ouo.io/6PU4mZ
104.22.23.162301 Moved Permanently 0 B IP 104.22.23.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /6PU4mZ HTTP/1.1
Host: ouo.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Wed, 28 Dec 2022 08:01:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 28 Dec 2022 09:01:03 GMT
Location: https://ouo.io/6PU4mZ
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7808c40de9670b45-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e717435470c9f4f06b174d7100c6a98f
292150251495b243c384e0c676a258597ba7f4d8
91ce8257662cb8cea9cc3c74cda1d95dba421daa466b0ac231fa433e0c58e6c6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "91CE8257662CB8CEA9CC3C74CDA1D95DBA421DAA466B0AC231FA433E0C58E6C6"
Last-Modified: Tue, 27 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9501
Expires: Wed, 28 Dec 2022 10:39:24 GMT
Date: Wed, 28 Dec 2022 08:01:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 78f1f94544ef06b96bb43283f59d100f
fa2f1a3730a98c6fa5ebf976143fb6093a7298be
889af22ee304adea2e23491acbc89ebdcaf322e8c45af2bebf7520e3e9b0a6a9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "889AF22EE304ADEA2E23491ACBC89EBDCAF322E8C45AF2BEBF7520E3E9B0A6A9"
Last-Modified: Tue, 27 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4103
Expires: Wed, 28 Dec 2022 09:09:26 GMT
Date: Wed, 28 Dec 2022 08:01:03 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Type, Content-Length, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 28 Dec 2022 07:35:16 GMT
content-type: application/json
age: 1547
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 07e619a5a572fa9bcb54fa70de27f0d4
c0499dcc7551831f517f189465812859d0f48ced
2213c856ce4dd64ebe28e4deff34d449b2c08be98565c0405427453ae948fa74
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2213C856CE4DD64EBE28E4DEFF34D449B2C08BE98565C0405427453AE948FA74"
Last-Modified: Tue, 27 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12737
Expires: Wed, 28 Dec 2022 11:33:20 GMT
Date: Wed, 28 Dec 2022 08:01:03 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 4bcbcea41df4bf9911fb3fddc3e7f403
da39f9766d7fbd83d1d72c772b0b2a22c80552f1
67fe465334665f62bfc69339cda7adc80f25e03d18bd293d11757f818f978dcb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4533
Cache-Control: max-age=138781
Content-Type: application/ocsp-response
Date: Wed, 28 Dec 2022 08:01:03 GMT
Etag: "63ab6127-117"
Expires: Thu, 29 Dec 2022 22:34:04 GMT
Last-Modified: Tue, 27 Dec 2022 21:18:31 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 279
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 0m+vbd4mBaPcMTU8LDpHnsAE6pycgRgJfblQci0Lb5XJznc623zrC0KNx+2+GaHYsY+OVee08bgWO4I4B2uQCw==
x-amz-request-id: EHZWCES3WWM6SZQA
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 28 Dec 2022 07:58:13 GMT
age: 170
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 28 Dec 2022 08:01:04 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, ETag, Pragma, Last-Modified, Expires, Alert, Content-Type, Retry-After, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 28 Dec 2022 07:08:08 GMT
age: 3176
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 60b8396db0bbfa5f2ae7e34c9d04ebcc
50b6c68aa2b2a459315a9989f5d3e326e8ad5539
c10a1e0f984b121958a5cfa3b45b746db85d33c9073fcacb019d9bb27ef3b073
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3460
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Dec 2022 08:01:04 GMT
Last-Modified: Wed, 28 Dec 2022 07:03:24 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash d5bfbb749a87c015d4ab04523dce94cf
65ff77d2df46a0d01ad95f108217bb532e2bbf84
d17fe9f2062bd79efbf707577462aaf28217fe76bdcd93e82269da8bc056df20
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=122736
Content-Type: application/ocsp-response
Date: Wed, 28 Dec 2022 08:01:04 GMT
Etag: "63ab3430-116"
Expires: Thu, 29 Dec 2022 18:06:40 GMT
Last-Modified: Tue, 27 Dec 2022 18:06:40 GMT
Server: nginx
Content-Length: 278
push.services.mozilla.com/
34.213.140.56101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.213.140.56:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: EgBzSWoW6olVkBIb08KfOQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 5FXPkfv2JMp/RSEkVIkv0kx2UbA=
ouo.press/images/world.png
104.22.59.251200 OK 5.7 kB URL HTTP/2 ouo.press/images/world.png
IP 104.22.59.251:0
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 4eea420a8830a6d695114427bf52b556
35579e7f1a656beb3a07a7093166ff37c634bade
70f03c74cc197cf154af36fa552a448d9ffebb55081c96e55ef4cf469123fe22
GET /images/world.png HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/6PU4mZ
Cookie: ouoio_session=eyJpdiI6IjhBWExLZzVSS1d6MmVkSHoyQ2h5U0YzbWo0ZWFFckszdGtvUDFcL3ZScCtvPSIsInZhbHVlIjoiOXFkRWZ6aUFNblM2NDZXSTIwbXE5UDNoVmdaMDhEOXAzb3pEUG9Ib3ZGRDU5R3EreXdcLzVqTVhLcktPK1dsamtYVk1NQkpiMjFcL1BDTXY1Q1hPRDRWZz09IiwibWFjIjoiMzEwODgwZGQwY2YxZWMzYTU3NThiYmQxN2VkNDNmZTA5ZDMxMTNkNGJjNGNlYTY0MzI1YzYwN2E4ZWI4ZDg5NyJ9; language=eyJpdiI6IkZDamhzVmhFK3ZNcmNEdnhkT3B1NzRrdG54OUc1ZUZIOENyNDliS1pHWDg9IiwidmFsdWUiOiJGQURrTUxuQkhwUzR5azRSRDlIdlJHQ1d6WlZuZlhlRHJxNFJWY1c0WVdvPSIsIm1hYyI6IjE0OTUxODVjYjRiNzc3YTliMjRiYzc5NGU4NGQzNWU5MjQ5NTAzMGQ1MTc2ODdiYjkzN2Y0OTU4MGFiYjZmYmQifQ%3D%3D; 974b2bd95607750aaf434e23d78d5deb89096dc2=eyJpdiI6IitSRzVkWFlDeGFLTFwvUEtpaXQ4UmFGeitzNWVvdDhzdXBVcDdRQmo5XC9MND0iLCJ2YWx1ZSI6InZuNEZ3SlRYalwvY0ZTYzhjR3V5bjlmajlpN1U1RVYyejNjdFdQUEFydzFPWXF3UXM0SXo2dU82Z1Z5UzFHRjhwT3NoNTViNGpHRUtSK2l5b0VuQ0xFdTQ1WmFVemNIaDhEWWRNWUJDQUdqZHdHMnlseWtUeFwvWlJXU1VPZDcza2tJYXd2SndQWU1tWFdpREN2b2V3NGhENXFBM1wvYWt2WWJmRURBd1RYZlZkNFJtUGJtRFlFM2UrSGtYdzFjN0libWN3N3BqR1dKN0tzNFNYS0pDQ3QzYXhcL2JFWjR2YmZ1aVdsU3dhNitjdlJjMzRUdmRjVXpHQ3g1bHRucDdLVThDMG1yN1B0N2U5eTRaNVd4c2xEbk5KcTd4RFFLYm55OFJYdEhqVTN6Y2hlVjM4MFpBMm9RVzUra0ZlT1lhVHRcL05qNkxEdEdnNFlLZ2JRd1RaS0ZveUJVMXhQdVYyQzhMMWZDWGRhSm4wcjcwYTFjRFhIYVFwXC9nRzVVMkFEanpveiIsIm1hYyI6IjA4NjdjYmE1MTlhNjAxZGQzNGFmOGRjY2IyYzFmOWQwODI1YTBhNGY3MzFkM2Y5OWJjOTVmYTYxMGIxOWM2ZGUifQ%3D%3D; __cf_bm=p8Vgo2TqLloKyAGpU3VedncouCX0CAgWp1LNBMxWhO4-1672214464-0-AXq2WOLW6GoYRHg77jUwOOEuf1RKgm9GoiqyvjX+8DZww9ahXM0H34N2cXNnXokprHpuFQxzuaKER/mpVCzYpDI=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Dec 2022 08:01:05 GMT
content-type: image/png
content-length: 5692
cache-control: max-age=2592000
cf-bgj: imgq:85,h2pri
cf-polished: status=not_needed
etag: "5549a07c-163c"
expires: Mon, 02 Jan 2023 22:39:22 GMT
last-modified: Wed, 06 May 2015 05:02:52 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 2107303
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7808c41659a20b06-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c6af90f016d8e2a96c05a34ddb9ebbab
f1440025eeec8413fbe4e8d6a49779d1c8cdd9ef
77c0e58bd42f70ec82dcbc502a00e4cca6bf4c198c049a2a0181ba6008d14441
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Dec 2022 08:01:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 52ca073ad56859a4aa27c7711a0280e0
0f9481ab1d4503f6768b94aca521a8e6a1cacc16
3be123f7c76a1cb88f5f06d8359ee810eb5aa11540c89bc747318101e3585145
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Dec 2022 08:01:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ouo.press/css/bootstrap.css
104.22.59.251200 OK 19 kB URL HTTP/2 ouo.press/css/bootstrap.css
IP 104.22.59.251:0
File type ASCII text, with very long lines (65452)
Hash d9b19412153256f2b7d8fe2bb5851911
877ad131fd38720d2f03889f150fcf82b500f527
5c63e715787ee2a9c26dbcc8612cc4d97ed15c8a9bf8f45cc97f352a1785755d
GET /css/bootstrap.css HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/6PU4mZ
Cookie: ouoio_session=eyJpdiI6IjhBWExLZzVSS1d6MmVkSHoyQ2h5U0YzbWo0ZWFFckszdGtvUDFcL3ZScCtvPSIsInZhbHVlIjoiOXFkRWZ6aUFNblM2NDZXSTIwbXE5UDNoVmdaMDhEOXAzb3pEUG9Ib3ZGRDU5R3EreXdcLzVqTVhLcktPK1dsamtYVk1NQkpiMjFcL1BDTXY1Q1hPRDRWZz09IiwibWFjIjoiMzEwODgwZGQwY2YxZWMzYTU3NThiYmQxN2VkNDNmZTA5ZDMxMTNkNGJjNGNlYTY0MzI1YzYwN2E4ZWI4ZDg5NyJ9; language=eyJpdiI6IkZDamhzVmhFK3ZNcmNEdnhkT3B1NzRrdG54OUc1ZUZIOENyNDliS1pHWDg9IiwidmFsdWUiOiJGQURrTUxuQkhwUzR5azRSRDlIdlJHQ1d6WlZuZlhlRHJxNFJWY1c0WVdvPSIsIm1hYyI6IjE0OTUxODVjYjRiNzc3YTliMjRiYzc5NGU4NGQzNWU5MjQ5NTAzMGQ1MTc2ODdiYjkzN2Y0OTU4MGFiYjZmYmQifQ%3D%3D; 974b2bd95607750aaf434e23d78d5deb89096dc2=eyJpdiI6IitSRzVkWFlDeGFLTFwvUEtpaXQ4UmFGeitzNWVvdDhzdXBVcDdRQmo5XC9MND0iLCJ2YWx1ZSI6InZuNEZ3SlRYalwvY0ZTYzhjR3V5bjlmajlpN1U1RVYyejNjdFdQUEFydzFPWXF3UXM0SXo2dU82Z1Z5UzFHRjhwT3NoNTViNGpHRUtSK2l5b0VuQ0xFdTQ1WmFVemNIaDhEWWRNWUJDQUdqZHdHMnlseWtUeFwvWlJXU1VPZDcza2tJYXd2SndQWU1tWFdpREN2b2V3NGhENXFBM1wvYWt2WWJmRURBd1RYZlZkNFJtUGJtRFlFM2UrSGtYdzFjN0libWN3N3BqR1dKN0tzNFNYS0pDQ3QzYXhcL2JFWjR2YmZ1aVdsU3dhNitjdlJjMzRUdmRjVXpHQ3g1bHRucDdLVThDMG1yN1B0N2U5eTRaNVd4c2xEbk5KcTd4RFFLYm55OFJYdEhqVTN6Y2hlVjM4MFpBMm9RVzUra0ZlT1lhVHRcL05qNkxEdEdnNFlLZ2JRd1RaS0ZveUJVMXhQdVYyQzhMMWZDWGRhSm4wcjcwYTFjRFhIYVFwXC9nRzVVMkFEanpveiIsIm1hYyI6IjA4NjdjYmE1MTlhNjAxZGQzNGFmOGRjY2IyYzFmOWQwODI1YTBhNGY3MzFkM2Y5OWJjOTVmYTYxMGIxOWM2ZGUifQ%3D%3D; __cf_bm=p8Vgo2TqLloKyAGpU3VedncouCX0CAgWp1LNBMxWhO4-1672214464-0-AXq2WOLW6GoYRHg77jUwOOEuf1RKgm9GoiqyvjX+8DZww9ahXM0H34N2cXNnXokprHpuFQxzuaKER/mpVCzYpDI=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Dec 2022 08:01:05 GMT
content-type: text/css
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=109522
etag: W/"54def1fc-1abd2"
expires: Wed, 28 Dec 2022 16:32:27 GMT
last-modified: Sat, 14 Feb 2015 06:58:04 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 12518
vary: Accept-Encoding
server: cloudflare
cf-ray: 7808c416499c0b06-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.google.com/recaptcha/api.js?render=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x
142.250.74.132200 OK 582 B URL HTTP/2 www.google.com/recaptcha/api.js?render=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x
IP 142.250.74.132:0
File type ASCII text, with very long lines (884), with no line terminators
Hash 67b623c8416af7b2ef4383c9c2c90de2
a2bd55b0febba2b7915fa4afcf8ec28cc6bbd5de
edbf05ad3713f72231f33499c2589c01c2d7e1ae409b92d1e45f100b29aac50a
GET /recaptcha/api.js?render=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Wed, 28 Dec 2022 08:01:05 GMT
date: Wed, 28 Dec 2022 08:01:05 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 582
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash b8d1e367637c41bae3ffd63348bb81b7
16097f817be082052b9237e5cdfa2c24574ae60f
e0a59446a065df735da724372339159f1ba2099e46ffe6d5d6f1b8721f3bdf13
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2870
Cache-Control: max-age=153343
Content-Type: application/ocsp-response
Date: Wed, 28 Dec 2022 08:01:05 GMT
Etag: "63aba08a-117"
Expires: Fri, 30 Dec 2022 02:36:48 GMT
Last-Modified: Wed, 28 Dec 2022 01:48:58 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c6af90f016d8e2a96c05a34ddb9ebbab
f1440025eeec8413fbe4e8d6a49779d1c8cdd9ef
77c0e58bd42f70ec82dcbc502a00e4cca6bf4c198c049a2a0181ba6008d14441
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Dec 2022 08:01:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0ae0707aeabde36523941c20a68b5254
f882332bd8b3c0147af8ca8788be4a290d155766
537eefee073333371ff318be540498d3923603b79e282d6dd706cea5670caa8c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Dec 2022 08:01:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 84ca5351e7003303eaf521d70e65f88e
ec12f7e7d668f8168f2ae27917c22e013c832fd4
6f7a26c09c6d77cedffd8db29b5b1737450d18ff18b5c912e93342f28c219026
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6F7A26C09C6D77CEDFFD8DB29B5B1737450D18FF18B5C912E93342F28C219026"
Last-Modified: Tue, 27 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9623
Expires: Wed, 28 Dec 2022 10:41:28 GMT
Date: Wed, 28 Dec 2022 08:01:05 GMT
Connection: keep-alive
tv.gourdycortes.com/1clkn/16562
172.255.6.54200 OK 26 B URL HTTP/1.1 tv.gourdycortes.com/1clkn/16562
IP 172.255.6.54:0
File type ASCII text, with no line terminators
Hash 414a242a6fee8464282857e475d3ef61
f669890350347f53aa9bd19c1a355692e8d17d2f
d4914e81dd0b4c1d8ee8e789f6b369d107b93ac886f862930e1a98580e79aafa
GET /1clkn/16562 HTTP/1.1
Host: tv.gourdycortes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Dec 2022 08:01:05 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Set-Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; expires=Thu, 29-Dec-2022 08:01:05 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJxNjM0KgkAYRW0qSwrjQg%2FQC2T%2Fi7bVMnThAwxmXzFg84kz%2FdjTpwbR5nI4cK7jOGLsQ6gcw%2B0i2M6D9TJYbNZoX4khwgjDlO%2FaFqXUyY3ghlw8kxJuQVfFGmK%2BwuDLMuUzoRtG0z%2FXRIPIZDzZ1z8lOqmqt1bwav52vaprXFuZHP4uU69JzNndVi8GniYrTU50hrdPThnNDvER%2Fs82H24LfWVkXvCrrHhk1Y3erEny5WLIVqr1cMUHDLFHVQ%3D%3D; expires=Thu, 29-Dec-2022 08:01:05 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3bda87e5bc4dd843405828bfc60be474
