ouo.press/JtiZDz
172.67.22.15403 Forbidden 3.8 kB IP 172.67.22.15:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (836)
Hash 46d874114cf3fa0f87d1179a74d8e912
9864a00a941e30d14e90a7f5f9e0e4e06dcf68a5
f4d95e42f768eab2d9a425a0e881f6c1147d7d2be1d598ec4fbe2e3f31bfa0ed
GET /JtiZDz HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 403 Forbidden
Date: Sun, 20 Nov 2022 02:46:23 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
CF-Chl-Bypass: 1
Referrer-Policy: same-origin
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Frame-Options: SAMEORIGIN
Set-Cookie: __cf_bm=7Sd0B6ZSMWpJ6ZSBJnCXWWi7vzzrtbvWv8pjWqJwhy4-1668912383-0-Af/wEvrq6JBJbyckb6qhQCnBid+hn0gM2DPwa40OzBNGYG2m+ARVlc0Yw9qIQTvw/XZqKL+NV/8i3xF9jyKd6k8=; path=/; expires=Sun, 20-Nov-22 03:16:23 GMT; domain=.ouo.press; HttpOnly; SameSite=None
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76cddade6c22b512-OSL
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash eb76c0b3adf4098ad8a9d1e38250758f
99610ddb2b4ec6d04250ac244f966951695d4f00
01ed8c191c175471aee23cbc196d558e5bf5209f166806fc97db08eb06544bab
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "01ED8C191C175471AEE23CBC196D558E5BF5209F166806FC97DB08EB06544BAB"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5636
Expires: Sun, 20 Nov 2022 04:20:19 GMT
Date: Sun, 20 Nov 2022 02:46:23 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f732c50f6a2482aeea20552e0370c2d0
6f33119d5c38e92a0a62f3a46766ff86014e4d68
a47e38c199c5fecd5594544a3889e1cfca5547d85f19056f06eaeeadf17f4fe9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 539
Cache-Control: max-age=114829
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 02:46:23 GMT
Etag: "6378b071-1d7"
Expires: Mon, 21 Nov 2022 10:40:12 GMT
Last-Modified: Sat, 19 Nov 2022 10:31:13 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 20 Nov 2022 02:45:14 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 70
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e7724a1f27dc1b5b2fb63c7e486f74db
ef0ea648ce8bc189d31382baec4b181c724af93b
2a46916079563d95fa6a695104ebf41829ee95a156d6e4d45b9aef7231a8a80e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A46916079563D95FA6A695104EBF41829EE95A156D6E4D45B9AEF7231A8A80E"
Last-Modified: Fri, 18 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5230
Expires: Sun, 20 Nov 2022 04:13:34 GMT
Date: Sun, 20 Nov 2022 02:46:24 GMT
Connection: keep-alive
ouo.press/cdn-cgi/styles/challenges.css
172.67.22.15200 OK 2.6 kB URL HTTP/1.1 ouo.press/cdn-cgi/styles/challenges.css
IP 172.67.22.15:0
File type ASCII text, with very long lines (6294), with no line terminators
Hash ba2d8534d208d2a5b158507e004d7150
ab81307634698ea304a68783fa38937f562009a2
63b366fdbfea7cbec639f9a5f24714a831e171570625def9462d724b5c8fdc59
GET /cdn-cgi/styles/challenges.css HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ouo.press/JtiZDz
Connection: keep-alive
HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 02:46:24 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 15 Nov 2022 18:09:42 GMT
ETag: W/"6373d5e6-1896"
Server: cloudflare
CF-RAY: 76cddae068cdb500-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Expires: Sun, 20 Nov 2022 04:46:24 GMT
Cache-Control: max-age=7200, public
Content-Encoding: gzip
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: g+vQrWhifcXDTk4qNldfxokEV+emH8RZyd114g0o8Gvil37yLxbl6upZp0v5tElMlubmnBGSWO0=
x-amz-request-id: PMTC6XMSADMHT31V
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 20 Nov 2022 02:38:33 GMT
age: 471
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ouo.press/favicon.ico
172.67.22.15200 OK 0 B IP 172.67.22.15:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ouo.press/JtiZDz
Connection: keep-alive
HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 02:46:24 GMT
Content-Type: image/x-icon
Content-Length: 0
Connection: keep-alive
Last-Modified: Sat, 14 Feb 2015 06:41:24 GMT
ETag: "54deee14-0"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=86400
CF-Cache-Status: HIT
Age: 3927
Accept-Ranges: bytes
Set-Cookie: __cf_bm=kSmNXkW7pEbYpkCYekvoAoITZPp61RAiL1at303ow7g-1668912384-0-AZW36vDDSJF5753jpZS3R1j3J2Pplmqmtc4WJGZUAzuqSSzpLHlP/6r0Qvycx2vaa6u49nezyw0UoKTXVQQ3FC8=; path=/; expires=Sun, 20-Nov-22 03:16:24 GMT; domain=.ouo.press; HttpOnly; SameSite=None
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76cddae068b7b4e8-OSL
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 20 Nov 2022 02:46:24 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ouo.press/cdn-cgi/images/trace/managed/js/transparent.gif?ray=76cddade6c22b512
172.67.22.15200 OK 42 B URL HTTP/1.1 ouo.press/cdn-cgi/images/trace/managed/js/transparent.gif?ray=76cddade6c22b512
IP 172.67.22.15:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /cdn-cgi/images/trace/managed/js/transparent.gif?ray=76cddade6c22b512 HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ouo.press/JtiZDz
Connection: keep-alive
HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 02:46:24 GMT
Content-Type: image/gif
Content-Length: 42
Connection: keep-alive
Last-Modified: Tue, 15 Nov 2022 18:09:42 GMT
ETag: "6373d5e6-2a"
Server: cloudflare
CF-RAY: 76cddae0f903b500-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Expires: Sun, 20 Nov 2022 04:46:24 GMT
Cache-Control: max-age=7200, public
Accept-Ranges: bytes
ouo.press/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=76cddade6c22b512
172.67.22.15200 OK 24 kB URL HTTP/1.1 ouo.press/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=76cddade6c22b512
IP 172.67.22.15:0
File type ASCII text, with very long lines (55717), with no line terminators
Hash 22eb71d6a7b4368b7f14bba7161932ca
8554f319bd5afb5affc85d01b24e9f6cda753d6b
3c62427e7e10afd8651e78c146ec73e9807dbc98aea4536ab4428ae8cad9702a
GET /cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=76cddade6c22b512 HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ouo.press/JtiZDz?__cf_chl_rt_tk=RMIRGVaMhu.XXSa5cNY7x1no5YhXo3ys.HV1L6ifl3M-1668912383-0-gaNycGzNAv0
Connection: keep-alive
HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 02:46:24 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: max-age=0, must-revalidate
Set-Cookie: __cf_bm=1qXhph7.3T2eys0o5OESXgHV62Mx2e3k7cPes0H4pkE-1668912384-0-Ab/zql2PGOR+fKCHmd06HY+GnXbuWP5SygurhaxBbZqevtLYSY6mRou/1IpKelaMXLQBZ+OrUy6Zs/lo1SQ6rmw=; path=/; expires=Sun, 20-Nov-22 03:16:24 GMT; domain=.ouo.press; HttpOnly; SameSite=None
Server: cloudflare
CF-RAY: 76cddae0f913b4e8-OSL
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash c990cd1804138d9ad1e964ebc79a8b58
3f2d69fbdde780814758035d3c0225247a7f6ee3
992c924d0ffc7352d58ce5a88c51e3ae9644537c117a3128855a1eaf3367362d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1638
Cache-Control: max-age=116648
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 02:46:24 GMT
Etag: "6378b342-118"
Expires: Mon, 21 Nov 2022 11:10:32 GMT
Last-Modified: Sat, 19 Nov 2022 10:43:14 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 280
ouo.press/cdn-cgi/challenge-platform/h/b/flow/ov1/0.24424167554195308:1668910894:d_F3GbAZ5tpUFsZwvaE_jq53H0iJC9_7HwTP-fbsTTA/76cddade6c22b512/3bee4819c3fc218
172.67.22.15200 OK 62 kB URL HTTP/1.1 ouo.press/cdn-cgi/challenge-platform/h/b/flow/ov1/0.24424167554195308:1668910894:d_F3GbAZ5tpUFsZwvaE_jq53H0iJC9_7HwTP-fbsTTA/76cddade6c22b512/3bee4819c3fc218
IP 172.67.22.15:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash e3543a33d91612e767bf0f5f9eb91c6a
5ac7497a99e8e4efcb1c492d1dfb9b669fefbb96
ca771a99d6a958524d51216d8ef5bacb3d6062d16239ae9c6443d2397d8b7067
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/0.24424167554195308:1668910894:d_F3GbAZ5tpUFsZwvaE_jq53H0iJC9_7HwTP-fbsTTA/76cddade6c22b512/3bee4819c3fc218 HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ouo.press/JtiZDz
Content-type: application/x-www-form-urlencoded
CF-Challenge: 3bee4819c3fc218
Content-Length: 1809
Origin: http://ouo.press
Connection: keep-alive
HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 02:46:24 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf_chl_gen: aQTQ/rQ6jHCuZhyEuYEoqmvBcnaBqBOQ1KH1nlewWpxg8WHQK+Th7MEwTN1W1pldWGUENLA2/qzPSkgmJ6nMrsADgOe/rsAr8xDRJDpqfuGx4W2CBAfFVa9/mj3emR1LUzzrlTz1SoI0Y5sd4/Dfr2bjb/1l0RDZJZQ/IYms6SM1tc0VU7IGaXO1OP1U2tU9PK3NjUjuS4rfLkjY+MH2IQ1ytvIpfQXCGAlNSByNRW+ruqLEH1P0X4rZFZreV6J5ZNBVita1LdqipUa+jKZr+BaCY+bTFJFlvk/Vlz6XMpigrNBsw6nnILOYNNdLUBRE$QPc9EZNQasxmtwOZPCpc5w==
Set-Cookie: __cf_bm=pWrKRjG.0a8LGgKIXX558P3vQPwpl_lIzcIQI2u8OAE-1668912384-0-AYZQlVpza5o2EivQ6Rm4d1LQ28XIm52nbOSfvjbdknIZ8lMmW/h0KBPImoxnSrsR3c8EDNa4TY2V+oBSYvUgFaY=; path=/; expires=Sun, 20-Nov-22 03:16:24 GMT; domain=.ouo.press; HttpOnly; SameSite=None
Server: cloudflare
CF-RAY: 76cddae2098fb4e8-OSL
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 20 Nov 2022 02:44:49 GMT
cache-control: public,max-age=3600
age: 95
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 060d538b33e370fcd033339830d33a42
4a37d427988358eb318e18e2678c3484ef4a5ebd
efa33f92547243814b5bd3bca4f94d26055d590a4431611b3ba251a8d774bfbb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6377
Cache-Control: max-age=115605
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 02:46:24 GMT
Etag: "63789cac-1d7"
Expires: Mon, 21 Nov 2022 10:53:09 GMT
Last-Modified: Sat, 19 Nov 2022 09:06:52 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
34.218.164.174101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.218.164.174:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Q+NBE0ucHFUdUP5UDJx9zw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: phvabgSmBEnUf0J6qbwONNU2vSU=
ouo.press/cdn-cgi/challenge-platform/h/b/img/76cddade6c22b512/1668912384339/Y2JYpf_erPFrZgG
172.67.22.15200 OK 61 B URL HTTP/1.1 ouo.press/cdn-cgi/challenge-platform/h/b/img/76cddade6c22b512/1668912384339/Y2JYpf_erPFrZgG
IP 172.67.22.15:0
File type PNG image data, 49 x 24, 8-bit/color RGB, non-interlaced\012- data
Hash 7c2f7d6c4239c102cb4fdb3cac6f1fd7
1e7adce6461f6db877e6d13c08a5cee9a6f30c69
5c34b11de28e13e82939ab50ae098e3f6d12faaae316adce32b50eb4b1432b03
GET /cdn-cgi/challenge-platform/h/b/img/76cddade6c22b512/1668912384339/Y2JYpf_erPFrZgG HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ouo.press/JtiZDz
Connection: keep-alive
HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 02:46:25 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cf_bm=9iCKC4W2XYRIx1NQxsZrLtfKIzlgfpUPuSHOFF89.rA-1668912385-0-ASHZ9eAap5kj6yD3XW4UuaZNzUaZVN5xRWMZ7+dTyXbyhoNQNjjJ0Peu8RI6gfNisUoNfdiNI7HlUq1MCzYz1aM=; path=/; expires=Sun, 20-Nov-22 03:16:25 GMT; domain=.ouo.press; HttpOnly; SameSite=None
Server: cloudflare
CF-RAY: 76cddaea6d9ab4e8-OSL
ouo.press/cdn-cgi/challenge-platform/h/b/flow/ov1/0.24424167554195308:1668910894:d_F3GbAZ5tpUFsZwvaE_jq53H0iJC9_7HwTP-fbsTTA/76cddade6c22b512/3bee4819c3fc218
172.67.22.15200 OK 3.8 kB URL HTTP/1.1 ouo.press/cdn-cgi/challenge-platform/h/b/flow/ov1/0.24424167554195308:1668910894:d_F3GbAZ5tpUFsZwvaE_jq53H0iJC9_7HwTP-fbsTTA/76cddade6c22b512/3bee4819c3fc218
IP 172.67.22.15:0
File type ASCII text, with very long lines (5064), with no line terminators
Hash 53617c606ac37ba60d40490e093b0c3a
ab7d94562d433fe453f5d4a6f8c4348424348ba8
47747e7e0712aef911f3b4dcb708f77b6964c3bb0d4dc5540b45427e7ddefc8b
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/0.24424167554195308:1668910894:d_F3GbAZ5tpUFsZwvaE_jq53H0iJC9_7HwTP-fbsTTA/76cddade6c22b512/3bee4819c3fc218 HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ouo.press/JtiZDz
Content-type: application/x-www-form-urlencoded
CF-Challenge: 3bee4819c3fc218
Content-Length: 15678
Origin: http://ouo.press
Connection: keep-alive
HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 02:46:25 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf_chl_gen: xEHt+6hF9qZCHRpGksYnKe9c24PEqM0pq88EWeFnB8U=$76Wlb9OlefPk6yOiEeZx+g==
Set-Cookie: __cf_bm=ZG65s2JBXI50mwV9DlRNE9fnfJwOrY787eVa2FNt234-1668912385-0-AZJelQdQ7zgehiG3S0B2pHeKdcpgk+qmTWBaxrvykMPcYPGuebsItZdUxXfYTOVARn7RmpOvzIIQXh+XQ7XI6aI=; path=/; expires=Sun, 20-Nov-22 03:16:25 GMT; domain=.ouo.press; HttpOnly; SameSite=None
Server: cloudflare
CF-RAY: 76cddaeb0e25b4e8-OSL
Content-Encoding: gzip
challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit
104.18.6.185302 Found 0 B URL HTTP/2 challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit
IP 104.18.6.185:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 20 Nov 2022 02:46:25 GMT
content-length: 0
location: /turnstile/v0/75e640aa/api.js?onload=_cf_chl_turnstile_l&render=explicit
cache-control: max-age: 300
vary: Accept-Encoding
server: cloudflare
cf-ray: 76cddaeb6851fabc-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 798ef0955be535268547903e74dacfcd
782823486f9ded693609cade264d1950e816f7d0
