ouo.press/aoA6nr7
104.22.58.251403 Forbidden 3.8 kB IP 104.22.58.251:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (838)
Hash a5901458fcc49dd56f03dbffbcbc5503
29151330f0d74a0830c33f8cc179ee30cb799a93
eb6466e00a42cce0e4803e9d3a5e7721e35a9ab0b7e973fc19110192e6b6feca
GET /aoA6nr7 HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 403 Forbidden
Date: Sun, 16 Oct 2022 17:36:30 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
CF-Chl-Bypass: 1
Referer-Policy: same-origin
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Frame-Options: SAMEORIGIN
Set-Cookie: __cf_bm=y..j4vRtbAXYc.tJPE2WICaHtuoz5BVnlhH9vypzDYw-1665941790-0-AT59aD1kF8gH5Wo9LhBgJtLExny0+9harOHqQw30LzYPyMy3Ovvvyy+GCLZjor/zCjIokNHMM9xDvD0zWgUQajo=; path=/; expires=Sun, 16-Oct-22 18:06:30 GMT; domain=.ouo.press; HttpOnly; SameSite=None
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75b28e9ecc9db4ee-OSL
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/
143.204.55.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash c9df6b36bf16969ac566c1b798362e4a
e56eff34815153ae019a4bf63eb9746dd9ae2e5b
33c1175144ab2be42c9de383f7893a6e60cd1f21f282eacb413d546331db3fa0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Retry-After, Alert, Content-Type, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 16 Oct 2022 16:50:36 GMT
Expires: Sun, 16 Oct 2022 17:20:27 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Z5w9WKugCOC55YsOnWHG7sAQleLDGV8Bv96wn-CCkwpFCXD5f5nuSA==
Age: 2754
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 10ab470535c002d333b4f27d38b51091
ed3b0850c5d75881de410f7e8ca35e012e38bd38
31d6655d048ec8a62e00125766fea65cde04beae0b11f12ce7f722c9a5f7e232
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "31D6655D048EC8A62E00125766FEA65CDE04BEAE0B11F12CE7F722C9A5F7E232"
Last-Modified: Sun, 16 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6210
Expires: Sun, 16 Oct 2022 19:20:00 GMT
Date: Sun, 16 Oct 2022 17:36:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a57d0f62d9bd29668b94a513fa45d18e
d7cb263502e21f9235b4523a596e2138d22042ec
df7acd4fe34cc9c4945a5d83ef538105a73dfc1a8b485bc7a62488c5406b1294
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DF7ACD4FE34CC9C4945A5D83EF538105A73DFC1A8B485BC7A62488C5406B1294"
Last-Modified: Sat, 15 Oct 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19274
Expires: Sun, 16 Oct 2022 22:57:44 GMT
Date: Sun, 16 Oct 2022 17:36:30 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: rkSX7hmg0PjmYFqwBbVFMx4iER8PGCRyOzpUn/qqaV2R84BzJIKiaq8960s6jzkJJqeZ5Y75Ra4=
x-amz-request-id: YX0B8HWDKXAQZ813
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 16 Oct 2022 17:03:05 GMT
age: 2005
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ouo.press/cdn-cgi/styles/challenges.css
104.22.58.251200 OK 2.6 kB URL HTTP/1.1 ouo.press/cdn-cgi/styles/challenges.css
IP 104.22.58.251:0
File type ASCII text, with very long lines (6294), with no line terminators
Hash ba2d8534d208d2a5b158507e004d7150
ab81307634698ea304a68783fa38937f562009a2
63b366fdbfea7cbec639f9a5f24714a831e171570625def9462d724b5c8fdc59
GET /cdn-cgi/styles/challenges.css HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/aoA6nr7
HTTP/1.1 200 OK
Date: Sun, 16 Oct 2022 17:36:30 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 11 Oct 2022 13:37:46 GMT
ETag: W/"634571aa-1896"
Server: cloudflare
CF-RAY: 75b28ea0697eb50f-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Expires: Sun, 16 Oct 2022 19:36:30 GMT
Cache-Control: max-age=7200, public
Content-Encoding: gzip
ouo.press/favicon.ico
104.22.58.251200 OK 0 B IP 104.22.58.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/aoA6nr7
HTTP/1.1 200 OK
Date: Sun, 16 Oct 2022 17:36:30 GMT
Content-Type: image/x-icon
Content-Length: 0
Connection: keep-alive
Last-Modified: Sat, 14 Feb 2015 06:41:24 GMT
ETag: "54deee14-0"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=86400
CF-Cache-Status: HIT
Age: 5682
Accept-Ranges: bytes
Set-Cookie: __cf_bm=.bEqBkY1.w5CL_4NOQRytJP3omaOQCMQs13g7Kr_1.I-1665941790-0-AXsuIN3pazq3BzAG8SLz8daPHgeuw5pxWJ6cKLmldRkS6l3C62jIXQT+jldB4B1xpvK+3LFPA4K1NA6QSCoKmIQ=; path=/; expires=Sun, 16-Oct-22 18:06:30 GMT; domain=.ouo.press; HttpOnly; SameSite=None
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75b28ea06bf0b4f4-OSL