5f2eff15af063adefef38f3dc6fc8f39154578a0
f3f266f8bf46a70cbccf16e9af5da2d087f4af9200fe4c9a8dd115479acd1bb1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F3F266F8BF46A70CBCCF16E9AF5DA2D087F4AF9200FE4C9A8DD115479ACD1BB1"
Last-Modified: Tue, 27 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12498
Expires: Wed, 28 Dec 2022 11:29:23 GMT
Date: Wed, 28 Dec 2022 08:01:05 GMT
Connection: keep-alive
itineraryupper.com/ed/36/01/ed36014633829dc70a42dccaefdf3f11.js
192.243.59.12200 OK 13 kB URL HTTP/1.1 itineraryupper.com/ed/36/01/ed36014633829dc70a42dccaefdf3f11.js
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (37207), with no line terminators
Hash c9abc18b721d2ce95bd2d347312fd0a9
c547eaee6093a1189b1a8a11d9c4df739b456210
797504997be17a5119f786638d6898b89b3c8ccc22255d9566cd195446c24fe5
Analyzer Verdict Alert fortinet Malware
GET /ed/36/01/ed36014633829dc70a42dccaefdf3f11.js HTTP/1.1
Host: itineraryupper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 28 Dec 2022 08:01:05 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 81ea474ec7c1ab26e90efc97a658dadd
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f9533c9e23df3c0923ca636d763c7ea0
dd2380f78817eed3925e922df8708d4bdd6c8f8e
184ca30a31c1d5a3568ca7767c31b007eeac17560c40c129a069f6fea44b88d8
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "184CA30A31C1D5A3568CA7767C31B007EEAC17560C40C129A069F6FEA44B88D8"
Last-Modified: Mon, 26 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16100
Expires: Wed, 28 Dec 2022 12:29:25 GMT
Date: Wed, 28 Dec 2022 08:01:05 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 9050ee54dae26344646b208a231fc770
a19ae5a4a8f9c28bca52aa8ea55c7313f99e0936
8ab388c1272cd2c6c2137a27f8e021744126f6fc7df5043756a04dac50857436
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Dec 2022 08:01:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2
142.250.74.35200 OK 19 kB URL HTTP/2 fonts.gstatic.com/s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 19292, version 1.0\012- data
Hash 19007b17e56daa60133bce9e9b352a95
bac1384caeae5762e7a1d8c18037f69c8cd21bc4
fd88a03358ba14440b78c6329717bdf6ed1a9fe97c3ad4e0a0a39d31fb1ac546
GET /s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ouo.press
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19292
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 27 Dec 2022 15:44:39 GMT
expires: Wed, 27 Dec 2023 15:44:39 GMT
cache-control: public, max-age=31536000
age: 58586
last-modified: Wed, 27 Apr 2022 16:12:54 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 9050ee54dae26344646b208a231fc770
a19ae5a4a8f9c28bca52aa8ea55c7313f99e0936
8ab388c1272cd2c6c2137a27f8e021744126f6fc7df5043756a04dac50857436
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Dec 2022 08:01:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash f387ad23188397c2abce4d0867daae2f
5454b6d80e18df16091af24088b2af6d7066d5bb
fc4d2d4708ac97975ea8206f390469e539aeb16040fbd89ccd67e3f8a3c89a55
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=111735
Date: Wed, 28 Dec 2022 08:01:05 GMT
Etag: "63aaf396-1d7"
Expires: Thu, 29 Dec 2022 15:03:20 GMT
Last-Modified: Tue, 27 Dec 2022 13:31:02 GMT
Server: ECS (bsa/EB13)
X-Cache: Miss from cloudfront
Via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: u1HXhOyQAVyuethgIbklDcS_Kvtvc2cLMfQ170zNx-ZzrjyTNXsGXA==
Age: 5538
hhklc.com/c.js
104.21.70.122200 OK 84 kB IP 104.21.70.122:0
File type ASCII text, with very long lines (12015), with no line terminators
Hash 52d45e092f1fc4f9922b41a595b4b4d7
b860203f9d1e57992ede59b24130a413c91d1cbb
c6484dedbd6d1ad803da7e06434d8c0b8d1108f6b85a277b226b31bcc4c1f76d
GET /c.js HTTP/1.1
Host: hhklc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Dec 2022 08:01:05 GMT
content-type: application/javascript
last-modified: Tue, 27 Dec 2022 13:04:38 GMT
etag: W/"63aaed66-2eef"
server-asp-net: Asp Net
expires: Wed, 28 Dec 2022 08:44:54 GMT
cache-control: public, max-age=14400
cf-cache-status: HIT
age: 71
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sAVqIpAuZvn68nyrb3Afh6f%2BHIyxBDLcEEh3wyD54Q0bnNmVk2NESLhHcvIEhp7wrbe6BJxkLiOpCFmT%2BAR699pgW97YCvC8ROsm73Fp8wZxxKjHmaQyTPXyGog%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7808c416b9ebb512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
52.59.105.91200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.59.105.91:0
File type ASCII text, with no line terminators
Hash c60d63a8d99dac7bfe8d196f3ba0c3af
b05622f7076777092e912603e444fe7a78ff4420
60f0598a31f9cabb918b1ab544ddb30e3728698a1433127e41f63bde0e52c1b7
Analyzer Verdict Alert fortinet Malware
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Dec 2022 08:01:05 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
set-cookie: uid_id2=684958ef-3179-4531-a5ea-3d018b561de5:3:1; expires=Sat, 25 Dec 2032 08:01:05 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
ouo.press/favicon.ico
104.22.59.251200 OK 0 B IP 104.22.59.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/6PU4mZ
Cookie: ouoio_session=eyJpdiI6IjhBWExLZzVSS1d6MmVkSHoyQ2h5U0YzbWo0ZWFFckszdGtvUDFcL3ZScCtvPSIsInZhbHVlIjoiOXFkRWZ6aUFNblM2NDZXSTIwbXE5UDNoVmdaMDhEOXAzb3pEUG9Ib3ZGRDU5R3EreXdcLzVqTVhLcktPK1dsamtYVk1NQkpiMjFcL1BDTXY1Q1hPRDRWZz09IiwibWFjIjoiMzEwODgwZGQwY2YxZWMzYTU3NThiYmQxN2VkNDNmZTA5ZDMxMTNkNGJjNGNlYTY0MzI1YzYwN2E4ZWI4ZDg5NyJ9; language=eyJpdiI6IkZDamhzVmhFK3ZNcmNEdnhkT3B1NzRrdG54OUc1ZUZIOENyNDliS1pHWDg9IiwidmFsdWUiOiJGQURrTUxuQkhwUzR5azRSRDlIdlJHQ1d6WlZuZlhlRHJxNFJWY1c0WVdvPSIsIm1hYyI6IjE0OTUxODVjYjRiNzc3YTliMjRiYzc5NGU4NGQzNWU5MjQ5NTAzMGQ1MTc2ODdiYjkzN2Y0OTU4MGFiYjZmYmQifQ%3D%3D; 974b2bd95607750aaf434e23d78d5deb89096dc2=eyJpdiI6IitSRzVkWFlDeGFLTFwvUEtpaXQ4UmFGeitzNWVvdDhzdXBVcDdRQmo5XC9MND0iLCJ2YWx1ZSI6InZuNEZ3SlRYalwvY0ZTYzhjR3V5bjlmajlpN1U1RVYyejNjdFdQUEFydzFPWXF3UXM0SXo2dU82Z1Z5UzFHRjhwT3NoNTViNGpHRUtSK2l5b0VuQ0xFdTQ1WmFVemNIaDhEWWRNWUJDQUdqZHdHMnlseWtUeFwvWlJXU1VPZDcza2tJYXd2SndQWU1tWFdpREN2b2V3NGhENXFBM1wvYWt2WWJmRURBd1RYZlZkNFJtUGJtRFlFM2UrSGtYdzFjN0libWN3N3BqR1dKN0tzNFNYS0pDQ3QzYXhcL2JFWjR2YmZ1aVdsU3dhNitjdlJjMzRUdmRjVXpHQ3g1bHRucDdLVThDMG1yN1B0N2U5eTRaNVd4c2xEbk5KcTd4RFFLYm55OFJYdEhqVTN6Y2hlVjM4MFpBMm9RVzUra0ZlT1lhVHRcL05qNkxEdEdnNFlLZ2JRd1RaS0ZveUJVMXhQdVYyQzhMMWZDWGRhSm4wcjcwYTFjRFhIYVFwXC9nRzVVMkFEanpveiIsIm1hYyI6IjA4NjdjYmE1MTlhNjAxZGQzNGFmOGRjY2IyYzFmOWQwODI1YTBhNGY3MzFkM2Y5OWJjOTVmYTYxMGIxOWM2ZGUifQ%3D%3D; __cf_bm=p8Vgo2TqLloKyAGpU3VedncouCX0CAgWp1LNBMxWhO4-1672214464-0-AXq2WOLW6GoYRHg77jUwOOEuf1RKgm9GoiqyvjX+8DZww9ahXM0H34N2cXNnXokprHpuFQxzuaKER/mpVCzYpDI=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Dec 2022 08:01:05 GMT
content-type: image/x-icon
content-length: 0
last-modified: Sat, 14 Feb 2015 06:41:24 GMT
etag: "54deee14-0"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=86400
cf-cache-status: HIT
age: 2556
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7808c41becc10b06-OSL
X-Firefox-Spdy: h2
cdn.adtrue.com/rtb/async.js
104.21.81.154200 OK 5.4 kB URL HTTP/2 cdn.adtrue.com/rtb/async.js
IP 104.21.81.154:0
File type HTML document, ASCII text, with very long lines (7327), with no line terminators
Hash 688a6c48cc7911f93114ba6813bd4a80
33e5d18a127f39b4684bdb09744b5105c5d95ad6
fefb6e6387caa93a1b840466b9d69a713e0e50942d586e3cccdeb97526dd7385
GET /rtb/async.js HTTP/1.1
Host: cdn.adtrue.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Dec 2022 08:01:05 GMT
content-type: application/javascript
last-modified: Mon, 16 Nov 2020 01:20:45 GMT
etag: W/"5fb1d3ed-1c9f"
expires: Sun, 24 Sep 2023 03:46:20 GMT
cache-control: max-age=31104000
access-control-allow-origin: *
cf-cache-status: HIT
age: 7791285
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DEtIO18v8%2BxIz06yq0sOFJuFXUiGTNlgI8qXTEwJjJMUshyAGSxT6ppLGBha7mrPzeHcCXnz%2Bje8XheXFs2U4ooSPaVBywmlz3a8wXwtEoXIOl3m431C1EaRZYE%2FVYFQ7g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7808c416896eb4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.firstimpression.io/delivery/spc_fi.php?id=7419&url=%2F6PU4mZ&charset=UTF-8&ch=8&ref=ouo.press&viewerId=null&referer=&_firid=88235599
54.230.111.73200 OK 170 kB URL HTTP/2 cdn.firstimpression.io/delivery/spc_fi.php?id=7419&url=%2F6PU4mZ&charset=UTF-8&ch=8&ref=ouo.press&viewerId=null&referer=&_firid=88235599
IP 54.230.111.73:0
File type JSON data\012- , ASCII text, with very long lines (25941)
Size 170 kB (170394 bytes)
Hash d4717ad0b4a69c8db4ce3d8aa40ccc48
1b85b8a139e6b727258935c1a992da3077db01f4
477884b7594daa53ce1ac14f175f96503a881ed424bfb4708372b12fe68d52a8
GET /delivery/spc_fi.php?id=7419&url=%2F6PU4mZ&charset=UTF-8&ch=8&ref=ouo.press&viewerId=null&referer=&_firid=88235599 HTTP/1.1
Host: cdn.firstimpression.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
date: Wed, 28 Dec 2022 08:01:05 GMT
server: nginx/1.20.0
vary: Accept-Encoding
x-powered-by: PHP/8.0.14
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
expires: 0
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
p3p: CP="CUR ADM OUR NOR STA NID"
set-cookie: OAID=GDPR; expires=Thu, 28-Dec-2023 08:01:05 GMT; Max-Age=31536000; path=/; secure; SameSite=none
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: PT5wQRj9SAOVam-nL-OdpWZXD-ofsyQXcalpHzm04jR3tx54hfnVcg==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b679e7c79765f76fd0c1c33a9233ee85
6542d96f6027699e6e380572c78f6b8dacc80155
3cc09b13f4ed9fc5a713b0f2f1e4b7d00259319c62189b885329afcad5bebf0a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Dec 2022 08:01:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 0a84c5800dc422d0e8f5b6f714f27f58
71f8dd517c11240420450cc8bc5c8ecfd34581e1
30a115340968baa0bf63fd4e2a161528cf30bce4b47a7710a144dab2ae2bf7c1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Dec 2022 08:01:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f9533c9e23df3c0923ca636d763c7ea0
dd2380f78817eed3925e922df8708d4bdd6c8f8e
184ca30a31c1d5a3568ca7767c31b007eeac17560c40c129a069f6fea44b88d8
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "184CA30A31C1D5A3568CA7767C31B007EEAC17560C40C129A069F6FEA44B88D8"
Last-Modified: Mon, 26 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16100
Expires: Wed, 28 Dec 2022 12:29:25 GMT
Date: Wed, 28 Dec 2022 08:01:05 GMT
Connection: keep-alive
ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
142.250.74.134200 OK 104 B URL HTTP/2 ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
IP 142.250.74.134:0
File type MS Windows icon resource - 2 icons, 16x16, 16 colors, 32x32, 16 colors\012- data
Hash 32ac8a9b81788b981a3a7e13c14082d4
fbfd48a2bfe8d4247a975176f88d18c3c2ad1952
00cc7617e054596ff0aaabd8a93a9214dc5304bfe317316022dbf4fb3ea073d2
GET /favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250 HTTP/1.1
Host: ad.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 104
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Tue, 27 Dec 2022 17:34:08 GMT
expires: Wed, 28 Dec 2022 17:34:08 GMT
cache-control: public, max-age=86400
age: 52017
last-modified: Tue, 08 May 2012 13:08:06 GMT
content-type: image/x-icon
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ecdn.analysis.fi/static/js/fab.js
54.230.111.8200 OK 48 kB URL HTTP/2 ecdn.analysis.fi/static/js/fab.js
IP 54.230.111.8:0
File type ASCII text, with very long lines (574)
Hash 34c4e7bec949de8f1ec529116ee000d8
b8bc411c6074d30feccf7e9f98c36497c5fb4eb2
6b11e811f247ad0da5389e74419af1204a801fd02439e18be67cd50fc4df2f31
GET /static/js/fab.js HTTP/1.1
Host: ecdn.analysis.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
server: nginx/1.20.0
last-modified: Tue, 14 Dec 2021 15:30:51 GMT
access-control-allow-origin: *
content-encoding: br
date: Wed, 28 Dec 2022 07:22:32 GMT
expires: Wed, 28 Dec 2022 08:22:31 GMT
cache-control: max-age=3600
etag: W/"61b8b8ab-1090"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Rhf9hEQAkciSP2rv7hLnuQLNNIGvIBes-RHlmjw8JG5a7x5htvmLPA==
age: 2314
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 0a84c5800dc422d0e8f5b6f714f27f58
71f8dd517c11240420450cc8bc5c8ecfd34581e1
30a115340968baa0bf63fd4e2a161528cf30bce4b47a7710a144dab2ae2bf7c1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Dec 2022 08:01:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 348c56c705eea5e048c823ff8fbdba4d
9cd4ac40e013e35dff8b02b8d92f057b625ca73f
a3979e8b2c11182b2351997b1d8702aee2778d26d8f240330650085b83af8b45
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2635