75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8483
Expires: Sun, 20 Nov 2022 05:07:49 GMT
Date: Sun, 20 Nov 2022 02:46:26 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 798ef0955be535268547903e74dacfcd
782823486f9ded693609cade264d1950e816f7d0
75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8483
Expires: Sun, 20 Nov 2022 05:07:49 GMT
Date: Sun, 20 Nov 2022 02:46:26 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 798ef0955be535268547903e74dacfcd
782823486f9ded693609cade264d1950e816f7d0
75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8483
Expires: Sun, 20 Nov 2022 05:07:49 GMT
Date: Sun, 20 Nov 2022 02:46:26 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 798ef0955be535268547903e74dacfcd
782823486f9ded693609cade264d1950e816f7d0
75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8483
Expires: Sun, 20 Nov 2022 05:07:49 GMT
Date: Sun, 20 Nov 2022 02:46:26 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F54276ef6-e002-4d55-a4fd-6d4f94f787a2.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F54276ef6-e002-4d55-a4fd-6d4f94f787a2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 83073085e08b3f219b42b841c1ca52bb
c1b91cf497433f2c8b8ec12a4a71e07f25191b32
913a923c7e210a82dfc6a23580eba7f81fb74a468582e8a7704aaad9958390e2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F54276ef6-e002-4d55-a4fd-6d4f94f787a2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9201
x-amzn-requestid: 91286e80-ec62-49aa-b405-048e17ac69bc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b3juyFgVoAMFkJw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63794cc4-024eb9f167cf3c531ebcfce2;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 21:38:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: EiJ1nOT_IJIHvCltpyFpzQM0n4IYEbv669SRfxwzRAaCUx8_iN55Mg==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 22:22:41 GMT
etag: "c1b91cf497433f2c8b8ec12a4a71e07f25191b32"
content-type: image/jpeg
age: 15825
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3b47e52f-9db3-4562-a907-fad72a31cf1f.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3b47e52f-9db3-4562-a907-fad72a31cf1f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e33cec1fb25538471758ee73cffc0c88
351f0afdd289e84c829401b80645c8803b47bc39
d826e4a0f0f53e95864b1e40d6bf13d2e82ad5806f988b7d54bb97e21b45da8e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3b47e52f-9db3-4562-a907-fad72a31cf1f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6744
x-amzn-requestid: e03ae3dd-b804-4a7f-9d23-f208c2608b63
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b3juwFMKIAMFpIg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63794cc4-67355244587bcb725a80e363;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 21:38:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: txwSLf1dmqrnZtohweappWUggRFbJJXEruSrPUZk48IcXkpkzzhzZQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 22:53:20 GMT
age: 13986
etag: "351f0afdd289e84c829401b80645c8803b47bc39"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c207b69-a517-45ee-9654-a69634cbd879.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c207b69-a517-45ee-9654-a69634cbd879.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b28e1947dd5435162df86cc70e9fea5d
113700edca01bc6c50b66469dbb773ec362fe929
03a4327afc45c669dc1630b1351ebdd2ecade957fa8a7646811bf8f27358bf65
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c207b69-a517-45ee-9654-a69634cbd879.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10263
x-amzn-requestid: 8edf4efc-4a00-4732-aa8a-987a4c3d6721
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b3jaKE7FIAMFf5g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63794c40-214512c570f4d1b3188b4d66;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 21:36:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 3o8nTT7Vs26OvEsBKvmk5H07iuy8b5wtoMEosN2TUT59-dLnknaSWw==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 21:46:32 GMT
age: 17994
etag: "113700edca01bc6c50b66469dbb773ec362fe929"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 481c033b9ffd030ff0de6e35cf788b47
85d3baad9217af2b5d75c019d2ef95dbb919a788
02443c7869914c2b29892deb0c645395bcf4e8379da3cf20974614ff9c92893b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11249
x-amzn-requestid: 65a3db77-b2e6-40b9-a776-021c2e9b56d0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bubSsHbZoAMFZNg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6375a5aa-1286b97968cc2e4c7fe8ab29;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 03:08:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: PYoD_MxycYfiNvyRlBnLWCcyqQK9sZi8y2ir1U9eCavNoAB-3oFcxg==
via: 1.1 38eecd3ca21bf068d69a2f9cfe668d14.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 03:43:53 GMT
age: 82953
etag: "85d3baad9217af2b5d75c019d2ef95dbb919a788"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1fe6564-e0ba-4c81-b868-04fa596cddaa.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1fe6564-e0ba-4c81-b868-04fa596cddaa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a8f1dddf91a53f8f28d70565d1a3458b
9d026c2c53629648cfda4a324eadae6e33de0d55
c352216d126382d7b588ff6e5a3ed6ab12d92dc5e58216cc5883c27bf612a7d9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1fe6564-e0ba-4c81-b868-04fa596cddaa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7968
x-amzn-requestid: 0dc9cfbf-7e72-45a7-9496-49a5cf1a4465
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b3jZmEwboAMF1tQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63794c3d-1f40770e29ad853b31a3aa23;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 21:35:57 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: UM4MVSwb8F1uv2jbbdeh8bhV3KJNhqiN9wJj1Yua8h4x762uD8UKyQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 21:41:31 GMT
age: 18295
etag: "9d026c2c53629648cfda4a324eadae6e33de0d55"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb19c1a99-6290-4f30-afcf-c426abf8c229.png
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb19c1a99-6290-4f30-afcf-c426abf8c229.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 907cdf495815b066cbeaccd9c862c544
6082de99b599bc3c9ce14e2641a2bf60f9f187d8
fbccb495391bba54b463e8c4eaf3207af00b098c4b5f816011d240257aa56f6c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb19c1a99-6290-4f30-afcf-c426abf8c229.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11562
x-amzn-requestid: f01b0409-b43d-4d9c-92c0-0023c5e49d58
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b3jV_GDmIAMFvqA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63794c26-69366c73760dcd5b72634f73;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 21:35:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: QNyLmlKXlMlR06NR0JSad678o8CCBsH3bDIvgDIy-j1uoi72NohCrA==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 21:46:32 GMT
age: 17994
etag: "6082de99b599bc3c9ce14e2641a2bf60f9f187d8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ouo.press/cdn-cgi/challenge-platform/h/b/flow/ov1/0.24424167554195308:1668910894:d_F3GbAZ5tpUFsZwvaE_jq53H0iJC9_7HwTP-fbsTTA/76cddade6c22b512/3bee4819c3fc218
172.67.22.15200 OK 2.0 kB URL HTTP/1.1 ouo.press/cdn-cgi/challenge-platform/h/b/flow/ov1/0.24424167554195308:1668910894:d_F3GbAZ5tpUFsZwvaE_jq53H0iJC9_7HwTP-fbsTTA/76cddade6c22b512/3bee4819c3fc218
IP 172.67.22.15:0
File type ASCII text, with very long lines (2588), with no line terminators
Hash a2e704f5640cb70477064784013d1005
e46089f04ca402994946f54962e2161a003a331a
d38a29fcd38bb7f953090abf6adef75e4c82715b1fa4e9157622432fa07ea243
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/0.24424167554195308:1668910894:d_F3GbAZ5tpUFsZwvaE_jq53H0iJC9_7HwTP-fbsTTA/76cddade6c22b512/3bee4819c3fc218 HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ouo.press/JtiZDz
Content-type: application/x-www-form-urlencoded
CF-Challenge: 3bee4819c3fc218
Content-Length: 16362
Origin: http://ouo.press
Connection: keep-alive
HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 02:46:27 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf_chl_out: s3dClSo4rvYD3Mo4SttddYzcbq9CY0DFAa0PfXW5ehtKjLD//U3Yn8CdK85BGvImcHAvubWi5wVAA4DNW5LowQ==$8hXKfGG1vebSrQNFjNSjVw==
cf_chl_out_s: Xe8mThCc+YjiIu+pFI+tfW0s1BjapLZ7ZRdC8N6hRsIbydRsBYiqLrXGMFvcXlx/4Mkq3KsDuzTDU+cnLCfJEryTVb4lEcMYqFG8/zI1JON+J6h8YPICjLAcYvf5QEyqmkDEk84mnuXboXonNpCruND+6cFFD5WSeh/9aC/Q2ivQeFxBy3Y98czv1zaYRyVl$L6zKEp7i1Zh1MPW1CJ802A==
set-cookie: cf_chl_rc_m=;Expires=Sat, 19 Nov 2022 02:46:27 GMT;SameSite=Strict
__cf_bm=uesGNKpcdRrtr14ZM8lQ_dhE5bLnpE_HHA5A0g.fqi0-1668912387-0-AaYSiCwmnIF6AuXr5OCl1NdhXUoMwe1esrxzT8yaBm6x7lRG0ju2i2lU1Q6BLT0undF5ZKCsm6ss1zAHgFRCb+k=; path=/; expires=Sun, 20-Nov-22 03:16:27 GMT; domain=.ouo.press; HttpOnly; SameSite=None
Server: cloudflare
CF-RAY: 76cddaf55b96b4e8-OSL
Content-Encoding: gzip
ouo.press/JtiZDz
172.67.22.15200 OK 3.4 kB IP 172.67.22.15:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1938)
Hash ab91bfe97343af8508e5a8ea45489ef8
87fe7aa8fa13cce3f9ed87959f5b47bf3447e55a
67300762fbb2b1d307b7e73d65c9000363dc10f95dce0280071ee8006bf4fec4
POST /JtiZDz HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ouo.press/JtiZDz?__cf_chl_tk=RMIRGVaMhu.XXSa5cNY7x1no5YhXo3ys.HV1L6ifl3M-1668912383-0-gaNycGzNAv0
Content-Type: application/x-www-form-urlencoded
Content-Length: 1750
Origin: http://ouo.press
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 02:46:27 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
CF-Cache-Status: DYNAMIC
Set-Cookie: cf_clearance=WAdtT4xBPSG0hgXQ327wCZEdWg3Eer5bVDXzZuOZ2_s-1668912387-0-250; path=/; expires=Mon, 20-Nov-23 02:46:27 GMT; domain=.ouo.press; HttpOnly
ouoio_session=eyJpdiI6IlB1VU9yUjk2c3BcL3dabmhqakpYRUZrcm1jSDFia1wvZ0l6V3Y1VXJJWWdHWT0iLCJ2YWx1ZSI6IlNFN0lubHQ0c3dLRVp3NzRhVkVqR3JkaWJuOFAzNHpobmdKcW91bG5pK0VzNldhWEFXamZjeURlUkVOYzQ4eUswQTNXM3Vnbzg4ZGIrZFwvNmRFbGNodz09IiwibWFjIjoiOGMwZDFmMTAyYzRiOTk2OTc1OTk2ZTI4OGM2ZjIyMDU0YTcyZmM1NGE4ZTQ5OTcxNmMzZDhlMTEzMjJjZGU5ZSJ9; path=/; httponly
language=eyJpdiI6Im4yOSswY1NvRXFuU3hmeVZDY2pneE9Rd29URllZMGMyQlJDUzNGdkxLYlE9IiwidmFsdWUiOiJIMlF0N3ZiQTg4Z2ljd3RaVUg5VEQyVkJ1aWZqUG9iS1dZOEhNblpSYWR3PSIsIm1hYyI6ImYyMmFkYWI2NjRlMmNhMzRhZDQ0MjllMzliNTAzMzEyMzJlZDg5MWYzNzhmZDllMjVjYjA2N2YzOGM4M2NiNDIifQ%3D%3D; expires=Fri, 19-Nov-2027 02:46:27 GMT; Max-Age=157680000; path=/; httponly
5782d817737b3017eab5113d69873737e353e47f=eyJpdiI6InFJeDFqMnNCbk45VDZOVFE0anVHalJrRlNuWUhPbCs1QTRYclRCYXdpTEE9IiwidmFsdWUiOiJrYitKdHhkd0F6MkVtaU5LRkdYaVUxczU3Zzh6cnRaSVl2bFZRRUp6VUtDTG1NdUFwNXQ3OWxDSWsxN09Td2h3YXJEUjhEMTVHOUVBNWtKNlp0VmVhY25MQVNvRkJxU1BJcnRCMXdYRmwxUWNaMXBEdHhvZnlxVlRMbUNtZkJsVWo4TW9wRTM5OVowbTF3M2JVbWY5MTZZVk5YTE5KZ09tWXhPSm5BdFFXK3ZuNnpMMGhza0tNeE1BTmxiVGE3aWpIa1EwdzllWU5XXC95ZEJJYnpDcXdFWTJoWG83b1dFdlpwRVJoSkpveXdBR0dRbGFyREpPK2JCeFI3ZzdFdHFMQXlLUThQZ3dsM2hcL2VsVWI3ZHRMbGNTQXk3KzF6RkNPd2RyRkhzVExOT3lBZnQzcWpkOWlxV0VGNmxVWGFDNWh6cHM2dXVtT0Fnd1FOSVRBcUJLOXhXdzJ0VXVUUDNBSE01UWRaUVFBWWQwMm10MEdoREpiajZHdUtGUW1STVJcL00iLCJtYWMiOiJmNGFhMjY4NDdmOTEwMjJkMWUzZjhjZjhkNDUxNjkyN2JmMmFjODYxZWNiOTUyMmY1M2I2MWVlOTMyMmQ1NWQ5In0%3D; expires=Sun, 20-Nov-2022 04:46:27 GMT; Max-Age=7200; path=/; httponly
__cf_bm=8pBjJ.o0nlWhRYQt8hhOX736bf39qwzRW_BxODnrKVM-1668912387-0-ASCZp0HcXftzeHcwoQUzm3IWrkKXC5Ud67biqgAbzLiooaFVXadgk8Rr0SVIt9sijDVM70cGcPmwVUhj84riUw0=; path=/; expires=Sun, 20-Nov-22 03:16:27 GMT; domain=.ouo.press; HttpOnly; SameSite=None
Server: cloudflare
CF-RAY: 76cddaf67bfdb4e8-OSL
Content-Encoding: gzip
ouo.press/css/bootstrap.css
172.67.22.15200 OK 18 kB URL HTTP/1.1 ouo.press/css/bootstrap.css
IP 172.67.22.15:0
File type ASCII text, with very long lines (65452)
Hash ecd7a3b8fdf856cece681f760bad623c
3c16d8b0523e3c6de3b20f7c7f9de2ae48a2949a
40f5215bfeb4c595389b7d02127c47c94e173dbca21022c9f67eca101d03ab92
GET /css/bootstrap.css HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/JtiZDz
Cookie: cf_clearance=WAdtT4xBPSG0hgXQ327wCZEdWg3Eer5bVDXzZuOZ2_s-1668912387-0-250; ouoio_session=eyJpdiI6IlB1VU9yUjk2c3BcL3dabmhqakpYRUZrcm1jSDFia1wvZ0l6V3Y1VXJJWWdHWT0iLCJ2YWx1ZSI6IlNFN0lubHQ0c3dLRVp3NzRhVkVqR3JkaWJuOFAzNHpobmdKcW91bG5pK0VzNldhWEFXamZjeURlUkVOYzQ4eUswQTNXM3Vnbzg4ZGIrZFwvNmRFbGNodz09IiwibWFjIjoiOGMwZDFmMTAyYzRiOTk2OTc1OTk2ZTI4OGM2ZjIyMDU0YTcyZmM1NGE4ZTQ5OTcxNmMzZDhlMTEzMjJjZGU5ZSJ9; language=eyJpdiI6Im4yOSswY1NvRXFuU3hmeVZDY2pneE9Rd29URllZMGMyQlJDUzNGdkxLYlE9IiwidmFsdWUiOiJIMlF0N3ZiQTg4Z2ljd3RaVUg5VEQyVkJ1aWZqUG9iS1dZOEhNblpSYWR3PSIsIm1hYyI6ImYyMmFkYWI2NjRlMmNhMzRhZDQ0MjllMzliNTAzMzEyMzJlZDg5MWYzNzhmZDllMjVjYjA2N2YzOGM4M2NiNDIifQ%3D%3D; 5782d817737b3017eab5113d69873737e353e47f=eyJpdiI6InFJeDFqMnNCbk45VDZOVFE0anVHalJrRlNuWUhPbCs1QTRYclRCYXdpTEE9IiwidmFsdWUiOiJrYitKdHhkd0F6MkVtaU5LRkdYaVUxczU3Zzh6cnRaSVl2bFZRRUp6VUtDTG1NdUFwNXQ3OWxDSWsxN09Td2h3YXJEUjhEMTVHOUVBNWtKNlp0VmVhY25MQVNvRkJxU1BJcnRCMXdYRmwxUWNaMXBEdHhvZnlxVlRMbUNtZkJsVWo4TW9wRTM5OVowbTF3M2JVbWY5MTZZVk5YTE5KZ09tWXhPSm5BdFFXK3ZuNnpMMGhza0tNeE1BTmxiVGE3aWpIa1EwdzllWU5XXC95ZEJJYnpDcXdFWTJoWG83b1dFdlpwRVJoSkpveXdBR0dRbGFyREpPK2JCeFI3ZzdFdHFMQXlLUThQZ3dsM2hcL2VsVWI3ZHRMbGNTQXk3KzF6RkNPd2RyRkhzVExOT3lBZnQzcWpkOWlxV0VGNmxVWGFDNWh6cHM2dXVtT0Fnd1FOSVRBcUJLOXhXdzJ0VXVUUDNBSE01UWRaUVFBWWQwMm10MEdoREpiajZHdUtGUW1STVJcL00iLCJtYWMiOiJmNGFhMjY4NDdmOTEwMjJkMWUzZjhjZjhkNDUxNjkyN2JmMmFjODYxZWNiOTUyMmY1M2I2MWVlOTMyMmQ1NWQ5In0%3D
HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 02:46:28 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=86400
Cf-Bgj: minify
Cf-Polished: origSize=109522
ETag: W/"54def1fc-1abd2"
Expires: Sun, 20 Nov 2022 09:29:22 GMT
Last-Modified: Sat, 14 Feb 2015 06:58:04 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
CF-Cache-Status: HIT
Age: 19026
Set-Cookie: __cf_bm=LsNOiysg7gUHiMM5SLuzP.vNlGQU94iswLAwJjwlZd0-1668912388-0-ARTxZ0waLbosy+FYvd6HYSB7EAZUgZ/qMQVGjkPCEpRPr/6aFvAJVj7fyqb7beCT92jR3d89lMmdMMrKXGYUTJg=; path=/; expires=Sun, 20-Nov-22 03:16:28 GMT; domain=.ouo.press; HttpOnly; SameSite=None
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76cddaf8fd93b4e8-OSL
Content-Encoding: gzip
ouo.press/css/link-safe.css
172.67.22.15200 OK 1.8 kB URL HTTP/1.1 ouo.press/css/link-safe.css
IP 172.67.22.15:0
Hash d91a45478adaa488ef4f1733dfa3c44c
3686ea901ce8ca85bb82f42bf0a8d39095ebf73d
4bb66b15dd5791ec4c9867c3a89ee2ef9bdb5f0bbd0d442a1fbfe2c34e9bc86b
GET /css/link-safe.css HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/JtiZDz
Cookie: cf_clearance=WAdtT4xBPSG0hgXQ327wCZEdWg3Eer5bVDXzZuOZ2_s-1668912387-0-250; ouoio_session=eyJpdiI6IlB1VU9yUjk2c3BcL3dabmhqakpYRUZrcm1jSDFia1wvZ0l6V3Y1VXJJWWdHWT0iLCJ2YWx1ZSI6IlNFN0lubHQ0c3dLRVp3NzRhVkVqR3JkaWJuOFAzNHpobmdKcW91bG5pK0VzNldhWEFXamZjeURlUkVOYzQ4eUswQTNXM3Vnbzg4ZGIrZFwvNmRFbGNodz09IiwibWFjIjoiOGMwZDFmMTAyYzRiOTk2OTc1OTk2ZTI4OGM2ZjIyMDU0YTcyZmM1NGE4ZTQ5OTcxNmMzZDhlMTEzMjJjZGU5ZSJ9; language=eyJpdiI6Im4yOSswY1NvRXFuU3hmeVZDY2pneE9Rd29URllZMGMyQlJDUzNGdkxLYlE9IiwidmFsdWUiOiJIMlF0N3ZiQTg4Z2ljd3RaVUg5VEQyVkJ1aWZqUG9iS1dZOEhNblpSYWR3PSIsIm1hYyI6ImYyMmFkYWI2NjRlMmNhMzRhZDQ0MjllMzliNTAzMzEyMzJlZDg5MWYzNzhmZDllMjVjYjA2N2YzOGM4M2NiNDIifQ%3D%3D; 5782d817737b3017eab5113d69873737e353e47f=eyJpdiI6InFJeDFqMnNCbk45VDZOVFE0anVHalJrRlNuWUhPbCs1QTRYclRCYXdpTEE9IiwidmFsdWUiOiJrYitKdHhkd0F6MkVtaU5LRkdYaVUxczU3Zzh6cnRaSVl2bFZRRUp6VUtDTG1NdUFwNXQ3OWxDSWsxN09Td2h3YXJEUjhEMTVHOUVBNWtKNlp0VmVhY25MQVNvRkJxU1BJcnRCMXdYRmwxUWNaMXBEdHhvZnlxVlRMbUNtZkJsVWo4TW9wRTM5OVowbTF3M2JVbWY5MTZZVk5YTE5KZ09tWXhPSm5BdFFXK3ZuNnpMMGhza0tNeE1BTmxiVGE3aWpIa1EwdzllWU5XXC95ZEJJYnpDcXdFWTJoWG83b1dFdlpwRVJoSkpveXdBR0dRbGFyREpPK2JCeFI3ZzdFdHFMQXlLUThQZ3dsM2hcL2VsVWI3ZHRMbGNTQXk3KzF6RkNPd2RyRkhzVExOT3lBZnQzcWpkOWlxV0VGNmxVWGFDNWh6cHM2dXVtT0Fnd1FOSVRBcUJLOXhXdzJ0VXVUUDNBSE01UWRaUVFBWWQwMm10MEdoREpiajZHdUtGUW1STVJcL00iLCJtYWMiOiJmNGFhMjY4NDdmOTEwMjJkMWUzZjhjZjhkNDUxNjkyN2JmMmFjODYxZWNiOTUyMmY1M2I2MWVlOTMyMmQ1NWQ5In0%3D
HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 02:46:28 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=86400
Cf-Bgj: minify
Cf-Polished: status=cannot_optimize
ETag: W/"5d951ace-1830"
Expires: Sun, 20 Nov 2022 12:07:59 GMT
Last-Modified: Wed, 02 Oct 2019 21:46:54 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
CF-Cache-Status: HIT
Age: 9509
Set-Cookie: __cf_bm=XRUr0G8gXxpM4RrcHRvdJa0HqVKNDqq3ZGP1q8ATG5I-1668912388-0-ASR8+wN4+ZI+ox0ODoF/yO8nAsW5Q79mYvMlk+9XoBAxrR+azje2dV+Kmwvis39GwKqYQ9QKGVckkPsyq0bOE2w=; path=/; expires=Sun, 20-Nov-22 03:16:28 GMT; domain=.ouo.press; HttpOnly; SameSite=None
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76cddaf8fc61b500-OSL
Content-Encoding: gzip
ouo.press/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
172.67.22.15200 OK 716 B URL HTTP/1.1 ouo.press/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP 172.67.22.15:0
Hash 46de876501178caafc6fbc97a6e47190
dc13aa44e3f9b60687d8757bfe24afc6370be221
ec64317b447af37a2fa7c13e982ca7f1bbf74a447777fd3d36c4b9e8d62e70ee
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/JtiZDz
Cookie: cf_clearance=WAdtT4xBPSG0hgXQ327wCZEdWg3Eer5bVDXzZuOZ2_s-1668912387-0-250; ouoio_session=eyJpdiI6IlB1VU9yUjk2c3BcL3dabmhqakpYRUZrcm1jSDFia1wvZ0l6V3Y1VXJJWWdHWT0iLCJ2YWx1ZSI6IlNFN0lubHQ0c3dLRVp3NzRhVkVqR3JkaWJuOFAzNHpobmdKcW91bG5pK0VzNldhWEFXamZjeURlUkVOYzQ4eUswQTNXM3Vnbzg4ZGIrZFwvNmRFbGNodz09IiwibWFjIjoiOGMwZDFmMTAyYzRiOTk2OTc1OTk2ZTI4OGM2ZjIyMDU0YTcyZmM1NGE4ZTQ5OTcxNmMzZDhlMTEzMjJjZGU5ZSJ9; language=eyJpdiI6Im4yOSswY1NvRXFuU3hmeVZDY2pneE9Rd29URllZMGMyQlJDUzNGdkxLYlE9IiwidmFsdWUiOiJIMlF0N3ZiQTg4Z2ljd3RaVUg5VEQyVkJ1aWZqUG9iS1dZOEhNblpSYWR3PSIsIm1hYyI6ImYyMmFkYWI2NjRlMmNhMzRhZDQ0MjllMzliNTAzMzEyMzJlZDg5MWYzNzhmZDllMjVjYjA2N2YzOGM4M2NiNDIifQ%3D%3D; 5782d817737b3017eab5113d69873737e353e47f=eyJpdiI6InFJeDFqMnNCbk45VDZOVFE0anVHalJrRlNuWUhPbCs1QTRYclRCYXdpTEE9IiwidmFsdWUiOiJrYitKdHhkd0F6MkVtaU5LRkdYaVUxczU3Zzh6cnRaSVl2bFZRRUp6VUtDTG1NdUFwNXQ3OWxDSWsxN09Td2h3YXJEUjhEMTVHOUVBNWtKNlp0VmVhY25MQVNvRkJxU1BJcnRCMXdYRmwxUWNaMXBEdHhvZnlxVlRMbUNtZkJsVWo4TW9wRTM5OVowbTF3M2JVbWY5MTZZVk5YTE5KZ09tWXhPSm5BdFFXK3ZuNnpMMGhza0tNeE1BTmxiVGE3aWpIa1EwdzllWU5XXC95ZEJJYnpDcXdFWTJoWG83b1dFdlpwRVJoSkpveXdBR0dRbGFyREpPK2JCeFI3ZzdFdHFMQXlLUThQZ3dsM2hcL2VsVWI3ZHRMbGNTQXk3KzF6RkNPd2RyRkhzVExOT3lBZnQzcWpkOWlxV0VGNmxVWGFDNWh6cHM2dXVtT0Fnd1FOSVRBcUJLOXhXdzJ0VXVUUDNBSE01UWRaUVFBWWQwMm10MEdoREpiajZHdUtGUW1STVJcL00iLCJtYWMiOiJmNGFhMjY4NDdmOTEwMjJkMWUzZjhjZjhkNDUxNjkyN2JmMmFjODYxZWNiOTUyMmY1M2I2MWVlOTMyMmQ1NWQ5In0%3D
HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 02:46:28 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 15 Nov 2022 18:10:02 GMT
ETag: W/"6373d5fa-4d7"
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76cddaf909b2fac4-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Expires: Tue, 22 Nov 2022 02:46:28 GMT
Cache-Control: max-age=172800, public
Content-Encoding: gzip
fonts.googleapis.com/css?family=Questrial
142.250.74.10200 OK 387 B URL HTTP/1.1 fonts.googleapis.com/css?family=Questrial
IP 142.250.74.10:0
Hash 7b73b3eed6a43db40b0640388112329f
ad4bb62a66f1f95c0a252f83345b40d40dcd5bb4
1776d3903d4f6fb36773bac4ccb4b86c0658838f29674d1fb506859506a41bc3
GET /css?family=Questrial HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Sun, 20 Nov 2022 02:46:28 GMT
Date: Sun, 20 Nov 2022 02:46:28 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
hhklc.com/c.js
104.21.70.122301 Moved Permanently 1.3 kB IP 104.21.70.122:0
Hash 26adb99a820dfeb5a278159886509a99
6e65eb68bd3f74c282b79232de2a27a490aa7286
be79d93810e3286644e22d8aae57592f2551c1f3587898d19ca54ee49e8f741d
GET /c.js HTTP/1.1
Host: hhklc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 301 Moved Permanently
Date: Sun, 20 Nov 2022 02:46:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 20 Nov 2022 03:46:28 GMT
Location: https://hhklc.com/c.js
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VXFFBcetWK8VgyVi7PPpRfHrJAOGnOE3AGhUJ2C3ARVjsyXTkiDrkCPGYg71sU44GO72dEyfc9%2Fwi95jQ5UI5X3zWRoHuvEVie59K%2FwKphGkOc%2B2ETZIFpjOR%2BI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76cddaf90f69fab8-OSL
alt-svc: h2=":443"; ma=60
ecdn.analysis.fi/static/js/fab.js
54.230.111.87200 OK 4.2 kB URL HTTP/1.1 ecdn.analysis.fi/static/js/fab.js
IP 54.230.111.87:0
File type ASCII text, with very long lines (574)
Hash 28a0bef1ecb63168106f97b637ab3414
e577575dd115f6a95aea8c2ae87d2c30c8464728
d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6
GET /static/js/fab.js HTTP/1.1
Host: ecdn.analysis.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 4240
Connection: keep-alive
Server: nginx/1.20.0
Last-Modified: Tue, 14 Dec 2021 15:30:51 GMT
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Date: Sun, 20 Nov 2022 02:23:11 GMT
Expires: Sun, 20 Nov 2022 03:23:10 GMT
Cache-Control: max-age=3600
ETag: "61b8b8ab-1090"
X-Cache: Hit from cloudfront
Via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: NFeTdQBl3W5somGOguEz9begdkBHqrRuXTRqAD2dSCkMzo17o1gqQA==
Age: 1398
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash c8d4e9cbf530d3a21120922beee72760
7e97cd9c748f7274b4ef9664a06c5d791d3d51c3
1e98f2a7ecd69acbd5f68ce9d979ffb403aea02933150235c283d220d7f88b9c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2377
Cache-Control: max-age=171728
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 02:46:28 GMT
Etag: "6379878b-116"
Expires: Tue, 22 Nov 2022 02:28:36 GMT
Last-Modified: Sun, 20 Nov 2022 01:48:59 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 278
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 5e884c53db72411f06e2209d005f7586
6e1049a7fc26d6a3259a97bfca9dc6ba7b0dd5af
2965603dd297987ffa36ffd33c133f2c6a67fa6df1551554160b65ce804b0198
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 02:46:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
hhklc.com/c.js
104.21.70.122200 OK 2.7 kB IP 104.21.70.122:0
File type ASCII text, with very long lines (8728), with no line terminators
Hash 5afde9e5b97c533ed8390f3550a13cc5
7aa9591327a2c07f3623a88e34d88d03543e0a35
6f87b9d97b8741e27eb0ba267aef4baf27531deea9401758d17b0b4d389640e8
GET /c.js HTTP/1.1
Host: hhklc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ouo.press/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 20 Nov 2022 02:46:28 GMT
content-type: application/javascript
last-modified: Fri, 11 Nov 2022 16:10:23 GMT
etag: W/"636e73ef-2218"
server-asp-net: Asp Net
expires: Sun, 20 Nov 2022 02:57:58 GMT
cache-control: public, max-age=14400
cf-cache-status: HIT
age: 2010
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SHNkF9I9CcX4h0TurNjJQXdXZXPENK0uAyRH1wIWuHtG9EFUzKqDfZ5CFFzVsteoXIchV9%2FGpP4LLr%2F5f6DuzNLAmYPZ8k16DhAtBuO8N8AGK%2FHvTMAfsHuaMn8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76cddaf96c060b59-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.google.com/recaptcha/api.js?render=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x
142.250.74.164200 OK 582 B URL HTTP/2 www.google.com/recaptcha/api.js?render=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x
IP 142.250.74.164:0
File type ASCII text, with very long lines (884), with no line terminators
Hash 729acee2a72aedc9406dba71bf4c1d00
e7f1dea037aaa2df1c1e5b884dc5d73b7bc35e82
7e9b8e953f317a7a47db6df1d1ac8be5c78e9a9524a0a07755c748c2198f816a
GET /recaptcha/api.js?render=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Sun, 20 Nov 2022 02:46:28 GMT
date: Sun, 20 Nov 2022 02:46:28 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 582
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ouo.press/images/world.png
172.67.22.15200 OK 5.7 kB URL HTTP/1.1 ouo.press/images/world.png
IP 172.67.22.15:0
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 4eea420a8830a6d695114427bf52b556
35579e7f1a656beb3a07a7093166ff37c634bade
70f03c74cc197cf154af36fa552a448d9ffebb55081c96e55ef4cf469123fe22
GET /images/world.png HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/JtiZDz
Cookie: cf_clearance=WAdtT4xBPSG0hgXQ327wCZEdWg3Eer5bVDXzZuOZ2_s-1668912387-0-250; ouoio_session=eyJpdiI6IlB1VU9yUjk2c3BcL3dabmhqakpYRUZrcm1jSDFia1wvZ0l6V3Y1VXJJWWdHWT0iLCJ2YWx1ZSI6IlNFN0lubHQ0c3dLRVp3NzRhVkVqR3JkaWJuOFAzNHpobmdKcW91bG5pK0VzNldhWEFXamZjeURlUkVOYzQ4eUswQTNXM3Vnbzg4ZGIrZFwvNmRFbGNodz09IiwibWFjIjoiOGMwZDFmMTAyYzRiOTk2OTc1OTk2ZTI4OGM2ZjIyMDU0YTcyZmM1NGE4ZTQ5OTcxNmMzZDhlMTEzMjJjZGU5ZSJ9; language=eyJpdiI6Im4yOSswY1NvRXFuU3hmeVZDY2pneE9Rd29URllZMGMyQlJDUzNGdkxLYlE9IiwidmFsdWUiOiJIMlF0N3ZiQTg4Z2ljd3RaVUg5VEQyVkJ1aWZqUG9iS1dZOEhNblpSYWR3PSIsIm1hYyI6ImYyMmFkYWI2NjRlMmNhMzRhZDQ0MjllMzliNTAzMzEyMzJlZDg5MWYzNzhmZDllMjVjYjA2N2YzOGM4M2NiNDIifQ%3D%3D; 5782d817737b3017eab5113d69873737e353e47f=eyJpdiI6InFJeDFqMnNCbk45VDZOVFE0anVHalJrRlNuWUhPbCs1QTRYclRCYXdpTEE9IiwidmFsdWUiOiJrYitKdHhkd0F6MkVtaU5LRkdYaVUxczU3Zzh6cnRaSVl2bFZRRUp6VUtDTG1NdUFwNXQ3OWxDSWsxN09Td2h3YXJEUjhEMTVHOUVBNWtKNlp0VmVhY25MQVNvRkJxU1BJcnRCMXdYRmwxUWNaMXBEdHhvZnlxVlRMbUNtZkJsVWo4TW9wRTM5OVowbTF3M2JVbWY5MTZZVk5YTE5KZ09tWXhPSm5BdFFXK3ZuNnpMMGhza0tNeE1BTmxiVGE3aWpIa1EwdzllWU5XXC95ZEJJYnpDcXdFWTJoWG83b1dFdlpwRVJoSkpveXdBR0dRbGFyREpPK2JCeFI3ZzdFdHFMQXlLUThQZ3dsM2hcL2VsVWI3ZHRMbGNTQXk3KzF6RkNPd2RyRkhzVExOT3lBZnQzcWpkOWlxV0VGNmxVWGFDNWh6cHM2dXVtT0Fnd1FOSVRBcUJLOXhXdzJ0VXVUUDNBSE01UWRaUVFBWWQwMm10MEdoREpiajZHdUtGUW1STVJcL00iLCJtYWMiOiJmNGFhMjY4NDdmOTEwMjJkMWUzZjhjZjhkNDUxNjkyN2JmMmFjODYxZWNiOTUyMmY1M2I2MWVlOTMyMmQ1NWQ5In0%3D
HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 02:46:28 GMT
Content-Type: image/png
Content-Length: 5692
Connection: keep-alive
Cache-Control: max-age=2592000
Cf-Bgj: imgq:85,h2pri
Cf-Polished: status=not_needed
ETag: "5549a07c-163c"
Expires: Sat, 03 Dec 2022 22:33:44 GMT
Last-Modified: Wed, 06 May 2015 05:02:52 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
CF-Cache-Status: HIT
