ouo.io/SY0IOl
301 Moved Permanently 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /SY0IOl HTTP/1.1
Host: ouo.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Wed, 04 Jan 2023 20:12:15 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 04 Jan 2023 21:12:15 GMT
Location: https://ouo.io/SY0IOl
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7846a0c2dcdcb4f7-OSL
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 16803ffa29e10ee999c43eb4e4acfe92
a5ede865a388fa440f20994b43c417d403e9a493
08de8f6abb622e84d2cb6e88dee8fc7c408147ac43da9c24d4cde510ed36b53a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "08DE8F6ABB622E84D2CB6E88DEE8FC7C408147AC43DA9C24D4CDE510ED36B53A"
Last-Modified: Mon, 02 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5612
Expires: Wed, 04 Jan 2023 21:45:47 GMT
Date: Wed, 04 Jan 2023 20:12:15 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ce8af3d72e7e9af609039abee59c8b87
8e1b16591fbc632df35f15e23da55ee86af31bc3
52edddbda4a3a3b778f61a491b21e6ea439e9d8024189e636b1f37b2dd7226fc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "52EDDDBDA4A3A3B778F61A491B21E6EA439E9D8024189E636B1F37B2DD7226FC"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12014
Expires: Wed, 04 Jan 2023 23:32:29 GMT
Date: Wed, 04 Jan 2023 20:12:15 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 04 Jan 2023 19:47:46 GMT
content-type: application/json
age: 1469
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash da484f5e9c6805745e063b236fb81473
ae454bf4a7ae0e96935afc81ee0f89c049097b15
068d0da23acbe7f6b600c4e7dbe9c81d3ad78c8afd122255bbf3550e8a290686
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "068D0DA23ACBE7F6B600C4E7DBE9C81D3AD78C8AFD122255BBF3550E8A290686"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12103
Expires: Wed, 04 Jan 2023 23:33:58 GMT
Date: Wed, 04 Jan 2023 20:12:15 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 280 B IP
Hash 31e0159e8d7827e11ba042323016ecf7
c64024b609ac18dce1315692fe1a46eeb3775090
071b9a599a048bd6a8b28953d081ddc1e6b48767f8d86a366a748d3fa1cb6470
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5311
Cache-Control: max-age=95686
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 20:12:15 GMT
Etag: "63b49ba6-118"
Expires: Thu, 05 Jan 2023 22:47:01 GMT
Last-Modified: Tue, 03 Jan 2023 21:18:30 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 280
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: LWrYYybqtG9QRFCaJd66NFNC8KPW9um2gAriRHcCu4KgGCj/TA2OMAv4M5cL+tNix8m/mbZPyOM=
x-amz-request-id: J4ZJY0E0XB9X7SRE
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 04 Jan 2023 20:01:26 GMT
age: 649
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 04 Jan 2023 20:12:15 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Pragma, Content-Length, Alert, Expires, ETag, Last-Modified, Backoff, Content-Type, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 04 Jan 2023 19:33:37 GMT
age: 2318
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 280 B IP
Hash 7b770b7eb6007c93db6d096411a72715
acae8d1bc38dd47504c4f95dac6d2db27508bf9c
3a41579ebb229f3b9bd44f6984572dc859d55f964c3c0f604e24a3600c672f06
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6195
Cache-Control: max-age=171452
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 20:12:15 GMT
Etag: "63b5c028-118"
Expires: Fri, 06 Jan 2023 19:49:48 GMT
Last-Modified: Wed, 04 Jan 2023 18:06:32 GMT
Server: ECS (amb/6BAC)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
200 OK 471 B IP
Hash fe74c226e54f2f382d278b594df930ae
4e4ebc661443f56b74d7c924ddae50bcb107f0af
511f11fe968867447f6d7e5862d8003e3a5fc18bdb62496ea09d140e9a11f53b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5303
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 20:12:16 GMT
Last-Modified: Wed, 04 Jan 2023 18:43:53 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ThKYobwZGq5SwoaUqK2hZg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: hqY4XN0kQkyOc0WH9AKt3gqouoc=
ouo.press/images/world.png
200 OK 5.7 kB URL HTTP/2 ouo.press/images/world.png
IP
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 4eea420a8830a6d695114427bf52b556
35579e7f1a656beb3a07a7093166ff37c634bade
70f03c74cc197cf154af36fa552a448d9ffebb55081c96e55ef4cf469123fe22
GET /images/world.png HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/SY0IOl
Cookie: ouoio_session=eyJpdiI6Im1ORDBaNzRseVBwK3BWcXZncG11ZmpTd3pyemMyMHFsNHZ2MktMWHc0b0k9IiwidmFsdWUiOiJvM0ZVV3RXSWhMQ1FjMTNHUzg5ZEE0VXpUUjhmVG9cLyt3azBOS3hkbFwvQUdJMStnTjM1M0ZocDlKSjBGXC9CaDFReEZSVjFKQWpQXC94Um9RZzlXK0trTHc9PSIsIm1hYyI6IjBmMzYwYTUwMGM2ODRhM2JiODhmMzgzYzczMzFjMGYxZmMwNzkxNzVjOWQ0N2NiOThhZGM5ZjUzN2UyMWFjYTIifQ%3D%3D; language=eyJpdiI6InNXVXMzMEJtbVlOOWR0c2tGeW9DaEdYTTBmQk14Slc4MWNmbFwvSFwvNkVJMD0iLCJ2YWx1ZSI6IlwvNnB2cEhGZkxQUzFyeEJxVmNcLzk3aEI0WitweFlyQmtIUlRwSjZMRHlmdz0iLCJtYWMiOiI5MzVjYjliMDhlODhhYjcwMGVmNGQ1NTBkZTNlMThjMDBlZjI3YmQyNzc0ODI1YzIyMzIxNmQ4ZjI5NDFkZTJlIn0%3D; 613a289f60f014f9cce3ec6c6a78fe6efee04a1c=eyJpdiI6IlZvN1wvdzJrYlZMWUVSWThlM3FFUCtvUUxnbldGcVdJcWR0R3FWeVdiYkhJPSIsInZhbHVlIjoic05ITjk1S21NZXA2U0lFQzdjbFY3YnM2emtJZ3hZSjBCZ0l1T2xHNURyeEI3cmVhMUZyZStBTXMrQWVIZU16SFRMQmhDOTFvdSt0ZXVIaW1zQnJHc3hZbUs0RTc1MjN5NXQwc0JTeXZwVU1EYXNFYWFaMGdkQ1dnaHc3ZE9TdW8wUDEzM05vYkthcmpYSG8rbzIzTVVZVlpTZ0FOQTlrRWRjK054NFoyM0xJRlcrS1hBNWl6aFN5OGlBdGZ1RFk5eGxWWmNRcnNncnVYWjBcLzhIdEU2TndiN240SDRBVDVKVVdVZXBrcHFFclRGbkdQRVRkWEoyTDVMZkt5cXFXRTBEQzBVcmY0U00wcEtKcTZkODFoSmFNQ2RkcCtDRXhwc2VSd29xeTc2c2s5cFVEYzZkZm5DbGk2eDlDbHhWdlk3NUJ2M29KdVkxQmFUa0pmN1EzaEVCNzdqVFczVlVrM05HVzJOM0F5c1wvTThjelN5V1BvcHM2NzRnVGpjbmNLeGUiLCJtYWMiOiJjYTU4NGVkNDc3ZmZhZjFiMmY3YmFiMWJmZjc5ZmQ2N2QwZThkZTJhZDcxMGY1NGZkYTU2OTNlZDRmMDhjYjQzIn0%3D; __cf_bm=1WpAMNhWhWcM.f2slyzw54MSAfe2UZIHUuXGvnYmeM8-1672863136-0-AZrBHfbWVMMZPsKAnkeIYjR5g3p0CVHaZR4MiuOoQc42n012T5QG0RiU3bPwBwn52i+I1ZnkeypfYPpcZ8SVW8U=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 04 Jan 2023 20:12:16 GMT
content-type: image/png
content-length: 5692
cache-control: max-age=2592000
cf-bgj: imgq:85,h2pri
cf-polished: status=not_needed
etag: "5549a07c-163c"
expires: Wed, 01 Feb 2023 22:39:30 GMT
last-modified: Wed, 06 May 2015 05:02:52 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 163966
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7846a0cb2d22b51e-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 561e959ce9eff04b09da6f3def82f549
7866f989cdfb160709f4c93b767fd01e5553d75b
9076b4ae1a34ab02b362ffa44ecbf6d579f82042cfd7e7138977477ea5bd3e61
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 20:12:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 278 B IP
Hash 267b6e07fe87225bf22bea7bd7f989fd
a8a69575f546b6e85c470e49bcfc3f13e17aaea6
edcb20b9dc04903b22b65536f2a1fc54c87446d58eef5207fb413efbbaa74f77
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3763
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 20:12:16 GMT
Last-Modified: Wed, 04 Jan 2023 19:09:36 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 278
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash a6cdf191deb0e291350d9d91d9ab97a7
fb82c911866268a7d33d2743dbe0328199c7121a
414acc6f6d050d52d88f9706e71d6a0e3eceb4dc41edcce74ec63eb63d8fb1cb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 20:12:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?render=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x
200 OK 582 B URL HTTP/2 www.google.com/recaptcha/api.js?render=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x
IP
File type ASCII text, with very long lines (884), with no line terminators
Hash 67b623c8416af7b2ef4383c9c2c90de2
a2bd55b0febba2b7915fa4afcf8ec28cc6bbd5de
edbf05ad3713f72231f33499c2589c01c2d7e1ae409b92d1e45f100b29aac50a
GET /recaptcha/api.js?render=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Wed, 04 Jan 2023 20:12:16 GMT
date: Wed, 04 Jan 2023 20:12:16 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 582
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 278 B IP
Hash 267b6e07fe87225bf22bea7bd7f989fd
a8a69575f546b6e85c470e49bcfc3f13e17aaea6
edcb20b9dc04903b22b65536f2a1fc54c87446d58eef5207fb413efbbaa74f77
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3763
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 20:12:16 GMT
Last-Modified: Wed, 04 Jan 2023 19:09:36 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 278
fonts.googleapis.com/css?family=Questrial
200 OK 860 B URL HTTP/2 fonts.googleapis.com/css?family=Questrial
IP
Hash cf889a10171cee8ce0b34c8fdaae4f8f
e2aef38c09c3d6e05f95cc639abeb42ecef77632
81f0dce55cc3328f9bd929455c1301b0f04181f65e13e06066f62523de999679
GET /css?family=Questrial HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 04 Jan 2023 20:12:16 GMT
date: Wed, 04 Jan 2023 20:12:16 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 7c8811382bcd40ec65e7a6e339e94904
38d741442c52bcdde863d1a2d593ce0c81c7efbd
ce5c1060c028784381224586783b9b0943fd14947bb15bb38e6d401a1a221c23
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 20:12:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 02ab60ca9b23e5450177fe5b2f4e7327
63d91a6eb945724f78db899f202c8ba2ac4d2e6a
d33850f5a3d09db8a469b403bfc1dda07dbfbe68679cceee231de5e6680117c7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D33850F5A3D09DB8A469B403BFC1DDA07DBFBE68679CCEEE231DE5E6680117C7"
Last-Modified: Wed, 04 Jan 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21579
Expires: Thu, 05 Jan 2023 02:11:55 GMT
Date: Wed, 04 Jan 2023 20:12:16 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7f78f44741eb2f65cbab833be3a5290b
2c71b045fcafb0b1326c2b6072fbaea8ce2481c0
6dbee07e2c6b2c077cf39e00c867f924e4232dbd2d0fc9d6a82152c318aa2ba7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6DBEE07E2C6B2C077CF39E00C867F924E4232DBD2D0FC9D6A82152C318AA2BA7"
Last-Modified: Wed, 04 Jan 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6229
Expires: Wed, 04 Jan 2023 21:56:05 GMT
Date: Wed, 04 Jan 2023 20:12:16 GMT
Connection: keep-alive
tv.gourdycortes.com/1clkn/48786
200 OK 26 B URL HTTP/1.1 tv.gourdycortes.com/1clkn/48786
IP
File type ASCII text, with no line terminators
Hash 414a242a6fee8464282857e475d3ef61
f669890350347f53aa9bd19c1a355692e8d17d2f
d4914e81dd0b4c1d8ee8e789f6b369d107b93ac886f862930e1a98580e79aafa
GET /1clkn/48786 HTTP/1.1
Host: tv.gourdycortes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 04 Jan 2023 20:12:16 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Set-Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; expires=Thu, 05-Jan-2023 20:12:16 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJxNjM0KgkAYRW0qSwrjQg%2FQC2T%2Fi7bVMnThAwxmXzFg84kz%2FdjTpwbR5nI4cK7jOGLsQ6gcw%2B0i2M6D9TJYbNZoX4khwgjDlO%2FaFqXUyY3ghlw8kxJuQVfFGmK%2BwuDLMuUzoRtG0z%2FXRIPIZDzZ1z8lOqmqt1bwav52vaprXFuZHP4uU69JzNndVi8GniYrTU50hrdPThnNDvER%2Fs82H24LfWVkXvCrrHhk1Y3erEny5WLIVqr1cMUHDLFHVQ%3D%3D; expires=Thu, 05-Jan-2023 20:12:16 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
itineraryupper.com/ed/36/01/ed36014633829dc70a42dccaefdf3f11.js
200 OK 13 kB URL HTTP/1.1 itineraryupper.com/ed/36/01/ed36014633829dc70a42dccaefdf3f11.js
IP
File type ASCII text, with very long lines (37153), with no line terminators
Hash bc506c4bfe2c2e6bd2c758fe8ec35df7
499b6faadc75ec8b02c531eb10b7773ee64f7fac
36c848cde04431927a5d0b436385632f9145e65119006895b2fc07a5935c2ec0