ouo.press/cdn-cgi/images/trace/managed/js/transparent.gif?ray=75b28e9ecc9db4ee
104.22.58.251200 OK 42 B URL HTTP/1.1 ouo.press/cdn-cgi/images/trace/managed/js/transparent.gif?ray=75b28e9ecc9db4ee
IP 104.22.58.251:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /cdn-cgi/images/trace/managed/js/transparent.gif?ray=75b28e9ecc9db4ee HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/aoA6nr7
HTTP/1.1 200 OK
Date: Sun, 16 Oct 2022 17:36:30 GMT
Content-Type: image/gif
Content-Length: 42
Connection: keep-alive
Last-Modified: Tue, 11 Oct 2022 13:37:46 GMT
ETag: "634571aa-2a"
Server: cloudflare
CF-RAY: 75b28ea0ea5db50f-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Expires: Sun, 16 Oct 2022 19:36:30 GMT
Cache-Control: max-age=7200, public
Accept-Ranges: bytes
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 17:36:30 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ouo.press/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=75b28e9ecc9db4ee
104.22.58.251200 OK 23 kB URL HTTP/1.1 ouo.press/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=75b28e9ecc9db4ee
IP 104.22.58.251:0
File type ASCII text, with very long lines (65423), with no line terminators
Hash 58ffabf7b9ff47461a4f819cdafb0dfa
5941bd640cf6a2eebcc2488f3e75f314d63ebb98
3343c342e69ffaef52e2e13edf907f7583e3a4d84c225c145c01529fc82fdf96
GET /cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=75b28e9ecc9db4ee HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/aoA6nr7?__cf_chl_rt_tk=HwyrU.wDd8XNGoM86wHMyEb38adiUMCuTshkLX5r2Nw-1665941790-0-gaNycGzNAv0
HTTP/1.1 200 OK
Date: Sun, 16 Oct 2022 17:36:30 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: max-age=0, must-revalidate
Set-Cookie: __cf_bm=j_tETHt64tnjshHXJHRT5qF3oEMpvAzxKcf7QqbmekQ-1665941790-0-Ad5e/YRM1IBjtB/O77NSvWjGkVrYkFUxWsludXS7GQwgKAdWnW/bqihMsg5UGHBxsWQ0w+YLYTBGJNZpYUehmg8=; path=/; expires=Sun, 16-Oct-22 18:06:30 GMT; domain=.ouo.press; HttpOnly; SameSite=None
Server: cloudflare
CF-RAY: 75b28ea0ed2ab4f4-OSL
Content-Encoding: gzip
cloudflare.hcaptcha.com/1/api.js?endpoint=https%3A%2F%2Fcloudflare.hcaptcha.com&assethost=https%3A%2F%2Fcf-assets.hcaptcha.com&imghost=https%3A%2F%2Fcf-imgs.hcaptcha.com&render=explicit&recaptchacompat=off&onload=_cf_chl_hload
104.18.19.132200 OK 131 kB URL HTTP/2 cloudflare.hcaptcha.com/1/api.js?endpoint=https%3A%2F%2Fcloudflare.hcaptcha.com&assethost=https%3A%2F%2Fcf-assets.hcaptcha.com&imghost=https%3A%2F%2Fcf-imgs.hcaptcha.com&render=explicit&recaptchacompat=off&onload=_cf_chl_hload
IP 104.18.19.132:0
File type Unicode text, UTF-8 text, with very long lines (57362)
Size 131 kB (131399 bytes)
Hash d77999234565917c2ed9ad2884230089
a27ec7444f63b29ac8d87d2a64cb69ffad73ce15
3d10ca4cd585b90f77152335f0542ee853ae08b4c6a7e8ae6645dd30c263a35e
GET /1/api.js?endpoint=https%3A%2F%2Fcloudflare.hcaptcha.com&assethost=https%3A%2F%2Fcf-assets.hcaptcha.com&imghost=https%3A%2F%2Fcf-imgs.hcaptcha.com&render=explicit&recaptchacompat=off&onload=_cf_chl_hload HTTP/1.1
Host: cloudflare.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 16 Oct 2022 17:36:31 GMT
content-type: application/javascript
cf-ray: 75b28ea1df5bb4f1-OSL
access-control-allow-origin: *
age: 0
cache-control: max-age=120
etag: W/"84729783ded6e9166650d2e40d1556b2"
last-modified: Thu, 11 Aug 2022 21:59:15 GMT
strict-transport-security: max-age=0
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-id: 10g5RVqLpYkU0aa-3kxGh5TDyliupy3A-DXslF07tUxdkEnx8Zz81g==
x-amz-cf-pop: OSL50-P1
x-cache: Hit from cloudfront
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
content-encoding: gzip
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Sun, 16 Oct 2022 17:07:43 GMT
Expires: Sun, 16 Oct 2022 17:38:48 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: AIL4TAih7u_5yTkGqjuFloHNskjHnLBdODBZ8mJyhI9HoVK6ovcAxQ==
Age: 1728
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash cfc92c8f6ee7599505d969732542ac42
7f4804d49c8ccd76ccffa6b72d41b1df611eb090
406c057a8392b9fa0ab09efa8b3222a58ec5fc17fa73f55a1f093e3d1092b0e4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3965
Cache-Control: max-age=142581
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 17:36:31 GMT
Etag: "634bbb97-1d7"
Expires: Tue, 18 Oct 2022 09:12:52 GMT