Age: 1397564
Accept-Ranges: bytes
Set-Cookie: __cf_bm=3zR168LAeBRwWn2kH3myN_K3yCG6X9hEAxwmpI4VMwY-1668912388-0-AR1Qlp6LxkTo7hWTL5WWPS14fEZwjxzl87cYFeCwPSJgXSLLUQ9ka+lR7g+FjajQ87t3XJaeGRP5KCXv94ZjGxw=; path=/; expires=Sun, 20-Nov-22 03:16:28 GMT; domain=.ouo.press; HttpOnly; SameSite=None
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76cddaf99df6b4e8-OSL
ecdn.firstimpression.io/fi_client.js
54.230.111.99200 OK 100 kB URL HTTP/1.1 ecdn.firstimpression.io/fi_client.js
IP 54.230.111.99:0
File type ASCII text, with very long lines (618)
Size 100 kB (100099 bytes)
Hash 99cd59bd158ed6c0a26d58cc411e636b
2c1e7cfac6aecff726837c73259467b41b49cfff
39243bd43d5d385c52cf4c3530e35277d43d9ecd35acc21f36daf969f0edbd66
GET /fi_client.js HTTP/1.1
Host: ecdn.firstimpression.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Date: Sun, 20 Nov 2022 02:11:17 GMT
Server: nginx/1.20.0
X-Powered-By: PHP/8.0.14
X-XSS-Protection: 0
Last-Modified: Sun, 20 Nov 2022 02:11:17 UTC
ETag: W/"812a3f9e3c1568169b038cd166e89ffd"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: WvANcIn7udFHvJNFvOhePdF_c5RlqkDnF0h4lsrhoXMiEnR1qMT5AQ==
Age: 2111
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash a00fff9dd1711061b285e2136c973d13
66548ac11fc58024c6994539ab81804add41d2f2
4b87c5468c15817686a8497324c2a06d18fd5574141aa0476bf98aa3b8395a8f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 02:46:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tv.gourdycortes.com/1clkn/48786
23.109.82.82200 OK 26 B URL HTTP/1.1 tv.gourdycortes.com/1clkn/48786
IP 23.109.82.82:0
File type ASCII text, with no line terminators
Hash 414a242a6fee8464282857e475d3ef61
f669890350347f53aa9bd19c1a355692e8d17d2f
d4914e81dd0b4c1d8ee8e789f6b369d107b93ac886f862930e1a98580e79aafa
GET /1clkn/48786 HTTP/1.1
Host: tv.gourdycortes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 20 Nov 2022 02:46:28 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Set-Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; expires=Mon, 21-Nov-2022 02:46:28 GMT; Max-Age=86400; path=/
GL_GI10=eJxNjM0KgkAYRW0qSwrjQg%2FQC2T%2Fi7bVMnThAwxmXzFg84kz%2FdjTpwbR5nI4cK7jOGLsQ6gcw%2B0i2M6D9TJYbNZoX4khwgjDlO%2FaFqXUyY3ghlw8kxJuQVfFGmK%2BwuDLMuUzoRtG0z%2FXRIPIZDzZ1z8lOqmqt1bwav52vaprXFuZHP4uU69JzNndVi8GniYrTU50hrdPThnNDvER%2Fs82H24LfWVkXvCrrHhk1Y3erEny5WLIVqr1cMUHDLFHVQ%3D%3D; expires=Mon, 21-Nov-2022 02:46:28 GMT; Max-Age=86400; path=/
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
itineraryupper.com/ed/36/01/ed36014633829dc70a42dccaefdf3f11.js
173.233.137.60200 OK 13 kB URL HTTP/1.1 itineraryupper.com/ed/36/01/ed36014633829dc70a42dccaefdf3f11.js
IP 173.233.137.60:0
File type ASCII text, with very long lines (37150), with no line terminators
Hash 9a4aca57b0f5b4239476fa81137f7f6d
77ff9fb449010399d97910f6db473d27aaefe2bf
9b7a4f02de506daaf7c69cda4855a138f5d421f6f7c130a80e9a443a44596ec5
Analyzer Verdict Alert fortinet Malware
GET /ed/36/01/ed36014633829dc70a42dccaefdf3f11.js HTTP/1.1
Host: itineraryupper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 20 Nov 2022 02:46:28 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4d503180412a9e89966bb4e280c61bc0
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
fonts.gstatic.com/s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2
216.58.207.195200 OK 19 kB URL HTTP/1.1 fonts.gstatic.com/s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 19292, version 1.0\012- data
Hash 19007b17e56daa60133bce9e9b352a95
bac1384caeae5762e7a1d8c18037f69c8cd21bc4
fd88a03358ba14440b78c6329717bdf6ed1a9fe97c3ad4e0a0a39d31fb1ac546
GET /s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://ouo.press
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 19292
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 17 Nov 2022 15:32:26 GMT
Expires: Fri, 17 Nov 2023 15:32:26 GMT
Cache-Control: public, max-age=31536000
Age: 213242
Last-Modified: Wed, 27 Apr 2022 16:12:54 GMT
Content-Type: font/woff2
friendshipmale.com/sfp.js
104.21.234.92200 OK 28 kB URL HTTP/1.1 friendshipmale.com/sfp.js
IP 104.21.234.92:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash b1fa950e77a7db5425f9a5257af02e9c
2d5580451f34ad96218f8b97edf9708f9ee1be87
d999c4320df27dc4a1d3de5aec22bb3ef201560b47a7eff3f28f4133c1997a14
Analyzer Verdict Alert quad9 Sinkholed
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 02:46:28 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: max-age=14400
X-Request-ID: d6ec4776e327147da898af4985497a25
Strict-Transport-Security: max-age=0; includeSubdomains
CF-Cache-Status: EXPIRED
Last-Modified: Sun, 20 Nov 2022 02:46:28 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ax1casd9R9w3L%2FzKMoqjI9jUPAFusvdF%2BChPsV8fzSpHrikRJ2qb34Fle5vHmAxkVPHxmsmFTPhMTJZ2wZGFLlNjLn1ZF%2Fg1k35icjS4OopYQT%2Bv%2BGKN%2BZ%2Bv1DgQnIInMY7oxQo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76cddafcfef1d174-LHR
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 0f162707471b694d9472aaa730586029
8e772c5ff60be51dbae5fb8e630f1f832f5138a6
8dbe631994a2b21d73969d226fc7cc6a17961a9fd4cc0c2656bd858761441ddc
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=129625
Date: Sun, 20 Nov 2022 02:46:28 GMT
Etag: "6378da9a-1d7"
Expires: Mon, 21 Nov 2022 14:46:53 GMT
Last-Modified: Sat, 19 Nov 2022 13:31:06 GMT
Server: ECS (nyb/1D17)
X-Cache: Miss from cloudfront
Via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: umUMKbSt8cMyw9f6_3b6gRT0w1mBgeBA4M8FQD8orpULvNQR46vs_A==
Age: 4547
simplewebanalysis.com/stats
18.185.190.54200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 18.185.190.54:0
File type ASCII text, with no line terminators
Hash 2e67bd4aa521417bde534544ad2248ba
d021470634eed2a808c28af2fd3a5f66e10a53e0
43a2fa8d778b91e3f5a95f77c588b8d952970c66a0530309116185fd37ae43a0
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 20 Nov 2022 02:46:28 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://ouo.press
access-control-allow-credentials: true
set-cookie: uid_id2=13b0d39e-afd9-4d3f-a6f2-b80a15278ab0:3:1; expires=Wed, 17 Nov 2032 02:46:28 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
widgets.outbrain.com/images/widgetIcons/achoice.svg
23.38.201.81200 OK 2.7 kB URL HTTP/2 widgets.outbrain.com/images/widgetIcons/achoice.svg
IP 23.38.201.81:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2290)
Hash 9d26fa4e7238ed94f1d0d92afb453b3e
ae18efe7d09337bf2f580b3f5bc912284aad7821
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
GET /images/widgetIcons/achoice.svg HTTP/1.1
Host: widgets.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/svg+xml
etag: "9d26fa4e7238ed94f1d0d92afb453b3e:1662969032.874716"
last-modified: Mon, 12 Sep 2022 07:37:47 GMT
server: AkamaiNetStorage
content-length: 2735
cache-control: max-age=2592000
expires: Tue, 20 Dec 2022 02:46:28 GMT
date: Sun, 20 Nov 2022 02:46:28 GMT
timing-allow-origin: *, *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 31a83b4485ec788d1b2edf7f4db2fc69
df444fb902d3e71b6ce9036178065282b55e6c3f
f873afa22e47b4fdf60b9748f0e7f9ada82da134217a7e6a023fed2756149867
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5261
Cache-Control: max-age=150466
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 02:46:28 GMT
Etag: "63792939-116"
Expires: Mon, 21 Nov 2022 20:34:14 GMT
Last-Modified: Sat, 19 Nov 2022 19:06:33 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 278
jsc.adskeeper.co.uk/o/u/ouo.press.911109.js
172.64.153.20200 OK 929 B URL HTTP/2 jsc.adskeeper.co.uk/o/u/ouo.press.911109.js
IP 172.64.153.20:0
File type ASCII text, with very long lines (2380)
Hash 9f75706e49f33292121c21bb951a5e01
0d60dba153c2a297297158c430169312229d3c81
d5662e39ad5b6728cc878ba9ceb261ed5ecedf798c625119687339edeacee44b
GET /o/u/ouo.press.911109.js HTTP/1.1
Host: jsc.adskeeper.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 20 Nov 2022 02:46:28 GMT
content-type: text/javascript
content-length: 929
x-amz-id-2: vtn72bRmUV1i15SpQCdNuWH0xMJDxDYz07bZIht2oPQArC1gEiRra7yanwv+yUbg36svxSlF1s8=
x-amz-request-id: FPYKY5WP0W3DNCR7
last-modified: Thu, 03 Nov 2022 14:14:00 GMT
etag: "9f75706e49f33292121c21bb951a5e01"
content-encoding: gzip
x-amz-version-id: UO4is2f5stlkwNTZ1YnKhqwTJdu4VZO9
cf-cache-status: HIT
age: 6178
expires: Sun, 20 Nov 2022 06:46:28 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76cddafe2e7efabc-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash c58de690a701dea26333a42815dc3003
91d9e60c285f6578b5d814901a90f52cafbb8790
179d035993138ec5fdb0b2bf1987888f751903e959af09e335ada210be842ca6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 02:46:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 31a83b4485ec788d1b2edf7f4db2fc69
df444fb902d3e71b6ce9036178065282b55e6c3f
f873afa22e47b4fdf60b9748f0e7f9ada82da134217a7e6a023fed2756149867
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5261
Cache-Control: max-age=150466
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 02:46:28 GMT
Etag: "63792939-116"
Expires: Mon, 21 Nov 2022 20:34:14 GMT
Last-Modified: Sat, 19 Nov 2022 19:06:33 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 278
jsc.adskeeper.co.uk/o/u/ouo.press.911109.es6.js
172.64.153.20200 OK 81 kB URL HTTP/2 jsc.adskeeper.co.uk/o/u/ouo.press.911109.es6.js
IP 172.64.153.20:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (32075)
Hash ed41bdebc66520dc5a317ff36d8bfdab
49b816858579e71b4a7cb8f2539ffca02498d91f
e734df14e38d127889d14db050450745f4cefe94e95209e2ffe9d509788c90fa
GET /o/u/ouo.press.911109.es6.js HTTP/1.1
Host: jsc.adskeeper.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 20 Nov 2022 02:46:28 GMT
content-type: text/javascript
content-length: 81189
x-amz-id-2: uBwKbib6rRKXAPfhmLsUl1hOTcelcDiS0MSbLSTLPOIUFkXNAkPVqEqe8OFoRdEeDJ408DumWus=
x-amz-request-id: CEGXGFN12H2GTA2V
last-modified: Thu, 03 Nov 2022 14:14:00 GMT
etag: "ed41bdebc66520dc5a317ff36d8bfdab"
content-encoding: gzip
x-amz-version-id: ky9s_6H_PYoqTimaHwDEpTBaosPbnmGt
cf-cache-status: HIT
age: 6174
expires: Sun, 20 Nov 2022 06:46:28 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76cddafe5e83fabc-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash da2d83e904cd35e185b36b715ab785df
258667d57898e4559332a419918f9e8f1e5cd39c
2a11aab970c28cba544f5e4c734b94d8c25dd6f435affc4f28d35e4bdd114e86
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 02:46:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
142.250.74.163200 OK 163 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (730)
Size 163 kB (162976 bytes)
Hash 79d18cf4265108d7cecca1bf4ada6109
e51d0285a545381d4c39e9e0292a650ffeeecbb9
59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6
GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Nov 2022 15:30:33 GMT
expires: Fri, 17 Nov 2023 15:30:33 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
age: 213355
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash c58de690a701dea26333a42815dc3003
91d9e60c285f6578b5d814901a90f52cafbb8790
179d035993138ec5fdb0b2bf1987888f751903e959af09e335ada210be842ca6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 02:46:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash da2d83e904cd35e185b36b715ab785df
258667d57898e4559332a419918f9e8f1e5cd39c
2a11aab970c28cba544f5e4c734b94d8c25dd6f435affc4f28d35e4bdd114e86
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 02:46:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash c28dcab32cb68e75be2f9d541e417a3c
7e94e4d48e4004090b100451a37752a7ae691550
fe2434a22cb390d054adcb47b67cbc3d1141a753f87839723554dd1bced75e45
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 02:46:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash c28dcab32cb68e75be2f9d541e417a3c
7e94e4d48e4004090b100451a37752a7ae691550
fe2434a22cb390d054adcb47b67cbc3d1141a753f87839723554dd1bced75e45
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 02:46:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
simplewebanalysis.com/stats
18.185.190.54200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 18.185.190.54:0
File type ASCII text, with no line terminators
Hash 2e67bd4aa521417bde534544ad2248ba
d021470634eed2a808c28af2fd3a5f66e10a53e0
43a2fa8d778b91e3f5a95f77c588b8d952970c66a0530309116185fd37ae43a0
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Cookie: uid_id2=13b0d39e-afd9-4d3f-a6f2-b80a15278ab0:3:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 20 Nov 2022 02:46:29 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://ouo.press
access-control-allow-credentials: true
X-Firefox-Spdy: h2
unseenreport.com/pxf.gif?uuid=13b0d39e-afd9-4d3f-a6f2-b80a15278ab0&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=ed36014633829dc70a42dccaefdf3f11&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=2