Cache-Control: max-age=100176
Content-Type: application/ocsp-response
Date: Wed, 28 Dec 2022 08:01:06 GMT
Etag: "63aad1c7-139"
Expires: Thu, 29 Dec 2022 11:50:42 GMT
Last-Modified: Tue, 27 Dec 2022 11:06:47 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 313
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b679e7c79765f76fd0c1c33a9233ee85
6542d96f6027699e6e380572c78f6b8dacc80155
3cc09b13f4ed9fc5a713b0f2f1e4b7d00259319c62189b885329afcad5bebf0a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Dec 2022 08:01:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 89ef209c8c7538fb5c697914f1964ad1
eea672e2a54c92babbeb14dceac28d75c4c75c6f
8da25fbae5f35e15823c9008489b3d5eaf9c8ef9f62089ad19f9aff140f51470
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3662
Cache-Control: max-age=114882
Content-Type: application/ocsp-response
Date: Wed, 28 Dec 2022 08:01:06 GMT
Etag: "63ab0736-1d7"
Expires: Thu, 29 Dec 2022 15:55:48 GMT
Last-Modified: Tue, 27 Dec 2022 14:54:46 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
cdn.firstimpression.io/tracking/collect?b=1
54.230.111.73200 OK 2 B URL HTTP/2 cdn.firstimpression.io/tracking/collect?b=1
IP 54.230.111.73:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
POST /tracking/collect?b=1 HTTP/1.1
Host: cdn.firstimpression.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded;charset=UTF-8
Content-Length: 357
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Cookie: OAID=GDPR
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/plain
content-length: 2
date: Wed, 28 Dec 2022 08:01:06 GMT
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-request-method: *
access-control-allow-methods: OPTIONS, GET, POST
x-cache: Miss from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 3BEQlLvkyP-tqlJ40AM4UHQeeYJkrfoBLDVC3ZMzx8ZzXJr8854ShQ==
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
185.89.210.180200 OK 138 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 185.89.210.180:0
File type JSON data\012- , ASCII text, with no line terminators
Hash c201db067e276b65f131150a16142c88
36bbc994be7145f63723dd0fe0a396ce02e9f021
7406678f1101ecce5d326c03accc91ff89c73e36336ec9f7cd6cbeca4bd5e597
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 534
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 28 Dec 2022 08:01:06 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 138
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://ouo.press
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: dcee8524-c6c2-4177-a88a-596b961316ce
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
151.101.65.229200 OK 9.2 kB URL HTTP/2 cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
IP 151.101.65.229:0
File type ASCII text, with very long lines (27677)
Hash be67ba0617660113c8b105b9318d8184
25c33a00dfefa7ba1823017dc3e9c63a17d53459
7a80c6ef8f369f3115b83e5f88aa88e730450fed06466c418a98a5fe2a9988f6
GET /npm/prebid-universal-creative@latest/dist/creative.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.14.2
x-jsd-version-type: version
etag: W/"6c5a-5kbBcMwAuv899TsKizV+K03Rtig"
content-encoding: gzip
accept-ranges: bytes
date: Wed, 28 Dec 2022 08:01:07 GMT
age: 5809
x-served-by: cache-fra-eddf8230118-FRA, cache-bma1656-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 9244
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 90e5cbd38a2da2f2880c66c354e2b068
68a8eb9c30c387bedc76df643571449c5d8fbae1
82cacfb96f0b9eb1f20d7543db2ff3ed295dd39753008d7235c2200943417f31
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2017
Cache-Control: max-age=94137
Content-Type: application/ocsp-response
Date: Wed, 28 Dec 2022 08:01:07 GMT
Etag: "63aabc9c-1d7"
Expires: Thu, 29 Dec 2022 10:10:04 GMT
Last-Modified: Tue, 27 Dec 2022 09:36:28 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
www.googletagmanager.com/gtag/js?id=G-0DTZ6LRDBJ&l=dataLayer&cx=c
142.250.74.168200 OK 76 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-0DTZ6LRDBJ&l=dataLayer&cx=c
IP 142.250.74.168:0
File type ASCII text, with very long lines (20080)
Hash 8309d736e185645c8cf18e2f9edffb38
5673501c352f6d340966566ef7a0e5d31fd6c019
96900fbbb36003816e61e71c9382d6dc41ad57aa0ada1607bdd64e04e915e8a5
GET /gtag/js?id=G-0DTZ6LRDBJ&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.adtrue.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 28 Dec 2022 08:01:07 GMT
expires: Wed, 28 Dec 2022 08:01:07 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 76273
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2783127a63c78cb5ac02e1a31631bfca
a26af5a37bbb43d4258282640749ced026ba9560
cfe19d12b6070f9171129591b54bab634d5582e4d8d83e5c1fbe703d873b8366
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CFE19D12B6070F9171129591B54BAB634D5582E4D8D83E5C1FBE703D873B8366"
Last-Modified: Tue, 27 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11075
Expires: Wed, 28 Dec 2022 11:05:42 GMT
Date: Wed, 28 Dec 2022 08:01:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2783127a63c78cb5ac02e1a31631bfca
a26af5a37bbb43d4258282640749ced026ba9560
cfe19d12b6070f9171129591b54bab634d5582e4d8d83e5c1fbe703d873b8366
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CFE19D12B6070F9171129591B54BAB634D5582E4D8D83E5C1FBE703D873B8366"
Last-Modified: Tue, 27 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11075
Expires: Wed, 28 Dec 2022 11:05:42 GMT
Date: Wed, 28 Dec 2022 08:01:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2783127a63c78cb5ac02e1a31631bfca
a26af5a37bbb43d4258282640749ced026ba9560
cfe19d12b6070f9171129591b54bab634d5582e4d8d83e5c1fbe703d873b8366
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CFE19D12B6070F9171129591B54BAB634D5582E4D8D83E5C1FBE703D873B8366"
Last-Modified: Tue, 27 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11075
Expires: Wed, 28 Dec 2022 11:05:42 GMT
Date: Wed, 28 Dec 2022 08:01:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2783127a63c78cb5ac02e1a31631bfca
a26af5a37bbb43d4258282640749ced026ba9560
cfe19d12b6070f9171129591b54bab634d5582e4d8d83e5c1fbe703d873b8366
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CFE19D12B6070F9171129591B54BAB634D5582E4D8D83E5C1FBE703D873B8366"
Last-Modified: Tue, 27 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11075
Expires: Wed, 28 Dec 2022 11:05:42 GMT
Date: Wed, 28 Dec 2022 08:01:07 GMT
Connection: keep-alive
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP 104.18.20.226:0
Hash d477cb5d0f22a4d76585ff3169d74824
6fa24bf8bc041009199f9567c3a39aefa0d0e8c7
8aa9dca07ec5a3e48b8d59cd8686f09ea93062fda8a77910694217051b1dbc7c
POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 28 Dec 2022 08:01:07 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "C3FBBD2F8D011FA05915A5C4AA1B4CDA81B36975"
Expires: Wed, 28 Dec 2022 19:00:00 GMT
Last-Modified: Wed, 28 Dec 2022 07:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 3221
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7808c423bc81b509-OSL
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.adtrue.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Wed, 28 Dec 2022 06:41:11 GMT
expires: Wed, 28 Dec 2022 08:41:11 GMT
cache-control: public, max-age=7200
age: 4796
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d46878b-33b3-4376-b34b-4fce3b5aae99.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d46878b-33b3-4376-b34b-4fce3b5aae99.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 23fa4f1ff5e70770062647e80c6b1a69
0d8cd5871878956468ccdb4ede3038869b4d2471
b44606410e34542fb5db0aa9382e43db89cd9fcf94eb4f0ec1d8b874c0d681b7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d46878b-33b3-4376-b34b-4fce3b5aae99.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12122
x-amzn-requestid: 7fae254c-4ff4-459c-a8bc-bccaa94e4bec
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: du_QiEZfoAMF5GQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a91269-2cb2cd547899b93f47e3d901;Sampled=0
x-amzn-remapped-date: Mon, 26 Dec 2022 03:18:01 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: p-sl6pCUlvaycZ2Z5QH4lbWVCL-VgK5gU7K17clcYYWvR4ZB0BPdpQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Dec 2022 03:38:16 GMT
age: 15771
etag: "0d8cd5871878956468ccdb4ede3038869b4d2471"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe69c29db-caec-401a-8056-6c2c58e33dfd.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe69c29db-caec-401a-8056-6c2c58e33dfd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 369bb708ac21a9219cae15dbf33fd225
64885e8ead4ee24b43274ada628ab47cba6c6703
04ba2c600a01344d2cb3fbd2fb5e1dc17d12d018e685f55870da70cd5a85b1ab
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe69c29db-caec-401a-8056-6c2c58e33dfd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10914
x-amzn-requestid: 86f79e43-1faa-431d-b88a-6e1baaabb1cf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d0z9YF1AIAMFyKA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ab66bb-6b418d8b0ceb68a92ec5cbd9;Sampled=0
x-amzn-remapped-date: Tue, 27 Dec 2022 21:42:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Jl9Pail3VVSDgB3KWrdxo26nQeRQ4rVqfk7I-dxHuxPH9WSBvPUQ8g==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Dec 2022 21:58:24 GMT
age: 36163
etag: "64885e8ead4ee24b43274ada628ab47cba6c6703"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd238a41-5dd3-4a9e-80cd-17fdf75ee403.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd238a41-5dd3-4a9e-80cd-17fdf75ee403.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 50a3433c386a2d8435a10b572d986161
a97620796ae1a146e719f4a46e98c57a4af472ed
b4954da0a678a4df8c3dd7df0376c04c446fad03b94f6363938b29b0b58b782a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd238a41-5dd3-4a9e-80cd-17fdf75ee403.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5577
x-amzn-requestid: b9f47205-66da-4ef7-bf83-f237bd4dd9e7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d0ys9FYKoAMFwWA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ab64b9-5bcf6f3b23d1f2b1206c91cc;Sampled=0
x-amzn-remapped-date: Tue, 27 Dec 2022 21:33:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: BynwJdv-JV-UFO98M3C5ZZIJqbx7wVQkR6aJAgJHAzuDGih4D-Izug==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Dec 2022 21:35:33 GMT
age: 37534
etag: "a97620796ae1a146e719f4a46e98c57a4af472ed"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62f83de5-47cd-4586-9dca-ab7c314cbd0e.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62f83de5-47cd-4586-9dca-ab7c314cbd0e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d9dcccae2018607dee1459081249c91e
2ecfa42f64013afc536c16fcd2250d8229f81654
41839d89192ec4771a6cd5a431617c0b7855701f93c722d025d3f056f109b552
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62f83de5-47cd-4586-9dca-ab7c314cbd0e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10839
x-amzn-requestid: 70cc8d68-0917-472f-9d64-1d4f708791e4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d0yuVGkHoAMFskg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ab64c1-2aba103f6a75466c19ddbbd6;Sampled=0
x-amzn-remapped-date: Tue, 27 Dec 2022 21:33:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: _XWlZ2SqSaIrAaT7MXl21X7zkIAoFsj4Tyf5jN7JLcrsuL9g1T9zdQ==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Dec 2022 21:35:45 GMT
age: 37522
etag: "2ecfa42f64013afc536c16fcd2250d8229f81654"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1983375a-46e7-4d3c-b100-9baafabc9959.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1983375a-46e7-4d3c-b100-9baafabc9959.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7b7f0c866bf3ac4531371ad2060951b5
48251361ab12813116d9aba69bb646bf11e54b76
33eacdc9a4c0f1c0494c153e6c8bf8dcebb5d1447aeb22fb2a799f2b631f4da7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1983375a-46e7-4d3c-b100-9baafabc9959.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5961
x-amzn-requestid: 527254dd-5774-4b0a-92c6-b03385ea17e7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d0m_gHFZoAMF8gg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ab51fc-6808bf07003234666b176f10;Sampled=0
x-amzn-remapped-date: Tue, 27 Dec 2022 20:13:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 9BEjsTYluC9DE846mwrcRYOm-r-V18WVbsV1T8OJJC-KcMhllzHhuQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Dec 2022 04:54:33 GMT
age: 11194
etag: "48251361ab12813116d9aba69bb646bf11e54b76"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash ca79586cb7446a3f7f1953215f006a24