Last-Modified: Sun, 16 Oct 2022 08:06:47 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.155.157.101101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.155.157.101:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: OPzFrN+cEnGaSjtY/OWH+Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: pE+fsmyFU0K//HVX8FfqIGhJdX4=
ouo.press/cdn-cgi/challenge-platform/h/g/img/75b28e9ecc9db4ee/1665941791054/i4t4TKvLeHvv3GW
104.22.58.251200 OK 61 B URL HTTP/1.1 ouo.press/cdn-cgi/challenge-platform/h/g/img/75b28e9ecc9db4ee/1665941791054/i4t4TKvLeHvv3GW
IP 104.22.58.251:0
File type PNG image data, 89 x 88, 8-bit/color RGB, non-interlaced\012- data
Hash de5c58a7e430d518965bd17929a051b5
22de9e49da26ca1acda8c91b95b5f05671c3631a
149704323a8e4155eaf14c3f9bdeca2202c713c03b2b4812bbb06ce1606771db
GET /cdn-cgi/challenge-platform/h/g/img/75b28e9ecc9db4ee/1665941791054/i4t4TKvLeHvv3GW HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/aoA6nr7
Cookie: cf_chl_prog=b
HTTP/1.1 200 OK
Date: Sun, 16 Oct 2022 17:36:32 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cf_bm=jBn0mr_0JfFkGbTaY91XuF1N.8tzVs5aIif7UvToy7E-1665941792-0-AWa+OozG2cqYL6tizTOJZpMn0+2gf7s8MC9+gFMgAwDbIyOCAtkT5SApVkubLymabmOHn1T0AHpEv6Qwfk0w1ps=; path=/; expires=Sun, 16-Oct-22 18:06:32 GMT; domain=.ouo.press; HttpOnly; SameSite=None
Server: cloudflare
CF-RAY: 75b28eadbe5cb4f4-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 467c98217b3c90dedabafc249207b8eb
8a0756b2c6003aaaba58cc75be784e8e283feb45
82b3ac154fd4347d2a7827d48ff7f0ccc8c0abe562cb6796a52b02e7cc9b6467
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "82B3AC154FD4347D2A7827D48FF7F0CCC8C0ABE562CB6796A52B02E7CC9B6467"
Last-Modified: Sat, 15 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5914
Expires: Sun, 16 Oct 2022 19:15:07 GMT
Date: Sun, 16 Oct 2022 17:36:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 467c98217b3c90dedabafc249207b8eb
8a0756b2c6003aaaba58cc75be784e8e283feb45
82b3ac154fd4347d2a7827d48ff7f0ccc8c0abe562cb6796a52b02e7cc9b6467
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "82B3AC154FD4347D2A7827D48FF7F0CCC8C0ABE562CB6796A52B02E7CC9B6467"
Last-Modified: Sat, 15 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5914
Expires: Sun, 16 Oct 2022 19:15:07 GMT
Date: Sun, 16 Oct 2022 17:36:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 467c98217b3c90dedabafc249207b8eb
8a0756b2c6003aaaba58cc75be784e8e283feb45
82b3ac154fd4347d2a7827d48ff7f0ccc8c0abe562cb6796a52b02e7cc9b6467
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "82B3AC154FD4347D2A7827D48FF7F0CCC8C0ABE562CB6796A52B02E7CC9B6467"
Last-Modified: Sat, 15 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5914
Expires: Sun, 16 Oct 2022 19:15:07 GMT
Date: Sun, 16 Oct 2022 17:36:33 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4cebbc75-2448-4faf-839b-c39ac6e47b98.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4cebbc75-2448-4faf-839b-c39ac6e47b98.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6432c2bf0bab32f918d931dd98a6e1e4
bba4f37b146e5aea2b6490f8f7da63fa61ffc849
bde0d98cb1dcd70f22cd2aee5860eb0cd824d1bb12ab18245ab8eed06a79cf1d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4cebbc75-2448-4faf-839b-c39ac6e47b98.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7337
x-amzn-requestid: 43a16c4d-c5b9-4d01-8ba4-e811b09e96b1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z-WYqEwVoAMFe5A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6348d104-121eda8b7a73518849342e7a;Sampled=0
x-amzn-remapped-date: Fri, 14 Oct 2022 03:01:24 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: z8x5zYoU_lGHWGt8ZhQFB6G9gS1Q4YhG_AxOdLCqIpZkXp_-f45ExA==
via: 1.1 25b9a991f871f75614e7f92f97b136a4.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Sun, 16 Oct 2022 05:16:13 GMT
age: 44420
etag: "bba4f37b146e5aea2b6490f8f7da63fa61ffc849"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F89b2ee08-a53a-4763-aca2-fe23fd25f3d1.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F89b2ee08-a53a-4763-aca2-fe23fd25f3d1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash df5f38c3dc43ccc382d0274bffb6b350
9a305072cce8bb61ca3753bb98b999695fb4706e
20ff21892e65787fecbadca0f59c05e54dee3a1359271839dab0ee5c9e796ab0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F89b2ee08-a53a-4763-aca2-fe23fd25f3d1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6367