192.243.61.225200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=13b0d39e-afd9-4d3f-a6f2-b80a15278ab0&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=ed36014633829dc70a42dccaefdf3f11&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=2
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=13b0d39e-afd9-4d3f-a6f2-b80a15278ab0&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=ed36014633829dc70a42dccaefdf3f11&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=2 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 20 Nov 2022 02:46:29 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d010381426f20804f6bf2d449af32f17
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 15ee34946fa8b3741ff57c87a0396369
c5e3c28380c118a4ef10e84f77d6dc80a827d16a
1ba3003ac07cacc944cf6adf0af91fdcfae0314c7ee8e59bb7946f0112c5c900
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BA3003AC07CACC944CF6ADF0AF91FDCFAE0314C7EE8E59BB7946F0112C5C900"
Last-Modified: Sat, 19 Nov 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7310
Expires: Sun, 20 Nov 2022 04:48:20 GMT
Date: Sun, 20 Nov 2022 02:46:30 GMT
Connection: keep-alive
moleconcern.com/sbar.json?key=ed36014633829dc70a42dccaefdf3f11&uuid=13b0d39e-afd9-4d3f-a6f2-b80a15278ab0%3A3%3A1
192.243.59.12200 OK 10 kB URL HTTP/1.1 moleconcern.com/sbar.json?key=ed36014633829dc70a42dccaefdf3f11&uuid=13b0d39e-afd9-4d3f-a6f2-b80a15278ab0%3A3%3A1
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , ASCII text, with very long lines (16648), with no line terminators
Hash eac18c40c0852491705c9f3cc7aad15e
b1913bff938cf22acdd85f0e0aa30615b2166ee7
a3292f0eb5a2779b7eefb3985f89e8e9126708d985edbf9ac11dd28342d78e6f
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=ed36014633829dc70a42dccaefdf3f11&uuid=13b0d39e-afd9-4d3f-a6f2-b80a15278ab0%3A3%3A1 HTTP/1.1
Host: moleconcern.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 20 Nov 2022 02:46:31 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://ouo.press
Access-Control-Allow-Origin: http://ouo.press
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=15424691; expires=Mon, 21 Nov 2022 02:46:30 GMT; secure; SameSite=None
uid_id2=13b0d39e-afd9-4d3f-a6f2-b80a15278ab0:3:1; expires=Sun, 27 Nov 2022 02:46:30 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 21 Nov 2022 02:46:30 GMT; secure; SameSite=None
uncs=1; expires=Mon, 21 Nov 2022 02:46:30 GMT; secure; SameSite=None
pdhtkv29=true; expires=Mon, 21 Nov 2022 02:46:30 GMT; secure; SameSite=None
uncs29=1; expires=Mon, 21 Nov 2022 02:46:30 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3a4386b47cf777df077099309d7a368f
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
moleconcern.com/ren.gif?sid=H4sIAAAAAAAC%2F3SWS6gkS1rHq3pmxAcIihsF4XCPd1CwTuWr8nEvQ1OV9c6qyqyqzKyssqHMzIjMjKp8v6sWMjgisxFaQRTcnI7uO%2B11htHLLFwJctqF0iD0cTH0BdudGzc%2BYNZyTrf0CLc%2FMjO%2ByC8W3xfx%2B3%2FEHz4p3jQIXJivlXl0Rr5vtjtXxMVvblAIoiq7WKgXJHFFfHqxQSHLfHpR333S8hOS6FwRv3UxgvYxalMESRAkQV4MUQqdqG7fRzGKfyCQVwJxxVBXZIfBdfr%2F51nRxJnZxKB80%2FhljMDtN7x%2F%2BgIj%2BwaHwd%2F0YXbMo%2Fi3B0Hhm3mU4hI818JjGFUhDt67TtrETvj83WocZbeNxp8%2FwFH4%2FF0FOCqf3VWALXTbaP6YxFb4%2FF2a2Co%2Fe5up5WMYYgv8Aq7KGwz9G4zMG2xH38EIvGpgbAO8kHEYfG8RpZV5ehs176K3ja%2F%2F5H8wqm4bX%2F%2FXX8Fh8MOej%2BqLdeQXOYrCDNfONUb1DUbuDY6LFzg%2FNzGqXmA7%2F32MwD832j%2BZ4TB4Jmd%2BhBF4%2FRskbRGAFmDLdIDQYgDttEzWoVoWT5hkh%2BJ40yLutwihG4ycG%2BzDx9jMvoaLrIkL1MSF08RF3MQBeH1hdgSHIDjHcmiaZ2zbpmnb7vAs6ACa4R0CF%2FZdDY9xHj%2FGtv8Y2%2Bm3cZx%2BGx%2FRY5wWf48z7xpnoImzvIFLcI0r2MBV1sCV2cAVauAqb%2BCqvP4M%2BBmVXX8P%2BFlhke9G6t1IXz%2BNcveJ%2BVmUuzBsPInfNH7pfuP%2B49GP8BG%2BvoCAZgmSYWmapwRgc4TJUMC2TegAh3ZIEmfoGqPsATazJj6jV7%2F4YxyjVz93jS3zBc78F9hGH2Gz%2BHVsVk85isCm95ThCXwOP4%2BK6CpOYZZhEF3jOP8Gzk%2FNJ%2F6bxq%2FeJ0B%2F878xtF8%2B%2FNGf%2BL%2F3w9%2F5R2yn1zhOr%2FEB%2FUMDu%2F53n66iqvFsFVVZ4ws5zlGAzubdqa5zM4eNv5LgqYpSMOlnjz%2Fv2neBO%2FcHKszymRkCFLpZ4%2Fs9BABMh1Fqw8bfTbINtJQi83pFGhbxTBGHk%2BA%2BQRSFN9hErywd2%2Bi28bMvfv6e118Df4FR%2BgKnxZfN%2F%2FLyPP6k3TYBrG3PDF3omjm8sqOgDaK2fRV78cMsNwMz%2F1bwMSd%2BTN097kFKGDQ4RSON7k2F0ZgAAzBW6Fq5Egj%2BY0osNT439p64JTjhyPiF7ZmjeSIbzGyaT%2Ba91LUzCTFcPV%2BDLCz76xLqFbnZL4sTmYihrjgx3RW5upjF4n69ARo%2FGVDDWYEYxlQ9fxGvTkJyrNTdtjOfp5Vvc4KgUdPl2fJ4L187U8cAOrXwkaVOk14ekaGxW7hnJMH%2BYNyNp%2BREtYZ6uBmEts4nCmd452CYw7Qul%2FyacUU%2BjWTFnHfMTWfjzr1lMBwn66pQGW1lS9kZ0utiGh9GJ5msQAbEsFbmR3oxy9M9Ox07nXhoH0nHYQ7iYXU663ZcE37RsdkBF8F5a3Zgs6686uVDL5lbx3x8lMdiyJzPTjBip13tqB0kIzbcrmnsJ6M8H7r1YMm0GC2dy6g4Wik4dxO0yEbbLVL50zGKMipIZ8pyPdy6VklLxKTnZkt3lwhGb%2BESk%2BOA28zslrF8e3g4KF4%2B%2FM%2FGvWEU3WA7%2FoO%2FvrzsD9biaqKoE3lxefm3YhTEZgovcg9eWDDLL3RlcXV19cXlpSKv1V5XlPbaara%2BvPzyweuP7hF61H70FRDd%2FasftaMYhmluPWpTj9oVCj9AFbVNo7v3jqpO66epshnuY0pUWKoY91R9ywC4smVtsmh1q8WuBff7qgZdrzD0qp%2FJpGhXgW%2Bx%2Fclk3T2V5E6ljSIkGEnnVVZwy5PcV%2FIWMV5Ruqqtq9b57LW2hUwPhA46mQppS8fjNExVf8TDOW1Jk5OVL21BI5Jd0h%2Bs%2FE1i9%2Bp07kKLHY%2BzGdCVLKvmkbnbCC3xdNrNTzIcmKF7blmjajivD6krKD5BUupuLidDzT3p52pkzTSo78fdVswPhl5SyygI%2B2inmcOVsxtrIwXZdiLUtQxXXNyTphLb3x9P%2B62TQ6uU6t50IyqlRRvEdLUaVkOvPCx02t5FelBBqefUSkh7C9VOhrYjnfZdo3uYpwad9IjgCNbdpbgwh6Nur3venujlSVclR60L01gCmpIGRkhsvJpFU6513nYFclvDrQrz5TGcdFrozCF6ehjL4lqjdvO%2B2EIS1WM3JyFL5FQg7M1KjVEgjiJRW9I9hlU3hB%2FVA8cVW6biV0FgzlujxdKdcIu0t0ijVdZFxm5TF4tR4k2McWdqRMciMKiz5W9XerGcT6PTTLRmAjc%2F69R6EAmTMa%2BkywU%2F3urmhPTkUbojWVi3dIYu%2BjNPHLM7f6mpLp%2F0uiGr6OFw6663MTHch9KZPLbUzWjrHg2Z0Bz3LXzfNEG9j1Nkw28RVwTHMh36o7%2B8vJyId3J4%2Fbt3iGeftNt2msI4um%2BPsM4tM2zTBCtQPEERbTuFZo5KmLUpusNQBMe0O5zJAJYiKMjTjklZPEEIrAUBgB22wzlgz7EMcRWH7ueXl%2BpEnQ0uL7%2B%2FgBBcmHeCe4iz%2BGXjneEsauDUfz%2B34iauii8fvPpwBzdB%2FX%2FSa1MfFl6XAgeAzPNXCI%2B9b%2BcuM%2BwR1TwqDHSsPLcfF2Wqjyppt2Y57bAyhJ0e661Zv4PAmq4OoquV0ljPt2BKBMOp5BWqI0%2ByeonWeagrIuvyCd9LdHo4VQNC6qR9lkJBHi2OJRUQCzFKRWEi52nPs42jsRrKgyVl8XRHFoSlGklnmROnsrMiDjtSdQbjoO6x0XnDURYjeJEatIxkE08m5FxGgSfT8ODu%2Bc5oiOanw2HfKQFbscx4Vc1GeTE8o8AwEzoIN4Wm2%2BMpVYdVFcSaG%2BVTlqdVKLq53EdJ6ITjAwyLhLLzZMH2WIbtWLCmLMkGOTE4kHpXrIK5z0sk5y%2B9o0yKyVFK1pFGV9qBJjSpmjhuNGHKYjvuC85Qo2RekWvOc6bKnubKbjiUBdboU6kR8kR0iBRiyhrLxGvxZMhLe8U4j7t1hqyAYHsTPy1PrMZx0bFbm7PJ0kg00Aq20rEU%2Bx1uSx63U3I1Deb52uQoGWogUMfKMlD6SZ3UoxPMBvFoVS60XT6piT7cnGjO4wNlw3SCRW%2FnjrNISbdDHdbjfbSO%2Fb0S5dUQ9vZupiQ7d%2BRwZVCpKpyYSp8tI%2B8EKlH3YjkdGAvWO7HratSyIa0eoESXC7W%2FJlwry0om2w5Pte6POiswB9UHhfc0paz39ycf3TaEf3%2BAffjy4Z%2F9kfxvn4IdNq1rnMGf0sJ7%2F0n2XeymTWzm38FhcI3L9BqX%2FjU2%2Fcc4K772NI%2FTlw%2F%2Fhb43bPnNp5afNp9Zfur%2F8du7W4ZeX8COQziQoKDlCJbDmQQQHEawTIGEnNUxSZxnt%2FbpT3%2FmfwEAAP%2F%2FAQAA%2F%2F%2Bbrq4S6AwAAA%3D%3D
192.243.59.12200 OK 7 B URL HTTP/1.1 moleconcern.com/ren.gif?sid=H4sIAAAAAAAC%2F3SWS6gkS1rHq3pmxAcIihsF4XCPd1CwTuWr8nEvQ1OV9c6qyqyqzKyssqHMzIjMjKp8v6sWMjgisxFaQRTcnI7uO%2B11htHLLFwJctqF0iD0cTH0BdudGzc%2BYNZyTrf0CLc%2FMjO%2ByC8W3xfx%2B3%2FEHz4p3jQIXJivlXl0Rr5vtjtXxMVvblAIoiq7WKgXJHFFfHqxQSHLfHpR333S8hOS6FwRv3UxgvYxalMESRAkQV4MUQqdqG7fRzGKfyCQVwJxxVBXZIfBdfr%2F51nRxJnZxKB80%2FhljMDtN7x%2F%2BgIj%2BwaHwd%2F0YXbMo%2Fi3B0Hhm3mU4hI818JjGFUhDt67TtrETvj83WocZbeNxp8%2FwFH4%2FF0FOCqf3VWALXTbaP6YxFb4%2FF2a2Co%2Fe5up5WMYYgv8Aq7KGwz9G4zMG2xH38EIvGpgbAO8kHEYfG8RpZV5ehs176K3ja%2F%2F5H8wqm4bX%2F%2FXX8Fh8MOej%2BqLdeQXOYrCDNfONUb1DUbuDY6LFzg%2FNzGqXmA7%2F32MwD832j%2BZ4TB4Jmd%2BhBF4%2FRskbRGAFmDLdIDQYgDttEzWoVoWT5hkh%2BJ40yLutwihG4ycG%2BzDx9jMvoaLrIkL1MSF08RF3MQBeH1hdgSHIDjHcmiaZ2zbpmnb7vAs6ACa4R0CF%2FZdDY9xHj%2FGtv8Y2%2Bm3cZx%2BGx%2FRY5wWf48z7xpnoImzvIFLcI0r2MBV1sCV2cAVauAqb%2BCqvP4M%2BBmVXX8P%2BFlhke9G6t1IXz%2BNcveJ%2BVmUuzBsPInfNH7pfuP%2B49GP8BG%2BvoCAZgmSYWmapwRgc4TJUMC2TegAh3ZIEmfoGqPsATazJj6jV7%2F4YxyjVz93jS3zBc78F9hGH2Gz%2BHVsVk85isCm95ThCXwOP4%2BK6CpOYZZhEF3jOP8Gzk%2FNJ%2F6bxq%2FeJ0B%2F878xtF8%2B%2FNGf%2BL%2F3w9%2F5R2yn1zhOr%2FEB%2FUMDu%2F53n66iqvFsFVVZ4ws5zlGAzubdqa5zM4eNv5LgqYpSMOlnjz%2Fv2neBO%2FcHKszymRkCFLpZ4%2Fs9BABMh1Fqw8bfTbINtJQi83pFGhbxTBGHk%2BA%2BQRSFN9hErywd2%2Bi28bMvfv6e118Df4FR%2BgKnxZfN%2F%2FLyPP6k3TYBrG3PDF3omjm8sqOgDaK2fRV78cMsNwMz%2F1bwMSd%2BTN097kFKGDQ4RSON7k2F0ZgAAzBW6Fq5Egj%2BY0osNT439p64JTjhyPiF7ZmjeSIbzGyaT%2Ba91LUzCTFcPV%2BDLCz76xLqFbnZL4sTmYihrjgx3RW5upjF4n69ARo%2FGVDDWYEYxlQ9fxGvTkJyrNTdtjOfp5Vvc4KgUdPl2fJ4L187U8cAOrXwkaVOk14ekaGxW7hnJMH%2BYNyNp%2BREtYZ6uBmEts4nCmd452CYw7Qul%2FyacUU%2BjWTFnHfMTWfjzr1lMBwn66pQGW1lS9kZ0utiGh9GJ5msQAbEsFbmR3oxy9M9Ox07nXhoH0nHYQ7iYXU663ZcE37RsdkBF8F5a3Zgs6686uVDL5lbx3x8lMdiyJzPTjBip13tqB0kIzbcrmnsJ6M8H7r1YMm0GC2dy6g4Wik4dxO0yEbbLVL50zGKMipIZ8pyPdy6VklLxKTnZkt3lwhGb%2BESk%2BOA28zslrF8e3g4KF4%2B%2FM%2FGvWEU3WA7%2FoO%2FvrzsD9biaqKoE3lxefm3YhTEZgovcg9eWDDLL3RlcXV19cXlpSKv1V5XlPbaara%2BvPzyweuP7hF61H70FRDd%2FasftaMYhmluPWpTj9oVCj9AFbVNo7v3jqpO66epshnuY0pUWKoY91R9ywC4smVtsmh1q8WuBff7qgZdrzD0qp%2FJpGhXgW%2Bx%2Fclk3T2V5E6ljSIkGEnnVVZwy5PcV%2FIWMV5Ruqqtq9b57LW2hUwPhA46mQppS8fjNExVf8TDOW1Jk5OVL21BI5Jd0h%2Bs%2FE1i9%2Bp07kKLHY%2BzGdCVLKvmkbnbCC3xdNrNTzIcmKF7blmjajivD6krKD5BUupuLidDzT3p52pkzTSo78fdVswPhl5SyygI%2B2inmcOVsxtrIwXZdiLUtQxXXNyTphLb3x9P%2B62TQ6uU6t50IyqlRRvEdLUaVkOvPCx02t5FelBBqefUSkh7C9VOhrYjnfZdo3uYpwad9IjgCNbdpbgwh6Nur3venujlSVclR60L01gCmpIGRkhsvJpFU6513nYFclvDrQrz5TGcdFrozCF6ehjL4lqjdvO%2B2EIS1WM3JyFL5FQg7M1KjVEgjiJRW9I9hlU3hB%2FVA8cVW6biV0FgzlujxdKdcIu0t0ijVdZFxm5TF4tR4k2McWdqRMciMKiz5W9XerGcT6PTTLRmAjc%2F69R6EAmTMa%2BkywU%2F3urmhPTkUbojWVi3dIYu%2BjNPHLM7f6mpLp%2F0uiGr6OFw6663MTHch9KZPLbUzWjrHg2Z0Bz3LXzfNEG9j1Nkw28RVwTHMh36o7%2B8vJyId3J4%2Fbt3iGeftNt2msI4um%2BPsM4tM2zTBCtQPEERbTuFZo5KmLUpusNQBMe0O5zJAJYiKMjTjklZPEEIrAUBgB22wzlgz7EMcRWH7ueXl%2BpEnQ0uL7%2B%2FgBBcmHeCe4iz%2BGXjneEsauDUfz%2B34iauii8fvPpwBzdB%2FX%2FSa1MfFl6XAgeAzPNXCI%2B9b%2BcuM%2BwR1TwqDHSsPLcfF2Wqjyppt2Y57bAyhJ0e661Zv4PAmq4OoquV0ljPt2BKBMOp5BWqI0%2ByeonWeagrIuvyCd9LdHo4VQNC6qR9lkJBHi2OJRUQCzFKRWEi52nPs42jsRrKgyVl8XRHFoSlGklnmROnsrMiDjtSdQbjoO6x0XnDURYjeJEatIxkE08m5FxGgSfT8ODu%2Bc5oiOanw2HfKQFbscx4Vc1GeTE8o8AwEzoIN4Wm2%2BMpVYdVFcSaG%2BVTlqdVKLq53EdJ6ITjAwyLhLLzZMH2WIbtWLCmLMkGOTE4kHpXrIK5z0sk5y%2B9o0yKyVFK1pFGV9qBJjSpmjhuNGHKYjvuC85Qo2RekWvOc6bKnubKbjiUBdboU6kR8kR0iBRiyhrLxGvxZMhLe8U4j7t1hqyAYHsTPy1PrMZx0bFbm7PJ0kg00Aq20rEU%2Bx1uSx63U3I1Deb52uQoGWogUMfKMlD6SZ3UoxPMBvFoVS60XT6piT7cnGjO4wNlw3SCRW%2FnjrNISbdDHdbjfbSO%2Fb0S5dUQ9vZupiQ7d%2BRwZVCpKpyYSp8tI%2B8EKlH3YjkdGAvWO7HratSyIa0eoESXC7W%2FJlwry0om2w5Pte6POiswB9UHhfc0paz39ycf3TaEf3%2BAffjy4Z%2F9kfxvn4IdNq1rnMGf0sJ7%2F0n2XeymTWzm38FhcI3L9BqX%2FjU2%2Fcc4K772NI%2FTlw%2F%2Fhb43bPnNp5afNp9Zfur%2F8du7W4ZeX8COQziQoKDlCJbDmQQQHEawTIGEnNUxSZxnt%2FbpT3%2FmfwEAAP%2F%2FAQAA%2F%2F%2Bbrq4S6AwAAA%3D%3D
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F3SWS6gkS1rHq3pmxAcIihsF4XCPd1CwTuWr8nEvQ1OV9c6qyqyqzKyssqHMzIjMjKp8v6sWMjgisxFaQRTcnI7uO%2B11htHLLFwJctqF0iD0cTH0BdudGzc%2BYNZyTrf0CLc%2FMjO%2ByC8W3xfx%2B3%2FEHz4p3jQIXJivlXl0Rr5vtjtXxMVvblAIoiq7WKgXJHFFfHqxQSHLfHpR333S8hOS6FwRv3UxgvYxalMESRAkQV4MUQqdqG7fRzGKfyCQVwJxxVBXZIfBdfr%2F51nRxJnZxKB80%2FhljMDtN7x%2F%2BgIj%2BwaHwd%2F0YXbMo%2Fi3B0Hhm3mU4hI818JjGFUhDt67TtrETvj83WocZbeNxp8%2FwFH4%2FF0FOCqf3VWALXTbaP6YxFb4%2FF2a2Co%2Fe5up5WMYYgv8Aq7KGwz9G4zMG2xH38EIvGpgbAO8kHEYfG8RpZV5ehs176K3ja%2F%2F5H8wqm4bX%2F%2FXX8Fh8MOej%2BqLdeQXOYrCDNfONUb1DUbuDY6LFzg%2FNzGqXmA7%2F32MwD832j%2BZ4TB4Jmd%2BhBF4%2FRskbRGAFmDLdIDQYgDttEzWoVoWT5hkh%2BJ40yLutwihG4ycG%2BzDx9jMvoaLrIkL1MSF08RF3MQBeH1hdgSHIDjHcmiaZ2zbpmnb7vAs6ACa4R0CF%2FZdDY9xHj%2FGtv8Y2%2Bm3cZx%2BGx%2FRY5wWf48z7xpnoImzvIFLcI0r2MBV1sCV2cAVauAqb%2BCqvP4M%2BBmVXX8P%2BFlhke9G6t1IXz%2BNcveJ%2BVmUuzBsPInfNH7pfuP%2B49GP8BG%2BvoCAZgmSYWmapwRgc4TJUMC2TegAh3ZIEmfoGqPsATazJj6jV7%2F4YxyjVz93jS3zBc78F9hGH2Gz%2BHVsVk85isCm95ThCXwOP4%2BK6CpOYZZhEF3jOP8Gzk%2FNJ%2F6bxq%2FeJ0B%2F878xtF8%2B%2FNGf%2BL%2F3w9%2F5R2yn1zhOr%2FEB%2FUMDu%2F53n66iqvFsFVVZ4ws5zlGAzubdqa5zM4eNv5LgqYpSMOlnjz%2Fv2neBO%2FcHKszymRkCFLpZ4%2Fs9BABMh1Fqw8bfTbINtJQi83pFGhbxTBGHk%2BA%2BQRSFN9hErywd2%2Bi28bMvfv6e118Df4FR%2BgKnxZfN%2F%2FLyPP6k3TYBrG3PDF3omjm8sqOgDaK2fRV78cMsNwMz%2F1bwMSd%2BTN097kFKGDQ4RSON7k2F0ZgAAzBW6Fq5Egj%2BY0osNT439p64JTjhyPiF7ZmjeSIbzGyaT%2Ba91LUzCTFcPV%2BDLCz76xLqFbnZL4sTmYihrjgx3RW5upjF4n69ARo%2FGVDDWYEYxlQ9fxGvTkJyrNTdtjOfp5Vvc4KgUdPl2fJ4L187U8cAOrXwkaVOk14ekaGxW7hnJMH%2BYNyNp%2BREtYZ6uBmEts4nCmd452CYw7Qul%2FyacUU%2BjWTFnHfMTWfjzr1lMBwn66pQGW1lS9kZ0utiGh9GJ5msQAbEsFbmR3oxy9M9Ox07nXhoH0nHYQ7iYXU663ZcE37RsdkBF8F5a3Zgs6686uVDL5lbx3x8lMdiyJzPTjBip13tqB0kIzbcrmnsJ6M8H7r1YMm0GC2dy6g4Wik4dxO0yEbbLVL50zGKMipIZ8pyPdy6VklLxKTnZkt3lwhGb%2BESk%2BOA28zslrF8e3g4KF4%2B%2FM%2FGvWEU3WA7%2FoO%2FvrzsD9biaqKoE3lxefm3YhTEZgovcg9eWDDLL3RlcXV19cXlpSKv1V5XlPbaara%2BvPzyweuP7hF61H70FRDd%2FasftaMYhmluPWpTj9oVCj9AFbVNo7v3jqpO66epshnuY0pUWKoY91R9ywC4smVtsmh1q8WuBff7qgZdrzD0qp%2FJpGhXgW%2Bx%2Fclk3T2V5E6ljSIkGEnnVVZwy5PcV%2FIWMV5Ruqqtq9b57LW2hUwPhA46mQppS8fjNExVf8TDOW1Jk5OVL21BI5Jd0h%2Bs%2FE1i9%2Bp07kKLHY%2BzGdCVLKvmkbnbCC3xdNrNTzIcmKF7blmjajivD6krKD5BUupuLidDzT3p52pkzTSo78fdVswPhl5SyygI%2B2inmcOVsxtrIwXZdiLUtQxXXNyTphLb3x9P%2B62TQ6uU6t50IyqlRRvEdLUaVkOvPCx02t5FelBBqefUSkh7C9VOhrYjnfZdo3uYpwad9IjgCNbdpbgwh6Nur3venujlSVclR60L01gCmpIGRkhsvJpFU6513nYFclvDrQrz5TGcdFrozCF6ehjL4lqjdvO%2B2EIS1WM3JyFL5FQg7M1KjVEgjiJRW9I9hlU3hB%2FVA8cVW6biV0FgzlujxdKdcIu0t0ijVdZFxm5TF4tR4k2McWdqRMciMKiz5W9XerGcT6PTTLRmAjc%2F69R6EAmTMa%2BkywU%2F3urmhPTkUbojWVi3dIYu%2BjNPHLM7f6mpLp%2F0uiGr6OFw6663MTHch9KZPLbUzWjrHg2Z0Bz3LXzfNEG9j1Nkw28RVwTHMh36o7%2B8vJyId3J4%2Fbt3iGeftNt2msI4um%2BPsM4tM2zTBCtQPEERbTuFZo5KmLUpusNQBMe0O5zJAJYiKMjTjklZPEEIrAUBgB22wzlgz7EMcRWH7ueXl%2BpEnQ0uL7%2B%2FgBBcmHeCe4iz%2BGXjneEsauDUfz%2B34iauii8fvPpwBzdB%2FX%2FSa1MfFl6XAgeAzPNXCI%2B9b%2BcuM%2BwR1TwqDHSsPLcfF2Wqjyppt2Y57bAyhJ0e661Zv4PAmq4OoquV0ljPt2BKBMOp5BWqI0%2ByeonWeagrIuvyCd9LdHo4VQNC6qR9lkJBHi2OJRUQCzFKRWEi52nPs42jsRrKgyVl8XRHFoSlGklnmROnsrMiDjtSdQbjoO6x0XnDURYjeJEatIxkE08m5FxGgSfT8ODu%2Bc5oiOanw2HfKQFbscx4Vc1GeTE8o8AwEzoIN4Wm2%2BMpVYdVFcSaG%2BVTlqdVKLq53EdJ6ITjAwyLhLLzZMH2WIbtWLCmLMkGOTE4kHpXrIK5z0sk5y%2B9o0yKyVFK1pFGV9qBJjSpmjhuNGHKYjvuC85Qo2RekWvOc6bKnubKbjiUBdboU6kR8kR0iBRiyhrLxGvxZMhLe8U4j7t1hqyAYHsTPy1PrMZx0bFbm7PJ0kg00Aq20rEU%2Bx1uSx63U3I1Deb52uQoGWogUMfKMlD6SZ3UoxPMBvFoVS60XT6piT7cnGjO4wNlw3SCRW%2FnjrNISbdDHdbjfbSO%2Fb0S5dUQ9vZupiQ7d%2BRwZVCpKpyYSp8tI%2B8EKlH3YjkdGAvWO7HratSyIa0eoESXC7W%2FJlwry0om2w5Pte6POiswB9UHhfc0paz39ycf3TaEf3%2BAffjy4Z%2F9kfxvn4IdNq1rnMGf0sJ7%2F0n2XeymTWzm38FhcI3L9BqX%2FjU2%2Fcc4K772NI%2FTlw%2F%2Fhb43bPnNp5afNp9Zfur%2F8du7W4ZeX8COQziQoKDlCJbDmQQQHEawTIGEnNUxSZxnt%2FbpT3%2FmfwEAAP%2F%2FAQAA%2F%2F%2Bbrq4S6AwAAA%3D%3D HTTP/1.1