Analyzer Verdict Alert fortinet Malware
GET /ed/36/01/ed36014633829dc70a42dccaefdf3f11.js HTTP/1.1
Host: itineraryupper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 04 Jan 2023 20:12:16 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f2013c6a3dc25d991ef88ecb99062665
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash cbad870248cb8172be5849309582b77f
3e12044d8bf5e6df81ac6260b186ecce175dba86
dc5b6747fdf685bd97307ee6584a5d8109258199ca81a8ddf2e6f1471b6f0cda
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 20:12:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2
200 OK 19 kB URL HTTP/2 fonts.gstatic.com/s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 19292, version 1.0\012- data
Hash 19007b17e56daa60133bce9e9b352a95
bac1384caeae5762e7a1d8c18037f69c8cd21bc4
fd88a03358ba14440b78c6329717bdf6ed1a9fe97c3ad4e0a0a39d31fb1ac546
GET /s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ouo.press
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19292
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 03 Jan 2023 15:44:47 GMT
expires: Wed, 03 Jan 2024 15:44:47 GMT
cache-control: public, max-age=31536000
age: 102450
last-modified: Wed, 27 Apr 2022 16:12:54 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ecdn.analysis.fi/static/js/fab.js
200 OK 2.0 kB URL HTTP/2 ecdn.analysis.fi/static/js/fab.js
IP
Hash 87f2342e85b660c4b35ebc615ce8c05c
14bc78fda0795d04fe5400f060a946bdae158171
ea7326bab92bb5ce147f5a8ac20c02d3be5c31d074c1b071d874542a92be4813
GET /static/js/fab.js HTTP/1.1
Host: ecdn.analysis.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
server: nginx/1.20.0
last-modified: Tue, 14 Dec 2021 15:30:51 GMT
access-control-allow-origin: *
content-encoding: gzip
date: Wed, 04 Jan 2023 19:22:32 GMT
expires: Wed, 04 Jan 2023 20:22:31 GMT
cache-control: max-age=3600
etag: W/"61b8b8ab-1090"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: piBrOREDHKZCONDe8vLgoA5Y9hnDdn-4v2_3MHEFjQgxHExqS3GzzA==
age: 2985
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 5dcd3e3f6440384500af24c809a3f175
3a5df7e2369c9d65865d73410b0cac87e1b5a54c
b7c5a41dbd443dcb04231372b9ac63a3853d57e43941af5b22073693291099df
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 20:12:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 94a18fd837dd0f115b235a9129822ce7
271fbb9ea6e641837e758c4030db4f90b331c182
3c544601cf7cb0a9adf878e6b1d3733ae16bd857f9599105eb0a9a44909c5458
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=154621
Date: Wed, 04 Jan 2023 20:12:17 GMT
Etag: "63b57f96-1d7"
Expires: Fri, 06 Jan 2023 15:09:18 GMT
Last-Modified: Wed, 04 Jan 2023 13:31:02 GMT
Server: ECS (nyb/1D35)
X-Cache: Miss from cloudfront
Via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: -phJiQTJpFWNI1ETzynwyG9uewxX-zP9s7sk7_DF4S9pApVVqkFUWQ==
Age: 5896
simplewebanalysis.com/stats
200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP
File type ASCII text, with no line terminators
Hash 36db451fd4054ff9ddf4c7611e861d46
8a8d68047a87787b6244efe866a89588cd030115
5f9378f828eced7040b1bb0b1ca80428a7977bae39fc754f8b6543789d73c9d1
Analyzer Verdict Alert fortinet Malware
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 04 Jan 2023 20:12:17 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
set-cookie: uid_id2=06ceaaca-cd74-4f3c-8da6-869b1a8478c0:2:1; expires=Sat, 01 Jan 2033 20:12:17 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
200 OK 80 kB URL HTTP/2 ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 6a4ce36b0d03543974d71b88fa37145d
a5c1750aab7489f287c98bae25f5afff0ed16ce8
30fb02ff951a4220268d02c95e2dbd16adfad28b179a89e9643d75ade8809aaf
GET /AdServer/js/pwt/155495/4202/pwt.js HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Wed, 27 Oct 2021 05:33:12 GMT
etag: "1241a12-3fca8-5cf4eee137dd8"
server: Apache
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: https://ci-va2qa-mgmt.pubmatic.com
x-xss-protection: 1; mode=block
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type: application/javascript
content-length: 80538
cache-control: max-age=20610
expires: Thu, 05 Jan 2023 01:55:47 GMT
date: Wed, 04 Jan 2023 20:12:17 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ecdn.firstimpression.io/fi_client.js
200 OK 94 kB URL HTTP/2 ecdn.firstimpression.io/fi_client.js
IP
File type ASCII text, with very long lines (618)
Hash 90163f9b825db213808c45d9b5de6f34
5d7e3a92ca07108f5f35e75c7971fe8654a58c89
0e56535664f4083028284a8a45f3ceaf2dccd72ef7607a9ebc2269efb226acff
GET /fi_client.js HTTP/1.1
Host: ecdn.firstimpression.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Wed, 04 Jan 2023 19:22:33 GMT
server: nginx/1.20.0
x-powered-by: PHP/8.0.14
x-xss-protection: 0
last-modified: Wed, 04 Jan 2023 19:22:33 UTC
etag: W/"873f0a9e14391ec0c9464b2792e10220"
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: MVvonUinaczqLAMLNK5t5RXyVUYE9W50J8kkx-k4DnunhKNO0TooRA==
age: 2983
X-Firefox-Spdy: h2
widgets.outbrain.com/images/widgetIcons/achoice.svg
200 OK 990 B URL HTTP/2 widgets.outbrain.com/images/widgetIcons/achoice.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (990), with no line terminators
Hash 5ab8e16b5f46213840bcd403e349419c
f03f6dc8e2206a94119af76f9a3b3c835390cae7
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034
GET /images/widgetIcons/achoice.svg HTTP/1.1
Host: widgets.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/svg+xml
etag: "5ab8e16b5f46213840bcd403e349419c:1672826763.85842"
last-modified: Wed, 04 Jan 2023 07:24:28 GMT
server: AkamaiNetStorage
content-length: 990
cache-control: max-age=2592000
expires: Fri, 03 Feb 2023 20:12:17 GMT
date: Wed, 04 Jan 2023 20:12:17 GMT
timing-allow-origin: *, *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
ouo.press/css/bootstrap.css
200 OK 119 kB URL HTTP/2 ouo.press/css/bootstrap.css
IP
File type ASCII text, with very long lines (65452)
Size 119 kB (118855 bytes)
Hash f509f31003f154d14babc4f806d81aa4
92d20e6303cf65b09284ac82b8960639f732caef
20c6d09d388d8d6886b5814e8fd6e60152b800881bd12adce038d77f59100afd
GET /css/bootstrap.css HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/SY0IOl
Cookie: ouoio_session=eyJpdiI6Im1ORDBaNzRseVBwK3BWcXZncG11ZmpTd3pyemMyMHFsNHZ2MktMWHc0b0k9IiwidmFsdWUiOiJvM0ZVV3RXSWhMQ1FjMTNHUzg5ZEE0VXpUUjhmVG9cLyt3azBOS3hkbFwvQUdJMStnTjM1M0ZocDlKSjBGXC9CaDFReEZSVjFKQWpQXC94Um9RZzlXK0trTHc9PSIsIm1hYyI6IjBmMzYwYTUwMGM2ODRhM2JiODhmMzgzYzczMzFjMGYxZmMwNzkxNzVjOWQ0N2NiOThhZGM5ZjUzN2UyMWFjYTIifQ%3D%3D; language=eyJpdiI6InNXVXMzMEJtbVlOOWR0c2tGeW9DaEdYTTBmQk14Slc4MWNmbFwvSFwvNkVJMD0iLCJ2YWx1ZSI6IlwvNnB2cEhGZkxQUzFyeEJxVmNcLzk3aEI0WitweFlyQmtIUlRwSjZMRHlmdz0iLCJtYWMiOiI5MzVjYjliMDhlODhhYjcwMGVmNGQ1NTBkZTNlMThjMDBlZjI3YmQyNzc0ODI1YzIyMzIxNmQ4ZjI5NDFkZTJlIn0%3D; 613a289f60f014f9cce3ec6c6a78fe6efee04a1c=eyJpdiI6IlZvN1wvdzJrYlZMWUVSWThlM3FFUCtvUUxnbldGcVdJcWR0R3FWeVdiYkhJPSIsInZhbHVlIjoic05ITjk1S21NZXA2U0lFQzdjbFY3YnM2emtJZ3hZSjBCZ0l1T2xHNURyeEI3cmVhMUZyZStBTXMrQWVIZU16SFRMQmhDOTFvdSt0ZXVIaW1zQnJHc3hZbUs0RTc1MjN5NXQwc0JTeXZwVU1EYXNFYWFaMGdkQ1dnaHc3ZE9TdW8wUDEzM05vYkthcmpYSG8rbzIzTVVZVlpTZ0FOQTlrRWRjK054NFoyM0xJRlcrS1hBNWl6aFN5OGlBdGZ1RFk5eGxWWmNRcnNncnVYWjBcLzhIdEU2TndiN240SDRBVDVKVVdVZXBrcHFFclRGbkdQRVRkWEoyTDVMZkt5cXFXRTBEQzBVcmY0U00wcEtKcTZkODFoSmFNQ2RkcCtDRXhwc2VSd29xeTc2c2s5cFVEYzZkZm5DbGk2eDlDbHhWdlk3NUJ2M29KdVkxQmFUa0pmN1EzaEVCNzdqVFczVlVrM05HVzJOM0F5c1wvTThjelN5V1BvcHM2NzRnVGpjbmNLeGUiLCJtYWMiOiJjYTU4NGVkNDc3ZmZhZjFiMmY3YmFiMWJmZjc5ZmQ2N2QwZThkZTJhZDcxMGY1NGZkYTU2OTNlZDRmMDhjYjQzIn0%3D; __cf_bm=1WpAMNhWhWcM.f2slyzw54MSAfe2UZIHUuXGvnYmeM8-1672863136-0-AZrBHfbWVMMZPsKAnkeIYjR5g3p0CVHaZR4MiuOoQc42n012T5QG0RiU3bPwBwn52i+I1ZnkeypfYPpcZ8SVW8U=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 04 Jan 2023 20:12:16 GMT
content-type: text/css
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=109522
etag: W/"54def1fc-1abd2"
expires: Thu, 05 Jan 2023 05:58:45 GMT
last-modified: Sat, 14 Feb 2015 06:58:04 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 8011
vary: Accept-Encoding
server: cloudflare
cf-ray: 7846a0cb1d14b51e-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 229b5d490cc831bc64606e58940d3c7e
28d120b40eeaca79d98bd619756b11c349b6f0bc
f2f2c2c36d50d54d6aed0bda750cd98711686333eaef793d16d0e7f354eba219
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 20:12:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
friendshipmale.com/sfp.js
200 OK 192 kB URL HTTP/2 friendshipmale.com/sfp.js
IP
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size 192 kB (191825 bytes)
Hash 26a895d977d8e65a1fa51ea187a09cd5
0d777eae6422ecd4bab6f493658fd177268c7fb8
b4aac636d4e45a7ebcacaa07d1bd9d1166806e58a10cfd3b87aa896f968bee17
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 04 Jan 2023 20:12:17 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: ced227943ff2c37373c262fea494897b
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Wed, 04 Jan 2023 20:12:17 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=baOKmEMgH3tES%2FnQCur8DgNvWYzo4DfWRzPlnJWoNvPdPqE%2B9TCfWuYrmy2ClpW%2FmqV2zn6CZxVx9p2Q0wChYrTTob5wUkGFtCjC1mgxa6ROxlVaDEHDuekIHxXmooShzHJeraA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7846a0cebef87761-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=GTM-NPLC9ST
200 OK 47 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=GTM-NPLC9ST
IP
File type ASCII text, with very long lines (1921)
Hash 001acf443604856c6fb7629ba44851d4
9a84d1c5085317dd190d91cc8612c514ab0df056
98ad89288ff31c5d678f08c71afe4a969a2a38eada331d792de436c7c31f5e99
GET /gtag/js?id=GTM-NPLC9ST HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.adtrue.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 04 Jan 2023 20:12:17 GMT
expires: Wed, 04 Jan 2023 20:12:17 GMT
cache-control: private, max-age=900
last-modified: Wed, 04 Jan 2023 18:57:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 46922
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
200 OK 104 B URL HTTP/2 ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
IP
File type MS Windows icon resource - 2 icons, 16x16, 16 colors, 32x32, 16 colors\012- data
Hash 32ac8a9b81788b981a3a7e13c14082d4
fbfd48a2bfe8d4247a975176f88d18c3c2ad1952
00cc7617e054596ff0aaabd8a93a9214dc5304bfe317316022dbf4fb3ea073d2
GET /favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250 HTTP/1.1
Host: ad.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 104
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Wed, 04 Jan 2023 07:57:02 GMT
expires: Thu, 05 Jan 2023 07:57:02 GMT
cache-control: public, max-age=86400
age: 44115
last-modified: Tue, 08 May 2012 13:08:06 GMT
content-type: image/x-icon
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 24211537172fdc6ae5968252786d809c
9bcc784a6d86cc5b17328c940384d30591d7f62e
b8466acb9529cecc01e8820d3254321cf5f17996a73a2c851b63adb68d85cd80
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "B8466ACB9529CECC01E8820D3254321CF5F17996A73A2C851B63ADB68D85CD80"
Last-Modified: Tue, 03 Jan 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16230
Expires: Thu, 05 Jan 2023 00:42:47 GMT
Date: Wed, 04 Jan 2023 20:12:17 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash b91127ebcfb9d242139f2861b8019767
b4200d0f2c2509ae8f50596d44e771a49176fdbf
f18956a7d3ac6e28f72fcab1bcfbd69e8faa7fbbe30896c0d334eed8af77f7e7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3449
Cache-Control: max-age=138102