x-amzn-requestid: 485c3cf9-d305-4540-8eef-8304d1103ccc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aEL5EHbOoAMFWsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634b26a0-2ac206d826bf23193740e74c;Sampled=0
x-amzn-remapped-date: Sat, 15 Oct 2022 21:31:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: FDpKbEtkkBwyl0pq3hI50XU9_5Qk43D5_CCq2mdq6phymrT0Op_wzg==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 15 Oct 2022 22:00:32 GMT
age: 70561
etag: "9a305072cce8bb61ca3753bb98b999695fb4706e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2af2b9dc-3279-48a4-b300-2aca0a094dd4.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2af2b9dc-3279-48a4-b300-2aca0a094dd4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3ac5c50f8ffe0da11f1adb9f67d811cf
2b586d1c26208d6fe7df3a4cec286e28f21807ca
12414dcf4afa766503c9328fe626c2d1317a0d6838887e0dd30e9b56e85ea3d2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2af2b9dc-3279-48a4-b300-2aca0a094dd4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8120
x-amzn-requestid: 42dc2299-203a-4269-a252-e239978fe80d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z7EhLHX0IAMF89g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6347813a-1357899758d9403e4b920418;Sampled=0
x-amzn-remapped-date: Thu, 13 Oct 2022 03:08:42 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: WTKaFQ0rZbiSiVD_qjSwbcvMoCoWsf8hfsXsC7cVkT-hm04EXHWASA==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Sun, 16 Oct 2022 04:05:54 GMT
age: 48639
etag: "2b586d1c26208d6fe7df3a4cec286e28f21807ca"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd598770c-51f9-4f63-b867-7d947fc34662.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd598770c-51f9-4f63-b867-7d947fc34662.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f694b16fe6b05fb6a7a65509c4e9632a
85958d2ad645333d91d40b14bebe10615d3e7e53
52cffe400c9af78844421b5205f8913fdb76b1a30ee171a499db970f139eedd4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd598770c-51f9-4f63-b867-7d947fc34662.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9712
x-amzn-requestid: f96ff191-54d0-4789-8ee9-51f385ed3450
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aEM6YFxWoAMFXCA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634b2842-68527bce630fd97470b129d3;Sampled=0
x-amzn-remapped-date: Sat, 15 Oct 2022 21:38:10 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: A2Wz4FH_O1rNVbopn9lju-7gvQsu0i-Iw5nioDSPDjYLRWA7Kj5Vrw==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Sat, 15 Oct 2022 22:00:33 GMT
etag: "85958d2ad645333d91d40b14bebe10615d3e7e53"
content-type: image/jpeg
age: 70560
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc72044c0-fdd0-4da5-aa61-159d966f040f.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc72044c0-fdd0-4da5-aa61-159d966f040f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3e86d948bf8ed2f5918f8323b043ad5f
41548e231e2358d3453e7630f0d07a645cc25ddc
6602f2a020618234d34a9b6cd107398f0405de6dd14227e265aca84b38eaa5cc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc72044c0-fdd0-4da5-aa61-159d966f040f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7075
x-amzn-requestid: 254a8860-b3bf-4e8d-a08d-31effa209a6e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aEL5iGQqIAMFmkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634b26a3-1a2820f550f35bf830444c22;Sampled=0
x-amzn-remapped-date: Sat, 15 Oct 2022 21:31:15 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: noeZThjNw_knj4oZ39f_xFQl_eFhT_iJ5ki1eaCv873z5WThwd7gXA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Sat, 15 Oct 2022 21:39:58 GMT
age: 71795
etag: "41548e231e2358d3453e7630f0d07a645cc25ddc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbdbc5b51-a9c2-4f99-ad40-8ab061924326.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbdbc5b51-a9c2-4f99-ad40-8ab061924326.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cd94762992136ed2f4d24dd34a745154
2050cee63f8005c5d9ac1a817730ada51b323f34
4548836d8846da958f477e1df952f6da9b9640e204804a7c76194d3e061b90a4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbdbc5b51-a9c2-4f99-ad40-8ab061924326.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7082
x-amzn-requestid: 5e98988f-faad-4e52-a49f-28d5a77b15d4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aEL46HFloAMFSag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634b269f-6759e36c79241479181c1d05;Sampled=0