Host: moleconcern.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ouo.press/
Cookie: u_pl=15424691; uid_id2=13b0d39e-afd9-4d3f-a6f2-b80a15278ab0:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 20 Nov 2022 02:46:31 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7a129e99e15b200b23d75f2df87bae99
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 848c991d2cfac8736cbff644cdc171e3
912c6d636148f6c7269602166d62eacf81426270
7f102f0dcda5d31f36af051fb9f5970ebcad56d230daba65cd52e1be38050084
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7F102F0DCDA5D31F36AF051FB9F5970EBCAD56D230DABA65CD52E1BE38050084"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12166
Expires: Sun, 20 Nov 2022 06:09:17 GMT
Date: Sun, 20 Nov 2022 02:46:31 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 03a91498bb5c902fd8900cec3af9299d
2d7f9203166e5b15ff31de68929155e44e285e98
5d2c8c4facc6a4f2a3a6876cf43fd5ff9bb58b8e4fb3577427744c3b75c98558
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "5D2C8C4FACC6A4F2A3A6876CF43FD5FF9BB58B8E4FB3577427744C3B75C98558"
Last-Modified: Fri, 18 Nov 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5749
Expires: Sun, 20 Nov 2022 04:22:20 GMT
Date: Sun, 20 Nov 2022 02:46:31 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 03a91498bb5c902fd8900cec3af9299d
2d7f9203166e5b15ff31de68929155e44e285e98
5d2c8c4facc6a4f2a3a6876cf43fd5ff9bb58b8e4fb3577427744c3b75c98558
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "5D2C8C4FACC6A4F2A3A6876CF43FD5FF9BB58B8E4FB3577427744C3B75C98558"
Last-Modified: Fri, 18 Nov 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5749
Expires: Sun, 20 Nov 2022 04:22:20 GMT
Date: Sun, 20 Nov 2022 02:46:31 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 03a91498bb5c902fd8900cec3af9299d
2d7f9203166e5b15ff31de68929155e44e285e98
5d2c8c4facc6a4f2a3a6876cf43fd5ff9bb58b8e4fb3577427744c3b75c98558
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "5D2C8C4FACC6A4F2A3A6876CF43FD5FF9BB58B8E4FB3577427744C3B75C98558"
Last-Modified: Fri, 18 Nov 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5749
Expires: Sun, 20 Nov 2022 04:22:20 GMT
Date: Sun, 20 Nov 2022 02:46:31 GMT
Connection: keep-alive
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
142.250.74.10200 OK 660 B URL HTTP/1.1 fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP 142.250.74.10:0
Hash 55130bf120bd75a4bba7d678be617cdf
77b172c0cc1d15e60ab95edccf3ac1e640d16812
262b9e8c2eeba18bdc3dd53ac7bbacdbbec713a9443ff5dc34e359de56ea040d
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Sun, 20 Nov 2022 02:46:31 GMT
Date: Sun, 20 Nov 2022 02:46:31 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
cdn.creative-bars1.com/sb/notifications/rtb/windows/2/img/close.png
172.64.108.13200 OK 6.3 kB URL HTTP/2 cdn.creative-bars1.com/sb/notifications/rtb/windows/2/img/close.png
IP 172.64.108.13:0
File type PNG image data, 500 x 500, 8-bit gray+alpha, non-interlaced\012- data
Hash fa3847143b5b8c7823d091ca8e88289f
eb32235cc1d642145643b4a218742564df1db6d9
a78f358b462449955b39bd7957586ab99c75c8ab453975f4789e72d55d921cea
GET /sb/notifications/rtb/windows/2/img/close.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 20 Nov 2022 02:46:31 GMT
content-type: image/png
content-length: 6318
last-modified: Mon, 17 May 2021 11:56:20 GMT
etag: "60a259e4-18ae"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 392082
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QKvZbrDmh7Zj1SN%2FbjGUvn2RtcqDEPhEHRjoycmG84eTZmA0b5lpsYzB9IuUG6ri5Ht0n%2F1XoEjxTejQanc4%2BVUPEJQ1QIhro%2FC6Oh825mjA1YxkaD6uwhOC8b77KiHvgeLGRswYkZr2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76cddb0e5a8e74e5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/rtb/windows/2/img/number.png
172.64.108.13200 OK 1.1 kB URL HTTP/2 cdn.creative-bars1.com/sb/notifications/rtb/windows/2/img/number.png
IP 172.64.108.13:0
File type PNG image data, 43 x 43, 8-bit/color RGBA, non-interlaced\012- data
Hash 9e4414e85c588bf7db195e49c02ab2bb
09254e79b255f1b2dfe45adbbe44583a4b433782
0b977ec6e7cf5d35df03cd3a8041f5f523f5d4059ac67c152c0a7b613e20b762
GET /sb/notifications/rtb/windows/2/img/number.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 20 Nov 2022 02:46:31 GMT
content-type: image/png
content-length: 1138
last-modified: Mon, 17 May 2021 11:56:20 GMT
etag: "60a259e4-472"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 391935
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ijGi0w0k%2FPZm3yWemNc2tgl8AGha2sU52JeYjqnaf%2BRTNJ%2BjYJbhhB9LP5oz5eMszqM02taHSFjgThVjQPjZByVmIWjYvGzZhPJmNkXppYOJeHaH%2BV1ahJC4%2BiCDYACEm1P00hI98m7s"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76cddb0e6a9274e5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 03a91498bb5c902fd8900cec3af9299d
2d7f9203166e5b15ff31de68929155e44e285e98
5d2c8c4facc6a4f2a3a6876cf43fd5ff9bb58b8e4fb3577427744c3b75c98558
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "5D2C8C4FACC6A4F2A3A6876CF43FD5FF9BB58B8E4FB3577427744C3B75C98558"
Last-Modified: Fri, 18 Nov 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5749
Expires: Sun, 20 Nov 2022 04:22:20 GMT
Date: Sun, 20 Nov 2022 02:46:31 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash adc445925766423943152adbe4959a74
4725eba31d3ed18989de5b184c7fd5653ce17eea
4cbe0717fa3607559b38a905c100d35e3b3cc6e84d15c6419217fb3067c2150d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 737
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 02:46:31 GMT
Etag: "63790079-118"
Last-Modified: Sun, 20 Nov 2022 02:34:14 GMT
Server: ECS (amb/6BA6)
X-Cache: HIT
Content-Length: 280
moleconcern.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fnotifications%2Frtb%2Fwindows%2F2%2Findex.html&l=1207&fd=194
192.243.59.12200 OK 0 B URL HTTP/1.1 moleconcern.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fnotifications%2Frtb%2Fwindows%2F2%2Findex.html&l=1207&fd=194
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fnotifications%2Frtb%2Fwindows%2F2%2Findex.html&l=1207&fd=194 HTTP/1.1
Host: moleconcern.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 20 Nov 2022 02:46:31 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
adexchangegate.com/adx/openrtb/2/win.php?stamat=m%7C%2C%2Cg2Yro2YroGU3B5-GH0dEdHP3xP.c47%2CP62uHBTVY4deRcOUIN-AwNZ-e__wxdAhuXVwDsO1Ccwmlb6DIISAyv1ZT3Xun04KV8T69gvyODPt-0HR2VTUSw-zzh-YuO3E95iyaP1cKkkJnrTlG8eM3bKIybtQc9U0qZqDERlWqcBxrMgeb6HHsLdVPsswMoaZW9-CyyZMyOeEangz-bGwFMxjrg9Pl012TZMOqFUgyVzwGbLUeV_HA-p8EFhqxOimnDiZUaFRfZHUGPiccq9xxOeR7pBKJK6D_ky_YftebvKxBJWCPvb3X0JRRFwFhvjNV3cZoVmweKBfxPn3hNTcqFcfKy_AXAjMrX3qB0mkdSAQCNaFGABAzYy3QyVTKfTxuaXQd32KEXn0Whx6iJ7-zYA91YxeYTetQknI5-iz7i3JjHOCSU2ZMDC-iK2B6Wy9sqOr90cWRTpimCGoCUQ3B46TW0loxEfgC-aPlwmmaM-GNQgI7NrBNroRsAiXZWxuNGqhIXH5JXokumX2zblYRVuQMJoyLCbL97MzV2SEo9IH8PrQN8HYVaI1hOGrZ16ex-V43uDLhCH6ZlQUTg8qBAn6PVnFYgSYp0F_nKz1k-TWGYgkXO0Ufg%2C%2C&adx_price=0.076453
35.208.56.33204 No Content 0 B URL HTTP/1.1 adexchangegate.com/adx/openrtb/2/win.php?stamat=m%7C%2C%2Cg2Yro2YroGU3B5-GH0dEdHP3xP.c47%2CP62uHBTVY4deRcOUIN-AwNZ-e__wxdAhuXVwDsO1Ccwmlb6DIISAyv1ZT3Xun04KV8T69gvyODPt-0HR2VTUSw-zzh-YuO3E95iyaP1cKkkJnrTlG8eM3bKIybtQc9U0qZqDERlWqcBxrMgeb6HHsLdVPsswMoaZW9-CyyZMyOeEangz-bGwFMxjrg9Pl012TZMOqFUgyVzwGbLUeV_HA-p8EFhqxOimnDiZUaFRfZHUGPiccq9xxOeR7pBKJK6D_ky_YftebvKxBJWCPvb3X0JRRFwFhvjNV3cZoVmweKBfxPn3hNTcqFcfKy_AXAjMrX3qB0mkdSAQCNaFGABAzYy3QyVTKfTxuaXQd32KEXn0Whx6iJ7-zYA91YxeYTetQknI5-iz7i3JjHOCSU2ZMDC-iK2B6Wy9sqOr90cWRTpimCGoCUQ3B46TW0loxEfgC-aPlwmmaM-GNQgI7NrBNroRsAiXZWxuNGqhIXH5JXokumX2zblYRVuQMJoyLCbL97MzV2SEo9IH8PrQN8HYVaI1hOGrZ16ex-V43uDLhCH6ZlQUTg8qBAn6PVnFYgSYp0F_nKz1k-TWGYgkXO0Ufg%2C%2C&adx_price=0.076453
IP 35.208.56.33:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /adx/openrtb/2/win.php?stamat=m%7C%2C%2Cg2Yro2YroGU3B5-GH0dEdHP3xP.c47%2CP62uHBTVY4deRcOUIN-AwNZ-e__wxdAhuXVwDsO1Ccwmlb6DIISAyv1ZT3Xun04KV8T69gvyODPt-0HR2VTUSw-zzh-YuO3E95iyaP1cKkkJnrTlG8eM3bKIybtQc9U0qZqDERlWqcBxrMgeb6HHsLdVPsswMoaZW9-CyyZMyOeEangz-bGwFMxjrg9Pl012TZMOqFUgyVzwGbLUeV_HA-p8EFhqxOimnDiZUaFRfZHUGPiccq9xxOeR7pBKJK6D_ky_YftebvKxBJWCPvb3X0JRRFwFhvjNV3cZoVmweKBfxPn3hNTcqFcfKy_AXAjMrX3qB0mkdSAQCNaFGABAzYy3QyVTKfTxuaXQd32KEXn0Whx6iJ7-zYA91YxeYTetQknI5-iz7i3JjHOCSU2ZMDC-iK2B6Wy9sqOr90cWRTpimCGoCUQ3B46TW0loxEfgC-aPlwmmaM-GNQgI7NrBNroRsAiXZWxuNGqhIXH5JXokumX2zblYRVuQMJoyLCbL97MzV2SEo9IH8PrQN8HYVaI1hOGrZ16ex-V43uDLhCH6ZlQUTg8qBAn6PVnFYgSYp0F_nKz1k-TWGYgkXO0Ufg%2C%2C&adx_price=0.076453 HTTP/1.1
Host: adexchangegate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 204 No Content
Server: openresty
Date: Sun, 20 Nov 2022 02:46:31 GMT
Access-Control-Allow-Origin: *
Via: 1.1 google
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash adc445925766423943152adbe4959a74
4725eba31d3ed18989de5b184c7fd5653ce17eea
4cbe0717fa3607559b38a905c100d35e3b3cc6e84d15c6419217fb3067c2150d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 737
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 02:46:31 GMT
Last-Modified: Sun, 20 Nov 2022 02:34:14 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 280
cdn.creative-bars1.com/sb/notifications/rtb/windows/2/css/animate.css
172.64.108.13200 OK 4.8 kB URL HTTP/2 cdn.creative-bars1.com/sb/notifications/rtb/windows/2/css/animate.css
IP 172.64.108.13:0
Hash 21eb7a65c17a2c22ba104a7ecbf1dc0f
ea8c53be54889c7489aed04e30e3eb83af64dec9
090bd9ceb9a58da038e5ed4a39dfbb63ece49ed4f4f0656ce35f7faa41a3b237
GET /sb/notifications/rtb/windows/2/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 20 Nov 2022 02:46:31 GMT
content-type: text/css
last-modified: Mon, 17 May 2021 12:00:37 GMT
etag: W/"60a25ae5-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=httFqk%2BB1a3msoywQSoEFkSOJ%2Fb6a1B2FNakojUh5xyFXBcdvxuGnDYC1hzoJiG8cSg1oVyES96kN0h%2Fr4NjuLUS1YHagBkrY07Qst1MpWt9fJebAao0c5ECa9Bx48vj64wG8yr30MMy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76cddb0e4a8474e5-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/1.1 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://ouo.press
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15860
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 16 Nov 2022 20:16:46 GMT
Expires: Thu, 16 Nov 2023 20:16:46 GMT
Cache-Control: public, max-age=31536000
Age: 282585
Last-Modified: Wed, 11 May 2022 19:24:42 GMT
Content-Type: font/woff2
cdn.creative-bars1.com/sb/notifications/rtb/windows/2/js/script.js
172.64.108.13200 OK 186 B URL HTTP/2 cdn.creative-bars1.com/sb/notifications/rtb/windows/2/js/script.js
IP 172.64.108.13:0
Hash 6dc316a21efa286bb8323424af4cc884
b7768a02d15f01f50035df7641e44e1cee4b167d
dad448c679c1eaeb96799012b9ec1dde66411d33ce35142fee3b130c07854f7b
GET /sb/notifications/rtb/windows/2/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 20 Nov 2022 02:46:31 GMT
content-type: application/javascript
last-modified: Mon, 17 May 2021 11:56:22 GMT
etag: W/"60a259e6-17c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uZpaKXkdNGyEdInBHIzmZZ7ftAWi3Vz0celpZf9S2ianXFnM29YKTk3PUkxu38W4Zx2n2gMu6HKNSH%2FblCzcp7ANl7LCcV%2BBqbRUIzrIC3mR7LtBB5BXrfLayhSFx3ZyDCyrTHB5KRlz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76cddb0e5a8c74e5-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.barscreative1.com/sb/notifications/rtb/windows/2/index.html
45.133.44.4200 OK 1.5 kB URL HTTP/2 cdn.barscreative1.com/sb/notifications/rtb/windows/2/index.html
IP 45.133.44.4:0
ASN #39572 DataWeb Global Group B.V.