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 20:12:17 GMT
Etag: "63b5489e-1d7"
Expires: Fri, 06 Jan 2023 10:33:59 GMT
Last-Modified: Wed, 04 Jan 2023 09:36:30 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash a430d46fb27196c8b03f382c1bafbb23
0b31940d1067eb87c24c6d356689d7f9f90231a6
3e9cd331b1c2c1eca94ff12ec1b685e1c1c1909e30e8b3cf4493dc6eac786df8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 20:12:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
status.geotrust.com/
200 OK 471 B IP
Hash 53b3a133b4690e68b6fa1e1d26a87947
63dc143f931d20402984e9d022db7afb23863f43
9ebe0f18724c57504af17e63de3867239ad9f61f242f73950489c80d97a2a325
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4424
Cache-Control: max-age=158173
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 20:12:17 GMT
Etag: "63b59336-1d7"
Expires: Fri, 06 Jan 2023 16:08:30 GMT
Last-Modified: Wed, 04 Jan 2023 14:54:46 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 314 B IP
Hash 92357d63d172ddac3b4341e536885dba
bb5770adf7572e5f5fa345953c0607369e5c052a
9848eace86165d41d0c96e4317cc208d0b88d381de97caa0aee74398014408a6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4588
Cache-Control: max-age=147561
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 20:12:17 GMT
Etag: "63b5691e-13a"
Expires: Fri, 06 Jan 2023 13:11:38 GMT
Last-Modified: Wed, 04 Jan 2023 11:55:10 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 314
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash cb4d7ea3ca3642663a5bb1352480f89d
46913a4fe7a05203696ec411449035b31e23c359
9da9c9eac9b2466ad98214972a3ab62b7cca144b9a32c614356516eac6d2e464
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 20:12:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fptadtrue-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fouo.press%2FSY0IOl&ch=UTF-8&res=1280x1024x24&ifr=true&tz=0&tws=1280x939&be=1&bc=hb_pb_3.0.3&dddid=92056a48-b897-4929-b6fc-e65913d6b2e3&nocache=1672863127528&aus=300x250&divids=adtrue_ads_12953_puw4wm7fduyn3ohftp&aucs=adtrue_ads_12953_puw4wm7fduyn3ohftp&auid=558223497&aumfs=100
200 OK 79 B URL HTTP/2 fptadtrue-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fouo.press%2FSY0IOl&ch=UTF-8&res=1280x1024x24&ifr=true&tz=0&tws=1280x939&be=1&bc=hb_pb_3.0.3&dddid=92056a48-b897-4929-b6fc-e65913d6b2e3&nocache=1672863127528&aus=300x250&divids=adtrue_ads_12953_puw4wm7fduyn3ohftp&aucs=adtrue_ads_12953_puw4wm7fduyn3ohftp&auid=558223497&aumfs=100
IP
File type JSON data\012- , ASCII text
Hash 97c7ffff16b3f312b4f0b508d82fac32
af8ef7608dad06a15ec7456a2400bc6decd9a0f5
337b2e5c385cabb2b93e4dcc7fd28be9dde5a92bb4913bc6cadc6789868903f0
GET /w/1.0/arj?ju=https%3A%2F%2Fouo.press%2FSY0IOl&ch=UTF-8&res=1280x1024x24&ifr=true&tz=0&tws=1280x939&be=1&bc=hb_pb_3.0.3&dddid=92056a48-b897-4929-b6fc-e65913d6b2e3&nocache=1672863127528&aus=300x250&divids=adtrue_ads_12953_puw4wm7fduyn3ohftp&aucs=adtrue_ads_12953_puw4wm7fduyn3ohftp&auid=558223497&aumfs=100 HTTP/1.1
Host: fptadtrue-d.openx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept, Accept-Encoding
server: OXGW/0.0.0
pragma: no-cache
p3p: CP="CUR ADM OUR NOR STA NID"
expires: Mon, 26 Jul 1997 05:00:00 GMT
date: Wed, 04 Jan 2023 20:12:17 GMT
content-type: application/json
content-length: 79
content-encoding: gzip
cache-control: private, max-age=0, no-cache
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
200 OK 138 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 43dd1a5483885de9690981f820aeff01
6e19d293fd8ea24839e9e0ee47ad7475be5272f1
0a42d26faa495874da7f28c6f2df763b709196eb3c9edb97b51fea178fdc9076
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 533
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 04 Jan 2023 20:12:17 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 138
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://ouo.press
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 0d680559-8486-4865-9a6a-b6fe1797e4c2
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
status.geotrust.com/
200 OK 471 B IP
Hash 53b3a133b4690e68b6fa1e1d26a87947
63dc143f931d20402984e9d022db7afb23863f43
9ebe0f18724c57504af17e63de3867239ad9f61f242f73950489c80d97a2a325
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3126
Cache-Control: max-age=156875
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 20:12:17 GMT
Etag: "63b59336-1d7"
Expires: Fri, 06 Jan 2023 15:46:52 GMT
Last-Modified: Wed, 04 Jan 2023 14:54:46 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
bidder.criteo.com/cdb?profileId=207&av=34&wv=7.12.0-pre&cb=59032438110&lsavail=0
204 No Content 0 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=7.12.0-pre&cb=59032438110&lsavail=0
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdb?profileId=207&av=34&wv=7.12.0-pre&cb=59032438110&lsavail=0 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 404
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Wed, 04 Jan 2023 20:12:17 GMT
vary: Origin
server: Finatra
timing-allow-origin: *
access-control-allow-origin: https://ouo.press
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.adtrue.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Wed, 04 Jan 2023 19:34:02 GMT
expires: Wed, 04 Jan 2023 21:34:02 GMT
cache-control: public, max-age=7200
age: 2295
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
hbopenbid.pubmatic.com/translator?source=prebid-client
204 No Content 0 B URL HTTP/2 hbopenbid.pubmatic.com/translator?source=prebid-client
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /translator?source=prebid-client HTTP/1.1
Host: hbopenbid.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 867
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://ouo.press
cache-control: no-cache, no-store, must-revalidate
date: Wed, 04 Jan 2023 20:12:17 GMT
X-Firefox-Spdy: h2
cdn.firstimpression.io/delivery/spc_fi.php?id=7419&url=%2FSY0IOl&charset=UTF-8&ch=20&ref=ouo.press&viewerId=null&referer=&_firid=72081482
200 OK 5.7 kB URL HTTP/2 cdn.firstimpression.io/delivery/spc_fi.php?id=7419&url=%2FSY0IOl&charset=UTF-8&ch=20&ref=ouo.press&viewerId=null&referer=&_firid=72081482
IP
File type JSON data\012- , ASCII text, with very long lines (25927), with no line terminators
Hash 5e7123f4a852160da00161a9b072edde
8d2b0b2d70bf1ccd55b6a4df926ef7c7307fd096
809e7e7f3f0931aebf4c4dbebfb6429f171b7095487ea1599f3a088d7c10469d
GET /delivery/spc_fi.php?id=7419&url=%2FSY0IOl&charset=UTF-8&ch=20&ref=ouo.press&viewerId=null&referer=&_firid=72081482 HTTP/1.1
Host: cdn.firstimpression.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
content-length: 5688
date: Wed, 04 Jan 2023 20:12:17 GMT
server: Apache/2.4.38 (Debian)
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
expires: 0
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
p3p: CP="CUR ADM OUR NOR STA NID"
set-cookie: OAID=GDPR; expires=Thu, 04-Jan-2024 20:12:17 GMT; Max-Age=31536000; path=/; secure; SameSite=none
vary: Accept-Encoding
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 11yIT9Qcc0RwVpngqjnCBFxfWTo5mfjWyJQH3HV3nN1PsBUKDHWUlg==
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 872ad13c3966689cbd481bebca0b21f8
2a052c414b68b9e71b00fa3903995e8bdd22a81c
bd2222d291deec7ba01875b7ddfd0d27de71e68fc600057fb3d1fa9394aa46fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD2222D291DEEC7BA01875B7DDFD0D27DE71E68FC600057FB3D1FA9394AA46FA"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17431
Expires: Thu, 05 Jan 2023 01:02:48 GMT
Date: Wed, 04 Jan 2023 20:12:17 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 872ad13c3966689cbd481bebca0b21f8
2a052c414b68b9e71b00fa3903995e8bdd22a81c
bd2222d291deec7ba01875b7ddfd0d27de71e68fc600057fb3d1fa9394aa46fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD2222D291DEEC7BA01875B7DDFD0D27DE71E68FC600057FB3D1FA9394AA46FA"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17431
Expires: Thu, 05 Jan 2023 01:02:48 GMT
Date: Wed, 04 Jan 2023 20:12:17 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 872ad13c3966689cbd481bebca0b21f8
2a052c414b68b9e71b00fa3903995e8bdd22a81c
bd2222d291deec7ba01875b7ddfd0d27de71e68fc600057fb3d1fa9394aa46fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD2222D291DEEC7BA01875B7DDFD0D27DE71E68FC600057FB3D1FA9394AA46FA"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17431
Expires: Thu, 05 Jan 2023 01:02:48 GMT
Date: Wed, 04 Jan 2023 20:12:17 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 872ad13c3966689cbd481bebca0b21f8
2a052c414b68b9e71b00fa3903995e8bdd22a81c
bd2222d291deec7ba01875b7ddfd0d27de71e68fc600057fb3d1fa9394aa46fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD2222D291DEEC7BA01875B7DDFD0D27DE71E68FC600057FB3D1FA9394AA46FA"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17431
Expires: Thu, 05 Jan 2023 01:02:48 GMT
Date: Wed, 04 Jan 2023 20:12:17 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 872ad13c3966689cbd481bebca0b21f8
2a052c414b68b9e71b00fa3903995e8bdd22a81c
bd2222d291deec7ba01875b7ddfd0d27de71e68fc600057fb3d1fa9394aa46fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD2222D291DEEC7BA01875B7DDFD0D27DE71E68FC600057FB3D1FA9394AA46FA"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17431
Expires: Thu, 05 Jan 2023 01:02:48 GMT
Date: Wed, 04 Jan 2023 20:12:17 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc03ececd-3935-4a1b-ae41-45a5aea9ebe3.jpeg
200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc03ececd-3935-4a1b-ae41-45a5aea9ebe3.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash af78916e285d0f6c5c5a5ff33894e108
96df0d8c10c666811cfeb98187ca93e65480c2ff
7bcb20dc641e46d033dee76b3d92b701b31aecfbf88241a5a95dfdc1c5e95885
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc03ececd-3935-4a1b-ae41-45a5aea9ebe3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5018
x-amzn-requestid: 7a68cfb1-dedd-4f08-8d99-4678c1087422
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eL3HtFHkoAMFwYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b49efd-7880e5f93c99cc794f9a03bb;Sampled=0
x-amzn-remapped-date: Tue, 03 Jan 2023 21:32:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: MvV5dXthUr0Qo499_5eG6Z_yW0gmflen3kRBrse7ngQjUgOVA0OMvg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 03 Jan 2023 21:48:41 GMT
age: 80616
etag: "96df0d8c10c666811cfeb98187ca93e65480c2ff"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbff09b5-fd04-45ca-959e-83e4f40897df.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbff09b5-fd04-45ca-959e-83e4f40897df.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 02a9375cec16bfe696766c8d373d9b54
2167c2f197dd44558ac2dea500d8b6b3cfa50e83
6f94fe0c817b031d913d53fee6b317148bdabea044102b8f0c9df8a3737d59f1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbff09b5-fd04-45ca-959e-83e4f40897df.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10696
x-amzn-requestid: 2117681b-ee8b-4881-b860-087a8662a3c2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d7xM1FK7oAMFd4w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ae2f1e-5a3648ba2ac7ba01177f361d;Sampled=0
x-amzn-remapped-date: Fri, 30 Dec 2022 00:21:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: p4EQ0DgVF1JVg9r4rzbQsRzgFgqX3Ke8tWzeUHAXGXrawUAhssi71A==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Wed, 04 Jan 2023 07:38:33 GMT
age: 45224