x-amzn-remapped-date: Sat, 15 Oct 2022 21:31:11 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: u2l4A1Vt7WLHe9NdaSFyBhwnBo9XfI3n5bXqpv8MGUXl7YaywUknJQ==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Sat, 15 Oct 2022 21:37:09 GMT
age: 71964
etag: "2050cee63f8005c5d9ac1a817730ada51b323f34"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ouo.press/cdn-cgi/challenge-platform/h/g/flow/ov1/0.47696429522085937:1665940007:CoufxMxAjY-IHrheyHwqs_JaxfdTNI1fE4hboTFcXd4/75b28e9ecc9db4ee/549599cdafa95f1
104.22.58.251200 OK 3.1 kB URL HTTP/1.1 ouo.press/cdn-cgi/challenge-platform/h/g/flow/ov1/0.47696429522085937:1665940007:CoufxMxAjY-IHrheyHwqs_JaxfdTNI1fE4hboTFcXd4/75b28e9ecc9db4ee/549599cdafa95f1
IP 104.22.58.251:0
File type ASCII text, with very long lines (4132), with no line terminators
Hash ad0907b9c337b1fbaa9632da243d2de8
ea1e0a773003f2602060c9b55892821bdf92fc59
2e306cb35f4652dafb6bf4686c9d2c5ba7cce0f83128d282e1968392ddf4372a
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/0.47696429522085937:1665940007:CoufxMxAjY-IHrheyHwqs_JaxfdTNI1fE4hboTFcXd4/75b28e9ecc9db4ee/549599cdafa95f1 HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-type: application/x-www-form-urlencoded
CF-Challenge: 549599cdafa95f1
Content-Length: 15617
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/aoA6nr7
Cookie: cf_chl_seq_549599cdafa95f1=-8VtWREgGY8doBc; cf_chl_prog=b
HTTP/1.1 200 OK
Date: Sun, 16 Oct 2022 17:36:33 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf_chl_gen: DMzkl+5kgCLptT33f5JB9cpkgs1+yyyzxKoXpw6P9bU=$U+9FrONU3W9+K421FpMnEA==
set-cookie: cf_chl_seq_549599cdafa95f1=7Z7XxonHmjt1J69;SameSite=Strict;HttpOnly
__cf_bm=mdK8wOwmfoObMnPjD54ktahff2TXyoTnI8fKBUL1WyY-1665941793-0-AZ5zgPA7kxb++/gBJM5yLJRp14GW6KQ+l5fLdfT9t9KOBaVEExv/MUx7ADnm7pBa0O+3picE4w7Ls5wVibL5+7s=; path=/; expires=Sun, 16-Oct-22 18:06:33 GMT; domain=.ouo.press; HttpOnly; SameSite=None
Server: cloudflare
CF-RAY: 75b28eb05accb4f4-OSL
Content-Encoding: gzip
challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit
104.18.6.185302 Found 0 B URL HTTP/2 challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit
IP 104.18.6.185:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 16 Oct 2022 17:36:33 GMT
content-length: 0
location: /turnstile/v0/25af1a1d/api.js?onload=_cf_chl_turnstile_l&render=explicit
cache-control: max-age: 300
vary: Accept-Encoding
server: cloudflare
cf-ray: 75b28eb0bac40b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ouo.press/cdn-cgi/challenge-platform/h/g/flow/ov1/0.47696429522085937:1665940007:CoufxMxAjY-IHrheyHwqs_JaxfdTNI1fE4hboTFcXd4/75b28e9ecc9db4ee/549599cdafa95f1
104.22.58.251200 OK 48 kB URL HTTP/1.1 ouo.press/cdn-cgi/challenge-platform/h/g/flow/ov1/0.47696429522085937:1665940007:CoufxMxAjY-IHrheyHwqs_JaxfdTNI1fE4hboTFcXd4/75b28e9ecc9db4ee/549599cdafa95f1
IP 104.22.58.251:0
Hash 12c974c5e548bcdcce82f25218a7e995
4daf4ed24543ab17fd0a2e752f5b3c21a44c2798
9125a76aef7e520514a0a9c4a0cfb24ebb297101c257c1c3a68b981434c785c3
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/0.47696429522085937:1665940007:CoufxMxAjY-IHrheyHwqs_JaxfdTNI1fE4hboTFcXd4/75b28e9ecc9db4ee/549599cdafa95f1 HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-type: application/x-www-form-urlencoded
CF-Challenge: 549599cdafa95f1
Content-Length: 16292
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/aoA6nr7
Cookie: cf_chl_seq_549599cdafa95f1=7Z7XxonHmjt1J69; cf_chl_prog=b
HTTP/1.1 200 OK
Date: Sun, 16 Oct 2022 17:36:36 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf_chl_out: sM+nn+HxrNc5oqcYk8J2aAXRzR15CHPRn3bu3zRfyguk1+96HBdf11WFWC4JLx3tvxZ488vz85kcrdggsNhEfw==$B40Q/Z/02/qSs95gX1dnMw==
cf_chl_out_s: vNrl1Murb2InjrF32lQ9Vl+UlJiOlECMW7MUYLyKal/paIwuCB9DKhuECsJh2jQ887xeSMRJaGpFoVlXc63cXKPBYX0+Wm0rFGxBE1l0Q84=$ELLHz/VMB+HUns7+sWCIyQ==
set-cookie: cf_chl_rc_m=;Expires=Sat, 15 Oct 2022 17:36:36 GMT;SameSite=Strict
__cf_bm=EXv8qYiGWD6to54Qk2xOhVSGqkyJk8aP5JeKbbMW7no-1665941796-0-AZ965cba7m1NgY+fwASQq6CxTLCns5v2rhQe2YvvzPjxdjyWqqrHQ28JXpI9VmLEshXSiu09XGPXXeK44gHgit0=; path=/; expires=Sun, 16-Oct-22 18:06:36 GMT; domain=.ouo.press; HttpOnly; SameSite=None
Server: cloudflare
CF-RAY: 75b28ec33d94b4f4-OSL
Content-Encoding: gzip
ouo.press/aoA6nr7