Hash b734ce5a5d3136544d58c922d14000df
14c41ff1b2d7e04fe3afb3cebb1fda2ee127dde6
e028bb1537584c4ba419a81813c9980357e6714abe74912a3ed763955b91e735
GET /sb/notifications/rtb/windows/2/index.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 20 Nov 2022 02:46:31 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Mon, 17 May 2021 11:56:17 GMT
etag: W/"60a259e1-4b7"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Sun, 20 Nov 2022 03:46:31 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
moleconcern.com/impr.gif?sid=H4sIAAAAAAAC%2F3SWS6gkS1rHq3pmxAcIihsF4XCPd1CwTuWr8nEvQ1OV9c6qyqyqzKyssqHMzIjMjKp8v6sWMjgisxFaQRTcnI7uO%2B11htHLLFwJctqF0iD0cTH0BdudGzc%2BYNZyTrf0CLc%2FMjO%2ByC8W3xfx%2B3%2FEHz4p3jQIXJivlXl0Rr5vtjtXxMVvblAIoiq7WKgXJHFFfHqxQSHLfHpR333S8hOS6FwRv3UxgvYxalMESRAkQV4MUQqdqG7fRzGKfyCQVwJxxVBXZIfBdfr%2F51nRxJnZxKB80%2FhljMDtN7x%2F%2BgIj%2BwaHwd%2F0YXbMo%2Fi3B0Hhm3mU4hI818JjGFUhDt67TtrETvj83WocZbeNxp8%2FwFH4%2FF0FOCqf3VWALXTbaP6YxFb4%2FF2a2Co%2Fe5up5WMYYgv8Aq7KGwz9G4zMG2xH38EIvGpgbAO8kHEYfG8RpZV5ehs176K3ja%2F%2F5H8wqm4bX%2F%2FXX8Fh8MOej%2BqLdeQXOYrCDNfONUb1DUbuDY6LFzg%2FNzGqXmA7%2F32MwD832j%2BZ4TB4Jmd%2BhBF4%2FRskbRGAFmDLdIDQYgDttEzWoVoWT5hkh%2BJ40yLutwihG4ycG%2BzDx9jMvoaLrIkL1MSF08RF3MQBeH1hdgSHIDjHcmiaZ2zbpmnb7vAs6ACa4R0CF%2FZdDY9xHj%2FGtv8Y2%2Bm3cZx%2BGx%2FRY5wWf48z7xpnoImzvIFLcI0r2MBV1sCV2cAVauAqb%2BCqvP4M%2BBmVXX8P%2BFlhke9G6t1IXz%2BNcveJ%2BVmUuzBsPInfNH7pfuP%2B49GP8BG%2BvoCAZgmSYWmapwRgc4TJUMC2TegAh3ZIEmfoGqPsATazJj6jV7%2F4YxyjVz93jS3zBc78F9hGH2Gz%2BHVsVk85isCm95ThCXwOP4%2BK6CpOYZZhEF3jOP8Gzk%2FNJ%2F6bxq%2FeJ0B%2F878xtF8%2B%2FNGf%2BL%2F3w9%2F5R2yn1zhOr%2FEB%2FUMDu%2F53n66iqvFsFVVZ4ws5zlGAzubdqa5zM4eNv5LgqYpSMOlnjz%2Fv2neBO%2FcHKszymRkCFLpZ4%2Fs9BABMh1Fqw8bfTbINtJQi83pFGhbxTBGHk%2BA%2BQRSFN9hErywd2%2Bi28bMvfv6e118Df4FR%2BgKnxZfN%2F%2FLyPP6k3TYBrG3PDF3omjm8sqOgDaK2fRV78cMsNwMz%2F1bwMSd%2BTN097kFKGDQ4RSON7k2F0ZgAAzBW6Fq5Egj%2BY0osNT439p64JTjhyPiF7ZmjeSIbzGyaT%2Ba91LUzCTFcPV%2BDLCz76xLqFbnZL4sTmYihrjgx3RW5upjF4n69ARo%2FGVDDWYEYxlQ9fxGvTkJyrNTdtjOfp5Vvc4KgUdPl2fJ4L187U8cAOrXwkaVOk14ekaGxW7hnJMH%2BYNyNp%2BREtYZ6uBmEts4nCmd452CYw7Qul%2FyacUU%2BjWTFnHfMTWfjzr1lMBwn66pQGW1lS9kZ0utiGh9GJ5msQAbEsFbmR3oxy9M9Ox07nXhoH0nHYQ7iYXU663ZcE37RsdkBF8F5a3Zgs6686uVDL5lbx3x8lMdiyJzPTjBip13tqB0kIzbcrmnsJ6M8H7r1YMm0GC2dy6g4Wik4dxO0yEbbLVL50zGKMipIZ8pyPdy6VklLxKTnZkt3lwhGb%2BESk%2BOA28zslrF8e3g4KF4%2B%2FM%2FGvWEU3WA7%2FoPPLy%2FViTobXF5%2BfwEhuDAvdGXx8K8vL%2FuDtbiaKOpEXlxe%2Fq0YBbGZwovcgxcWzPK7VVdXV19cXiryWu11RWmvrWbry8svH7z%2B6B6sR%2B1HX4HW3b%2F6UTuKYZjm1qM29ahdofADrFHbNLp771jrtH6aNZvhPqZEhaWKcU%2FVtwyAK1vWJotWt1rsWnC%2Fr2rQ9QpDr%2FqZTIp2FfgW259M1t1TSe5U2ihCgpF0XmUFtzzJfSVvEeMVpavaumqdz15rW8j0QOigk6mQtnQ8TsNU9Uc8nNOWNDlZ%2BdIWNCLZJf3Byt8kdq9O5y602PE4mwFdybJqHpm7jdAST6fd%2FCTDgRm655Y1qobz%2BpC6guITJKXu5nIy1NyTfq5G1kyD%2Bn7cbcX8YOgltYyCsI92mjlcObuxNlKQbSdCXctwxcU9aSqx%2Ff3xtN86ObRKqe5NN6JSWrRBTFerYTX0ysNCp%2B1dpAcVlHpOrYS0t1DtZGg70mnfNbqHeWrQSY8IjmDdXYoLczjq9rrn7YlennRVctS6MI0loClpYITExqtZNOVa521XILc13KowXx7DSaeFzhyip4exLK41ajfviy0kUT12cxKyRE4Fwt6s1BgF4igStSXdY1h1Q%2FhRPXBcsWUqfhUE5rw1WizdCbdIe4s0WmVdZOw2dbEYJd7EGHemRnQsAoM6W%2F52pRfL%2BTQ6zURrJnDzs06tB5EwGfNKulzw461uTkhPHqU7koV1S2fooj%2FzxDG785ea6vJJrxuyih4Ot%2B56GxPDfSidyWNL3Yy27tGQCc1x38L3TRPU%2BzhFNvwWcUVwLNOhP%2FrLy8uJeCeH1797h3j2SbttpymMo%2FumCevcMsM2TbACxRMU0bZTaOaohFmbojsMRXBMu8OZDGApgoI87ZiUxROEwFoQANhhO5wD9hzLEFdx6OIsftl4ZziLGjj138%2BtuImr4ssHrz7cwU1Q%2F5%2FI2tSHJdalwAEg8%2FwVEmPv27nLDHtENY8KAx0rz%2B3HRZnqo0rarVlOO6wMYafHemvW7yCwpquD6GqlNNbzLZgSwXAqeYXqyJOsXqJ1HuqKyLp8wvcSnR5O1YCQOmmfpVCQR4tjSQXEQoxSUZjIedrzbONorIbyYElZPN2RBWGpRtJZ5sSp7KyIw45UncE4qHtsdN5wlMUIXqQGLSPZxJMJOZdR4Mk0PLh7vjMaovnpcNh3SsBWLDNeVbNRXgzPKDDMhA7CTaHp9nhK1WFVBbHmRvmU5WkVim4u91ESOuH4AMMioew8WbA9lmE7FqwpS7JBTgwOpN4Vq2Du8xLJ%2BUvvKJNicpSSdaTRlXagCU2qJo4bTZiy2I77gjPUKJlX5JrznKmyp7myGw5lgTX6VGqEPBEdIoWYssYy8Vo8GfLSXjHO426dISsg2N7ET8sTq3FcdOzW5myyNBINtIKtdCzFfofbksftlFxNg3m%2BNjlKhhoI1LGyDJR%2BUif16ASzQTxalQttl09qog83J5rz%2BEDZMJ1g0du54yxS0u1Qh%2FV4H61jf69EeTWEvb2bKcnOHTlcGVSqCiem0mfLyDuBStS9WE4HxoL1Tuy6GrVsSKsHKNHlQu2vCdfKspLJtsNTrfujzgrMQfVBiT1NKev9%2FclHtw3h3x9gH758%2BGd%2FJP%2Fbp2CHTesaZ%2FCntPDef5J9F7tpE5v5d3AYXOMyvcalf41N%2FzHOiq89zeP05cN%2Foe8NW37zqeWnzWeWn%2Fp%2F%2FPbulqHXFx2SgbzFczYAFrQByVE0TxMEBQDDCZAUcJ7d2qc%2F%2FZn%2FBQAA%2F%2F8BAAD%2F%2F8AbLqXoDAAA
192.243.59.12200 OK 7 B URL HTTP/1.1 moleconcern.com/impr.gif?sid=H4sIAAAAAAAC%2F3SWS6gkS1rHq3pmxAcIihsF4XCPd1CwTuWr8nEvQ1OV9c6qyqyqzKyssqHMzIjMjKp8v6sWMjgisxFaQRTcnI7uO%2B11htHLLFwJctqF0iD0cTH0BdudGzc%2BYNZyTrf0CLc%2FMjO%2ByC8W3xfx%2B3%2FEHz4p3jQIXJivlXl0Rr5vtjtXxMVvblAIoiq7WKgXJHFFfHqxQSHLfHpR333S8hOS6FwRv3UxgvYxalMESRAkQV4MUQqdqG7fRzGKfyCQVwJxxVBXZIfBdfr%2F51nRxJnZxKB80%2FhljMDtN7x%2F%2BgIj%2BwaHwd%2F0YXbMo%2Fi3B0Hhm3mU4hI818JjGFUhDt67TtrETvj83WocZbeNxp8%2FwFH4%2FF0FOCqf3VWALXTbaP6YxFb4%2FF2a2Co%2Fe5up5WMYYgv8Aq7KGwz9G4zMG2xH38EIvGpgbAO8kHEYfG8RpZV5ehs176K3ja%2F%2F5H8wqm4bX%2F%2FXX8Fh8MOej%2BqLdeQXOYrCDNfONUb1DUbuDY6LFzg%2FNzGqXmA7%2F32MwD832j%2BZ4TB4Jmd%2BhBF4%2FRskbRGAFmDLdIDQYgDttEzWoVoWT5hkh%2BJ40yLutwihG4ycG%2BzDx9jMvoaLrIkL1MSF08RF3MQBeH1hdgSHIDjHcmiaZ2zbpmnb7vAs6ACa4R0CF%2FZdDY9xHj%2FGtv8Y2%2Bm3cZx%2BGx%2FRY5wWf48z7xpnoImzvIFLcI0r2MBV1sCV2cAVauAqb%2BCqvP4M%2BBmVXX8P%2BFlhke9G6t1IXz%2BNcveJ%2BVmUuzBsPInfNH7pfuP%2B49GP8BG%2BvoCAZgmSYWmapwRgc4TJUMC2TegAh3ZIEmfoGqPsATazJj6jV7%2F4YxyjVz93jS3zBc78F9hGH2Gz%2BHVsVk85isCm95ThCXwOP4%2BK6CpOYZZhEF3jOP8Gzk%2FNJ%2F6bxq%2FeJ0B%2F878xtF8%2B%2FNGf%2BL%2F3w9%2F5R2yn1zhOr%2FEB%2FUMDu%2F53n66iqvFsFVVZ4ws5zlGAzubdqa5zM4eNv5LgqYpSMOlnjz%2Fv2neBO%2FcHKszymRkCFLpZ4%2Fs9BABMh1Fqw8bfTbINtJQi83pFGhbxTBGHk%2BA%2BQRSFN9hErywd2%2Bi28bMvfv6e118Df4FR%2BgKnxZfN%2F%2FLyPP6k3TYBrG3PDF3omjm8sqOgDaK2fRV78cMsNwMz%2F1bwMSd%2BTN097kFKGDQ4RSON7k2F0ZgAAzBW6Fq5Egj%2BY0osNT439p64JTjhyPiF7ZmjeSIbzGyaT%2Ba91LUzCTFcPV%2BDLCz76xLqFbnZL4sTmYihrjgx3RW5upjF4n69ARo%2FGVDDWYEYxlQ9fxGvTkJyrNTdtjOfp5Vvc4KgUdPl2fJ4L187U8cAOrXwkaVOk14ekaGxW7hnJMH%2BYNyNp%2BREtYZ6uBmEts4nCmd452CYw7Qul%2FyacUU%2BjWTFnHfMTWfjzr1lMBwn66pQGW1lS9kZ0utiGh9GJ5msQAbEsFbmR3oxy9M9Ox07nXhoH0nHYQ7iYXU663ZcE37RsdkBF8F5a3Zgs6686uVDL5lbx3x8lMdiyJzPTjBip13tqB0kIzbcrmnsJ6M8H7r1YMm0GC2dy6g4Wik4dxO0yEbbLVL50zGKMipIZ8pyPdy6VklLxKTnZkt3lwhGb%2BESk%2BOA28zslrF8e3g4KF4%2B%2FM%2FGvWEU3WA7%2FoPPLy%2FViTobXF5%2BfwEhuDAvdGXx8K8vL%2FuDtbiaKOpEXlxe%2Fq0YBbGZwovcgxcWzPK7VVdXV19cXiryWu11RWmvrWbry8svH7z%2B6B6sR%2B1HX4HW3b%2F6UTuKYZjm1qM29ahdofADrFHbNLp771jrtH6aNZvhPqZEhaWKcU%2FVtwyAK1vWJotWt1rsWnC%2Fr2rQ9QpDr%2FqZTIp2FfgW259M1t1TSe5U2ihCgpF0XmUFtzzJfSVvEeMVpavaumqdz15rW8j0QOigk6mQtnQ8TsNU9Uc8nNOWNDlZ%2BdIWNCLZJf3Byt8kdq9O5y602PE4mwFdybJqHpm7jdAST6fd%2FCTDgRm655Y1qobz%2BpC6guITJKXu5nIy1NyTfq5G1kyD%2Bn7cbcX8YOgltYyCsI92mjlcObuxNlKQbSdCXctwxcU9aSqx%2Ff3xtN86ObRKqe5NN6JSWrRBTFerYTX0ysNCp%2B1dpAcVlHpOrYS0t1DtZGg70mnfNbqHeWrQSY8IjmDdXYoLczjq9rrn7YlennRVctS6MI0loClpYITExqtZNOVa521XILc13KowXx7DSaeFzhyip4exLK41ajfviy0kUT12cxKyRE4Fwt6s1BgF4igStSXdY1h1Q%2FhRPXBcsWUqfhUE5rw1WizdCbdIe4s0WmVdZOw2dbEYJd7EGHemRnQsAoM6W%2F52pRfL%2BTQ6zURrJnDzs06tB5EwGfNKulzw461uTkhPHqU7koV1S2fooj%2FzxDG785ea6vJJrxuyih4Ot%2B56GxPDfSidyWNL3Yy27tGQCc1x38L3TRPU%2BzhFNvwWcUVwLNOhP%2FrLy8uJeCeH1797h3j2SbttpymMo%2FumCevcMsM2TbACxRMU0bZTaOaohFmbojsMRXBMu8OZDGApgoI87ZiUxROEwFoQANhhO5wD9hzLEFdx6OIsftl4ZziLGjj138%2BtuImr4ssHrz7cwU1Q%2F5%2FI2tSHJdalwAEg8%2FwVEmPv27nLDHtENY8KAx0rz%2B3HRZnqo0rarVlOO6wMYafHemvW7yCwpquD6GqlNNbzLZgSwXAqeYXqyJOsXqJ1HuqKyLp8wvcSnR5O1YCQOmmfpVCQR4tjSQXEQoxSUZjIedrzbONorIbyYElZPN2RBWGpRtJZ5sSp7KyIw45UncE4qHtsdN5wlMUIXqQGLSPZxJMJOZdR4Mk0PLh7vjMaovnpcNh3SsBWLDNeVbNRXgzPKDDMhA7CTaHp9nhK1WFVBbHmRvmU5WkVim4u91ESOuH4AMMioew8WbA9lmE7FqwpS7JBTgwOpN4Vq2Du8xLJ%2BUvvKJNicpSSdaTRlXagCU2qJo4bTZiy2I77gjPUKJlX5JrznKmyp7myGw5lgTX6VGqEPBEdIoWYssYy8Vo8GfLSXjHO426dISsg2N7ET8sTq3FcdOzW5myyNBINtIKtdCzFfofbksftlFxNg3m%2BNjlKhhoI1LGyDJR%2BUif16ASzQTxalQttl09qog83J5rz%2BEDZMJ1g0du54yxS0u1Qh%2FV4H61jf69EeTWEvb2bKcnOHTlcGVSqCiem0mfLyDuBStS9WE4HxoL1Tuy6GrVsSKsHKNHlQu2vCdfKspLJtsNTrfujzgrMQfVBiT1NKev9%2FclHtw3h3x9gH758%2BGd%2FJP%2Fbp2CHTesaZ%2FCntPDef5J9F7tpE5v5d3AYXOMyvcalf41N%2FzHOiq89zeP05cN%2Foe8NW37zqeWnzWeWn%2Fp%2F%2FPbulqHXFx2SgbzFczYAFrQByVE0TxMEBQDDCZAUcJ7d2qc%2F%2FZn%2FBQAA%2F%2F8BAAD%2F%2F8AbLqXoDAAA