71920cbce29e1fc946ab19e7591e7c7214c2c3d1
5517cc47a7d08622fec2a7871fd145030d4ab5b44e0d7fc90457365bfbd04ddb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2141
Cache-Control: max-age=137873
Content-Type: application/ocsp-response
Date: Wed, 28 Dec 2022 08:01:07 GMT
Etag: "63ab66f7-139"
Expires: Thu, 29 Dec 2022 22:19:00 GMT
Last-Modified: Tue, 27 Dec 2022 21:43:19 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 313
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd91057dd-978b-4fb5-b0a3-5ed8624f726a.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd91057dd-978b-4fb5-b0a3-5ed8624f726a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f810df3c7a9cc088b68a912023460d35
76c0e59325b5c046cf68c0268374df317b81be97
a46f2bc69415ce3b749a2765e98e0c2aad012050fa784d7326a0142a6a41a4dd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd91057dd-978b-4fb5-b0a3-5ed8624f726a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6009
x-amzn-requestid: 25333cb9-5ba3-44d1-8862-2cc2658b64fc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d0z_MGbeoAMFrSw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ab66c7-23af33ff50839c6834137df3;Sampled=0
x-amzn-remapped-date: Tue, 27 Dec 2022 21:42:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JmrzmSBdLJDQesHcs_dUm1C3xjHDVfOY1bHXjVoujVPoPJ6jsTSsoQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Dec 2022 22:02:35 GMT
age: 35912
etag: "76c0e59325b5c046cf68c0268374df317b81be97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
185.89.210.180200 OK 138 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 185.89.210.180:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 895b2a3e7f14860e005363a244bd7b77
3b0bd4e2991efb33d58cfe9def3b52cabc09a1c1
f69690eed24a0d5f71db558c8cffb2cb9702f2a37078b6b94acc8e96a012df52
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 682
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 28 Dec 2022 08:01:07 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 138
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://ouo.press
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 09060ff8-ab92-4f4a-8a02-5d873d47c0de
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 98487ce832032f6d2634b217be7b268f
733a0a3e68dd7807a4a7815825d1137cbb38df25
a1c8c20d385abe633421d820c7bc6f27d7f79ddad1c6a3e34e5a3e843dfb8642
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2355
Cache-Control: max-age=150305
Content-Type: application/ocsp-response
Date: Wed, 28 Dec 2022 08:01:07 GMT
Etag: "63ab96b1-1d7"
Expires: Fri, 30 Dec 2022 01:46:12 GMT
Last-Modified: Wed, 28 Dec 2022 01:06:57 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
ib.adnxs.com/ut/v3/prebid
185.89.210.180200 OK 139 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 185.89.210.180:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 8061d51da695b3a495b0fe8f432e404b
8950bb870e4694e201954ad47170c3ddf97edc4e
5dcb9a429944b6440580f836093c4dc92eaa0dbc40138542b748038f4757f0c1
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 562
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 28 Dec 2022 08:01:07 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 139
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://ouo.press
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 66936b70-a9cd-445c-ae37-5397dc7904e6
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 57575555119bdcd3b2f2651df130b7e2
41956e81aed0b9d0959f5122bd04d26bd3c388d2
38c641a397ded6e9f304f22c92166827b3540d19d03c2e75c83074046bd7e660
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "38C641A397DED6E9F304F22C92166827B3540D19D03C2E75C83074046BD7E660"
Last-Modified: Mon, 26 Dec 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2016
Expires: Wed, 28 Dec 2022 08:34:43 GMT
Date: Wed, 28 Dec 2022 08:01:07 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 96a1bdeed278980078cda1c28b6fc207
e8e0878e4157fefd84d59008ad3ef14bb032bea0
8b5a18655e5e391ed5214bd37a26cdce8b806d5fd71bb5d051e4c0b728521a2c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5974
Cache-Control: max-age=167585
Content-Type: application/ocsp-response
Date: Wed, 28 Dec 2022 08:01:07 GMT
Etag: "63abcc0e-118"
Expires: Fri, 30 Dec 2022 06:34:12 GMT
Last-Modified: Wed, 28 Dec 2022 04:54:38 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 280
bidder.criteo.com/cdb?profileId=207&av=34&wv=6.2.0&cb=54079888755
178.250.0.165200 OK 44 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=6.2.0&cb=54079888755
IP 178.250.0.165:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5f1dcf53824ce88cdb7941d34db3f19d
4164a13e3f53e1f002606a807d64a92620720fb0
3a803b7520764b5266cfac90aa9f9b2ff931109f489d9a1deb24aa686c239a74
POST /cdb?profileId=207&av=34&wv=6.2.0&cb=54079888755 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 486
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Dec 2022 08:01:07 GMT
vary: Origin
server: Finatra
content-type: application/json; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: https://ouo.press
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-encoding: gzip
content-length: 44
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
jsc.adskeeper.com/a/d/adtrue.ouo.press.991771.js
172.64.151.192200 OK 921 B URL HTTP/2 jsc.adskeeper.com/a/d/adtrue.ouo.press.991771.js
IP 172.64.151.192:0
File type ASCII text, with very long lines (2361)
Hash dc406d72b5d7cb505ff0f720a76f333c
e848a1e516384718b9319acc891ff2f7d5d707b6
e92fc567697445a7896a332abf07536107c7b96112d287748ef9234292c80c58
GET /a/d/adtrue.ouo.press.991771.js HTTP/1.1
Host: jsc.adskeeper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Dec 2022 08:01:07 GMT
content-type: text/javascript
content-length: 921
x-amz-id-2: feXPNfpFaacSm8lt6RhzCbec1+gHhzZ+DriZQVNyKgZogPAFPtddKynKrrt3LGH5NtYxJR+TKjM=
x-amz-request-id: BSY1ZH442MF2G462
last-modified: Wed, 23 Nov 2022 08:34:07 GMT
etag: "dc406d72b5d7cb505ff0f720a76f333c"
content-encoding: gzip
x-amz-version-id: Nv3tnKsQJJFloLFD8ccmmePhVOX9ZV_J
cf-cache-status: HIT
age: 1171
expires: Wed, 28 Dec 2022 12:01:07 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7808c424ea2db529-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 96a1bdeed278980078cda1c28b6fc207
e8e0878e4157fefd84d59008ad3ef14bb032bea0
8b5a18655e5e391ed5214bd37a26cdce8b806d5fd71bb5d051e4c0b728521a2c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5974
Cache-Control: max-age=167585
Content-Type: application/ocsp-response
Date: Wed, 28 Dec 2022 08:01:07 GMT
Etag: "63abcc0e-118"
Expires: Fri, 30 Dec 2022 06:34:12 GMT
Last-Modified: Wed, 28 Dec 2022 04:54:38 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 280
jsc.adskeeper.com/a/d/adtrue.ouo.press.991771.es6.js
172.64.151.192200 OK 78 kB URL HTTP/2 jsc.adskeeper.com/a/d/adtrue.ouo.press.991771.es6.js
IP 172.64.151.192:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (33528)
Hash 56b69447596f3d966e6d96470dba0ba3
d89c974a21e0724006ae44a84c9670a3c9527ba2
e00548faea2b61ffcfbd68b93f7f490c1ecfe5865efdc465bd1112aec6855ed6
GET /a/d/adtrue.ouo.press.991771.es6.js HTTP/1.1
Host: jsc.adskeeper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Dec 2022 08:01:07 GMT
content-type: text/javascript
content-length: 77572
x-amz-id-2: nSlpmfldM2jisIzO/QB2qKXN9fJZWLyfEXobnicNhEpjFSZht6H1EJar6i94BhzHGLMBBaRPnYU=
x-amz-request-id: NTFJ7ZPJSSW9FH0N
last-modified: Mon, 05 Dec 2022 21:50:08 GMT
etag: "56b69447596f3d966e6d96470dba0ba3"
content-encoding: gzip
x-amz-version-id: WZbm5x2DJOviyCL6iNap8N276rFqwLMN
cf-cache-status: HIT
age: 1171
expires: Wed, 28 Dec 2022 12:01:07 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7808c4250a5db529-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18438&site_id=202928&zone_id=1317174&size_id=2&rp_schain=1.0,1!firstimpression.io,7419,1,,,&rf=https%3A%2F%2Fouo.press%2F6PU4mZ&kw=ouo.press%2Cshortlinks%2Clinkshortener%2CfreeURLshortener&tg_i.ref=https%3A%2F%2Fouo.press%2F6PU4mZ&tg_i.page=https%3A%2F%2Fouo.press%2F6PU4mZ&tg_i.domain=ouo.press&tg_i.figroup=a9&tk_flint=pbjs_lite_v6.2.0&x_source.tid=172ae70c-ab76-4584-bcc2-166a4b9c0d83&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5408109221892111
213.19.162.21200 OK 348 B URL HTTP/2 fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18438&site_id=202928&zone_id=1317174&size_id=2&rp_schain=1.0,1!firstimpression.io,7419,1,,,&rf=https%3A%2F%2Fouo.press%2F6PU4mZ&kw=ouo.press%2Cshortlinks%2Clinkshortener%2CfreeURLshortener&tg_i.ref=https%3A%2F%2Fouo.press%2F6PU4mZ&tg_i.page=https%3A%2F%2Fouo.press%2F6PU4mZ&tg_i.domain=ouo.press&tg_i.figroup=a9&tk_flint=pbjs_lite_v6.2.0&x_source.tid=172ae70c-ab76-4584-bcc2-166a4b9c0d83&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5408109221892111
IP 213.19.162.21:0
File type JSON data\012- , ASCII text, with very long lines (348), with no line terminators
Hash f07d9af451fb4bd03e0edb3eb013f763
9587002fac87819a78fc4af375b7d8fe774b532b
67e06c6eccc35409dfdf3d006644f393b08a7a05ca1e5af67aa4d527dc391a2b
GET /a/api/fastlane.json?account_id=18438&site_id=202928&zone_id=1317174&size_id=2&rp_schain=1.0,1!firstimpression.io,7419,1,,,&rf=https%3A%2F%2Fouo.press%2F6PU4mZ&kw=ouo.press%2Cshortlinks%2Clinkshortener%2CfreeURLshortener&tg_i.ref=https%3A%2F%2Fouo.press%2F6PU4mZ&tg_i.page=https%3A%2F%2Fouo.press%2F6PU4mZ&tg_i.domain=ouo.press&tg_i.figroup=a9&tk_flint=pbjs_lite_v6.2.0&x_source.tid=172ae70c-ab76-4584-bcc2-166a4b9c0d83&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5408109221892111 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.21.4
date: Wed, 28 Dec 2022 08:01:07 GMT
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://ouo.press
pragma: no-cache
vary: Accept-Encoding
set-cookie: khaos=LC7DBGTO-1S-E8CA; Domain=.rubiconproject.com; Path=/; Expires=Thu, 28-Dec-2023 08:01:07 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|naVuGyos1qpJD4vequ7Ev+9DtVM30fCgW/XwlW0Va06eANFuWai+6ZZjSCqH74hcJhsHlJbldDdJwe9iGXKQTKZr5ZVxLWDe; Domain=.rubiconproject.com; Path=/; Expires=Thu, 28-Dec-2023 08:01:07 GMT; Max-Age=31536000; SameSite=None; Secure
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 348
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 36428c937ca75135a53138903cd4236d
3dbe81d6016f903355c277174c9feba2e1f2bdf2
4ee6b705e48625a6f8d2f74476c72f6dc88fb7ffc6dabaa404213e5a09ab7b43
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 28 Dec 2022 08:01:07 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 28 Dec 2022 01:55:54 GMT
Expires: Wed, 04 Jan 2023 01:55:53 GMT
Etag: "3dbe81d6016f903355c277174c9feba2e1f2bdf2"
Cache-Control: max-age=582285,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7808c4249d59b4f3-OSL
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1
178.250.2.146200 OK 30 kB URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1
IP 178.250.2.146:0
Hash 1df0881db31aba2c3e43a321b76c93d5
ebe475a81cc2fa35b776dc4b16ac16f2d88cb012
eb674676d8eb670a85733185184335ac6a32044b6691d1f6a43a4fc1f5ab4e18
GET /sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Dec 2022 08:01:06 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://ouo.press
server-processing-duration-in-ticks: 1229429
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fouo.press&pubid=4cd01fd0-0780-4b33-a4da-c39467660185
143.204.46.73204 No Content 0 B URL HTTP/2 c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fouo.press&pubid=4cd01fd0-0780-4b33-a4da-c39467660185
IP 143.204.46.73:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cdn/prod/config?src=600&u=https%3A%2F%2Fouo.press&pubid=4cd01fd0-0780-4b33-a4da-c39467660185 HTTP/1.1
Host: c.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
cache-control: max-age=21550, s-maxage=21600
date: Wed, 28 Dec 2022 06:56:19 GMT
server: Server
x-cache: Hit from cloudfront
via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Y08xWZZyW9UtseRnx8igGv4VVONljnv1bFqYRZDnW_8_gJZvBqB2SQ==
age: 3887
X-Firefox-Spdy: h2
tag.1rx.io/rmp/212927/0/mvo?z=1r&hbv=6.2,2.1
213.19.147.42204 No Content 0 B URL HTTP/2 tag.1rx.io/rmp/212927/0/mvo?z=1r&hbv=6.2,2.1
IP 213.19.147.42:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /rmp/212927/0/mvo?z=1r&hbv=6.2,2.1 HTTP/1.1
Host: tag.1rx.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 617
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Wed, 28 Dec 2022 08:01:07 GMT
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
pragma: no-cache
cache-control: private, max-age=0, no-cache, no-store
X-Firefox-Spdy: h2
static.criteo.net/js/ld/publishertag.prebid.123.js