104.22.58.251200 OK 3.5 kB IP 104.22.58.251:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1938)
Hash 6cf3980ca4830927da757ccb96aa62ae
c03df8eaf585a1473de51d618b1924c45642642c
029f6b082ab0aa75d2c2b3e2fca7e88874c661832c6dbfbbae0ffbde24b79586
POST /aoA6nr7 HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 1756
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/aoA6nr7?__cf_chl_tk=HwyrU.wDd8XNGoM86wHMyEb38adiUMCuTshkLX5r2Nw-1665941790-0-gaNycGzNAv0
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 16 Oct 2022 17:36:36 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
CF-Cache-Status: DYNAMIC
Set-Cookie: cf_clearance=dxnOBcYmZXld_9jjhA2TOyNJbw.9czBXsdPj3ZqeBis-1665941796-0-250; path=/; expires=Mon, 16-Oct-23 18:36:36 GMT; domain=.ouo.press; HttpOnly
ouoio_session=eyJpdiI6Ik9aalwvdUkwdmJhUDJwVTd2UkRvUVdWMHh4UTJIbkFrdGJxYzA3ZFZ0MXZzPSIsInZhbHVlIjoiUTNobjdxWVJjUEIybGZId3NNNWE4K3lOQnlOdVJmd1NYUXFcL0RibFZ1U2Z4dU1Kc2RENzlLOGg4eDV0elA5OHQ5czAxVEl3ZVJic0V5cmYrSGZSU2xRPT0iLCJtYWMiOiJkMjA0NzZjNDcxMzkxZjU2YjA3NjkyYTNmMWM1YzEwOGE3MjRkZWQ0OWRjOTllOGY1MGQ0OGQyMjliNmY3Mzc0In0%3D; path=/; httponly
language=eyJpdiI6IlwvNTZYYkNmNmF0QU9TWkkwcE04WnliUUtzUGtLck41bmh5TFpXbzcxcXhzPSIsInZhbHVlIjoiR2JPTFNzVzVtUFlsU3ZzS2pRTDhQYjExQ0lGcTRRSEVHMFRUbTdwbnlzMD0iLCJtYWMiOiIzOWIwZWE2ZDBkY2EyZTdiNzA4ZWYyNmMyOWQ3YWViYjhkYzMzNTE0MjAyMWQ1MDQ5YzBhODQzYzM3NDIwMzc3In0%3D; expires=Fri, 15-Oct-2027 17:36:36 GMT; Max-Age=157680000; path=/; httponly
bfec41f5b094d823ac3696a453fe1893bf0618f2=eyJpdiI6Im55RVwveTA3MklIeGNFZWk3Wkt4aWFaUFhhOHNlaWlEQnFNWkR3ZWhuRStJPSIsInZhbHVlIjoia2ZuNEY3SkNOaVBFS202VTRicVp5MFRYZ2xGRDZcL0g5ZlJmd3ZvZ1Z2NHkwd2IralRZWWQ1Y2hkTGdGb25uaFhUN05FRnlDVUtxckM5MUhPdlNlMHk5RWU5WHdSR1g1bDVHSDloMGU4MkF1eG5mNjlXRnV2eGh3bXBiRllwZHF6WEJtbnR1VWVYK3BUcmgyY3JLeVwvbHpxbUY1UjdZV2t2RnhQRGgwbklBdEpINTUxMzlUMndycWJwbVp0RHowOUY3dDMyWUplZzBuRk9jVkJNY1wveStMcHZ0Y3RuaFozWk5SVzV5anlwN2hjQ2hXOHFLSmF1TXplWFwvdFdMS1N0bXo0bEJsMXNMamxGZDA3akVUcEFxRzI5ZWt0OXltcSswZU55bjc5Y1RmSEp4OFVvaFZadmNYRGt6NFJjTVQ3b1NHYzFiblJJbTZiMXZMdUhuZ1N3bGd2TDVPZUlxOElwbUNsUlwvMXZkSSszdGt1ZlNZN2ZoRWVybEVVcUtOSVV1TFMiLCJtYWMiOiIzZWJlMjA2NWNiNTFkOTA2NjRiMzRjOTQwYTM3Mjc0N2Y2ZjhhYjQ0MmYxZTg0ZjRjNDhiZmI4NDExMWI1OGMwIn0%3D; expires=Sun, 16-Oct-2022 19:36:36 GMT; Max-Age=7200; path=/; httponly
__cf_bm=jbD6rCnAXu1qAKbVgXg6OWug22l7yxlXonzD0ZF89W8-1665941796-0-AfxLxS2jeyC/Y7S2ioi0ZaVZYOH9YZ+NHWoFpyjlldVv++1y4sFA3ZWRlEvzpz1EyXwJCpnOztwHwjVFWsMJOuQ=; path=/; expires=Sun, 16-Oct-22 18:06:36 GMT; domain=.ouo.press; HttpOnly; SameSite=None
Server: cloudflare
CF-RAY: 75b28ec48fbeb4f4-OSL
Content-Encoding: gzip
ouo.press/css/link-safe.css
104.22.58.251200 OK 1.8 kB URL HTTP/1.1 ouo.press/css/link-safe.css
IP 104.22.58.251:0
Hash d91a45478adaa488ef4f1733dfa3c44c
3686ea901ce8ca85bb82f42bf0a8d39095ebf73d
4bb66b15dd5791ec4c9867c3a89ee2ef9bdb5f0bbd0d442a1fbfe2c34e9bc86b
GET /css/link-safe.css HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/aoA6nr7
Cookie: cf_clearance=dxnOBcYmZXld_9jjhA2TOyNJbw.9czBXsdPj3ZqeBis-1665941796-0-250; ouoio_session=eyJpdiI6Ik9aalwvdUkwdmJhUDJwVTd2UkRvUVdWMHh4UTJIbkFrdGJxYzA3ZFZ0MXZzPSIsInZhbHVlIjoiUTNobjdxWVJjUEIybGZId3NNNWE4K3lOQnlOdVJmd1NYUXFcL0RibFZ1U2Z4dU1Kc2RENzlLOGg4eDV0elA5OHQ5czAxVEl3ZVJic0V5cmYrSGZSU2xRPT0iLCJtYWMiOiJkMjA0NzZjNDcxMzkxZjU2YjA3NjkyYTNmMWM1YzEwOGE3MjRkZWQ0OWRjOTllOGY1MGQ0OGQyMjliNmY3Mzc0In0%3D; language=eyJpdiI6IlwvNTZYYkNmNmF0QU9TWkkwcE04WnliUUtzUGtLck41bmh5TFpXbzcxcXhzPSIsInZhbHVlIjoiR2JPTFNzVzVtUFlsU3ZzS2pRTDhQYjExQ0lGcTRRSEVHMFRUbTdwbnlzMD0iLCJtYWMiOiIzOWIwZWE2ZDBkY2EyZTdiNzA4ZWYyNmMyOWQ3YWViYjhkYzMzNTE0MjAyMWQ1MDQ5YzBhODQzYzM3NDIwMzc3In0%3D; bfec41f5b094d823ac3696a453fe1893bf0618f2=eyJpdiI6Im55RVwveTA3MklIeGNFZWk3Wkt4aWFaUFhhOHNlaWlEQnFNWkR3ZWhuRStJPSIsInZhbHVlIjoia2ZuNEY3SkNOaVBFS202VTRicVp5MFRYZ2xGRDZcL0g5ZlJmd3ZvZ1Z2NHkwd2IralRZWWQ1Y2hkTGdGb25uaFhUN05FRnlDVUtxckM5MUhPdlNlMHk5RWU5WHdSR1g1bDVHSDloMGU4MkF1eG5mNjlXRnV2eGh3bXBiRllwZHF6WEJtbnR1VWVYK3BUcmgyY3JLeVwvbHpxbUY1UjdZV2t2RnhQRGgwbklBdEpINTUxMzlUMndycWJwbVp0RHowOUY3dDMyWUplZzBuRk9jVkJNY1wveStMcHZ0Y3RuaFozWk5SVzV5anlwN2hjQ2hXOHFLSmF1TXplWFwvdFdMS1N0bXo0bEJsMXNMamxGZDA3akVUcEFxRzI5ZWt0OXltcSswZU55bjc5Y1RmSEp4OFVvaFZadmNYRGt6NFJjTVQ3b1NHYzFiblJJbTZiMXZMdUhuZ1N3bGd2TDVPZUlxOElwbUNsUlwvMXZkSSszdGt1ZlNZN2ZoRWVybEVVcUtOSVV1TFMiLCJtYWMiOiIzZWJlMjA2NWNiNTFkOTA2NjRiMzRjOTQwYTM3Mjc0N2Y2ZjhhYjQ0MmYxZTg0ZjRjNDhiZmI4NDExMWI1OGMwIn0%3D
