaUnJXOGhYaFE9PSIsIm1hYyI6ImY4NGZmN2JjN2U4YTAwNzBkMzgzYTU3NGNjNDk4M2E3OGIyYzhhMjhkZGUxZjYzMDFmZGViOTEyNTllZjY0NmEifQ%3D%3D; language=eyJpdiI6IkpzUG5HRDV4aDhYTkhGQnIrbjUwcmJybWVaa2tDUW1ZdVBEQXdQWTEwMEk9IiwidmFsdWUiOiJBWmwyaVBPaFZhdzdZcExRZ0F4MDg1MitqdkV4RWtmc0JvV09hNjRVclI0PSIsIm1hYyI6IjA4N2Y5MDM4ZjYyODY4MGIxYTA0YmMzNTM2ODc1ZWQ1YmQxOTBmNGEyZDVlYzYyZDA5MTY0YjZiMDRkOTVkYTUifQ%3D%3D; 5ba8b62927e00b8057a297eec9e7a05be63bb59b=eyJpdiI6InNGTW5ud05lZ0lMNVk5NmxGQ08xdlZGWlBNcHBMU05LbDY0K2pJNks0bU09IiwidmFsdWUiOiJkQTdOSVI5VEZjTlVlNEdRbk11WVg4R3I4OFhYUXdvQnV2MW9MVk9uSTFIMGQ3cUZSZ21PMFByazRwdU83cnJnN2tIVlh2cWtzUkNwSXVnYzVXUTB5dkQrbXNiUStiWW9HQ3pkOTN2Mkl1WXJyZ2lYcWhXQWRaUHVKaDcxUXZ3UlY2dW9YVXVXTytBQ0sySVwvOG9ycjlMbStaNW5BY0ZyMkJ0S2pPOTNVQUlXYVBwY2VHZDdhU1hrUVwvYVU1MGJQZllkNVo1M2Jzb2swQzVxV2dacjhJcTdIc0RYRzNHZCttcGRxeE5TUVlkSzRFSlh6dTBycGdFMDZkdEZGRmlsRW9nd0o5QlwvNktmbFdPTDh1SndzSldzNnpYa3MybTBTeHk0WGdyZWIydnA5VFF1dG1ZMDRhQmJZZ3R6Zzh6ZU5BSFwvSnBcL3Q2UnFieHJySlJ5eXkyUFFoQzFOa0JMN3hENTlHRVVxMkVobzhpZDlkYVAwTVFPR0w0dEdWN2VDQ0NVZyIsIm1hYyI6ImUzMWEwYTQ0MzZmZDc0NmU2YjA5OThiODg1ODg5YWJjNjhkZmFkYmYzZmVhZTVmYjAyZTFlMWEzN2MyOTZlNTIifQ%3D%3D; __cf_bm=e1BY1z4aiEZdm_u9__P1nDDQDy8AEL5BFH7CW1vKFE4-1668384367-0-AUR87nU8Kskw6novGgqPTgTsyB0n0c/IrP0EgCWNpxhmOI6amoPUFJVDzJdQd+9lcGjcd+GIJRyI2epm6iLdcmk=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 14 Nov 2022 00:06:08 GMT
content-type: application/javascript
last-modified: Wed, 09 Nov 2022 12:52:00 GMT
etag: W/"636ba270-4d7"
vary: Accept-Encoding
server: cloudflare
cf-ray: 769b7fdc7c020b3d-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Wed, 16 Nov 2022 00:06:08 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1
IP 178.250.0.157:0
GET /sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 14 Nov 2022 00:06:08 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://ouo.press
server-processing-duration-in-ticks: 900733
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
178.250.6.177200 OK 0 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP 178.250.6.177:0
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Mon, 14 Nov 2022 00:06:09 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 160616
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2