178.250.2.130200 OK 48 kB URL HTTP/2 static.criteo.net/js/ld/publishertag.prebid.123.js
IP 178.250.2.130:0
File type ASCII text, with very long lines (65354)
Hash 98bd16b1dee83bcda90add666b1f675d
ca44eac42e2fc2eae5a0143b7d0433c941be662a
fed7a6250f312612d86ad54f53ce2ac2274d9870340e065f4537a2653528d828
GET /js/ld/publishertag.prebid.123.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 28 Dec 2022 08:01:07 GMT
content-type: text/javascript
last-modified: Tue, 03 May 2022 11:21:03 GMT
etag: W/"6271101f-15b58"
expires: Thu, 29 Dec 2022 08:01:07 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
warilycommercialconstitutional.com/sbar.json?key=ed36014633829dc70a42dccaefdf3f11&uuid=684958ef-3179-4531-a5ea-3d018b561de5%3A3%3A1
173.233.137.44200 OK 3.4 kB URL HTTP/1.1 warilycommercialconstitutional.com/sbar.json?key=ed36014633829dc70a42dccaefdf3f11&uuid=684958ef-3179-4531-a5ea-3d018b561de5%3A3%3A1
IP 173.233.137.44:0
File type JSON data\012- , ASCII text, with very long lines (6147), with no line terminators
Hash ca9fa19bfcb041d15af41add46e2b121
55b70868f4dff89bccb8ddc26ba96da42fd232c4
be6ea135f576e1ca626445e07f23e88a36e80825218a537d39c02fc47afbee04
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=ed36014633829dc70a42dccaefdf3f11&uuid=684958ef-3179-4531-a5ea-3d018b561de5%3A3%3A1 HTTP/1.1
Host: warilycommercialconstitutional.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 28 Dec 2022 08:01:07 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://ouo.press
Access-Control-Allow-Origin: https://ouo.press
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=15424691; expires=Thu, 29 Dec 2022 08:01:07 GMT; secure; SameSite=None
uid_id2=684958ef-3179-4531-a5ea-3d018b561de5:3:1; expires=Wed, 04 Jan 2023 08:01:07 GMT; secure; SameSite=None
pdhtkv=true; expires=Thu, 29 Dec 2022 08:01:07 GMT; secure; SameSite=None
uncs=1; expires=Thu, 29 Dec 2022 08:01:07 GMT; secure; SameSite=None
pdhtkv29=true; expires=Thu, 29 Dec 2022 08:01:07 GMT; secure; SameSite=None
uncs29=1; expires=Thu, 29 Dec 2022 08:01:07 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: fe8c1e9593934c87e7861865cd3d4fe8
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 5d781ee169692edafe4ac2a54ea16c76
ae0c5edb5b88ee43387e6be5e19618003fb421a7
8403d4ed15f02693846ffe580a4b47fdf41f4b12a75a8066d844298bfaf855d3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2007
Cache-Control: max-age=123337
Content-Type: application/ocsp-response
Date: Wed, 28 Dec 2022 08:01:07 GMT
Etag: "63ab2eb5-139"
Expires: Thu, 29 Dec 2022 18:16:44 GMT
Last-Modified: Tue, 27 Dec 2022 17:43:17 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 313
dnacdn.net/dna
178.250.0.157200 OK 0 B IP 178.250.0.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Dec 2022 08:01:07 GMT
server: Kestrel
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=c8zWrF80M0RITmhlJTJCZkMwOUJGQlhaMUN2cyUyRnloVmJvWDhuSnElMkJmSDFPVWlRJTJGT2UzeGdqJTJGVWxZVndjRXpMZXdEMktuSw; expires=Mon, 22 Jan 2024 08:01:07 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 329826
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e5527c8de4e5d66f24fa3091ea924551
ffc06a07249eb3d85202d4588d665241921965aa
489ddacc0427cffaa22d551244e8bab8f60e4e731645a2a97b8abbf1952797a6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "489DDACC0427CFFAA22D551244E8BAB8F60E4E731645A2A97B8ABBF1952797A6"
Last-Modified: Tue, 27 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3325
Expires: Wed, 28 Dec 2022 08:56:32 GMT
Date: Wed, 28 Dec 2022 08:01:07 GMT
Connection: keep-alive
warilycommercialconstitutional.com/ren.gif?sid=H4sIAAAAAAAC%2F1SST2gkxRfHqze7h99PEBQvHpRBPCiY2e7p6fnjHhazayS4JmF3NSBeqquqJ%2BXUdDVVXdOT4CG4IHsRxpMeO99JNqy7iItnQSZeJKeMhyUH400Ej4JeZSYDo%2B%2FQ773%2BvsPnfet9tu%2FOiQ9Hzzbf07tSKXo1qvqV17ZkynVhK%2Bt3K4Ff9a9VtmTaqF%2BrDKYf038z8KOq%2F3rlHcG6%2BmrND3w%2F8IPKqjQi0YOrMxUye9wOqm2%2FWq9Vg6iOgflvb50HSz3w%2Fjl5HpJPrmz%2F9ASSjZH2vr0pbDfX2Rtv95yiuTbo86P3026qixS9RZkYD0l6NJ%2BGthNCvroEnR7NN4DuH0w3QCwnxHsaIE6P5piI%2B4cXpLGCSBHzZ1D0xxBqDEnHYPoeJD8lAONY30Dae7CuTUF3LlQ6VSfk8l9%2FQhYTcvmXF5D2vllRclC5o5XLpU4tBkkJORhDdsbI3DHyXQ%2ByOAbLP4XkBGmvhORnrzZa9XbUEslyGDTby%2FUoDJZpJOhyyP2gFUeNgItoZo2UY8hkDCWGoHYJznpw0oNLPLjMQ4%2BfVWjUTny%2FmcRJGLbqjLEwZCxqNXjEw3or8eHYlH2IPBuCqSGY2UNm9tCVQxj3A%2Bx2Ccs92Jygz0sUgqCwBAUlKCRBkRMU%2FfKQK1uz5QOurIuDea7Nc1iOdN7Zp4c674iU7Gfn5LmZYX989B264qwieNjwg3ojDFu1NmdNn9ZrnDEqEp6ESRDAyhLSXgK1Hnbl6bNPkcnT%2F5WI6TGsOgaTr4C6l0CLUbPmg26P6i0fu%2BlD7XQ1M8JacF0iy68g3%2FH21Tl5cQbQ%2Fm0Jgp1c%2F%2FLzjV%2Bv8Q%2FBTInMlPhY%2FkjQUfdHt3VBDm7rwpInG1kue3KXTl%2FzTk5zsfT1u2Kn0Iav3bTDh2%2BxqTAtH98VNr9FUy7TjiWPViTnwqxqwwT5fs1uiXjT2e0VZ1KX3dq8sbrWmwFKnY5B5ekHn4DJCfm%2F6c7u9OXfb0CaMYwr0XMnZB6QegyW7cFmC3qrCYxazMSZh8KVI1OLFz%2BVJFBi0dO4hP1XHy%2FqfXsfHeOB5vdm19k3JfqqBFVDWLc0yjNzcv3ncBaIlTeKlfEOYmXUFxfWWnlWEVHiJ8KviThpx0mT%2Bryd1NsxbQeiGUc0QG4n7NHfx%2F8AAAD%2F%2FwEAAP%2F%2FwZYD9n8EAAA%3D
173.233.137.44200 OK 7 B URL HTTP/1.1 warilycommercialconstitutional.com/ren.gif?sid=H4sIAAAAAAAC%2F1SST2gkxRfHqze7h99PEBQvHpRBPCiY2e7p6fnjHhazayS4JmF3NSBeqquqJ%2BXUdDVVXdOT4CG4IHsRxpMeO99JNqy7iItnQSZeJKeMhyUH400Ej4JeZSYDo%2B%2FQ773%2BvsPnfet9tu%2FOiQ9Hzzbf07tSKXo1qvqV17ZkynVhK%2Bt3K4Ff9a9VtmTaqF%2BrDKYf038z8KOq%2F3rlHcG6%2BmrND3w%2F8IPKqjQi0YOrMxUye9wOqm2%2FWq9Vg6iOgflvb50HSz3w%2Fjl5HpJPrmz%2F9ASSjZH2vr0pbDfX2Rtv95yiuTbo86P3026qixS9RZkYD0l6NJ%2BGthNCvroEnR7NN4DuH0w3QCwnxHsaIE6P5piI%2B4cXpLGCSBHzZ1D0xxBqDEnHYPoeJD8lAONY30Dae7CuTUF3LlQ6VSfk8l9%2FQhYTcvmXF5D2vllRclC5o5XLpU4tBkkJORhDdsbI3DHyXQ%2ByOAbLP4XkBGmvhORnrzZa9XbUEslyGDTby%2FUoDJZpJOhyyP2gFUeNgItoZo2UY8hkDCWGoHYJznpw0oNLPLjMQ4%2BfVWjUTny%2FmcRJGLbqjLEwZCxqNXjEw3or8eHYlH2IPBuCqSGY2UNm9tCVQxj3A%2Bx2Ccs92Jygz0sUgqCwBAUlKCRBkRMU%2FfKQK1uz5QOurIuDea7Nc1iOdN7Zp4c674iU7Gfn5LmZYX989B264qwieNjwg3ojDFu1NmdNn9ZrnDEqEp6ESRDAyhLSXgK1Hnbl6bNPkcnT%2F5WI6TGsOgaTr4C6l0CLUbPmg26P6i0fu%2BlD7XQ1M8JacF0iy68g3%2FH21Tl5cQbQ%2Fm0Jgp1c%2F%2FLzjV%2Bv8Q%2FBTInMlPhY%2FkjQUfdHt3VBDm7rwpInG1kue3KXTl%2FzTk5zsfT1u2Kn0Iav3bTDh2%2BxqTAtH98VNr9FUy7TjiWPViTnwqxqwwT5fs1uiXjT2e0VZ1KX3dq8sbrWmwFKnY5B5ekHn4DJCfm%2F6c7u9OXfb0CaMYwr0XMnZB6QegyW7cFmC3qrCYxazMSZh8KVI1OLFz%2BVJFBi0dO4hP1XHy%2FqfXsfHeOB5vdm19k3JfqqBFVDWLc0yjNzcv3ncBaIlTeKlfEOYmXUFxfWWnlWEVHiJ8KviThpx0mT%2Bryd1NsxbQeiGUc0QG4n7NHfx%2F8AAAD%2F%2FwEAAP%2F%2FwZYD9n8EAAA%3D
IP 173.233.137.44:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1SST2gkxRfHqze7h99PEBQvHpRBPCiY2e7p6fnjHhazayS4JmF3NSBeqquqJ%2BXUdDVVXdOT4CG4IHsRxpMeO99JNqy7iItnQSZeJKeMhyUH400Ej4JeZSYDo%2B%2FQ773%2BvsPnfet9tu%2FOiQ9Hzzbf07tSKXo1qvqV17ZkynVhK%2Bt3K4Ff9a9VtmTaqF%2BrDKYf038z8KOq%2F3rlHcG6%2BmrND3w%2F8IPKqjQi0YOrMxUye9wOqm2%2FWq9Vg6iOgflvb50HSz3w%2Fjl5HpJPrmz%2F9ASSjZH2vr0pbDfX2Rtv95yiuTbo86P3026qixS9RZkYD0l6NJ%2BGthNCvroEnR7NN4DuH0w3QCwnxHsaIE6P5piI%2B4cXpLGCSBHzZ1D0xxBqDEnHYPoeJD8lAONY30Dae7CuTUF3LlQ6VSfk8l9%2FQhYTcvmXF5D2vllRclC5o5XLpU4tBkkJORhDdsbI3DHyXQ%2ByOAbLP4XkBGmvhORnrzZa9XbUEslyGDTby%2FUoDJZpJOhyyP2gFUeNgItoZo2UY8hkDCWGoHYJznpw0oNLPLjMQ4%2BfVWjUTny%2FmcRJGLbqjLEwZCxqNXjEw3or8eHYlH2IPBuCqSGY2UNm9tCVQxj3A%2Bx2Ccs92Jygz0sUgqCwBAUlKCRBkRMU%2FfKQK1uz5QOurIuDea7Nc1iOdN7Zp4c674iU7Gfn5LmZYX989B264qwieNjwg3ojDFu1NmdNn9ZrnDEqEp6ESRDAyhLSXgK1Hnbl6bNPkcnT%2F5WI6TGsOgaTr4C6l0CLUbPmg26P6i0fu%2BlD7XQ1M8JacF0iy68g3%2FH21Tl5cQbQ%2Fm0Jgp1c%2F%2FLzjV%2Bv8Q%2FBTInMlPhY%2FkjQUfdHt3VBDm7rwpInG1kue3KXTl%2FzTk5zsfT1u2Kn0Iav3bTDh2%2BxqTAtH98VNr9FUy7TjiWPViTnwqxqwwT5fs1uiXjT2e0VZ1KX3dq8sbrWmwFKnY5B5ekHn4DJCfm%2F6c7u9OXfb0CaMYwr0XMnZB6QegyW7cFmC3qrCYxazMSZh8KVI1OLFz%2BVJFBi0dO4hP1XHy%2FqfXsfHeOB5vdm19k3JfqqBFVDWLc0yjNzcv3ncBaIlTeKlfEOYmXUFxfWWnlWEVHiJ8KviThpx0mT%2Bryd1NsxbQeiGUc0QG4n7NHfx%2F8AAAD%2F%2FwEAAP%2F%2FwZYD9n8EAAA%3D HTTP/1.1
Host: warilycommercialconstitutional.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Cookie: u_pl=15424691; uid_id2=684958ef-3179-4531-a5ea-3d018b561de5:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 28 Dec 2022 08:01:07 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1742d696631f8ebcd12ab8533b54e8be
Strict-Transport-Security: max-age=0; includeSubdomains
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash b144ed17a7db4c53bbb59b1a4a2b4072
f22d455ba875b8886ade20cd4b7aeaf191aacf02
56973f208e3e0ecb5e2f703c5466c653e170b44bde8750e596d47c399db87bed
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1394
Cache-Control: max-age=161246
Content-Type: application/ocsp-response
Date: Wed, 28 Dec 2022 08:01:07 GMT
Etag: "63abc52f-139"
Expires: Fri, 30 Dec 2022 04:48:33 GMT
Last-Modified: Wed, 28 Dec 2022 04:25:19 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash b144ed17a7db4c53bbb59b1a4a2b4072
f22d455ba875b8886ade20cd4b7aeaf191aacf02
56973f208e3e0ecb5e2f703c5466c653e170b44bde8750e596d47c399db87bed
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1377
Cache-Control: max-age=161229
Content-Type: application/ocsp-response
Date: Wed, 28 Dec 2022 08:01:07 GMT
Etag: "63abc52f-139"
Expires: Fri, 30 Dec 2022 04:48:16 GMT
Last-Modified: Wed, 28 Dec 2022 04:25:19 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 313
aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fouo.press%2F6PU4mZ&pid=zJt6w980HejqP&cb=0&ws=728x90&v=22.1213.2134&t=2000&slots=%5B%7B%22sd%22%3A%2293863%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%5D&schain=1.0%2C1!firstimpression.io%2C7419%2C1%2C%2C%2C&pubid=4cd01fd0-0780-4b33-a4da-c39467660185&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
54.230.241.131200 OK 154 B URL HTTP/2 aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fouo.press%2F6PU4mZ&pid=zJt6w980HejqP&cb=0&ws=728x90&v=22.1213.2134&t=2000&slots=%5B%7B%22sd%22%3A%2293863%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%5D&schain=1.0%2C1!firstimpression.io%2C7419%2C1%2C%2C%2C&pubid=4cd01fd0-0780-4b33-a4da-c39467660185&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
IP 54.230.241.131:0
File type ASCII text, with no line terminators
Hash bb7b4ee21d41485b3c8d171a7bf8b853
04fdbd451ad2cf3aceb697a99ea093fa4c7b4522
5b74ca7f2f7320a7821eedeecfc6bc9cf4c5b0364ae656e62b66657c227aae7e
GET /e/dtb/bid?src=600&u=https%3A%2F%2Fouo.press%2F6PU4mZ&pid=zJt6w980HejqP&cb=0&ws=728x90&v=22.1213.2134&t=2000&slots=%5B%7B%22sd%22%3A%2293863%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%5D&schain=1.0%2C1!firstimpression.io%2C7419%2C1%2C%2C%2C&pubid=4cd01fd0-0780-4b33-a4da-c39467660185&gdprl=%7B%22status%22%3A%22no-cmp%22%7D HTTP/1.1
Host: aax-dtb-cf.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
content-length: 154
server: Server
date: Wed, 28 Dec 2022 08:01:07 GMT
x-amz-rid: F7E9JFXH32PRBQ26FN37
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
timing-allow-origin: *
strict-transport-security: max-age=47474747; includeSubDomains; preload
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Oy17Iz2Quj40MNB_N53lY_pLvdcGuleyiZAOWk2uOa4Ubeyt_cWsXw==
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f06ab215397bc35b186de07d378dc747
5d95d40b3e93b3930b98406e1251c70ff0041fa2
ed4a82f1419f3142a7e8ed6b2056d5cd5c3617acd1745250fbf901c873fa84e8
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "ED4A82F1419F3142A7E8ED6B2056D5CD5C3617ACD1745250FBF901C873FA84E8"
Last-Modified: Tue, 27 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=991
Expires: Wed, 28 Dec 2022 08:17:38 GMT
Date: Wed, 28 Dec 2022 08:01:07 GMT
Connection: keep-alive
cdn.firstimpression.io/tracking/collect?b=1
54.230.111.73200 OK 2 B URL HTTP/2 cdn.firstimpression.io/tracking/collect?b=1
IP 54.230.111.73:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
POST /tracking/collect?b=1 HTTP/1.1
Host: cdn.firstimpression.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded;charset=UTF-8
Content-Length: 285
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Cookie: OAID=GDPR
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/plain
content-length: 2
date: Wed, 28 Dec 2022 08:01:07 GMT
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-request-method: *
access-control-allow-methods: OPTIONS, GET, POST
x-cache: Miss from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7up_iM1fS_YQ98W30qC2rAXdjjmFytu9_j4_Dw-8cuf1oBhhqtaKwg==
X-Firefox-Spdy: h2
warilycommercialconstitutional.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2Fd3%2F55%2Ffb%2Fd355fb06fa4f4907609b7d285fa07f7a%2F1664530003.html&l=1175&fd=138
173.233.137.44200 OK 0 B URL HTTP/1.1 warilycommercialconstitutional.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2Fd3%2F55%2Ffb%2Fd355fb06fa4f4907609b7d285fa07f7a%2F1664530003.html&l=1175&fd=138