HTTP/1.1 200 OK
Date: Sun, 16 Oct 2022 17:36:36 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=86400
Cf-Bgj: minify
Cf-Polished: status=cannot_optimize
ETag: W/"5d951ace-1830"
Expires: Sun, 16 Oct 2022 19:07:16 GMT
Last-Modified: Wed, 02 Oct 2019 21:46:54 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
CF-Cache-Status: HIT
Age: 37759
Set-Cookie: __cf_bm=v3Mnw21hCRY05wlD.WMmyUNPYBlxOerb4wbh8SLwxG4-1665941796-0-AQJY2/VRPQhHCHKiKVJSf3wHgoa5ScLDTwQaUtMTCJXZOVyRLFhl7vVqc8ls2bT8I4QFx3RYlmpWPmqPQ3QXS/o=; path=/; expires=Sun, 16-Oct-22 18:06:36 GMT; domain=.ouo.press; HttpOnly; SameSite=None
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75b28ec72cfcb50f-OSL
Content-Encoding: gzip
ouo.press/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
104.22.58.251200 OK 655 B URL HTTP/1.1 ouo.press/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP 104.22.58.251:0
File type HTML document, ASCII text, with very long lines (1238)
Hash bc3ba461c8a309acf61b6d9c41cb6236
88482306ecc9258d5e9cbb9ba5314dab223a5db4
31331f1b1519882d2f2fb60367708fd56a7a1ec0bddd0554c635547179c7dc8f
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/aoA6nr7
Cookie: cf_clearance=dxnOBcYmZXld_9jjhA2TOyNJbw.9czBXsdPj3ZqeBis-1665941796-0-250; ouoio_session=eyJpdiI6Ik9aalwvdUkwdmJhUDJwVTd2UkRvUVdWMHh4UTJIbkFrdGJxYzA3ZFZ0MXZzPSIsInZhbHVlIjoiUTNobjdxWVJjUEIybGZId3NNNWE4K3lOQnlOdVJmd1NYUXFcL0RibFZ1U2Z4dU1Kc2RENzlLOGg4eDV0elA5OHQ5czAxVEl3ZVJic0V5cmYrSGZSU2xRPT0iLCJtYWMiOiJkMjA0NzZjNDcxMzkxZjU2YjA3NjkyYTNmMWM1YzEwOGE3MjRkZWQ0OWRjOTllOGY1MGQ0OGQyMjliNmY3Mzc0In0%3D; language=eyJpdiI6IlwvNTZYYkNmNmF0QU9TWkkwcE04WnliUUtzUGtLck41bmh5TFpXbzcxcXhzPSIsInZhbHVlIjoiR2JPTFNzVzVtUFlsU3ZzS2pRTDhQYjExQ0lGcTRRSEVHMFRUbTdwbnlzMD0iLCJtYWMiOiIzOWIwZWE2ZDBkY2EyZTdiNzA4ZWYyNmMyOWQ3YWViYjhkYzMzNTE0MjAyMWQ1MDQ5YzBhODQzYzM3NDIwMzc3In0%3D; bfec41f5b094d823ac3696a453fe1893bf0618f2=eyJpdiI6Im55RVwveTA3MklIeGNFZWk3Wkt4aWFaUFhhOHNlaWlEQnFNWkR3ZWhuRStJPSIsInZhbHVlIjoia2ZuNEY3SkNOaVBFS202VTRicVp5MFRYZ2xGRDZcL0g5ZlJmd3ZvZ1Z2NHkwd2IralRZWWQ1Y2hkTGdGb25uaFhUN05FRnlDVUtxckM5MUhPdlNlMHk5RWU5WHdSR1g1bDVHSDloMGU4MkF1eG5mNjlXRnV2eGh3bXBiRllwZHF6WEJtbnR1VWVYK3BUcmgyY3JLeVwvbHpxbUY1UjdZV2t2RnhQRGgwbklBdEpINTUxMzlUMndycWJwbVp0RHowOUY3dDMyWUplZzBuRk9jVkJNY1wveStMcHZ0Y3RuaFozWk5SVzV5anlwN2hjQ2hXOHFLSmF1TXplWFwvdFdMS1N0bXo0bEJsMXNMamxGZDA3akVUcEFxRzI5ZWt0OXltcSswZU55bjc5Y1RmSEp4OFVvaFZadmNYRGt6NFJjTVQ3b1NHYzFiblJJbTZiMXZMdUhuZ1N3bGd2TDVPZUlxOElwbUNsUlwvMXZkSSszdGt1ZlNZN2ZoRWVybEVVcUtOSVV1TFMiLCJtYWMiOiIzZWJlMjA2NWNiNTFkOTA2NjRiMzRjOTQwYTM3Mjc0N2Y2ZjhhYjQ0MmYxZTg0ZjRjNDhiZmI4NDExMWI1OGMwIn0%3D
HTTP/1.1 200 OK
Date: Sun, 16 Oct 2022 17:36:36 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 11 Oct 2022 13:38:05 GMT
ETag: W/"634571bd-4d7"
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75b28ec73d94b4f3-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Expires: Tue, 18 Oct 2022 17:36:36 GMT
Cache-Control: max-age=172800, public
Content-Encoding: gzip
ouo.press/css/bootstrap.css
104.22.58.251200 OK 48 kB URL HTTP/1.1 ouo.press/css/bootstrap.css
IP 104.22.58.251:0
Hash 5cda58d2bc7877c2579d3c538cc41ebd
50d6a5b31a3ddf14387838a1ed0af365437c61f8
bdd96b2d83deadae0280c3b5f3b0008c5362bb84e43e0cb4f86809e09016afd0
GET /css/bootstrap.css HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/aoA6nr7
Cookie: cf_clearance=dxnOBcYmZXld_9jjhA2TOyNJbw.9czBXsdPj3ZqeBis-1665941796-0-250; ouoio_session=eyJpdiI6Ik9aalwvdUkwdmJhUDJwVTd2UkRvUVdWMHh4UTJIbkFrdGJxYzA3ZFZ0MXZzPSIsInZhbHVlIjoiUTNobjdxWVJjUEIybGZId3NNNWE4K3lOQnlOdVJmd1NYUXFcL0RibFZ1U2Z4dU1Kc2RENzlLOGg4eDV0elA5OHQ5czAxVEl3ZVJic0V5cmYrSGZSU2xRPT0iLCJtYWMiOiJkMjA0NzZjNDcxMzkxZjU2YjA3NjkyYTNmMWM1YzEwOGE3MjRkZWQ0OWRjOTllOGY1MGQ0OGQyMjliNmY3Mzc0In0%3D; language=eyJpdiI6IlwvNTZYYkNmNmF0QU9TWkkwcE04WnliUUtzUGtLck41bmh5TFpXbzcxcXhzPSIsInZhbHVlIjoiR2JPTFNzVzVtUFlsU3ZzS2pRTDhQYjExQ0lGcTRRSEVHMFRUbTdwbnlzMD0iLCJtYWMiOiIzOWIwZWE2ZDBkY2EyZTdiNzA4ZWYyNmMyOWQ3YWViYjhkYzMzNTE0MjAyMWQ1MDQ5YzBhODQzYzM3NDIwMzc3In0%3D; bfec41f5b094d823ac3696a453fe1893bf0618f2=eyJpdiI6Im55RVwveTA3MklIeGNFZWk3Wkt4aWFaUFhhOHNlaWlEQnFNWkR3ZWhuRStJPSIsInZhbHVlIjoia2ZuNEY3SkNOaVBFS202VTRicVp5MFRYZ2xGRDZcL0g5ZlJmd3ZvZ1Z2NHkwd2IralRZWWQ1Y2hkTGdGb25uaFhUN05FRnlDVUtxckM5MUhPdlNlMHk5RWU5WHdSR1g1bDVHSDloMGU4MkF1eG5mNjlXRnV2eGh3bXBiRllwZHF6WEJtbnR1VWVYK3BUcmgyY3JLeVwvbHpxbUY1UjdZV2t2RnhQRGgwbklBdEpINTUxMzlUMndycWJwbVp0RHowOUY3dDMyWUplZzBuRk9jVkJNY1wveStMcHZ0Y3RuaFozWk5SVzV5anlwN2hjQ2hXOHFLSmF1TXplWFwvdFdMS1N0bXo0bEJsMXNMamxGZDA3akVUcEFxRzI5ZWt0OXltcSswZU55bjc5Y1RmSEp4OFVvaFZadmNYRGt6NFJjTVQ3b1NHYzFiblJJbTZiMXZMdUhuZ1N3bGd2TDVPZUlxOElwbUNsUlwvMXZkSSszdGt1ZlNZN2ZoRWVybEVVcUtOSVV1TFMiLCJtYWMiOiIzZWJlMjA2NWNiNTFkOTA2NjRiMzRjOTQwYTM3Mjc0N2Y2ZjhhYjQ0MmYxZTg0ZjRjNDhiZmI4NDExMWI1OGMwIn0%3D