etag: "2167c2f197dd44558ac2dea500d8b6b3cfa50e83"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ff2360c-5204-4d20-b397-821a4c4421e7.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ff2360c-5204-4d20-b397-821a4c4421e7.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 359f30e64bec00d0a01acd69a08b684d
ac965c8642c4d1e47713965060fa2fc8f19088b1
fff1b001462468cc953092a2312650c03f307e95c40e2c6bb7356e2a8b9b0283
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ff2360c-5204-4d20-b397-821a4c4421e7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11877
x-amzn-requestid: 884b9243-6a8a-4434-9b2a-e5eff84d4e99
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eL33bFnDoAMFpoQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b4a02f-3f7043ae29d21e010ddc1ff9;Sampled=0
x-amzn-remapped-date: Tue, 03 Jan 2023 21:37:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: AmpRiMJDlhYtRCxTT0l7VEPHwk7eK_rnGceIYRUobRqi8hIM2LMrCQ==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 03 Jan 2023 22:00:54 GMT
age: 79883
etag: "ac965c8642c4d1e47713965060fa2fc8f19088b1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b11930d-f72d-464d-8f7d-bbd0bb247c74.jpeg
200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b11930d-f72d-464d-8f7d-bbd0bb247c74.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 235b1a6e2b61b3068bf7a8e7a2607634
0df6f090574996e472064765c6f27b6b8e012414
6e6061581018dc0ec494631e7861cf2e44f82ac94d1b0056679555ff6dae5f8e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b11930d-f72d-464d-8f7d-bbd0bb247c74.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13546
x-amzn-requestid: 6758cca7-bc06-43dd-8545-3e05aa760218
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eL3p7GYjIAMFw7A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b49fd8-038317190f3df26f13c9d961;Sampled=0
x-amzn-remapped-date: Tue, 03 Jan 2023 21:36:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Pmw35oCAPfvYxFowD4CDyUUrQI_V69MOGrpK55fUcvU2aoA1G19P3g==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Tue, 03 Jan 2023 21:49:21 GMT
age: 80576
etag: "0df6f090574996e472064765c6f27b6b8e012414"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn.adtrue.com/rtb/async.js
200 OK 11 kB URL HTTP/2 cdn.adtrue.com/rtb/async.js
IP
File type HTML document, ASCII text, with very long lines (7327), with no line terminators
Hash cb6c488ac0358e9c11e8316e786c5a5a
eb121b3121ab9352a4af6a63aa91f4fd6268f8b8
afb2977181f435e40234a2806c93947809851d6ed28f40e836c1e4dfe2f3a9e3
GET /rtb/async.js HTTP/1.1
Host: cdn.adtrue.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 04 Jan 2023 20:12:16 GMT
content-type: application/javascript
last-modified: Mon, 16 Nov 2020 01:20:45 GMT
etag: W/"5fb1d3ed-1c9f"
expires: Sun, 24 Sep 2023 03:43:59 GMT
cache-control: max-age=31104000
access-control-allow-origin: *
cf-cache-status: HIT
age: 8440097
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xFeywa7CTTj3QPX2irb3QQo7T3x8jyacq1%2Fu1WgRS5J84Qg1rWt1EuGga7%2F4kw9OlIZXHPDC9AwKokBysyGJVKEhlkC6iQH57T3OV3EyYwdjp%2FPt1ZD%2F6iUNIfM%2Br9cpUA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7846a0cbd83375d5-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7367913c-a0ac-494d-9929-dad9f308a082.jpeg
200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7367913c-a0ac-494d-9929-dad9f308a082.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 366b35900303af09c9dd28131a105a66
34b2acc4195a5e36f0acbd10669219c7ef14a5fa
5b7c3e9920d5058a2342a3e85e3046de75c3f8ff88bc55099f5cfc3ad5041b69
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7367913c-a0ac-494d-9929-dad9f308a082.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7126
x-amzn-requestid: 7107757b-782a-4f3b-8e41-a175a747141e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d_bnOHWCIAMFoLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63afa62e-43925f7f072903de3cae6ab6;Sampled=0
x-amzn-remapped-date: Sat, 31 Dec 2022 03:02:06 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Q4S2zHji1gQXLSfdpmlOUTv24DrwSjtAkBqdUsFrAyMWhPSZKPVS8w==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 04 Jan 2023 03:35:25 GMT
age: 59812
etag: "34b2acc4195a5e36f0acbd10669219c7ef14a5fa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
200 OK 9.2 kB URL HTTP/2 cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
IP
File type ASCII text, with very long lines (27677)
Hash be67ba0617660113c8b105b9318d8184
25c33a00dfefa7ba1823017dc3e9c63a17d53459
7a80c6ef8f369f3115b83e5f88aa88e730450fed06466c418a98a5fe2a9988f6
GET /npm/prebid-universal-creative@latest/dist/creative.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.14.2
x-jsd-version-type: version
etag: W/"6c5a-5kbBcMwAuv899TsKizV+K03Rtig"
content-encoding: gzip
accept-ranges: bytes
date: Wed, 04 Jan 2023 20:12:17 GMT
age: 6471
x-served-by: cache-fra-eddf8230118-FRA, cache-bma1652-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 9244
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP
Hash 601a22a4b72b022688ee2b347aa5973c
0c1e8c1c86d3571276b44744aa3ce8cf888f3856
deed478fa097268a7aecb4e2e2d3068db77a10231e6117d98c5707c8ba1b4fbe
POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 04 Jan 2023 20:12:17 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "DDEDBA8A12A57A21703CB7D62878A1CE385AC8D2"
Expires: Thu, 05 Jan 2023 07:00:00 GMT
Last-Modified: Wed, 04 Jan 2023 19:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2921
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7846a0d3e9dd0afa-OSL
ocsp.digicert.com/
200 OK 279 B IP
Hash 5362edc4e62fb960e376a733fbec1195
0ba15d287679c63b3369e531d4fe9ffc538233ef
f770e44b705c081d79a4b28dfd8eead9626e36b930e13f0f5f4096cbbeffd97b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5880
Cache-Control: max-age=123618
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 20:12:17 GMT
Etag: "63b5068b-117"
Expires: Fri, 06 Jan 2023 06:32:35 GMT
Last-Modified: Wed, 04 Jan 2023 04:54:35 GMT
Server: ECS (amb/6BAC)
X-Cache: HIT
Content-Length: 279
jsc.adskeeper.com/a/d/adtrue.ouo.press.991771.js
200 OK 921 B URL HTTP/2 jsc.adskeeper.com/a/d/adtrue.ouo.press.991771.js
IP
File type ASCII text, with very long lines (2361)
Hash dc406d72b5d7cb505ff0f720a76f333c
e848a1e516384718b9319acc891ff2f7d5d707b6
e92fc567697445a7896a332abf07536107c7b96112d287748ef9234292c80c58
GET /a/d/adtrue.ouo.press.991771.js HTTP/1.1
Host: jsc.adskeeper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 04 Jan 2023 20:12:17 GMT
content-type: text/javascript
content-length: 921
x-amz-id-2: feXPNfpFaacSm8lt6RhzCbec1+gHhzZ+DriZQVNyKgZogPAFPtddKynKrrt3LGH5NtYxJR+TKjM=
x-amz-request-id: BSY1ZH442MF2G462
last-modified: Wed, 23 Nov 2022 08:34:07 GMT
etag: "dc406d72b5d7cb505ff0f720a76f333c"
content-encoding: gzip
x-amz-version-id: Nv3tnKsQJJFloLFD8ccmmePhVOX9ZV_J
cf-cache-status: HIT
age: 1030
expires: Thu, 05 Jan 2023 00:12:17 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7846a0d41bb21c12-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash 5362edc4e62fb960e376a733fbec1195
0ba15d287679c63b3369e531d4fe9ffc538233ef
f770e44b705c081d79a4b28dfd8eead9626e36b930e13f0f5f4096cbbeffd97b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5880
Cache-Control: max-age=123618
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 20:12:17 GMT
Etag: "63b5068b-117"
Expires: Fri, 06 Jan 2023 06:32:35 GMT
Last-Modified: Wed, 04 Jan 2023 04:54:35 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 279
ouo.io/SY0IOl
302 Found 429 B IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash b03a278276652ce447e4e7d6d3bdaf45
150cfa12306019fb47363302b03b1a7a816baea0
e6216d5e090671a9f7265641d6a225e79cd819031a880ac8989a9973e873e89c
GET /SY0IOl HTTP/1.1
Host: ouo.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Wed, 04 Jan 2023 20:12:15 GMT
content-type: text/html; charset=UTF-8
location: https://ouo.press/SY0IOl
cache-control: no-cache
set-cookie: ouoio_session=eyJpdiI6IlliVHJLZXdJRlA1S0UxVEhRXC9vUWo3M09RWkxERjNjMFRFeGIyZHlvK1ZjPSIsInZhbHVlIjoiMVdrYjVlY0pxb0tqQmx4SnVnUnZNZks1bzdkMDhiazN0OXIwYll6UlZ6UFJVNVZMdTlnQW40WndJenJ3VHorTnZLZnRHSmtsclg1Y2hkdUZDUFRBdUE9PSIsIm1hYyI6IjRhYmVhNTc1MjRjNzFkN2I4YzA4MjZhNTM5YTJhMGZmNjc4ZTI4OTBkNjM0Njg4YzMyZTBkNzU4YjZkYzliNjcifQ%3D%3D; path=/; httponly
language=eyJpdiI6ImpLXC9IbVdYSW9GTDRmQXM1eDNuSWZ4NkRnbGdKdmN6N05LRTg1SkwyWGxrPSIsInZhbHVlIjoiaGhiNzJKUDRxOE44XC9XOVFvN0NmTGhPZDdVUUdGQWxLV3o3Y3JNS3Zscm89IiwibWFjIjoiZjQ1YTdjZDM3N2UzNDA3NDlkODc4ZDBiMzZjZjdhYzkwMjMzNmU3OTVkYjgwNzUyN2Q4MzUzOTM1YzY0NWU4NSJ9; expires=Mon, 03-Jan-2028 20:12:15 GMT; Max-Age=157680000; path=/; httponly
ec63e35728dd3b8bdc8cd3b882898b353c8542dc=eyJpdiI6IndaelwvNDRSK1p2bE8zdWQzRXh2bW1pSlpWWGdpb0ZaR0Y1anZOeUJxUzA4PSIsInZhbHVlIjoidjkrOGQ5TXZUSThoNkF2TEo4OUd6a2lPd215SmR2N1VHYlFPZ3lPeWtQUmJVNU1Wck1zZ1FcL3d2bHJQanJjNkwwbkhEUlJNZVF1eTdsajJEclwvZUYzbm5oWlwvWUZORjgzZmpUTzBoZ3ppTlMybzdNWloxUkJ2VmRYRmo2cmo2Vjh6WWdUcTVDVERxYnBDRnB3UHp6WDd6ejA3TUxTcVF3UmViYk1LZExsQnRpQTdQbEhjeFBqZnlmMjlYcExCNkg5Y3M5aHpZNDFDeURFZkVIa1E5aXZoZ0FpakVsMTk0T0ZiWlBGMkNxekdLOHZnK2MxT3Y2dDhJNU1pN0lXOTZnbUZ0Z0hLTk9leEVBRWp4Z1AxM2ZWUEZcL3RSbGFsUHNEMGhiMHpMTnBHd2dPTlQwZEwxMVVVb2ZUS1V6c2l4WCtDVmk3TEJCdk8yaHMzQStSSTA0bWxIQT09IiwibWFjIjoiZTYxOGI4MzcwZTgzNGE3MDhmNzMxYTZiMmUyYzFkZWUzNzJmZTU5NjIwNjk1OTQ0MDBlZjdmNThjYTEwYzQ3NSJ9; expires=Wed, 04-Jan-2023 22:12:15 GMT; Max-Age=7200; path=/; httponly
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7846a0c4eab60b02-OSL
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
200 OK 354 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP
Hash 4f9f9dec56280e1cc6a9b2b814480e8e
a4ebda59cfec7c632cde28462d4bc879ff5556de
6df0be7326133416ef213b36803535e2934f74417ffd0851e20ce82abb357fb4
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 562
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 04 Jan 2023 20:12:18 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 139
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://ouo.press
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: e87d1369-8523-408d-bd6f-2c345b0daf93
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
bidder.criteo.com/cdb?profileId=207&av=34&wv=6.2.0&cb=15450150946
200 OK 44 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=6.2.0&cb=15450150946
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 5f1dcf53824ce88cdb7941d34db3f19d
4164a13e3f53e1f002606a807d64a92620720fb0
3a803b7520764b5266cfac90aa9f9b2ff931109f489d9a1deb24aa686c239a74
POST /cdb?profileId=207&av=34&wv=6.2.0&cb=15450150946 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 486
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 04 Jan 2023 20:12:17 GMT
vary: Origin
server: Finatra
content-type: application/json; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: https://ouo.press
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-encoding: gzip
content-length: 44
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash f912ee4165d3a5120f9125d0c3d48513
39734d038a7990b35b5699d2a6754f3d9550c743
a35579c6f204715c3f05cd1e4e2e13f8f77e74fe88a1f0d175b722be5bbb7409
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3542
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 20:12:18 GMT