IP 173.233.137.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2Fd3%2F55%2Ffb%2Fd355fb06fa4f4907609b7d285fa07f7a%2F1664530003.html&l=1175&fd=138 HTTP/1.1
Host: warilycommercialconstitutional.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Cookie: u_pl=15424691; uid_id2=684958ef-3179-4531-a5ea-3d018b561de5:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 28 Dec 2022 08:01:07 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6f390272a7a0dcad1baac48870e5c743
3089e7668bf645f6ec6a94df71a7ce7451674af5
c6b6dddf9e14ba5c5c56fbc710c4ca8595175d4857631c3a621b40a1f21ba02f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B6DDDF9E14BA5C5C56FBC710C4CA8595175D4857631C3A621B40A1F21BA02F"
Last-Modified: Tue, 27 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5835
Expires: Wed, 28 Dec 2022 09:38:23 GMT
Date: Wed, 28 Dec 2022 08:01:08 GMT
Connection: keep-alive
cdn.firstimpression.io/tracking/collect?b=1
54.230.111.73200 OK 2 B URL HTTP/2 cdn.firstimpression.io/tracking/collect?b=1
IP 54.230.111.73:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
POST /tracking/collect?b=1 HTTP/1.1
Host: cdn.firstimpression.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 474
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Cookie: OAID=GDPR
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/plain
content-length: 2
date: Wed, 28 Dec 2022 08:01:08 GMT
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-request-method: *
access-control-allow-methods: OPTIONS, GET, POST
x-cache: Miss from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ZNuHikgKpOCLoLXBIo1LrvnESz90jc2tMZ2UnDEEwlZsHZsaHiRJLA==
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f06ab215397bc35b186de07d378dc747
5d95d40b3e93b3930b98406e1251c70ff0041fa2
ed4a82f1419f3142a7e8ed6b2056d5cd5c3617acd1745250fbf901c873fa84e8
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "ED4A82F1419F3142A7E8ED6B2056D5CD5C3617ACD1745250FBF901C873FA84E8"
Last-Modified: Tue, 27 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19344
Expires: Wed, 28 Dec 2022 13:23:32 GMT
Date: Wed, 28 Dec 2022 08:01:08 GMT
Connection: keep-alive
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 58939c5247f9c42c945f3ec7015be781
82f174b7247c76276e37c3d487ea0b6856dacb0b
7d13788f933d640242445452669f0cc26942751575ff1457a5a8be9e18fe63b0
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 28 Dec 2022 08:01:08 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 25 Dec 2022 01:42:53 GMT
Expires: Sun, 01 Jan 2023 01:42:52 GMT
Etag: "82f174b7247c76276e37c3d487ea0b6856dacb0b"
Cache-Control: max-age=322303,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7808c429498cb4f3-OSL
gum.criteo.com/syncframe?origin=publishertag&topUrl=ouo.press
178.250.2.146200 OK 6.7 kB URL HTTP/2 gum.criteo.com/syncframe?origin=publishertag&topUrl=ouo.press
IP 178.250.2.146:0
Hash 34846aba6d328dbaac4cb565095ccfdd
bb2fd73a865295089b9e70a4eb3e40b2c63bcef2
0c0cb21cd3bcb2f7bc6658423b46d3381910bb43d3fd72132f81fd1d0720d8da
GET /syncframe?origin=publishertag&topUrl=ouo.press HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Dec 2022 08:01:06 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=0c4bdd4b-1e8a-4862-a736-22edd1d64388; expires=Mon, 22 Jan 2024 08:01:06 GMT; domain=.criteo.com; path=/; secure; samesite=none
optout=0; expires=Thu, 01 Jan 1970 00:00:00 GMT; domain=.criteo.com; path=/
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 472744
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
id5-sync.com/g/v2/806.json
162.19.138.82200 216 B URL HTTP/1.1 id5-sync.com/g/v2/806.json
IP 162.19.138.82:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 0a3eb87a2812256ccb19e03efee210a5
264ff4b4444434e68c018a4bf74647ab0fb4ecd1
af723072546e2ba124293fe8409efe754d388891207fc9ae72306bfab47dad66
POST /g/v2/806.json HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 193
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Wed, 28 Dec 2022 08:01:07 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 089cb868cd21634e881f5e17d6e898f2
22c5df4ab2b56b12f5bcf28070bc441faa4a1f85
892e90ae0a38ab1d7ef0bc0fafe9ebbe82b4e3c90d76af2c8ba0b4f58947b9cf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "892E90AE0A38AB1D7EF0BC0FAFE9EBBE82B4E3C90D76AF2C8BA0B4F58947B9CF"
Last-Modified: Tue, 27 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2824
Expires: Wed, 28 Dec 2022 08:48:12 GMT
Date: Wed, 28 Dec 2022 08:01:08 GMT
Connection: keep-alive
warilycommercialconstitutional.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Finstagram%2Fnew%2F4%2Fjs%2Fscript.js&l=444&fd=125
173.233.137.44200 OK 0 B URL HTTP/1.1 warilycommercialconstitutional.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Finstagram%2Fnew%2F4%2Fjs%2Fscript.js&l=444&fd=125
IP 173.233.137.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Finstagram%2Fnew%2F4%2Fjs%2Fscript.js&l=444&fd=125 HTTP/1.1
Host: warilycommercialconstitutional.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Cookie: u_pl=15424691; uid_id2=684958ef-3179-4531-a5ea-3d018b561de5:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 28 Dec 2022 08:01:08 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
api.rlcdn.com/api/identity/envelope?pid=1258
34.120.133.55401 Unauthorized 19 B URL HTTP/2 api.rlcdn.com/api/identity/envelope?pid=1258
IP 34.120.133.55:0
Hash 63dfbd2b39fe4f536a04e7b32ada47b4
207298c4a215ad5d97d888522927910ae772ba48
26e51290d12b4fea0bb98da3ed118837b744555ba723061771ab3df30000b6b7
GET /api/identity/envelope?pid=1258 HTTP/1.1
Host: api.rlcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 401 Unauthorized
content-type: text/plain; charset=utf-8
x-content-type-options: nosniff
date: Wed, 28 Dec 2022 08:01:08 GMT
content-length: 19
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
15.197.193.217200 OK 63 B URL HTTP/2 match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
IP 15.197.193.217:0
File type JSON data\012- , ASCII text, with no line terminators
Hash a7dd68d57434c27ee6db31b78c1d305b
7991f5f9854315ceb597cb17c18f6dc3c3ad9f03
d5a87d30d73744604a11e99f629b552c9e5022a98ad91b55718f09f7d1ed2647
GET /track/rid?ttd_pid=pubmatic&fmt=json HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Dec 2022 08:01:08 GMT
content-type: application/json; charset=utf-8
content-length: 63
cache-control: private
expires: Fri, 27 Jan 2023 08:01:08 GMT
vary: Origin
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
x-aspnet-version: 4.0.30319
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/si/62/99/91/6299919f2727e6f79b6f7ad60ebd36aa/1667590484.png
45.133.44.10200 OK 33 kB URL HTTP/2 cdn.cloudimagesb.com/si/62/99/91/6299919f2727e6f79b6f7ad60ebd36aa/1667590484.png
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 2cb2500acb00f247ef19403c3a0f89e1
7c57e8b84b2bb0003810ffae7a14e24869155464
7efcd5082673b787603d2a0b8d768fb26807cf2ab79771a69886a916d0cda3ce
GET /si/62/99/91/6299919f2727e6f79b6f7ad60ebd36aa/1667590484.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Dec 2022 08:01:08 GMT
content-type: image/png
content-length: 32763
server: nginx/1.17.6
last-modified: Fri, 04 Nov 2022 19:34:52 GMT
etag: "6365695c-7ffb"
expires: Fri, 30 Dec 2022 08:01:08 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.41200 OK 1.8 kB IP 192.124.249.41:0
Hash 6255f0ea35022b56ac18d965eb63763f
2b24b5ea1ffcfa45a999687f16fad09ed12679e6
ceae7c2ab80ac4897df48002f984e16b5ba81adbb01bb03730e267acb2a56b87
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 28 Dec 2022 08:01:07 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 27 Dec 2022 22:28:27 GMT
Expires: Wed, 28 Dec 2022 22:28:27 GMT
ETag: "2b24b5ea1ffcfa45a999687f16fad09ed12679e6"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
warilycommercialconstitutional.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Finstagram%2Fnew%2F4%2Fcss%2Fanimate.css&l=79245&fd=132
173.233.137.44200 OK 0 B URL HTTP/1.1 warilycommercialconstitutional.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Finstagram%2Fnew%2F4%2Fcss%2Fanimate.css&l=79245&fd=132
IP 173.233.137.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Finstagram%2Fnew%2F4%2Fcss%2Fanimate.css&l=79245&fd=132 HTTP/1.1
Host: warilycommercialconstitutional.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Cookie: u_pl=15424691; uid_id2=684958ef-3179-4531-a5ea-3d018b561de5:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 28 Dec 2022 08:01:08 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
id.crwdcntrl.net/id
34.246.104.18200 OK 43 B IP 34.246.104.18:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 90eeff5111bbbdce769d4130cc3cca3c
d62886c1a85d51814cb7f124761c5e6aca6d8933
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
GET /id HTTP/1.1
Host: id.crwdcntrl.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Dec 2022 08:01:08 GMT
content-type: application/json;charset=utf-8
content-length: 43
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.25.201
access-control-allow-credentials: true
access-control-allow-origin: https://ouo.press
server: Jetty(9.4.38.v20210224)
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e141a61fb05a0ad4cd9e8e7a52f5d4db
2da654421da52a9c28cf3942b414a2e9098deaba
c112b736d77e86c894130fb7d2ab5321a6fb47701979ffcbae932ccc0d30ea7f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C112B736D77E86C894130FB7D2AB5321A6FB47701979FFCBAE932CCC0D30EA7F"
Last-Modified: Tue, 27 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3837
Expires: Wed, 28 Dec 2022 09:05:05 GMT
Date: Wed, 28 Dec 2022 08:01:08 GMT
Connection: keep-alive
warilycommercialconstitutional.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Finstagram%2Fnew%2F4%2Fcss%2Fstyle.css&l=7642&fd=143
173.233.137.44200 OK 660 B URL HTTP/1.1 warilycommercialconstitutional.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Finstagram%2Fnew%2F4%2Fcss%2Fstyle.css&l=7642&fd=143
IP 173.233.137.44:0
File type gzip compressed data, max compression\012- data
Hash 5860c780c8e9daa4f852038f02b5bdc2
c75c8b4db36bffe075ce493f06d011f855d5541a
f11b9f8e851e15c0c6abd53a9994c6dcef78ceeebd0f0b8bbde610fec8332c85
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Finstagram%2Fnew%2F4%2Fcss%2Fstyle.css&l=7642&fd=143 HTTP/1.1
Host: warilycommercialconstitutional.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Cookie: u_pl=15424691; uid_id2=684958ef-3179-4531-a5ea-3d018b561de5:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 28 Dec 2022 08:01:08 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 58939c5247f9c42c945f3ec7015be781
82f174b7247c76276e37c3d487ea0b6856dacb0b
7d13788f933d640242445452669f0cc26942751575ff1457a5a8be9e18fe63b0
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 28 Dec 2022 08:01:08 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 25 Dec 2022 01:42:53 GMT
Expires: Sun, 01 Jan 2023 01:42:52 GMT
Etag: "82f174b7247c76276e37c3d487ea0b6856dacb0b"
Cache-Control: max-age=322303,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7808c429fa06b4f3-OSL
warilycommercialconstitutional.com/pixel/sbs?c=1
173.233.137.44200 OK 0 B URL HTTP/1.1 warilycommercialconstitutional.com/pixel/sbs?c=1
IP 173.233.137.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: warilycommercialconstitutional.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Cookie: u_pl=15424691; uid_id2=684958ef-3179-4531-a5ea-3d018b561de5:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 28 Dec 2022 08:01:08 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
warilycommercialconstitutional.com/impr.gif?sid=H4sIAAAAAAAC%2F1SST2gkxRfHqze7h99PEBQvHpRBPCiY2e7p7vnjHhazayS4JmF3NSBeqquqJ%2BXUdDVV3dOT4CG4IHsRxpMeO99JNqy7iItnQTpeJKeMhyUH400Ej4JeZSYDo%2B%2FQ773%2BvsPnfet9tp%2BfExc5Pdt8T%2B9KpejVsO7WXtuSCdeFra3frXlu3b1W25JJM7hWG04%2FZvCm54Z19%2FXaO4L19NWG67mu53q1VWlErIdXZypk%2Brjj1TtuPWjUvTDA0Py3t7kDSx3wwTl5HpJPrmz%2F9ASSVUj6394Utpfp9I23%2B7mimTYY8KP3k16iiwT9RRkbB3FyNJ%2BGthNCvroEnRzNN4AeHEw3QCQnxHnqIUqO5piIBocXpJGCSBDxZ1AMKghVQdIKTN%2BD5KcEYBzrG0j6D9a1KejOhUqn6oRc%2FutPyGJCLv%2FyApL%2BNytKDmt3tMozqROLYVxCDivIboU0P0a260AWx2DZp5CcIOmXkPzs1WY76IRtES%2F7XquzHIS%2Bt0xDQZd97nrtKGx6XIQza6SsIOMKSoxA7RJy6yCXDvLYQZ466POzGg07seu24ij2%2FXbAGPN9xsJ2k4fcD9qxi5xN2UfI0hGYGoGZPaRmDz05gsl%2FgN0uYbkDmxEMeIlCEBSWoKAEhSQoMoJiUB5yZRu2fMCVzSNvnhvz7JdjnXX36aHOuiIh%2B%2Bk5eW5m2B8ffYeeOKsJ7jddL2j6frvR4azl0qDBGaMi5rEfex6sLCHtJVDrYFeePvsUqTz9X4mIHsOqYzD5Cmj%2BEmgxbjVc0O1x0HaxmzzUua6nRlgLrkuk2RVkO86%2BOicvzgA6vy1BsJPrX36%2B8es1%2FiGYKZGaEh%2FLHwm66v74ti7IwW1dWPJkI81kX%2B7S6WveyWgmlr5%2BV%2BwU2vC1m3b08C02Fabl47vCZrdowmXSteTRiuRcmFVtmCDfr9ktEW3mdnslN0me3tq8sbrWnwFKnVSg8vSDT8DkhPzf9GZ3%2BvLvNyBNBZOX6OcnZB6QugJL92DTBb3VBEYtZqLUQZGXY9OIFj%2BVJFBi0dOohP1XHy3qfXsfXeOAZvdm1zkwJQaqBFUj2HxpnKXm5PrP%2FiwQKWccKeMcRMqoLy6stfKsFnqBaEftFuM8Eox7rYbf9l23wXnQ6givg8xO2KO%2Fj%2F8BAAD%2F%2FwEAAP%2F%2F1Z6NEH8EAAA%3D