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F3SWS6gkS1rHq3pmxAcIihsF4XCPd1CwTuWr8nEvQ1OV9c6qyqyqzKyssqHMzIjMjKp8v6sWMjgisxFaQRTcnI7uO%2B11htHLLFwJctqF0iD0cTH0BdudGzc%2BYNZyTrf0CLc%2FMjO%2ByC8W3xfx%2B3%2FEHz4p3jQIXJivlXl0Rr5vtjtXxMVvblAIoiq7WKgXJHFFfHqxQSHLfHpR333S8hOS6FwRv3UxgvYxalMESRAkQV4MUQqdqG7fRzGKfyCQVwJxxVBXZIfBdfr%2F51nRxJnZxKB80%2FhljMDtN7x%2F%2BgIj%2BwaHwd%2F0YXbMo%2Fi3B0Hhm3mU4hI818JjGFUhDt67TtrETvj83WocZbeNxp8%2FwFH4%2FF0FOCqf3VWALXTbaP6YxFb4%2FF2a2Co%2Fe5up5WMYYgv8Aq7KGwz9G4zMG2xH38EIvGpgbAO8kHEYfG8RpZV5ehs176K3ja%2F%2F5H8wqm4bX%2F%2FXX8Fh8MOej%2BqLdeQXOYrCDNfONUb1DUbuDY6LFzg%2FNzGqXmA7%2F32MwD832j%2BZ4TB4Jmd%2BhBF4%2FRskbRGAFmDLdIDQYgDttEzWoVoWT5hkh%2BJ40yLutwihG4ycG%2BzDx9jMvoaLrIkL1MSF08RF3MQBeH1hdgSHIDjHcmiaZ2zbpmnb7vAs6ACa4R0CF%2FZdDY9xHj%2FGtv8Y2%2Bm3cZx%2BGx%2FRY5wWf48z7xpnoImzvIFLcI0r2MBV1sCV2cAVauAqb%2BCqvP4M%2BBmVXX8P%2BFlhke9G6t1IXz%2BNcveJ%2BVmUuzBsPInfNH7pfuP%2B49GP8BG%2BvoCAZgmSYWmapwRgc4TJUMC2TegAh3ZIEmfoGqPsATazJj6jV7%2F4YxyjVz93jS3zBc78F9hGH2Gz%2BHVsVk85isCm95ThCXwOP4%2BK6CpOYZZhEF3jOP8Gzk%2FNJ%2F6bxq%2FeJ0B%2F878xtF8%2B%2FNGf%2BL%2F3w9%2F5R2yn1zhOr%2FEB%2FUMDu%2F53n66iqvFsFVVZ4ws5zlGAzubdqa5zM4eNv5LgqYpSMOlnjz%2Fv2neBO%2FcHKszymRkCFLpZ4%2Fs9BABMh1Fqw8bfTbINtJQi83pFGhbxTBGHk%2BA%2BQRSFN9hErywd2%2Bi28bMvfv6e118Df4FR%2BgKnxZfN%2F%2FLyPP6k3TYBrG3PDF3omjm8sqOgDaK2fRV78cMsNwMz%2F1bwMSd%2BTN097kFKGDQ4RSON7k2F0ZgAAzBW6Fq5Egj%2BY0osNT439p64JTjhyPiF7ZmjeSIbzGyaT%2Ba91LUzCTFcPV%2BDLCz76xLqFbnZL4sTmYihrjgx3RW5upjF4n69ARo%2FGVDDWYEYxlQ9fxGvTkJyrNTdtjOfp5Vvc4KgUdPl2fJ4L187U8cAOrXwkaVOk14ekaGxW7hnJMH%2BYNyNp%2BREtYZ6uBmEts4nCmd452CYw7Qul%2FyacUU%2BjWTFnHfMTWfjzr1lMBwn66pQGW1lS9kZ0utiGh9GJ5msQAbEsFbmR3oxy9M9Ox07nXhoH0nHYQ7iYXU663ZcE37RsdkBF8F5a3Zgs6686uVDL5lbx3x8lMdiyJzPTjBip13tqB0kIzbcrmnsJ6M8H7r1YMm0GC2dy6g4Wik4dxO0yEbbLVL50zGKMipIZ8pyPdy6VklLxKTnZkt3lwhGb%2BESk%2BOA28zslrF8e3g4KF4%2B%2FM%2FGvWEU3WA7%2FoPPLy%2FViTobXF5%2BfwEhuDAvdGXx8K8vL%2FuDtbiaKOpEXlxe%2Fq0YBbGZwovcgxcWzPK7VVdXV19cXiryWu11RWmvrWbry8svH7z%2B6B6sR%2B1HX4HW3b%2F6UTuKYZjm1qM29ahdofADrFHbNLp771jrtH6aNZvhPqZEhaWKcU%2FVtwyAK1vWJotWt1rsWnC%2Fr2rQ9QpDr%2FqZTIp2FfgW259M1t1TSe5U2ihCgpF0XmUFtzzJfSVvEeMVpavaumqdz15rW8j0QOigk6mQtnQ8TsNU9Uc8nNOWNDlZ%2BdIWNCLZJf3Byt8kdq9O5y602PE4mwFdybJqHpm7jdAST6fd%2FCTDgRm655Y1qobz%2BpC6guITJKXu5nIy1NyTfq5G1kyD%2Bn7cbcX8YOgltYyCsI92mjlcObuxNlKQbSdCXctwxcU9aSqx%2Ff3xtN86ObRKqe5NN6JSWrRBTFerYTX0ysNCp%2B1dpAcVlHpOrYS0t1DtZGg70mnfNbqHeWrQSY8IjmDdXYoLczjq9rrn7YlennRVctS6MI0loClpYITExqtZNOVa521XILc13KowXx7DSaeFzhyip4exLK41ajfviy0kUT12cxKyRE4Fwt6s1BgF4igStSXdY1h1Q%2FhRPXBcsWUqfhUE5rw1WizdCbdIe4s0WmVdZOw2dbEYJd7EGHemRnQsAoM6W%2F52pRfL%2BTQ6zURrJnDzs06tB5EwGfNKulzw461uTkhPHqU7koV1S2fooj%2FzxDG785ea6vJJrxuyih4Ot%2B56GxPDfSidyWNL3Yy27tGQCc1x38L3TRPU%2BzhFNvwWcUVwLNOhP%2FrLy8uJeCeH1797h3j2SbttpymMo%2FumCevcMsM2TbACxRMU0bZTaOaohFmbojsMRXBMu8OZDGApgoI87ZiUxROEwFoQANhhO5wD9hzLEFdx6OIsftl4ZziLGjj138%2BtuImr4ssHrz7cwU1Q%2F5%2FI2tSHJdalwAEg8%2FwVEmPv27nLDHtENY8KAx0rz%2B3HRZnqo0rarVlOO6wMYafHemvW7yCwpquD6GqlNNbzLZgSwXAqeYXqyJOsXqJ1HuqKyLp8wvcSnR5O1YCQOmmfpVCQR4tjSQXEQoxSUZjIedrzbONorIbyYElZPN2RBWGpRtJZ5sSp7KyIw45UncE4qHtsdN5wlMUIXqQGLSPZxJMJOZdR4Mk0PLh7vjMaovnpcNh3SsBWLDNeVbNRXgzPKDDMhA7CTaHp9nhK1WFVBbHmRvmU5WkVim4u91ESOuH4AMMioew8WbA9lmE7FqwpS7JBTgwOpN4Vq2Du8xLJ%2BUvvKJNicpSSdaTRlXagCU2qJo4bTZiy2I77gjPUKJlX5JrznKmyp7myGw5lgTX6VGqEPBEdIoWYssYy8Vo8GfLSXjHO426dISsg2N7ET8sTq3FcdOzW5myyNBINtIKtdCzFfofbksftlFxNg3m%2BNjlKhhoI1LGyDJR%2BUif16ASzQTxalQttl09qog83J5rz%2BEDZMJ1g0du54yxS0u1Qh%2FV4H61jf69EeTWEvb2bKcnOHTlcGVSqCiem0mfLyDuBStS9WE4HxoL1Tuy6GrVsSKsHKNHlQu2vCdfKspLJtsNTrfujzgrMQfVBiT1NKev9%2FclHtw3h3x9gH758%2BGd%2FJP%2Fbp2CHTesaZ%2FCntPDef5J9F7tpE5v5d3AYXOMyvcalf41N%2FzHOiq89zeP05cN%2Foe8NW37zqeWnzWeWn%2Fp%2F%2FPbulqHXFx2SgbzFczYAFrQByVE0TxMEBQDDCZAUcJ7d2qc%2F%2FZn%2FBQAA%2F%2F8BAAD%2F%2F8AbLqXoDAAA HTTP/1.1
Host: moleconcern.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ouo.press/
Cookie: u_pl=15424691; uid_id2=13b0d39e-afd9-4d3f-a6f2-b80a15278ab0:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 20 Nov 2022 02:46:31 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 70ad8c8414bd3c6948a43d7554273951
Strict-Transport-Security: max-age=0; includeSubdomains
crrepo.com/extban/306928020/creatives/23542074/57a4d6202e83fa2b80096bedde5657fd_7640.png
104.21.235.114200 OK 8.5 kB URL HTTP/2 crrepo.com/extban/306928020/creatives/23542074/57a4d6202e83fa2b80096bedde5657fd_7640.png
IP 104.21.235.114:0
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 57a4d6202e83fa2b80096bedde5657fd
bc36497b3519452a31394127e74c35c5e07752e2
a85760fc2eeeaf498ba87fa30465f56fc964cd0769844404d7cb7b2c089c0f29
GET /extban/306928020/creatives/23542074/57a4d6202e83fa2b80096bedde5657fd_7640.png HTTP/1.1
Host: crrepo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 20 Nov 2022 02:46:31 GMT
content-type: image/png
last-modified: Sat, 12 Nov 2022 09:34:43 GMT
etag: W/"636f68b3-2132"
via: 1.1 google
cache-control: max-age=14400
cf-cache-status: HIT
age: 3605
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nkHQhZF7Ny94RSUeI3QlqAb17ELg5CPwjECP2SSDHsKYB5V%2BBHbw40b7YVUyamVK0VyCn%2FXjvVkAEewxqmCqyz0bAn26jkyRWw1YqA2qGS%2BIc4lNVQeWsJwvL1Sa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76cddb0f18b988b9-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cloudflare.hcaptcha.com/1/api.js?endpoint=https%3A%2F%2Fcloudflare.hcaptcha.com&assethost=https%3A%2F%2Fcf-assets.hcaptcha.com&imghost=https%3A%2F%2Fcf-imgs.hcaptcha.com&render=explicit&recaptchacompat=off&onload=_cf_chl_hload
104.18.18.132200 OK 0 B URL HTTP/2 cloudflare.hcaptcha.com/1/api.js?endpoint=https%3A%2F%2Fcloudflare.hcaptcha.com&assethost=https%3A%2F%2Fcf-assets.hcaptcha.com&imghost=https%3A%2F%2Fcf-imgs.hcaptcha.com&render=explicit&recaptchacompat=off&onload=_cf_chl_hload
IP 104.18.18.132:0
GET /1/api.js?endpoint=https%3A%2F%2Fcloudflare.hcaptcha.com&assethost=https%3A%2F%2Fcf-assets.hcaptcha.com&imghost=https%3A%2F%2Fcf-imgs.hcaptcha.com&render=explicit&recaptchacompat=off&onload=_cf_chl_hload HTTP/1.1
Host: cloudflare.hcaptcha.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 20 Nov 2022 02:46:24 GMT
content-type: application/javascript
cf-ray: 76cddae1a8c7b521-OSL
access-control-allow-origin: *
age: 0
cache-control: max-age=120
etag: W/"cba895d710939d3f383adf1461af832f"
last-modified: Wed, 09 Nov 2022 04:14:07 GMT
strict-transport-security: max-age=0
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-id: yADmpMRcJu2yASGV_gZ-qxqQqgO1sLRsGfYPN6mnohLS_b0Zg8KMPA==
x-amz-cf-pop: OSL50-P1
x-cache: Hit from cloudfront
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
content-encoding: gzip
X-Firefox-Spdy: h2
challenges.cloudflare.com/turnstile/v0/75e640aa/api.js?onload=_cf_chl_turnstile_l&render=explicit
104.18.6.185200 OK 0 B URL HTTP/2 challenges.cloudflare.com/turnstile/v0/75e640aa/api.js?onload=_cf_chl_turnstile_l&render=explicit
IP 104.18.6.185:0
GET /turnstile/v0/75e640aa/api.js?onload=_cf_chl_turnstile_l&render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 20 Nov 2022 02:46:25 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000
vary: Accept-Encoding
server: cloudflare
cf-ray: 76cddaeb9863fabc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
IP 142.250.74.10:0
GET /css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 20 Nov 2022 02:46:29 GMT
date: Sun, 20 Nov 2022 02:46:29 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2