Last-Modified: Wed, 04 Jan 2023 19:13:16 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18438&site_id=202928&zone_id=1317174&size_id=2&rp_schain=1.0,1!firstimpression.io,7419,1,,,&rf=https%3A%2F%2Fouo.press%2FSY0IOl&kw=ouo.press%2Cshortlinks%2Clinkshortener%2CfreeURLshortener&tg_i.ref=https%3A%2F%2Fouo.press%2FSY0IOl&tg_i.page=https%3A%2F%2Fouo.press%2FSY0IOl&tg_i.domain=ouo.press&tg_i.figroup=a9&tk_flint=pbjs_lite_v6.2.0&x_source.tid=d2d61445-1102-4fba-a0f9-946e9894b13f&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8787844783769209
200 OK 348 B URL HTTP/2 fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18438&site_id=202928&zone_id=1317174&size_id=2&rp_schain=1.0,1!firstimpression.io,7419,1,,,&rf=https%3A%2F%2Fouo.press%2FSY0IOl&kw=ouo.press%2Cshortlinks%2Clinkshortener%2CfreeURLshortener&tg_i.ref=https%3A%2F%2Fouo.press%2FSY0IOl&tg_i.page=https%3A%2F%2Fouo.press%2FSY0IOl&tg_i.domain=ouo.press&tg_i.figroup=a9&tk_flint=pbjs_lite_v6.2.0&x_source.tid=d2d61445-1102-4fba-a0f9-946e9894b13f&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8787844783769209
IP
File type JSON data\012- , ASCII text, with very long lines (348), with no line terminators
Hash 43b91eb86685e08dbc06a6cca36aadee
4147ecf3925b4337f031ec5c22b70ea5704e7077
17636e3b4a1702349c2558a2138564477c2d5dad7ad4401bfee45603c054a5be
GET /a/api/fastlane.json?account_id=18438&site_id=202928&zone_id=1317174&size_id=2&rp_schain=1.0,1!firstimpression.io,7419,1,,,&rf=https%3A%2F%2Fouo.press%2FSY0IOl&kw=ouo.press%2Cshortlinks%2Clinkshortener%2CfreeURLshortener&tg_i.ref=https%3A%2F%2Fouo.press%2FSY0IOl&tg_i.page=https%3A%2F%2Fouo.press%2FSY0IOl&tg_i.domain=ouo.press&tg_i.figroup=a9&tk_flint=pbjs_lite_v6.2.0&x_source.tid=d2d61445-1102-4fba-a0f9-946e9894b13f&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8787844783769209 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.21.4
date: Wed, 04 Jan 2023 20:12:18 GMT
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://ouo.press
pragma: no-cache
vary: Accept-Encoding
set-cookie: khaos=LCI3IQHK-O-5XBP; Domain=.rubiconproject.com; Path=/; Expires=Thu, 04-Jan-2024 20:12:18 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|SDziDG3X/EjUjve7JvGbGe9DtVM30fCgZvcVxxp7UIOfClalbqwLC5ZjSCqH74hcJhsHlJbldDdJwe9iGXKQTKZr5ZVxLWDe; Domain=.rubiconproject.com; Path=/; Expires=Thu, 04-Jan-2024 20:12:18 GMT; Max-Age=31536000; SameSite=None; Secure
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 348
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 472 B IP
Hash ddaf22ee64c21b84ac23a414dcbbd95c
3ddd55e64ad3df0e60ed5f0d34aa3b46c23f4bf1
3c17a8689d6568bca44dbe5d22470b162e57c9a911f19fc85b677431b141f252
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 04 Jan 2023 20:12:18 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 04 Jan 2023 01:57:09 GMT
Expires: Wed, 11 Jan 2023 01:57:08 GMT
Etag: "3ddd55e64ad3df0e60ed5f0d34aa3b46c23f4bf1"
Cache-Control: max-age=538489,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7846a0d61e58b4e8-OSL
ocsp.digicert.com/
200 OK 312 B IP
Hash 7274192cb93af161af4b2329089f72ae
e9140482ac11d4a7532105fccec983fc6f82384a
8ade2b6f2eb2f14e151442671af69434465c09fed5aa4d56731ec9d11ada7fb4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3030
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 20:12:18 GMT
Last-Modified: Wed, 04 Jan 2023 19:21:49 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 312
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5c5ed52572d3b9fe172fd2f8d0874cd4
dccb2470f5a98f377b3c383eb478dc1cc4b20fa6
71a7d1fa34ca82c4b4c704c23b6f330595787f1081c2fd9d86bc17a6fc3099d9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "71A7D1FA34CA82C4B4C704C23B6F330595787F1081C2FD9D86BC17A6FC3099D9"
Last-Modified: Wed, 04 Jan 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9210
Expires: Wed, 04 Jan 2023 22:45:48 GMT
Date: Wed, 04 Jan 2023 20:12:18 GMT
Connection: keep-alive
tag.1rx.io/rmp/212927/0/mvo?z=1r&hbv=6.2,2.1
204 No Content 0 B URL HTTP/2 tag.1rx.io/rmp/212927/0/mvo?z=1r&hbv=6.2,2.1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /rmp/212927/0/mvo?z=1r&hbv=6.2,2.1 HTTP/1.1
Host: tag.1rx.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 617
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Wed, 04 Jan 2023 20:12:18 GMT
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
pragma: no-cache
cache-control: private, max-age=0, no-cache, no-store
X-Firefox-Spdy: h2
static.criteo.net/js/ld/publishertag.prebid.123.js
200 OK 29 kB URL HTTP/2 static.criteo.net/js/ld/publishertag.prebid.123.js
IP
File type ASCII text, with very long lines (65354)
Hash 20ac2c4462879de5e87bb093a87877fb
0f5424e096ba541b4789ed910e7257493be343cd
cd064793ed5ae178ceaee41fc363174391f70a5813e33124c8483ecf68c0268b
GET /js/ld/publishertag.prebid.123.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 04 Jan 2023 20:12:18 GMT
content-type: text/javascript
last-modified: Tue, 03 May 2022 11:21:03 GMT
etag: W/"6271101f-15b58"
expires: Thu, 05 Jan 2023 20:12:18 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 70e83f1aa612ec76ceb96efca0eeefbc
9974fc6d642bbac886d79173c3d52c7b94d473de
e280c2aad1b73129a81863667b47e70fcfcd0835e376d0ec0ae253d161ba3f46
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E280C2AAD1B73129A81863667B47E70FCFCD0835E376D0EC0AE253D161BA3F46"
Last-Modified: Wed, 04 Jan 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12174
Expires: Wed, 04 Jan 2023 23:35:12 GMT
Date: Wed, 04 Jan 2023 20:12:18 GMT
Connection: keep-alive
aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fouo.press%2FSY0IOl&pid=vFoWtqpZhPY0a&cb=0&ws=728x90&v=22.1213.2134&t=2000&slots=%5B%7B%22sd%22%3A%2293863%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%5D&schain=1.0%2C1!firstimpression.io%2C7419%2C1%2C%2C%2C&pubid=4cd01fd0-0780-4b33-a4da-c39467660185&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
200 OK 154 B URL HTTP/2 aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fouo.press%2FSY0IOl&pid=vFoWtqpZhPY0a&cb=0&ws=728x90&v=22.1213.2134&t=2000&slots=%5B%7B%22sd%22%3A%2293863%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%5D&schain=1.0%2C1!firstimpression.io%2C7419%2C1%2C%2C%2C&pubid=4cd01fd0-0780-4b33-a4da-c39467660185&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
IP
File type ASCII text, with no line terminators
Hash bb7b4ee21d41485b3c8d171a7bf8b853
04fdbd451ad2cf3aceb697a99ea093fa4c7b4522
5b74ca7f2f7320a7821eedeecfc6bc9cf4c5b0364ae656e62b66657c227aae7e
GET /e/dtb/bid?src=600&u=https%3A%2F%2Fouo.press%2FSY0IOl&pid=vFoWtqpZhPY0a&cb=0&ws=728x90&v=22.1213.2134&t=2000&slots=%5B%7B%22sd%22%3A%2293863%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%5D&schain=1.0%2C1!firstimpression.io%2C7419%2C1%2C%2C%2C&pubid=4cd01fd0-0780-4b33-a4da-c39467660185&gdprl=%7B%22status%22%3A%22no-cmp%22%7D HTTP/1.1
Host: aax-dtb-cf.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
content-length: 154
server: Server
date: Wed, 04 Jan 2023 20:12:18 GMT
x-amz-rid: KHEC0EXD3V74ED1AXFAR
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
timing-allow-origin: *
strict-transport-security: max-age=47474747; includeSubDomains; preload
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Ol0_J-YwpgMDYpzRWF9jVkuLpv9HSjnP5H9tY3EYT9TrdVZAZTn5tQ==
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 313 B IP
Hash 4e1bfa4fc9adaacc3d29967ddeccef70
85019396fff9cb8a1d8e01063a3a15f12c1592ad
5a7d2f6d30e3bcaaa5b73d657f94049e4476cfaeafbad6c99d153b84fd0dc52d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3882
Cache-Control: max-age=152932
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 20:12:18 GMT
Etag: "63b580dc-139"
Expires: Fri, 06 Jan 2023 14:41:10 GMT
Last-Modified: Wed, 04 Jan 2023 13:36:28 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 313
gum.criteo.com/syncframe?origin=publishertag&topUrl=ouo.press
200 OK 5.1 kB URL HTTP/2 gum.criteo.com/syncframe?origin=publishertag&topUrl=ouo.press
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (13465)
Hash 2cf12a61c5f3f23abe6f26d2181f908c
7cc44e27a14d87f3a8180a7b3a99f6fbc52f99c8
f0b7a85374c53a3a5e3dc9074aa1587df2e43cbd4835cb777f23ae7492cf2041
GET /syncframe?origin=publishertag&topUrl=ouo.press HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 04 Jan 2023 20:12:18 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: optout=0; expires=Thu, 01 Jan 1970 00:00:00 GMT; domain=.criteo.com; path=/
uid=745f0d80-0c31-445a-be2c-2b93c97bf230; expires=Mon, 29 Jan 2024 20:12:17 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 547009
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
unseenreport.com/pxf.gif?uuid=06ceaaca-cd74-4f3c-8da6-869b1a8478c0&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=ed36014633829dc70a42dccaefdf3f11&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=20
200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=06ceaaca-cd74-4f3c-8da6-869b1a8478c0&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=ed36014633829dc70a42dccaefdf3f11&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=20
IP
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=06ceaaca-cd74-4f3c-8da6-869b1a8478c0&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=ed36014633829dc70a42dccaefdf3f11&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=20 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 04 Jan 2023 20:12:18 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4dfd8dcd9244ad0a1d7974f4e39e12df
Strict-Transport-Security: max-age=0; includeSubdomains
ocsp.digicert.com/
200 OK 312 B IP
Hash e0867186ad963eac121e889062106ad5
c87daf95ffc0d81a9e40be2b000dd1519163252b
01580e78b606c7637e1e30b809296801f918a23e9b013467559aa35259edbcca
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3071
Cache-Control: max-age=119050
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 20:12:18 GMT
Etag: "63b4ffad-138"
Expires: Fri, 06 Jan 2023 05:16:28 GMT
Last-Modified: Wed, 04 Jan 2023 04:25:17 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 312
speakspurink.com/sbar.json?key=ed36014633829dc70a42dccaefdf3f11&uuid=06ceaaca-cd74-4f3c-8da6-869b1a8478c0%3A2%3A1
200 OK 3.4 kB URL HTTP/1.1 speakspurink.com/sbar.json?key=ed36014633829dc70a42dccaefdf3f11&uuid=06ceaaca-cd74-4f3c-8da6-869b1a8478c0%3A2%3A1
IP
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , ASCII text, with very long lines (6093), with no line terminators
Hash 664451b4065a4f9249d87a21224cb54d
0b43a83f5f65aef0fd97bf294aebbdd1cfc644fb
6cc84d3cb4cbe4e361a76843f04e92c4128a5491d5989c31e336087d57429bf4
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=ed36014633829dc70a42dccaefdf3f11&uuid=06ceaaca-cd74-4f3c-8da6-869b1a8478c0%3A2%3A1 HTTP/1.1
Host: speakspurink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 04 Jan 2023 20:12:18 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://ouo.press
Access-Control-Allow-Origin: https://ouo.press
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=15424691; expires=Thu, 05 Jan 2023 20:12:18 GMT; secure; SameSite=None
uid_id2=06ceaaca-cd74-4f3c-8da6-869b1a8478c0:2:1; expires=Wed, 11 Jan 2023 20:12:18 GMT; secure; SameSite=None
pdhtkv=true; expires=Thu, 05 Jan 2023 20:12:18 GMT; secure; SameSite=None
uncs=1; expires=Thu, 05 Jan 2023 20:12:18 GMT; secure; SameSite=None
pdhtkv29=true; expires=Thu, 05 Jan 2023 20:12:18 GMT; secure; SameSite=None
uncs29=1; expires=Thu, 05 Jan 2023 20:12:18 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 80738365f2a801029e6c7500f2e94b67