173.233.137.44200 OK 7 B URL HTTP/1.1 warilycommercialconstitutional.com/impr.gif?sid=H4sIAAAAAAAC%2F1SST2gkxRfHqze7h99PEBQvHpRBPCiY2e7p7vnjHhazayS4JmF3NSBeqquqJ%2BXUdDVV3dOT4CG4IHsRxpMeO99JNqy7iItnQTpeJKeMhyUH400Ej4JeZSYDo%2B%2FQ773%2BvsPnfet9tp%2BfExc5Pdt8T%2B9KpejVsO7WXtuSCdeFra3frXlu3b1W25JJM7hWG04%2FZvCm54Z19%2FXaO4L19NWG67mu53q1VWlErIdXZypk%2Brjj1TtuPWjUvTDA0Py3t7kDSx3wwTl5HpJPrmz%2F9ASSVUj6394Utpfp9I23%2B7mimTYY8KP3k16iiwT9RRkbB3FyNJ%2BGthNCvroEnRzNN4AeHEw3QCQnxHnqIUqO5piIBocXpJGCSBDxZ1AMKghVQdIKTN%2BD5KcEYBzrG0j6D9a1KejOhUqn6oRc%2FutPyGJCLv%2FyApL%2BNytKDmt3tMozqROLYVxCDivIboU0P0a260AWx2DZp5CcIOmXkPzs1WY76IRtES%2F7XquzHIS%2Bt0xDQZd97nrtKGx6XIQza6SsIOMKSoxA7RJy6yCXDvLYQZ466POzGg07seu24ij2%2FXbAGPN9xsJ2k4fcD9qxi5xN2UfI0hGYGoGZPaRmDz05gsl%2FgN0uYbkDmxEMeIlCEBSWoKAEhSQoMoJiUB5yZRu2fMCVzSNvnhvz7JdjnXX36aHOuiIh%2B%2Bk5eW5m2B8ffYeeOKsJ7jddL2j6frvR4azl0qDBGaMi5rEfex6sLCHtJVDrYFeePvsUqTz9X4mIHsOqYzD5Cmj%2BEmgxbjVc0O1x0HaxmzzUua6nRlgLrkuk2RVkO86%2BOicvzgA6vy1BsJPrX36%2B8es1%2FiGYKZGaEh%2FLHwm66v74ti7IwW1dWPJkI81kX%2B7S6WveyWgmlr5%2BV%2BwU2vC1m3b08C02Fabl47vCZrdowmXSteTRiuRcmFVtmCDfr9ktEW3mdnslN0me3tq8sbrWnwFKnVSg8vSDT8DkhPzf9GZ3%2BvLvNyBNBZOX6OcnZB6QugJL92DTBb3VBEYtZqLUQZGXY9OIFj%2BVJFBi0dOohP1XHy3qfXsfXeOAZvdm1zkwJQaqBFUj2HxpnKXm5PrP%2FiwQKWccKeMcRMqoLy6stfKsFnqBaEftFuM8Eox7rYbf9l23wXnQ6givg8xO2KO%2Fj%2F8BAAD%2F%2FwEAAP%2F%2F1Z6NEH8EAAA%3D
IP 173.233.137.44:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1SST2gkxRfHqze7h99PEBQvHpRBPCiY2e7p7vnjHhazayS4JmF3NSBeqquqJ%2BXUdDVV3dOT4CG4IHsRxpMeO99JNqy7iItnQTpeJKeMhyUH400Ej4JeZSYDo%2B%2FQ773%2BvsPnfet9tp%2BfExc5Pdt8T%2B9KpejVsO7WXtuSCdeFra3frXlu3b1W25JJM7hWG04%2FZvCm54Z19%2FXaO4L19NWG67mu53q1VWlErIdXZypk%2Brjj1TtuPWjUvTDA0Py3t7kDSx3wwTl5HpJPrmz%2F9ASSVUj6394Utpfp9I23%2B7mimTYY8KP3k16iiwT9RRkbB3FyNJ%2BGthNCvroEnRzNN4AeHEw3QCQnxHnqIUqO5piIBocXpJGCSBDxZ1AMKghVQdIKTN%2BD5KcEYBzrG0j6D9a1KejOhUqn6oRc%2FutPyGJCLv%2FyApL%2BNytKDmt3tMozqROLYVxCDivIboU0P0a260AWx2DZp5CcIOmXkPzs1WY76IRtES%2F7XquzHIS%2Bt0xDQZd97nrtKGx6XIQza6SsIOMKSoxA7RJy6yCXDvLYQZ466POzGg07seu24ij2%2FXbAGPN9xsJ2k4fcD9qxi5xN2UfI0hGYGoGZPaRmDz05gsl%2FgN0uYbkDmxEMeIlCEBSWoKAEhSQoMoJiUB5yZRu2fMCVzSNvnhvz7JdjnXX36aHOuiIh%2B%2Bk5eW5m2B8ffYeeOKsJ7jddL2j6frvR4azl0qDBGaMi5rEfex6sLCHtJVDrYFeePvsUqTz9X4mIHsOqYzD5Cmj%2BEmgxbjVc0O1x0HaxmzzUua6nRlgLrkuk2RVkO86%2BOicvzgA6vy1BsJPrX36%2B8es1%2FiGYKZGaEh%2FLHwm66v74ti7IwW1dWPJkI81kX%2B7S6WveyWgmlr5%2BV%2BwU2vC1m3b08C02Fabl47vCZrdowmXSteTRiuRcmFVtmCDfr9ktEW3mdnslN0me3tq8sbrWnwFKnVSg8vSDT8DkhPzf9GZ3%2BvLvNyBNBZOX6OcnZB6QugJL92DTBb3VBEYtZqLUQZGXY9OIFj%2BVJFBi0dOohP1XHy3qfXsfXeOAZvdm1zkwJQaqBFUj2HxpnKXm5PrP%2FiwQKWccKeMcRMqoLy6stfKsFnqBaEftFuM8Eox7rYbf9l23wXnQ6givg8xO2KO%2Fj%2F8BAAD%2F%2FwEAAP%2F%2F1Z6NEH8EAAA%3D HTTP/1.1
Host: warilycommercialconstitutional.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Cookie: u_pl=15424691; uid_id2=684958ef-3179-4531-a5ea-3d018b561de5:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 28 Dec 2022 08:01:08 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4722db773366b30b8e14217e80ca174d
Strict-Transport-Security: max-age=0; includeSubdomains
unseenreport.com/pxf.gif?uuid=684958ef-3179-4531-a5ea-3d018b561de5&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=ed36014633829dc70a42dccaefdf3f11&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=8
192.243.61.227200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=684958ef-3179-4531-a5ea-3d018b561de5&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=ed36014633829dc70a42dccaefdf3f11&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=8
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=684958ef-3179-4531-a5ea-3d018b561de5&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=ed36014633829dc70a42dccaefdf3f11&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=8 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 28 Dec 2022 08:01:08 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d2b3bc32b86fc53972d475eb1335ba71
Strict-Transport-Security: max-age=0; includeSubdomains
ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155495
2.18.172.200200 OK 5.6 kB URL HTTP/2 ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155495
IP 2.18.172.200:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (15889), with no line terminators
Hash 18a6bc0e051c0767f814f63ff07e65f9
8fbe4eb399d8501b90276723d38c9ffb4ab483fa
26341482a8d6c8384b2cb91aba95833ac2002bd284ff690adbd2009bf76cb95b
GET /AdServer/js/user_sync.html?kdntuid=1&p=155495 HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
server: Apache
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5554
content-type: text/html
cache-control: max-age=64562
expires: Thu, 29 Dec 2022 01:57:11 GMT
date: Wed, 28 Dec 2022 08:01:09 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
u.openx.net/w/1.0/pd
35.244.159.8200 OK 20 B IP 35.244.159.8:0
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET /w/1.0/pd HTTP/1.1
Host: u.openx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept, Accept-Encoding
server: OXGW/0.0.0
date: Wed, 28 Dec 2022 08:01:10 GMT
content-type: text/html
content-length: 20
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 89ef209c8c7538fb5c697914f1964ad1
eea672e2a54c92babbeb14dceac28d75c4c75c6f
8da25fbae5f35e15823c9008489b3d5eaf9c8ef9f62089ad19f9aff140f51470
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3470
Cache-Control: max-age=114686
Content-Type: application/ocsp-response
Date: Wed, 28 Dec 2022 08:01:10 GMT
Etag: "63ab0736-1d7"
Expires: Thu, 29 Dec 2022 15:52:36 GMT
Last-Modified: Tue, 27 Dec 2022 14:54:46 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&pbt=1&lsw=1
178.250.2.146200 OK 82 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&pbt=1&lsw=1
IP 178.250.2.146:0
Hash d427e17c52002a0200ff14170afb9ce5
7f4796fa2c90113c161657f27b6c28334eac391e
1872125a18338569f8ef9297d79c8569a07166d4a1a3137bd590acc762a745d3
OPTIONS /sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&pbt=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://ouo.press/
Origin: https://ouo.press
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Dec 2022 08:01:09 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://ouo.press
server-processing-duration-in-ticks: 470340
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
simage4.pubmatic.com/AdServer/SPug?o=1&p=155495&sc=1&u=9F123FFF-4A27-4E23-997F-012D49AF82F4&rs=3&gdpr=0&gdpr_consent=&us_privacy=
198.47.127.20200 OK 1.3 kB URL HTTP/2 simage4.pubmatic.com/AdServer/SPug?o=1&p=155495&sc=1&u=9F123FFF-4A27-4E23-997F-012D49AF82F4&rs=3&gdpr=0&gdpr_consent=&us_privacy=
IP 198.47.127.20:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (1720)
Hash f201f7701cdb8d9f8e572d974e7c3a21
421c8082b2bdf12088302b1a20244c8b46b7c5be
a9f93f0ffe41dcf1f24a98241f74aeb84c4c9bda04e3d9d8f1a6c94128031e4f
GET /AdServer/SPug?o=1&p=155495&sc=1&u=9F123FFF-4A27-4E23-997F-012D49AF82F4&rs=3&gdpr=0&gdpr_consent=&us_privacy= HTTP/1.1
Host: simage4.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
date: Wed, 28 Dec 2022 08:01:09 GMT
content-type: text/html; charset=utf-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
content-encoding: gzip
X-Firefox-Spdy: h2
ouo.press/6PU4mZ
104.22.59.251200 OK 0 B IP 104.22.59.251:0
GET /6PU4mZ HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Wed, 28 Dec 2022 08:01:04 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
set-cookie: ouoio_session=eyJpdiI6IjhBWExLZzVSS1d6MmVkSHoyQ2h5U0YzbWo0ZWFFckszdGtvUDFcL3ZScCtvPSIsInZhbHVlIjoiOXFkRWZ6aUFNblM2NDZXSTIwbXE5UDNoVmdaMDhEOXAzb3pEUG9Ib3ZGRDU5R3EreXdcLzVqTVhLcktPK1dsamtYVk1NQkpiMjFcL1BDTXY1Q1hPRDRWZz09IiwibWFjIjoiMzEwODgwZGQwY2YxZWMzYTU3NThiYmQxN2VkNDNmZTA5ZDMxMTNkNGJjNGNlYTY0MzI1YzYwN2E4ZWI4ZDg5NyJ9; path=/; httponly
language=eyJpdiI6IkZDamhzVmhFK3ZNcmNEdnhkT3B1NzRrdG54OUc1ZUZIOENyNDliS1pHWDg9IiwidmFsdWUiOiJGQURrTUxuQkhwUzR5azRSRDlIdlJHQ1d6WlZuZlhlRHJxNFJWY1c0WVdvPSIsIm1hYyI6IjE0OTUxODVjYjRiNzc3YTliMjRiYzc5NGU4NGQzNWU5MjQ5NTAzMGQ1MTc2ODdiYjkzN2Y0OTU4MGFiYjZmYmQifQ%3D%3D; expires=Mon, 27-Dec-2027 08:01:04 GMT; Max-Age=157680000; path=/; httponly
974b2bd95607750aaf434e23d78d5deb89096dc2=eyJpdiI6IitSRzVkWFlDeGFLTFwvUEtpaXQ4UmFGeitzNWVvdDhzdXBVcDdRQmo5XC9MND0iLCJ2YWx1ZSI6InZuNEZ3SlRYalwvY0ZTYzhjR3V5bjlmajlpN1U1RVYyejNjdFdQUEFydzFPWXF3UXM0SXo2dU82Z1Z5UzFHRjhwT3NoNTViNGpHRUtSK2l5b0VuQ0xFdTQ1WmFVemNIaDhEWWRNWUJDQUdqZHdHMnlseWtUeFwvWlJXU1VPZDcza2tJYXd2SndQWU1tWFdpREN2b2V3NGhENXFBM1wvYWt2WWJmRURBd1RYZlZkNFJtUGJtRFlFM2UrSGtYdzFjN0libWN3N3BqR1dKN0tzNFNYS0pDQ3QzYXhcL2JFWjR2YmZ1aVdsU3dhNitjdlJjMzRUdmRjVXpHQ3g1bHRucDdLVThDMG1yN1B0N2U5eTRaNVd4c2xEbk5KcTd4RFFLYm55OFJYdEhqVTN6Y2hlVjM4MFpBMm9RVzUra0ZlT1lhVHRcL05qNkxEdEdnNFlLZ2JRd1RaS0ZveUJVMXhQdVYyQzhMMWZDWGRhSm4wcjcwYTFjRFhIYVFwXC9nRzVVMkFEanpveiIsIm1hYyI6IjA4NjdjYmE1MTlhNjAxZGQzNGFmOGRjY2IyYzFmOWQwODI1YTBhNGY3MzFkM2Y5OWJjOTVmYTYxMGIxOWM2ZGUifQ%3D%3D; expires=Wed, 28-Dec-2022 10:01:04 GMT; Max-Age=7200; path=/; httponly
__cf_bm=p8Vgo2TqLloKyAGpU3VedncouCX0CAgWp1LNBMxWhO4-1672214464-0-AXq2WOLW6GoYRHg77jUwOOEuf1RKgm9GoiqyvjX+8DZww9ahXM0H34N2cXNnXokprHpuFQxzuaKER/mpVCzYpDI=; path=/; expires=Wed, 28-Dec-22 08:31:04 GMT; domain=.ouo.press; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 7808c41478760b06-OSL
content-encoding: br
X-Firefox-Spdy: h2
ouo.press/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
104.22.59.251200 OK 0 B URL HTTP/2 ouo.press/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP 104.22.59.251:0
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/6PU4mZ
Cookie: ouoio_session=eyJpdiI6IjhBWExLZzVSS1d6MmVkSHoyQ2h5U0YzbWo0ZWFFckszdGtvUDFcL3ZScCtvPSIsInZhbHVlIjoiOXFkRWZ6aUFNblM2NDZXSTIwbXE5UDNoVmdaMDhEOXAzb3pEUG9Ib3ZGRDU5R3EreXdcLzVqTVhLcktPK1dsamtYVk1NQkpiMjFcL1BDTXY1Q1hPRDRWZz09IiwibWFjIjoiMzEwODgwZGQwY2YxZWMzYTU3NThiYmQxN2VkNDNmZTA5ZDMxMTNkNGJjNGNlYTY0MzI1YzYwN2E4ZWI4ZDg5NyJ9; language=eyJpdiI6IkZDamhzVmhFK3ZNcmNEdnhkT3B1NzRrdG54OUc1ZUZIOENyNDliS1pHWDg9IiwidmFsdWUiOiJGQURrTUxuQkhwUzR5azRSRDlIdlJHQ1d6WlZuZlhlRHJxNFJWY1c0WVdvPSIsIm1hYyI6IjE0OTUxODVjYjRiNzc3YTliMjRiYzc5NGU4NGQzNWU5MjQ5NTAzMGQ1MTc2ODdiYjkzN2Y0OTU4MGFiYjZmYmQifQ%3D%3D; 974b2bd95607750aaf434e23d78d5deb89096dc2=eyJpdiI6IitSRzVkWFlDeGFLTFwvUEtpaXQ4UmFGeitzNWVvdDhzdXBVcDdRQmo5XC9MND0iLCJ2YWx1ZSI6InZuNEZ3SlRYalwvY0ZTYzhjR3V5bjlmajlpN1U1RVYyejNjdFdQUEFydzFPWXF3UXM0SXo2dU82Z1Z5UzFHRjhwT3NoNTViNGpHRUtSK2l5b0VuQ0xFdTQ1WmFVemNIaDhEWWRNWUJDQUdqZHdHMnlseWtUeFwvWlJXU1VPZDcza2tJYXd2SndQWU1tWFdpREN2b2V3NGhENXFBM1wvYWt2WWJmRURBd1RYZlZkNFJtUGJtRFlFM2UrSGtYdzFjN0libWN3N3BqR1dKN0tzNFNYS0pDQ3QzYXhcL2JFWjR2YmZ1aVdsU3dhNitjdlJjMzRUdmRjVXpHQ3g1bHRucDdLVThDMG1yN1B0N2U5eTRaNVd4c2xEbk5KcTd4RFFLYm55OFJYdEhqVTN6Y2hlVjM4MFpBMm9RVzUra0ZlT1lhVHRcL05qNkxEdEdnNFlLZ2JRd1RaS0ZveUJVMXhQdVYyQzhMMWZDWGRhSm4wcjcwYTFjRFhIYVFwXC9nRzVVMkFEanpveiIsIm1hYyI6IjA4NjdjYmE1MTlhNjAxZGQzNGFmOGRjY2IyYzFmOWQwODI1YTBhNGY3MzFkM2Y5OWJjOTVmYTYxMGIxOWM2ZGUifQ%3D%3D; __cf_bm=p8Vgo2TqLloKyAGpU3VedncouCX0CAgWp1LNBMxWhO4-1672214464-0-AXq2WOLW6GoYRHg77jUwOOEuf1RKgm9GoiqyvjX+8DZww9ahXM0H34N2cXNnXokprHpuFQxzuaKER/mpVCzYpDI=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Dec 2022 08:01:05 GMT
content-type: application/javascript
last-modified: Tue, 20 Dec 2022 16:36:20 GMT
etag: W/"63a1e484-4d7"
vary: Accept-Encoding
server: cloudflare
cf-ray: 7808c41659a40b06-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Fri, 30 Dec 2022 08:01:05 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/ssp/utility/social-media/instagram/new/4/css/animate.css
172.64.108.13200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/ssp/utility/social-media/instagram/new/4/css/animate.css
IP 172.64.108.13:0
GET /sb/ssp/utility/social-media/instagram/new/4/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Dec 2022 08:01:08 GMT
content-type: text/css
last-modified: Mon, 26 Sep 2022 10:05:22 GMT
etag: W/"63317962-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 967414
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TSyLNcRCLY4J4bz20uUZ8TYvDV3qdlUl16BeRThGdI6tmGNlJL5k6E42IKFn2Z2GFQ6chui5PDL4CkPVNKO%2F2zVCaveBrIf62a4RgTzNhMwqbXXFjwAiMrLuuIkkriL2zGt2hV9HfUfQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7808c428f9c572d0-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Questrial