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8d9a880223cbd9a43452b02047d1c3e2
3b8a6d8fe73e0c186765caa8ea2c2240482d55a9
1aafca4a5c48193374494f44cceeccd709615611d31b26588c929e66fcba9722
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1AAFCA4A5C48193374494F44CCEECCD709615611D31B26588C929E66FCBA9722"
Last-Modified: Wed, 04 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3019
Expires: Wed, 04 Jan 2023 21:02:38 GMT
Date: Wed, 04 Jan 2023 20:12:19 GMT
Connection: keep-alive
gum.criteo.com/sid/json?origin=publishertag&domain=ouo.press&sn=FirefoxSyncframe&so=3&topUrl=ouo.press&bundle=ehSTUl9mMGZMeVlwWUVrVERVSDByaFpoTERtaXBtaTRoblpid3g3ZGVsYWE5ejBmOExYZ2xCWktWM2lKWTNTaURkREwlMkJEQklxS0c3SmtwdzV3YTR3MWNxJTJCdE1KdHk2Qjl6Zzd1VzhRaXZWZkVRRjhSSlJveVhBMlpNY2U0Q1ZaV1dDeVQ&info=M-BwCl80M0RITmhlJTJCZkMwOUJGQlhaMUN2cyUyRm1jNHpGYlFJWGozamJMZ2xRSGdOOU1uVUlJNUI5OFJRdyUyQmFJenJHeCUyQjQ&idsd=-1462897256,1966110245&cw=1&lsw=1
200 OK 323 B URL HTTP/2 gum.criteo.com/sid/json?origin=publishertag&domain=ouo.press&sn=FirefoxSyncframe&so=3&topUrl=ouo.press&bundle=ehSTUl9mMGZMeVlwWUVrVERVSDByaFpoTERtaXBtaTRoblpid3g3ZGVsYWE5ejBmOExYZ2xCWktWM2lKWTNTaURkREwlMkJEQklxS0c3SmtwdzV3YTR3MWNxJTJCdE1KdHk2Qjl6Zzd1VzhRaXZWZkVRRjhSSlJveVhBMlpNY2U0Q1ZaV1dDeVQ&info=M-BwCl80M0RITmhlJTJCZkMwOUJGQlhaMUN2cyUyRm1jNHpGYlFJWGozamJMZ2xRSGdOOU1uVUlJNUI5OFJRdyUyQmFJenJHeCUyQjQ&idsd=-1462897256,1966110245&cw=1&lsw=1
IP
Hash 90130e4cc18178111a1dd96b3fb5bfee
17eed84c7dd81cc59a3245dca66d3ce1f84f01ef
8864ea8e7ce417a43d9b2c3ff5cc8188518fd29de08bc8f1342b2f3c5b5ab62c
GET /sid/json?origin=publishertag&domain=ouo.press&sn=FirefoxSyncframe&so=3&topUrl=ouo.press&bundle=ehSTUl9mMGZMeVlwWUVrVERVSDByaFpoTERtaXBtaTRoblpid3g3ZGVsYWE5ejBmOExYZ2xCWktWM2lKWTNTaURkREwlMkJEQklxS0c3SmtwdzV3YTR3MWNxJTJCdE1KdHk2Qjl6Zzd1VzhRaXZWZkVRRjhSSlJveVhBMlpNY2U0Q1ZaV1dDeVQ&info=M-BwCl80M0RITmhlJTJCZkMwOUJGQlhaMUN2cyUyRm1jNHpGYlFJWGozamJMZ2xRSGdOOU1uVUlJNUI5OFJRdyUyQmFJenJHeCUyQjQ&idsd=-1462897256,1966110245&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ouo.press
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 04 Jan 2023 20:12:18 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 1353337
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash ca43dc405d4cba594ec2ca5f0e4c9cf3
38502dab5b99e8f0b30acb7deb4b64801b81fd49
f7d9c2a9da13232785b37c9c6cb0b8eb98f2c49c3fb70d038ed6a2bee01e9e85
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "F7D9C2A9DA13232785B37C9C6CB0B8EB98F2C49C3FB70D038ED6A2BEE01E9E85"
Last-Modified: Wed, 04 Jan 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16960
Expires: Thu, 05 Jan 2023 00:54:59 GMT
Date: Wed, 04 Jan 2023 20:12:19 GMT
Connection: keep-alive
speakspurink.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2Fd3%2F55%2Ffb%2Fd355fb06fa4f4907609b7d285fa07f7a%2F1664530003.html&l=1175&fd=153
200 OK 0 B URL HTTP/1.1 speakspurink.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2Fd3%2F55%2Ffb%2Fd355fb06fa4f4907609b7d285fa07f7a%2F1664530003.html&l=1175&fd=153
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2Fd3%2F55%2Ffb%2Fd355fb06fa4f4907609b7d285fa07f7a%2F1664530003.html&l=1175&fd=153 HTTP/1.1
Host: speakspurink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Cookie: u_pl=15424691; uid_id2=06ceaaca-cd74-4f3c-8da6-869b1a8478c0:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 04 Jan 2023 20:12:19 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1782561be2399c34cbc8ffb4b1974b35
9c2c71d9e99eebc50a5b182d3caeff03082ca42b
8424587be1de32390061ee4ee6c44f8c920e02818a0528020eb9bd7f32f06a5a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8424587BE1DE32390061EE4EE6C44F8C920E02818A0528020EB9BD7F32F06A5A"
Last-Modified: Wed, 04 Jan 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10915
Expires: Wed, 04 Jan 2023 23:14:14 GMT
Date: Wed, 04 Jan 2023 20:12:19 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash ca43dc405d4cba594ec2ca5f0e4c9cf3
38502dab5b99e8f0b30acb7deb4b64801b81fd49
f7d9c2a9da13232785b37c9c6cb0b8eb98f2c49c3fb70d038ed6a2bee01e9e85
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "F7D9C2A9DA13232785B37C9C6CB0B8EB98F2C49C3FB70D038ED6A2BEE01E9E85"
Last-Modified: Wed, 04 Jan 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16960
Expires: Thu, 05 Jan 2023 00:54:59 GMT
Date: Wed, 04 Jan 2023 20:12:19 GMT
Connection: keep-alive
speakspurink.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Finstagram%2Fnew%2F4%2Fcss%2Fanimate.css&l=79245&fd=156
200 OK 0 B URL HTTP/1.1 speakspurink.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Finstagram%2Fnew%2F4%2Fcss%2Fanimate.css&l=79245&fd=156
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Finstagram%2Fnew%2F4%2Fcss%2Fanimate.css&l=79245&fd=156 HTTP/1.1
Host: speakspurink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Cookie: u_pl=15424691; uid_id2=06ceaaca-cd74-4f3c-8da6-869b1a8478c0:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 04 Jan 2023 20:12:19 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
cdn.cloudimagesb.com/si/62/99/91/6299919f2727e6f79b6f7ad60ebd36aa/1667590484.png
200 OK 33 kB URL HTTP/2 cdn.cloudimagesb.com/si/62/99/91/6299919f2727e6f79b6f7ad60ebd36aa/1667590484.png
IP
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 2cb2500acb00f247ef19403c3a0f89e1
7c57e8b84b2bb0003810ffae7a14e24869155464
7efcd5082673b787603d2a0b8d768fb26807cf2ab79771a69886a916d0cda3ce
GET /si/62/99/91/6299919f2727e6f79b6f7ad60ebd36aa/1667590484.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 04 Jan 2023 20:12:19 GMT
content-type: image/png
content-length: 32763
server: nginx/1.17.6
last-modified: Fri, 04 Nov 2022 19:34:52 GMT
etag: "6365695c-7ffb"
expires: Fri, 06 Jan 2023 20:12:19 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3911de16efbf23f58863340a13a94911
4c58b685a800aed8385b5acef91b7d2350c4db20
1ea86d6ee58fe0e4ddfb0b112647ae96db7046f7594d48e53561226c7533c2a2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1EA86D6EE58FE0E4DDFB0B112647AE96DB7046F7594D48E53561226C7533C2A2"
Last-Modified: Wed, 04 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2918
Expires: Wed, 04 Jan 2023 21:00:57 GMT
Date: Wed, 04 Jan 2023 20:12:19 GMT
Connection: keep-alive
ocsp.sectigo.com/
200 OK 471 B IP
Hash 4f3ee704a5cd7a6e69c7fb5fbd7283a2
be50ef0da7999d632fc3d2218dfe612faa29dddc
8208ba6850f11d559d8616492481eafd0f05c39ebb4eb4379d2932ea27e49d43
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 04 Jan 2023 20:12:19 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 04 Jan 2023 13:42:55 GMT
Expires: Wed, 11 Jan 2023 13:42:54 GMT
Etag: "be50ef0da7999d632fc3d2218dfe612faa29dddc"
Cache-Control: max-age=580834,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7846a0dd1c60b4e8-OSL
cdn.creative-bars1.com/sb/ssp/utility/social-media/instagram/new/4/js/script.js
200 OK 1.6 kB URL HTTP/2 cdn.creative-bars1.com/sb/ssp/utility/social-media/instagram/new/4/js/script.js
IP
Hash bc8801e7a6311ff20b85d696cabadc8d
813bce9fd2c59bfaec69e4d6c46115dabaa312d3
b30286bb54e28ceb6dc30e7a0c815a3382157c4c315a61f42c06e5b49c1e2ef6
GET /sb/ssp/utility/social-media/instagram/new/4/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 04 Jan 2023 20:12:19 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 10:05:24 GMT
etag: W/"63317964-1bc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1616085
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3kggpPw3iMGLC%2FL%2F%2BTa74PBDRdL8ekRKe3EJjaFuDqqcofwBc0mc03ECqsvcKC0Lf5uyqIa4hKholni9X%2BBOwjeLKdEj2u%2B1RjvehmcU8ZkcSrV%2FXdlZtUzhz0JtAEDuWTHMtAIvsua1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7846a0dc2f7e719f-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
id5-sync.com/g/v2/806.json
200 216 B URL HTTP/1.1 id5-sync.com/g/v2/806.json
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 71209312bf24b24538cafda814bc1113
384c88f1c2ac637f195ed31b574836b9a4d9866b
8810bcf007973aff2b16af9d111fc4204a455a3460544fdfe2aa1888d219d31c
POST /g/v2/806.json HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 193
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Wed, 04 Jan 2023 20:12:18 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
api.rlcdn.com/api/identity/envelope?pid=1258
401 Unauthorized 19 B URL HTTP/2 api.rlcdn.com/api/identity/envelope?pid=1258
IP
Hash 63dfbd2b39fe4f536a04e7b32ada47b4
207298c4a215ad5d97d888522927910ae772ba48
26e51290d12b4fea0bb98da3ed118837b744555ba723061771ab3df30000b6b7
GET /api/identity/envelope?pid=1258 HTTP/1.1
Host: api.rlcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 401 Unauthorized
content-type: text/plain; charset=utf-8
x-content-type-options: nosniff
date: Wed, 04 Jan 2023 20:12:19 GMT
content-length: 19
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
speakspurink.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Finstagram%2Fnew%2F4%2Fjs%2Fscript.js&l=444&fd=147
200 OK 0 B URL HTTP/1.1 speakspurink.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Finstagram%2Fnew%2F4%2Fjs%2Fscript.js&l=444&fd=147
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Finstagram%2Fnew%2F4%2Fjs%2Fscript.js&l=444&fd=147 HTTP/1.1
Host: speakspurink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Cookie: u_pl=15424691; uid_id2=06ceaaca-cd74-4f3c-8da6-869b1a8478c0:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 04 Jan 2023 20:12:19 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
200 OK 63 B URL HTTP/2 match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash f8c766e60dcc9f38277ee244bd15260b
3b1f476877a321cc4843f4e207d41a9d7eee3ad1
b6905fd0964c3b69f79bd42cb3a47cd54d241b807ac99044f85c3c5826c387d4
GET /track/rid?ttd_pid=pubmatic&fmt=json HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 04 Jan 2023 20:12:19 GMT
content-type: application/json; charset=utf-8
content-length: 63
cache-control: private
expires: Fri, 03 Feb 2023 20:12:19 GMT
vary: Origin
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
x-aspnet-version: 4.0.30319
X-Firefox-Spdy: h2
speakspurink.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Finstagram%2Fnew%2F4%2Fcss%2Fstyle.css&l=7642&fd=161
200 OK 0 B URL HTTP/1.1 speakspurink.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Finstagram%2Fnew%2F4%2Fcss%2Fstyle.css&l=7642&fd=161
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Finstagram%2Fnew%2F4%2Fcss%2Fstyle.css&l=7642&fd=161 HTTP/1.1
Host: speakspurink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Cookie: u_pl=15424691; uid_id2=06ceaaca-cd74-4f3c-8da6-869b1a8478c0:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 04 Jan 2023 20:12:19 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ouo.press
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 30 Dec 2022 13:33:13 GMT
expires: Sat, 30 Dec 2023 13:33:13 GMT
cache-control: public, max-age=31536000
age: 455946
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ouo.press
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 04 Jan 2023 19:33:54 GMT
expires: Thu, 04 Jan 2024 19:33:54 GMT
cache-control: public, max-age=31536000
age: 2305
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash 4f3ee704a5cd7a6e69c7fb5fbd7283a2
be50ef0da7999d632fc3d2218dfe612faa29dddc
8208ba6850f11d559d8616492481eafd0f05c39ebb4eb4379d2932ea27e49d43
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 04 Jan 2023 20:12:19 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 04 Jan 2023 13:42:55 GMT