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Questrial
IP 142.250.74.106:0
GET /css?family=Questrial HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 28 Dec 2022 08:01:05 GMT
date: Wed, 28 Dec 2022 08:01:05 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.firstimpression.io/delivery/lg.php?bannerid=65637%7C65638%7C65639%7C83411%7C93863%7C100721&campaignid=18%7C15%7C9%7C44%7C43%7C22&zoneid=110459%7C110459%7C110459%7C110459%7C110459%7C110459
54.230.111.73200 OK 0 B URL HTTP/2 cdn.firstimpression.io/delivery/lg.php?bannerid=65637%7C65638%7C65639%7C83411%7C93863%7C100721&campaignid=18%7C15%7C9%7C44%7C43%7C22&zoneid=110459%7C110459%7C110459%7C110459%7C110459%7C110459
IP 54.230.111.73:0
POST /delivery/lg.php?bannerid=65637%7C65638%7C65639%7C83411%7C93863%7C100721&campaignid=18%7C15%7C9%7C44%7C43%7C22&zoneid=110459%7C110459%7C110459%7C110459%7C110459%7C110459 HTTP/1.1
Host: cdn.firstimpression.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Cookie: OAID=GDPR
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
date: Wed, 28 Dec 2022 08:01:07 GMT
server: nginx/1.20.0
vary: Accept-Encoding
x-powered-by: PHP/8.0.14
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
expires: 0
access-control-allow-origin: https://ouo.press
p3p: CP="CUR ADM OUR NOR STA NID"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: C3FSNNr0Yt3yvulHq5LMWY0Rfd-fndnlGbDEnW-Md-S0_DCxJN72AQ==
X-Firefox-Spdy: h2
c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
143.204.46.73200 OK 0 B URL HTTP/2 c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
IP 143.204.46.73:0
GET /bao-csm/aps-comm/aps_csm.js HTTP/1.1
Host: c.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Fri, 23 Dec 2022 01:05:48 GMT
x-amz-version-id: 1R3b4YI9dI20q9Y7Gq1DHxVUnq3Fp2gn
server: AmazonS3
content-encoding: gzip
date: Wed, 28 Dec 2022 01:06:32 GMT
cache-control: public, max-age=86400
etag: W/"a4d296427fc806b21335359e398c025c"
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: n1Zr-C_iDKKqHA2MVACqKOV3pZqjAD8Ly18jVgG8jYq_iszGqPK0PQ==
age: 24894
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/ssp/utility/social-media/instagram/new/4/css/style.css
172.64.108.13200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/ssp/utility/social-media/instagram/new/4/css/style.css
IP 172.64.108.13:0
GET /sb/ssp/utility/social-media/instagram/new/4/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Dec 2022 08:01:08 GMT
content-type: text/css
last-modified: Fri, 30 Sep 2022 09:41:34 GMT
etag: W/"6336b9ce-1dda"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 984508
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kTe8W%2FSolytf1eBcXdihj2n1OYJMLcVY7dojKYnUktl6Loioia68eGCWgZpdpOsta%2FC%2Fh6W5sFZOxutJXxQS7ONZPX2am0QNC9cmpGVABYPImJ4RR6XGL5N4trqSYeII96%2F4AjeVCFUi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7808c42909d872d0-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ouo.press/css/link-safe.css
104.22.59.251200 OK 0 B URL HTTP/2 ouo.press/css/link-safe.css
IP 104.22.59.251:0
GET /css/link-safe.css HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/6PU4mZ
Cookie: ouoio_session=eyJpdiI6IjhBWExLZzVSS1d6MmVkSHoyQ2h5U0YzbWo0ZWFFckszdGtvUDFcL3ZScCtvPSIsInZhbHVlIjoiOXFkRWZ6aUFNblM2NDZXSTIwbXE5UDNoVmdaMDhEOXAzb3pEUG9Ib3ZGRDU5R3EreXdcLzVqTVhLcktPK1dsamtYVk1NQkpiMjFcL1BDTXY1Q1hPRDRWZz09IiwibWFjIjoiMzEwODgwZGQwY2YxZWMzYTU3NThiYmQxN2VkNDNmZTA5ZDMxMTNkNGJjNGNlYTY0MzI1YzYwN2E4ZWI4ZDg5NyJ9; language=eyJpdiI6IkZDamhzVmhFK3ZNcmNEdnhkT3B1NzRrdG54OUc1ZUZIOENyNDliS1pHWDg9IiwidmFsdWUiOiJGQURrTUxuQkhwUzR5azRSRDlIdlJHQ1d6WlZuZlhlRHJxNFJWY1c0WVdvPSIsIm1hYyI6IjE0OTUxODVjYjRiNzc3YTliMjRiYzc5NGU4NGQzNWU5MjQ5NTAzMGQ1MTc2ODdiYjkzN2Y0OTU4MGFiYjZmYmQifQ%3D%3D; 974b2bd95607750aaf434e23d78d5deb89096dc2=eyJpdiI6IitSRzVkWFlDeGFLTFwvUEtpaXQ4UmFGeitzNWVvdDhzdXBVcDdRQmo5XC9MND0iLCJ2YWx1ZSI6InZuNEZ3SlRYalwvY0ZTYzhjR3V5bjlmajlpN1U1RVYyejNjdFdQUEFydzFPWXF3UXM0SXo2dU82Z1Z5UzFHRjhwT3NoNTViNGpHRUtSK2l5b0VuQ0xFdTQ1WmFVemNIaDhEWWRNWUJDQUdqZHdHMnlseWtUeFwvWlJXU1VPZDcza2tJYXd2SndQWU1tWFdpREN2b2V3NGhENXFBM1wvYWt2WWJmRURBd1RYZlZkNFJtUGJtRFlFM2UrSGtYdzFjN0libWN3N3BqR1dKN0tzNFNYS0pDQ3QzYXhcL2JFWjR2YmZ1aVdsU3dhNitjdlJjMzRUdmRjVXpHQ3g1bHRucDdLVThDMG1yN1B0N2U5eTRaNVd4c2xEbk5KcTd4RFFLYm55OFJYdEhqVTN6Y2hlVjM4MFpBMm9RVzUra0ZlT1lhVHRcL05qNkxEdEdnNFlLZ2JRd1RaS0ZveUJVMXhQdVYyQzhMMWZDWGRhSm4wcjcwYTFjRFhIYVFwXC9nRzVVMkFEanpveiIsIm1hYyI6IjA4NjdjYmE1MTlhNjAxZGQzNGFmOGRjY2IyYzFmOWQwODI1YTBhNGY3MzFkM2Y5OWJjOTVmYTYxMGIxOWM2ZGUifQ%3D%3D; __cf_bm=p8Vgo2TqLloKyAGpU3VedncouCX0CAgWp1LNBMxWhO4-1672214464-0-AXq2WOLW6GoYRHg77jUwOOEuf1RKgm9GoiqyvjX+8DZww9ahXM0H34N2cXNnXokprHpuFQxzuaKER/mpVCzYpDI=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Dec 2022 08:01:05 GMT
content-type: text/css
cache-control: max-age=86400
cf-bgj: minify
cf-polished: status=cannot_optimize
etag: W/"5d951ace-1830"
expires: Wed, 28 Dec 2022 08:46:28 GMT
last-modified: Wed, 02 Oct 2019 21:46:54 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 40477
vary: Accept-Encoding
server: cloudflare
cf-ray: 7808c416499d0b06-OSL
content-encoding: br
X-Firefox-Spdy: h2
ecdn.firstimpression.io/static/js/prebidamp.js
54.230.111.73200 OK 0 B URL HTTP/2 ecdn.firstimpression.io/static/js/prebidamp.js
IP 54.230.111.73:0
GET /static/js/prebidamp.js HTTP/1.1
Host: ecdn.firstimpression.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
server: nginx/1.20.0
last-modified: Tue, 14 Dec 2021 15:30:51 GMT
access-control-allow-origin: *
content-encoding: br
date: Wed, 28 Dec 2022 07:22:34 GMT
expires: Wed, 28 Dec 2022 08:22:33 GMT
cache-control: max-age=3600
etag: W/"61b8b8ab-4e128"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: LnD3p1swc7dVEHDYpbXPsx9ywJzymzLTs4_UQQYBLi9dOKZj5nThKA==
age: 2313
X-Firefox-Spdy: h2
friendshipmale.com/sfp.js
172.64.109.35200 OK 0 B URL HTTP/2 friendshipmale.com/sfp.js
IP 172.64.109.35:0
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Dec 2022 08:01:05 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 355bb9e80bcc0eb3e7be942e254290fa
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Wed, 28 Dec 2022 08:01:05 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ED6Bt9tR2u8hmcISdLbFjeKIWkYD7lp2Sb4UnctZFcX9YJ%2F604nNQOQ9oVcpqNNIpfItO5paXQdcXuyhvERRgS794lvmSjfc%2ByK34Z4grrfiDE9%2F2f841XWGEglxpDlncGdtbFo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7808c41afd0b8e26-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.barscreative1.com/sb/au/d3/55/fb/d355fb06fa4f4907609b7d285fa07f7a/1664530003.html
45.133.44.3200 OK 0 B URL HTTP/2 cdn.barscreative1.com/sb/au/d3/55/fb/d355fb06fa4f4907609b7d285fa07f7a/1664530003.html
IP 45.133.44.3:0
ASN #39572 DataWeb Global Group B.V.
Analyzer Verdict Alert fortinet Phishing
GET /sb/au/d3/55/fb/d355fb06fa4f4907609b7d285fa07f7a/1664530003.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Dec 2022 08:01:07 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Fri, 30 Sep 2022 09:26:48 GMT
etag: W/"6336b658-497"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Wed, 28 Dec 2022 09:01:07 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
ag.gbc.criteo.com/newidsd
185.235.84.64200 OK 0 B URL HTTP/2 ag.gbc.criteo.com/newidsd
IP 185.235.84.64:0
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Wed, 28 Dec 2022 08:01:07 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 87216
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/ssp/utility/social-media/instagram/new/4/img/close.svg
172.64.108.13200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/ssp/utility/social-media/instagram/new/4/img/close.svg
IP 172.64.108.13:0
GET /sb/ssp/utility/social-media/instagram/new/4/img/close.svg HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Dec 2022 08:01:08 GMT
content-type: image/svg+xml
last-modified: Wed, 28 Sep 2022 21:49:43 GMT
etag: W/"6334c177-52a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 3694215
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LO4BYi%2F7j1pG1uAEwDHynNfUbcYC7NkQeqFkdJr69d98eITJSoxS00Tx2T%2Fbjjbr7AX3oL6FQqidZcVk8KfnovN%2BrbkbSNIo03PNoky0t%2BTQF5GJQnZC%2F5cdDdOr1POv4OxDJZ74FnY3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7808c42909dc72d0-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ecdn.firstimpression.io/static/js/fiamp.js
54.230.111.73200 OK 0 B URL HTTP/2 ecdn.firstimpression.io/static/js/fiamp.js
IP 54.230.111.73:0
GET /static/js/fiamp.js HTTP/1.1
Host: ecdn.firstimpression.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
server: nginx/1.20.0
last-modified: Fri, 08 Apr 2022 08:48:22 GMT
access-control-allow-origin: *
content-encoding: br
date: Wed, 28 Dec 2022 07:22:34 GMT
expires: Wed, 28 Dec 2022 08:22:33 GMT
cache-control: max-age=3600
etag: W/"624ff6d6-1b8e9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 9OrCoAtjdncT-Q58MNsEE-SQpRq3n0VxlYVtNH8JvcUcMMGOBb33dg==
age: 2314
X-Firefox-Spdy: h2
ouo.io/6PU4mZ
104.22.22.162302 Found 0 B IP 104.22.22.162:0
GET /6PU4mZ HTTP/1.1
Host: ouo.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Wed, 28 Dec 2022 08:01:04 GMT
content-type: text/html; charset=UTF-8
location: https://ouo.press/6PU4mZ
cache-control: no-cache
set-cookie: ouoio_session=eyJpdiI6Im9SK3lmeFNDWUd0eVRITnlicEtnekRBN2t1eUZGU09vUTNiZ05cL0g0Nm9nPSIsInZhbHVlIjoiUlwvY0JnWk1CRnNkMGRHenoreGJzbWkzcDVxZ24zNzRmRVJzbXZ5R1ZrVDJXaG9KOG0yUWx1NmQzN1lBQzFNZ0VXczRKVHR4VW0xakNYWDJOT0QwVEV3PT0iLCJtYWMiOiI5MGM1YzY1MjQ3MDg2ZDkxNDcyYzRmOTVmZWViMDMzNDc5MGNjNTMzYWUxOTY5MjlhYzc0YzA3NGJiYjIwYzk2In0%3D; path=/; httponly
language=eyJpdiI6IlV6VVc2RkkwXC9TbXRTZDJNMm1ESFlOQ3RQeitZQ0pvME9UYzAyRWx5Z2NVPSIsInZhbHVlIjoiWHl5SmxyUzJlTVVJZmJrVElzRXAzczlUODRmM2s0aHZnTThFSVFPWFl2Yz0iLCJtYWMiOiI1NGE1MjkwMDM3NjdlOGQ1ZWVlYjU4N2M3YjM1ZTQ4Nzg4NWM3ODk0MGM1MTUyZDhmOWI4MWU3YWIyNzhmODg3In0%3D; expires=Mon, 27-Dec-2027 08:01:04 GMT; Max-Age=157680000; path=/; httponly
fd67d00c626e4810cbc0002fc16100cb3c5cca7d=eyJpdiI6ImtBRGl0V3hvVW9BZktxNXJPeWVLbzlZVHhIb1haY0ZXZkd0bnFOZUpTTzQ9IiwidmFsdWUiOiJpVWkrbTJPZ3pEeTVRdkJ6a3FYV3pvVnZZbUozYWFFQmlXbjYwRmxcL1Rob1NtRmtmbHhGd1doY3I3T3VcL2lKbWl3K0RPWXF5WHZaSU9UUjdobEhWTXJVKzc3QU5aUUJxRFh2Nk5wSFJTTjhQeHR3REFRYyttaitrQ1R0VGhVV1g4ZDZBcHBMem1LcVRWUGdhXC9tNDNqN1NJYWRCcmhYUmFQSzNRT29SMW1CNzJTRnp2QnlNeW9jNUxjcUQ2RTRqNnh4ZjhYTFlCck45VjdOenZTU2dJemhuMm1mSnNkcVwvcEFnbVErSW01UG9UU2g1bllJWXlzOXdLU2I1K2hNVDRkTFwvRW1hWVI5WGVYZStZbE5iR3dVbmhEYUtRRVJTOU5TdWs5R1NiRFVtM2hXaGtlU0NuaXdHSkw3MXQ2MENxK0VkZUh0MHBBcVFHMVFXR1YyeTAwWVwvOHc9PSIsIm1hYyI6ImNjNjJiYTA2MDAwYjYxNDgzMjU5YmM0MjlmYWNiYzA0NTEyNWIxOGRlYWUwMWE3YmU2ZGY5Mzc2YjgxZTVlNzYifQ%3D%3D; expires=Wed, 28-Dec-2022 10:01:04 GMT; Max-Age=7200; path=/; httponly
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7808c40fdaabb4fd-OSL
X-Firefox-Spdy: h2
ecdn.firstimpression.io/fi_client.js
54.230.111.73200 OK 0 B URL HTTP/2 ecdn.firstimpression.io/fi_client.js
IP 54.230.111.73:0
GET /fi_client.js HTTP/1.1
Host: ecdn.firstimpression.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Wed, 28 Dec 2022 07:22:32 GMT
server: nginx/1.20.0
x-powered-by: PHP/8.0.14
x-xss-protection: 0
last-modified: Wed, 28 Dec 2022 07:22:32 UTC
etag: W/"2c36bb8aa93fb685812e131859de5c25"
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: xwvrkSoqfhCwOkxYizGu3ddchLN8lvS35niExlkFHY5bafoyrpdGZg==
age: 2313
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1
178.250.2.146200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1
IP 178.250.2.146:0
OPTIONS /sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://ouo.press/
Origin: https://ouo.press
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Dec 2022 08:01:07 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://ouo.press
server-processing-duration-in-ticks: 506034
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
185.235.84.106200 OK 0 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP 185.235.84.106:0
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Wed, 28 Dec 2022 08:01:07 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 108119
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&pbt=1&lsw=1
178.250.2.146200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&pbt=1&lsw=1
IP 178.250.2.146:0
GET /sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&pbt=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Dec 2022 08:01:09 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://ouo.press
server-processing-duration-in-ticks: 1052516
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2