Expires: Wed, 11 Jan 2023 13:42:54 GMT
Etag: "be50ef0da7999d632fc3d2218dfe612faa29dddc"
Cache-Control: max-age=580834,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7846a0ddcd98b4e8-OSL
static.criteo.net/js/ld/publishertag.prebid.js
200 OK 30 kB URL HTTP/2 static.criteo.net/js/ld/publishertag.prebid.js
IP
File type ASCII text, with very long lines (65354)
Hash 1e81f0c646ccc75fe6d9423738290103
51b7e1e9097fb2614b112c2ba47ef231db783190
090c332f8c779802b9e4ae59ac881c86d67d0628dcd5074a7b77517d0bdf0523
GET /js/ld/publishertag.prebid.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 04 Jan 2023 20:12:18 GMT
content-type: text/javascript
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
etag: W/"6356752f-16294"
expires: Thu, 05 Jan 2023 20:12:18 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
speakspurink.com/impr.gif?sid=H4sIAAAAAAAC%2F1SSQWgkRRSGq5PdgwqC4sWDMogHBTPpnu6Z6TGHxewaCa5J2F0NiJfqqupJOTVdTVX39CR4CC7IXoTxpMfOP8mG1UVcxKMgEy%2BSU8bDksPGmwgeBc8yk4Fx36Hfe%2F2%2Fw%2Ff%2Bel8c5BfERU7Ptz7Qe1IpulyvupU3tmXCdWErG3cqnlt1VyrbMmkEK5X%2B5GN6b3tuveq%2BWXlPsI5errme63quV1mTRsS6vzxVIdOHLa%2FacqtBrerVA%2FTN073NHVjqgPcuyIuQfHx157dHkGyEpPvDDWE7mU7ferebK5ppgx4%2F%2FjDpJLpI0J2XsXEQJ8ezaWg7JuSbBejkeLYBdO9wsgEiOSbOYw9RcjzDRNQ7uiSNFESCiD%2BHojeCUCNIOgLTdyH5GQEYx8Ymku79DW0Kunup0ok6Jlf%2B%2FQeyGJMrT15C0v1%2BVcl%2B5bZWeSZ1YtGPS8j%2BCLI9QpqfINtzIIsTsOxzSE6QdEtIfv6622CCUkaXGG8GS0Hss6WQ08ZS2GhFHg2DZsjcqTVSjiDjEZQYgNoF5NZBLh3ksYM8ddDl5xVab8Wu24yj2PfDgDHm%2B4zVwwavcz8IYxc5m7APkKUDMDUAM%2FtIzT46cgCT%2FwK7U8JyBzYj6PEShSAoLEFBCQpJUGQERa884srWbHmfK5tH3izXZtkvhzprH9AjnbVFQg7SC%2FLC1LC%2FP%2FkRHXFeEdxvuF7Q8P2w1uKs6dKgxhmjIuaxH3serCwh7QKodbAnz55%2FjFSePVMioiew6gRMvgaavwJaDJs1F3RnGIQu9pIHOtfV1AhrwXWJNLuKbNc5UBfk5SlA689FCHZ67esvN%2F9Y4R%2BDmRKpKfGp%2FJWgre4Nb%2BmCHN7ShSWPNtNMduUenbzm7YxmYvHb98VuoQ1fv2EHD95hE2FSPrwjbHaTJlwmbUu%2BW5WcC7OmDRPk53W7LaKt3O6s5ibJ05tb19fWu1NAqZMRqDz76DMwOSbPms70Tl%2F96zqkGcHkJbr5KZkFpB6Bpfuw6ZzeagKj5jNR6qDIy6GpRfOfShIoMe9pVML%2Br4%2Fm9YG9h7ZxQLO70%2BvsmRI9VYKqAWy%2BOMxSc3rtd38aiJQzjJRxDiNl1FeX1lp5Xql7gQijsMk4jwTjXrPmh77r1jgPmi3htZDZMfvpCf4DAAD%2F%2FwEAAP%2F%2F9AHnJH8EAAA%3D
200 OK 7 B URL HTTP/1.1 speakspurink.com/impr.gif?sid=H4sIAAAAAAAC%2F1SSQWgkRRSGq5PdgwqC4sWDMogHBTPpnu6Z6TGHxewaCa5J2F0NiJfqqupJOTVdTVX39CR4CC7IXoTxpMfOP8mG1UVcxKMgEy%2BSU8bDksPGmwgeBc8yk4Fx36Hfe%2F2%2Fw%2Ff%2Bel8c5BfERU7Ptz7Qe1IpulyvupU3tmXCdWErG3cqnlt1VyrbMmkEK5X%2B5GN6b3tuveq%2BWXlPsI5errme63quV1mTRsS6vzxVIdOHLa%2FacqtBrerVA%2FTN073NHVjqgPcuyIuQfHx157dHkGyEpPvDDWE7mU7ferebK5ppgx4%2F%2FjDpJLpI0J2XsXEQJ8ezaWg7JuSbBejkeLYBdO9wsgEiOSbOYw9RcjzDRNQ7uiSNFESCiD%2BHojeCUCNIOgLTdyH5GQEYx8Ymku79DW0Kunup0ok6Jlf%2B%2FQeyGJMrT15C0v1%2BVcl%2B5bZWeSZ1YtGPS8j%2BCLI9QpqfINtzIIsTsOxzSE6QdEtIfv6622CCUkaXGG8GS0Hss6WQ08ZS2GhFHg2DZsjcqTVSjiDjEZQYgNoF5NZBLh3ksYM8ddDl5xVab8Wu24yj2PfDgDHm%2B4zVwwavcz8IYxc5m7APkKUDMDUAM%2FtIzT46cgCT%2FwK7U8JyBzYj6PEShSAoLEFBCQpJUGQERa884srWbHmfK5tH3izXZtkvhzprH9AjnbVFQg7SC%2FLC1LC%2FP%2FkRHXFeEdxvuF7Q8P2w1uKs6dKgxhmjIuaxH3serCwh7QKodbAnz55%2FjFSePVMioiew6gRMvgaavwJaDJs1F3RnGIQu9pIHOtfV1AhrwXWJNLuKbNc5UBfk5SlA689FCHZ67esvN%2F9Y4R%2BDmRKpKfGp%2FJWgre4Nb%2BmCHN7ShSWPNtNMduUenbzm7YxmYvHb98VuoQ1fv2EHD95hE2FSPrwjbHaTJlwmbUu%2BW5WcC7OmDRPk53W7LaKt3O6s5ibJ05tb19fWu1NAqZMRqDz76DMwOSbPms70Tl%2F96zqkGcHkJbr5KZkFpB6Bpfuw6ZzeagKj5jNR6qDIy6GpRfOfShIoMe9pVML%2Br4%2Fm9YG9h7ZxQLO70%2BvsmRI9VYKqAWy%2BOMxSc3rtd38aiJQzjJRxDiNl1FeX1lp5Xql7gQijsMk4jwTjXrPmh77r1jgPmi3htZDZMfvpCf4DAAD%2F%2FwEAAP%2F%2F9AHnJH8EAAA%3D
IP
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1SSQWgkRRSGq5PdgwqC4sWDMogHBTPpnu6Z6TGHxewaCa5J2F0NiJfqqupJOTVdTVX39CR4CC7IXoTxpMfOP8mG1UVcxKMgEy%2BSU8bDksPGmwgeBc8yk4Fx36Hfe%2F2%2Fw%2Ff%2Bel8c5BfERU7Ptz7Qe1IpulyvupU3tmXCdWErG3cqnlt1VyrbMmkEK5X%2B5GN6b3tuveq%2BWXlPsI5errme63quV1mTRsS6vzxVIdOHLa%2FacqtBrerVA%2FTN073NHVjqgPcuyIuQfHx157dHkGyEpPvDDWE7mU7ferebK5ppgx4%2F%2FjDpJLpI0J2XsXEQJ8ezaWg7JuSbBejkeLYBdO9wsgEiOSbOYw9RcjzDRNQ7uiSNFESCiD%2BHojeCUCNIOgLTdyH5GQEYx8Ymku79DW0Kunup0ok6Jlf%2B%2FQeyGJMrT15C0v1%2BVcl%2B5bZWeSZ1YtGPS8j%2BCLI9QpqfINtzIIsTsOxzSE6QdEtIfv6622CCUkaXGG8GS0Hss6WQ08ZS2GhFHg2DZsjcqTVSjiDjEZQYgNoF5NZBLh3ksYM8ddDl5xVab8Wu24yj2PfDgDHm%2B4zVwwavcz8IYxc5m7APkKUDMDUAM%2FtIzT46cgCT%2FwK7U8JyBzYj6PEShSAoLEFBCQpJUGQERa884srWbHmfK5tH3izXZtkvhzprH9AjnbVFQg7SC%2FLC1LC%2FP%2FkRHXFeEdxvuF7Q8P2w1uKs6dKgxhmjIuaxH3serCwh7QKodbAnz55%2FjFSePVMioiew6gRMvgaavwJaDJs1F3RnGIQu9pIHOtfV1AhrwXWJNLuKbNc5UBfk5SlA689FCHZ67esvN%2F9Y4R%2BDmRKpKfGp%2FJWgre4Nb%2BmCHN7ShSWPNtNMduUenbzm7YxmYvHb98VuoQ1fv2EHD95hE2FSPrwjbHaTJlwmbUu%2BW5WcC7OmDRPk53W7LaKt3O6s5ibJ05tb19fWu1NAqZMRqDz76DMwOSbPms70Tl%2F96zqkGcHkJbr5KZkFpB6Bpfuw6ZzeagKj5jNR6qDIy6GpRfOfShIoMe9pVML%2Br4%2Fm9YG9h7ZxQLO70%2BvsmRI9VYKqAWy%2BOMxSc3rtd38aiJQzjJRxDiNl1FeX1lp5Xql7gQijsMk4jwTjXrPmh77r1jgPmi3htZDZMfvpCf4DAAD%2F%2FwEAAP%2F%2F9AHnJH8EAAA%3D HTTP/1.1
Host: speakspurink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Cookie: u_pl=15424691; uid_id2=06ceaaca-cd74-4f3c-8da6-869b1a8478c0:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 04 Jan 2023 20:12:19 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9e74da22e36676fd38514b4db89c8859
Strict-Transport-Security: max-age=0; includeSubdomains
cdn.creative-bars1.com/sb/ssp/utility/social-media/instagram/new/4/img/close.svg
200 OK 2.4 kB URL HTTP/2 cdn.creative-bars1.com/sb/ssp/utility/social-media/instagram/new/4/img/close.svg
IP
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash df1c079b8377b2c38d1514f787f68848
2ecf186b028ad5c583d02602f4160598024525e2
295eac2bb3e48d0567188f5e95548eda2a37e9552abcfa64af5f4d8c14188da0
GET /sb/ssp/utility/social-media/instagram/new/4/img/close.svg HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 04 Jan 2023 20:12:19 GMT
content-type: image/svg+xml
last-modified: Wed, 28 Sep 2022 21:49:43 GMT
etag: W/"6334c177-52a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4342882
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6%2BFVfjRdY%2BFna3ew4F8kcj8JXeIHYZDtts1t7KrbaUzPiFaKjDUIH7URicuTiX%2BHzGQAoBqQLwMp8c9U3PTWXIHc%2BZ6HPTIuBmN%2FRsYU18zkWU5R4%2BmgQaETzGL5kX30i5AHlmcbjxGo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7846a0dcae64750d-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
id.crwdcntrl.net/id
200 OK 43 B IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 90eeff5111bbbdce769d4130cc3cca3c
d62886c1a85d51814cb7f124761c5e6aca6d8933
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
GET /id HTTP/1.1
Host: id.crwdcntrl.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 04 Jan 2023 20:12:19 GMT
content-type: application/json;charset=utf-8
content-length: 43
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.25.150
access-control-allow-credentials: true
access-control-allow-origin: https://ouo.press
server: Jetty(9.4.38.v20210224)
X-Firefox-Spdy: h2
ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155495
200 OK 5.6 kB URL HTTP/2 ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155495
IP
File type HTML document text\012- HTML document, ASCII text, with very long lines (15889), with no line terminators
Hash 18a6bc0e051c0767f814f63ff07e65f9
8fbe4eb399d8501b90276723d38c9ffb4ab483fa
26341482a8d6c8384b2cb91aba95833ac2002bd284ff690adbd2009bf76cb95b
GET /AdServer/js/user_sync.html?kdntuid=1&p=155495 HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
server: Apache
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5554
content-type: text/html
cache-control: max-age=37858
expires: Thu, 05 Jan 2023 06:43:18 GMT
date: Wed, 04 Jan 2023 20:12:20 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
image6.pubmatic.com/AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB
200 OK 60 B URL HTTP/2 image6.pubmatic.com/AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB
IP
File type ASCII text, with no line terminators
Hash 79e651804c07ab73182ce648d74b1a00
a88e3aebac0d10edee3cc8a9785df029e0420c48
d458b55441fefb57edf560323cbf3531f31c30a6d2b2c3e083efd16f7f6ee357
GET /AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB HTTP/1.1
Host: image6.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.pubmatic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
cache-control: private
content-type: text/html; charset=UTF-8
expires: Tue, 4 Apr 2023 12:38:23 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Wed, 04 Jan 2023 20:12:20 GMT
content-length: 60
X-Firefox-Spdy: h2
simage4.pubmatic.com/AdServer/SPug?o=1&p=155495&sc=1&u=F65EAD66-98A6-4A54-8571-7621BEC9138C&rs=3&gdpr=0&gdpr_consent=&us_privacy=
200 OK 1.3 kB URL HTTP/2 simage4.pubmatic.com/AdServer/SPug?o=1&p=155495&sc=1&u=F65EAD66-98A6-4A54-8571-7621BEC9138C&rs=3&gdpr=0&gdpr_consent=&us_privacy=
IP
File type HTML document text\012- HTML document, ASCII text, with very long lines (1720)
Hash cea73e4b6a86730b9ab5452d26d8694f
81c105dc251706f6fa9796cbe88b51508b58879b
34ee08503063e7b28f123a20922c887121a3a5935b214013fd3739f9d05e6625
GET /AdServer/SPug?o=1&p=155495&sc=1&u=F65EAD66-98A6-4A54-8571-7621BEC9138C&rs=3&gdpr=0&gdpr_consent=&us_privacy= HTTP/1.1
Host: simage4.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
date: Wed, 04 Jan 2023 20:12:19 GMT
content-type: text/html; charset=utf-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
content-encoding: gzip
X-Firefox-Spdy: h2
c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
200 OK 0 B URL HTTP/2 c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
IP
GET /bao-csm/aps-comm/aps_csm.js HTTP/1.1
Host: c.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Fri, 23 Dec 2022 01:05:48 GMT
x-amz-version-id: 1R3b4YI9dI20q9Y7Gq1DHxVUnq3Fp2gn
server: AmazonS3
content-encoding: gzip
date: Wed, 04 Jan 2023 01:06:21 GMT
cache-control: public, max-age=86400
etag: W/"a4d296427fc806b21335359e398c025c"
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: BkfunDnlBFvfsws2uonTHrFuL-PozB4QACr728mZRUbPOiNApvIk3A==
age: 68758
X-Firefox-Spdy: h2
ecdn.firstimpression.io/static/js/prebidamp.js
200 OK 0 B URL HTTP/2 ecdn.firstimpression.io/static/js/prebidamp.js
IP
GET /static/js/prebidamp.js HTTP/1.1
Host: ecdn.firstimpression.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
server: nginx/1.20.0
last-modified: Tue, 14 Dec 2021 15:30:51 GMT
access-control-allow-origin: *
content-encoding: gzip
date: Wed, 04 Jan 2023 19:24:27 GMT
expires: Wed, 04 Jan 2023 20:22:33 GMT
cache-control: max-age=3600
etag: W/"61b8b8ab-4e128"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: snggJPHkS2_6W2P2RaBieyS-iVFjxKNgmPKxM7ZrQFIPs1g64xY6jg==
age: 2984
X-Firefox-Spdy: h2
ecdn.firstimpression.io/static/js/fiamp.js
200 OK 0 B URL HTTP/2 ecdn.firstimpression.io/static/js/fiamp.js
IP
GET /static/js/fiamp.js HTTP/1.1
Host: ecdn.firstimpression.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
server: nginx/1.20.0
last-modified: Fri, 08 Apr 2022 08:48:22 GMT
access-control-allow-origin: *
content-encoding: br
date: Wed, 04 Jan 2023 19:22:33 GMT
expires: Wed, 04 Jan 2023 20:22:33 GMT
cache-control: max-age=3600
etag: W/"624ff6d6-1b8e9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: KXcYF7gPN2tdeJsdjWs67ikPwlQvzWTcg2kj4sP6uvvCW7U9-H2IgA==
age: 2984
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
200 OK 0 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Wed, 04 Jan 2023 20:12:17 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 75803
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ag.gbc.criteo.com/newidsd
200 OK 0 B URL HTTP/2 ag.gbc.criteo.com/newidsd
IP
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Wed, 04 Jan 2023 20:12:17 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 118744
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&pbt=1&lsw=1
200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&pbt=1&lsw=1
IP
GET /sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&pbt=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 04 Jan 2023 20:12:19 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://ouo.press
server-processing-duration-in-ticks: 1378733
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ouo.press/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
200 OK 0 B URL HTTP/2 ouo.press/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/SY0IOl
Cookie: ouoio_session=eyJpdiI6Im1ORDBaNzRseVBwK3BWcXZncG11ZmpTd3pyemMyMHFsNHZ2MktMWHc0b0k9IiwidmFsdWUiOiJvM0ZVV3RXSWhMQ1FjMTNHUzg5ZEE0VXpUUjhmVG9cLyt3azBOS3hkbFwvQUdJMStnTjM1M0ZocDlKSjBGXC9CaDFReEZSVjFKQWpQXC94Um9RZzlXK0trTHc9PSIsIm1hYyI6IjBmMzYwYTUwMGM2ODRhM2JiODhmMzgzYzczMzFjMGYxZmMwNzkxNzVjOWQ0N2NiOThhZGM5ZjUzN2UyMWFjYTIifQ%3D%3D; language=eyJpdiI6InNXVXMzMEJtbVlOOWR0c2tGeW9DaEdYTTBmQk14Slc4MWNmbFwvSFwvNkVJMD0iLCJ2YWx1ZSI6IlwvNnB2cEhGZkxQUzFyeEJxVmNcLzk3aEI0WitweFlyQmtIUlRwSjZMRHlmdz0iLCJtYWMiOiI5MzVjYjliMDhlODhhYjcwMGVmNGQ1NTBkZTNlMThjMDBlZjI3YmQyNzc0ODI1YzIyMzIxNmQ4ZjI5NDFkZTJlIn0%3D; 613a289f60f014f9cce3ec6c6a78fe6efee04a1c=eyJpdiI6IlZvN1wvdzJrYlZMWUVSWThlM3FFUCtvUUxnbldGcVdJcWR0R3FWeVdiYkhJPSIsInZhbHVlIjoic05ITjk1S21NZXA2U0lFQzdjbFY3YnM2emtJZ3hZSjBCZ0l1T2xHNURyeEI3cmVhMUZyZStBTXMrQWVIZU16SFRMQmhDOTFvdSt0ZXVIaW1zQnJHc3hZbUs0RTc1MjN5NXQwc0JTeXZwVU1EYXNFYWFaMGdkQ1dnaHc3ZE9TdW8wUDEzM05vYkthcmpYSG8rbzIzTVVZVlpTZ0FOQTlrRWRjK054NFoyM0xJRlcrS1hBNWl6aFN5OGlBdGZ1RFk5eGxWWmNRcnNncnVYWjBcLzhIdEU2TndiN240SDRBVDVKVVdVZXBrcHFFclRGbkdQRVRkWEoyTDVMZkt5cXFXRTBEQzBVcmY0U00wcEtKcTZkODFoSmFNQ2RkcCtDRXhwc2VSd29xeTc2c2s5cFVEYzZkZm5DbGk2eDlDbHhWdlk3NUJ2M29KdVkxQmFUa0pmN1EzaEVCNzdqVFczVlVrM05HVzJOM0F5c1wvTThjelN5V1BvcHM2NzRnVGpjbmNLeGUiLCJtYWMiOiJjYTU4NGVkNDc3ZmZhZjFiMmY3YmFiMWJmZjc5ZmQ2N2QwZThkZTJhZDcxMGY1NGZkYTU2OTNlZDRmMDhjYjQzIn0%3D; __cf_bm=1WpAMNhWhWcM.f2slyzw54MSAfe2UZIHUuXGvnYmeM8-1672863136-0-AZrBHfbWVMMZPsKAnkeIYjR5g3p0CVHaZR4MiuOoQc42n012T5QG0RiU3bPwBwn52i+I1ZnkeypfYPpcZ8SVW8U=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 04 Jan 2023 20:12:16 GMT
content-type: application/javascript
last-modified: Tue, 20 Dec 2022 16:36:20 GMT
etag: W/"63a1e484-4d7"
vary: Accept-Encoding
server: cloudflare
cf-ray: 7846a0cb2d23b51e-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Fri, 06 Jan 2023 20:12:16 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2
hhklc.com/c.js
200 OK 0 B IP
GET /c.js HTTP/1.1
Host: hhklc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 04 Jan 2023 20:12:16 GMT
content-type: application/javascript
last-modified: Tue, 27 Dec 2022 13:04:38 GMT
etag: W/"63aaed66-2eef"
server-asp-net: Asp Net
expires: Wed, 04 Jan 2023 20:16:33 GMT
cache-control: public, max-age=14400
cf-cache-status: HIT
age: 2443
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9CCA7JkgtMQPuc5Tc5aAUkYt2wOa1dzgNZ4w86wsj7dl3%2FLd%2F4wGrPh%2B2F5OCaPZ5F3Nl7vWssohm2YDpr6Cvp1dT5YYkADf0ljIHuVL4FAPutNQ3GCfyYdQWCk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7846a0cb79feb51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1
200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1
IP
GET /sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 04 Jan 2023 20:12:16 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://ouo.press
server-processing-duration-in-ticks: 1554261
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.firstimpression.io/delivery/lg.php?bannerid=65637%7C65638%7C65639%7C83411%7C93863%7C100721&campaignid=18%7C15%7C9%7C44%7C43%7C22&zoneid=110459%7C110459%7C110459%7C110459%7C110459%7C110459
200 OK 0 B URL HTTP/2 cdn.firstimpression.io/delivery/lg.php?bannerid=65637%7C65638%7C65639%7C83411%7C93863%7C100721&campaignid=18%7C15%7C9%7C44%7C43%7C22&zoneid=110459%7C110459%7C110459%7C110459%7C110459%7C110459
IP
POST /delivery/lg.php?bannerid=65637%7C65638%7C65639%7C83411%7C93863%7C100721&campaignid=18%7C15%7C9%7C44%7C43%7C22&zoneid=110459%7C110459%7C110459%7C110459%7C110459%7C110459 HTTP/1.1
Host: cdn.firstimpression.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Cookie: OAID=GDPR
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
date: Wed, 04 Jan 2023 20:12:18 GMT
server: Apache/2.4.38 (Debian)
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
expires: 0
access-control-allow-origin: https://ouo.press
p3p: CP="CUR ADM OUR NOR STA NID"
vary: Accept-Encoding
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Knzthv0v0S33BhZvG97j6R_AOwagHiqHd66gYd-lcRut6qjxJE2iOg==
X-Firefox-Spdy: h2
dnacdn.net/dna
200 OK 0 B IP
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=3FdIa180M0RITmhlJTJCZkMwOUJGQlhaMUN2cyUyRm1jNHpGYlFJWGozamJMZ2xRSGdOOG41ZzEwY0ZpMUU0c0U0MXQlMkZlcjFC
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 04 Jan 2023 20:12:17 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=M-BwCl80M0RITmhlJTJCZkMwOUJGQlhaMUN2cyUyRm1jNHpGYlFJWGozamJMZ2xRSGdOOU1uVUlJNUI5OFJRdyUyQmFJenJHeCUyQjQ; expires=Mon, 29 Jan 2024 20:12:18 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 291783
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&pbt=1&lsw=1
200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&pbt=1&lsw=1
IP
OPTIONS /sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&pbt=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://ouo.press/
Origin: https://ouo.press
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 04 Jan 2023 20:12:19 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://ouo.press
server-processing-duration-in-ticks: 476470
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ouo.press/SY0IOl
200 OK 0 B IP
GET /SY0IOl HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Wed, 04 Jan 2023 20:12:16 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
set-cookie: ouoio_session=eyJpdiI6Im1ORDBaNzRseVBwK3BWcXZncG11ZmpTd3pyemMyMHFsNHZ2MktMWHc0b0k9IiwidmFsdWUiOiJvM0ZVV3RXSWhMQ1FjMTNHUzg5ZEE0VXpUUjhmVG9cLyt3azBOS3hkbFwvQUdJMStnTjM1M0ZocDlKSjBGXC9CaDFReEZSVjFKQWpQXC94Um9RZzlXK0trTHc9PSIsIm1hYyI6IjBmMzYwYTUwMGM2ODRhM2JiODhmMzgzYzczMzFjMGYxZmMwNzkxNzVjOWQ0N2NiOThhZGM5ZjUzN2UyMWFjYTIifQ%3D%3D; path=/; httponly
language=eyJpdiI6InNXVXMzMEJtbVlOOWR0c2tGeW9DaEdYTTBmQk14Slc4MWNmbFwvSFwvNkVJMD0iLCJ2YWx1ZSI6IlwvNnB2cEhGZkxQUzFyeEJxVmNcLzk3aEI0WitweFlyQmtIUlRwSjZMRHlmdz0iLCJtYWMiOiI5MzVjYjliMDhlODhhYjcwMGVmNGQ1NTBkZTNlMThjMDBlZjI3YmQyNzc0ODI1YzIyMzIxNmQ4ZjI5NDFkZTJlIn0%3D; expires=Mon, 03-Jan-2028 20:12:16 GMT; Max-Age=157680000; path=/; httponly
613a289f60f014f9cce3ec6c6a78fe6efee04a1c=eyJpdiI6IlZvN1wvdzJrYlZMWUVSWThlM3FFUCtvUUxnbldGcVdJcWR0R3FWeVdiYkhJPSIsInZhbHVlIjoic05ITjk1S21NZXA2U0lFQzdjbFY3YnM2emtJZ3hZSjBCZ0l1T2xHNURyeEI3cmVhMUZyZStBTXMrQWVIZU16SFRMQmhDOTFvdSt0ZXVIaW1zQnJHc3hZbUs0RTc1MjN5NXQwc0JTeXZwVU1EYXNFYWFaMGdkQ1dnaHc3ZE9TdW8wUDEzM05vYkthcmpYSG8rbzIzTVVZVlpTZ0FOQTlrRWRjK054NFoyM0xJRlcrS1hBNWl6aFN5OGlBdGZ1RFk5eGxWWmNRcnNncnVYWjBcLzhIdEU2TndiN240SDRBVDVKVVdVZXBrcHFFclRGbkdQRVRkWEoyTDVMZkt5cXFXRTBEQzBVcmY0U00wcEtKcTZkODFoSmFNQ2RkcCtDRXhwc2VSd29xeTc2c2s5cFVEYzZkZm5DbGk2eDlDbHhWdlk3NUJ2M29KdVkxQmFUa0pmN1EzaEVCNzdqVFczVlVrM05HVzJOM0F5c1wvTThjelN5V1BvcHM2NzRnVGpjbmNLeGUiLCJtYWMiOiJjYTU4NGVkNDc3ZmZhZjFiMmY3YmFiMWJmZjc5ZmQ2N2QwZThkZTJhZDcxMGY1NGZkYTU2OTNlZDRmMDhjYjQzIn0%3D; expires=Wed, 04-Jan-2023 22:12:16 GMT; Max-Age=7200; path=/; httponly
__cf_bm=1WpAMNhWhWcM.f2slyzw54MSAfe2UZIHUuXGvnYmeM8-1672863136-0-AZrBHfbWVMMZPsKAnkeIYjR5g3p0CVHaZR4MiuOoQc42n012T5QG0RiU3bPwBwn52i+I1ZnkeypfYPpcZ8SVW8U=; path=/; expires=Wed, 04-Jan-23 20:42:16 GMT; domain=.ouo.press; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 7846a0c818e7b51e-OSL
content-encoding: br
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1
200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1
IP
OPTIONS /sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://ouo.press/
Origin: https://ouo.press
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 04 Jan 2023 20:12:17 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://ouo.press
server-processing-duration-in-ticks: 432120
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ouo.press/css/link-safe.css
200 OK 0 B URL HTTP/2 ouo.press/css/link-safe.css
IP
GET /css/link-safe.css HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/SY0IOl
Cookie: ouoio_session=eyJpdiI6Im1ORDBaNzRseVBwK3BWcXZncG11ZmpTd3pyemMyMHFsNHZ2MktMWHc0b0k9IiwidmFsdWUiOiJvM0ZVV3RXSWhMQ1FjMTNHUzg5ZEE0VXpUUjhmVG9cLyt3azBOS3hkbFwvQUdJMStnTjM1M0ZocDlKSjBGXC9CaDFReEZSVjFKQWpQXC94Um9RZzlXK0trTHc9PSIsIm1hYyI6IjBmMzYwYTUwMGM2ODRhM2JiODhmMzgzYzczMzFjMGYxZmMwNzkxNzVjOWQ0N2NiOThhZGM5ZjUzN2UyMWFjYTIifQ%3D%3D; language=eyJpdiI6InNXVXMzMEJtbVlOOWR0c2tGeW9DaEdYTTBmQk14Slc4MWNmbFwvSFwvNkVJMD0iLCJ2YWx1ZSI6IlwvNnB2cEhGZkxQUzFyeEJxVmNcLzk3aEI0WitweFlyQmtIUlRwSjZMRHlmdz0iLCJtYWMiOiI5MzVjYjliMDhlODhhYjcwMGVmNGQ1NTBkZTNlMThjMDBlZjI3YmQyNzc0ODI1YzIyMzIxNmQ4ZjI5NDFkZTJlIn0%3D; 613a289f60f014f9cce3ec6c6a78fe6efee04a1c=eyJpdiI6IlZvN1wvdzJrYlZMWUVSWThlM3FFUCtvUUxnbldGcVdJcWR0R3FWeVdiYkhJPSIsInZhbHVlIjoic05ITjk1S21NZXA2U0lFQzdjbFY3YnM2emtJZ3hZSjBCZ0l1T2xHNURyeEI3cmVhMUZyZStBTXMrQWVIZU16SFRMQmhDOTFvdSt0ZXVIaW1zQnJHc3hZbUs0RTc1MjN5NXQwc0JTeXZwVU1EYXNFYWFaMGdkQ1dnaHc3ZE9TdW8wUDEzM05vYkthcmpYSG8rbzIzTVVZVlpTZ0FOQTlrRWRjK054NFoyM0xJRlcrS1hBNWl6aFN5OGlBdGZ1RFk5eGxWWmNRcnNncnVYWjBcLzhIdEU2TndiN240SDRBVDVKVVdVZXBrcHFFclRGbkdQRVRkWEoyTDVMZkt5cXFXRTBEQzBVcmY0U00wcEtKcTZkODFoSmFNQ2RkcCtDRXhwc2VSd29xeTc2c2s5cFVEYzZkZm5DbGk2eDlDbHhWdlk3NUJ2M29KdVkxQmFUa0pmN1EzaEVCNzdqVFczVlVrM05HVzJOM0F5c1wvTThjelN5V1BvcHM2NzRnVGpjbmNLeGUiLCJtYWMiOiJjYTU4NGVkNDc3ZmZhZjFiMmY3YmFiMWJmZjc5ZmQ2N2QwZThkZTJhZDcxMGY1NGZkYTU2OTNlZDRmMDhjYjQzIn0%3D; __cf_bm=1WpAMNhWhWcM.f2slyzw54MSAfe2UZIHUuXGvnYmeM8-1672863136-0-AZrBHfbWVMMZPsKAnkeIYjR5g3p0CVHaZR4MiuOoQc42n012T5QG0RiU3bPwBwn52i+I1ZnkeypfYPpcZ8SVW8U=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 04 Jan 2023 20:12:16 GMT
content-type: text/css
cache-control: max-age=86400
cf-bgj: minify
cf-polished: status=cannot_optimize
etag: W/"5d951ace-1830"
expires: Wed, 04 Jan 2023 21:57:08 GMT
last-modified: Wed, 02 Oct 2019 21:46:54 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 36907
vary: Accept-Encoding
server: cloudflare
cf-ray: 7846a0cb1d15b51e-OSL
content-encoding: br
X-Firefox-Spdy: h2
c.amazon-adsystem.com/aax2/apstag.js
200 OK 0 B URL HTTP/2 c.amazon-adsystem.com/aax2/apstag.js
IP
GET /aax2/apstag.js HTTP/1.1
Host: c.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Wed, 04 Jan 2023 20:01:06 GMT
last-modified: Thu, 22 Dec 2022 18:13:53 GMT
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600
server: AmazonS3
content-encoding: gzip
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront), 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
etag: W/"b2496fcafcf1daf6223aefe99a0cf048"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA6-C1, OSL50-P1
x-amz-cf-id: p-9AfIJyqJlFwRJfEyE4mJtTGlE4mF6MmjM22J28nql4IfQ-s366gw==
age: 672
X-Firefox-Spdy: h2
172.67.6.151
104.22.59.251
178.250.0.157
172.255.6.227
93.184.220.29
52.211.223.66
95.101.11.115
185.89.211.12