HTTP/1.1 200 OK
Date: Sun, 16 Oct 2022 17:36:37 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=86400
Cf-Bgj: minify
Cf-Polished: origSize=109522
ETag: W/"54def1fc-1abd2"
Expires: Mon, 17 Oct 2022 01:53:47 GMT
Last-Modified: Sat, 14 Feb 2015 06:58:04 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
CF-Cache-Status: HIT
Age: 13369
Set-Cookie: __cf_bm=gAwCpZD4u2xUyV99i3mHqXufvVr3Xrd9tc.pU2g3.Oc-1665941796-0-ARMpI3cn2teXPDLQgE3WrXsIfq7m0PFc5cwqZvmuqoQUfVeavlsr6qVNovopWrZ/uOjSBLNPY8Tx36QsuXzir1o=; path=/; expires=Sun, 16-Oct-22 18:06:36 GMT; domain=.ouo.press; HttpOnly; SameSite=None
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75b28ec72d35b4f4-OSL
Content-Encoding: gzip
hhklc.com/c.js
104.21.70.122301 Moved Permanently 0 B IP 104.21.70.122:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.js HTTP/1.1
Host: hhklc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 301 Moved Permanently
Date: Sun, 16 Oct 2022 17:36:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 16 Oct 2022 18:36:37 GMT
Location: https://hhklc.com/c.js
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b3IXyx2QGebWJHnIXqiBXSNMCUwErWoo78fCJAIaCkktGr%2BQkyWw7WEPxDzpxhWyC%2FcLjs72bWwukHQqSKRT53J%2BUm5JOoWCxGFEGo1ZoH0C8Ef6ZW8Vc3qp5lQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75b28ec73bf7b505-OSL
alt-svc: h2=":443"; ma=60
fonts.googleapis.com/css?family=Questrial
142.250.74.10200 OK 387 B URL HTTP/1.1 fonts.googleapis.com/css?family=Questrial
IP 142.250.74.10:0
Hash 7b73b3eed6a43db40b0640388112329f
ad4bb62a66f1f95c0a252f83345b40d40dcd5bb4
1776d3903d4f6fb36773bac4ccb4b86c0658838f29674d1fb506859506a41bc3
GET /css?family=Questrial HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Sun, 16 Oct 2022 17:36:37 GMT
Date: Sun, 16 Oct 2022 17:36:37 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
cdn.adtrue.com/rtb/async.js
104.21.81.154301 Moved Permanently 0 B URL HTTP/1.1 cdn.adtrue.com/rtb/async.js
IP 104.21.81.154:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rtb/async.js HTTP/1.1
Host: cdn.adtrue.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 301 Moved Permanently
Date: Sun, 16 Oct 2022 17:36:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 16 Oct 2022 18:36:37 GMT
Location: https://cdn.adtrue.com/rtb/async.js
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L00fEPSyg6CP6wFNzHFtq9Kuvsf3UsrNS8NKe1Ae%2BY1CoTJ8%2BaIecQvkN6F68vqjBS4nIlFSTLgborfzoFh8YJNodP2wbxjyffYVpygbAtKmpRVnwqsf9EOjg07MSQiJZA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75b28ec73c4eb4fd-OSL
alt-svc: h2=":443"; ma=60
ecdn.analysis.fi/static/js/fab.js
54.230.111.87200 OK 4.2 kB URL HTTP/1.1 ecdn.analysis.fi/static/js/fab.js
IP 54.230.111.87:0
File type ASCII text, with very long lines (574)
Hash 28a0bef1ecb63168106f97b637ab3414
e577575dd115f6a95aea8c2ae87d2c30c8464728
d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6
GET /static/js/fab.js HTTP/1.1
Host: ecdn.analysis.fi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 4240
Connection: keep-alive
Server: nginx/1.20.0
Last-Modified: Tue, 14 Dec 2021 15:30:51 GMT
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Date: Sun, 16 Oct 2022 16:40:27 GMT
Expires: Sun, 16 Oct 2022 17:40:27 GMT
Cache-Control: max-age=3600
ETag: "61b8b8ab-1090"
X-Cache: Hit from cloudfront
Via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: m-I72mNFUy3v_qHbn14f0lFFjl8sZlTPS238-PN6Sx5aS_mHgZlgfw==
Age: 3370
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 231a5834edd086a67640c2c0cc18c55c
3427d0baffebad62c95754da193be354ca2b270c
2533d2d520b731b0073fcd224375cdd6dc2fde77908f93dcb0c659ec6dc7501b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 17:36:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ecdn.firstimpression.io/fi_client.js
54.230.111.99200 OK 100 kB URL HTTP/1.1 ecdn.firstimpression.io/fi_client.js
IP 54.230.111.99:0
File type ASCII text, with very long lines (618)
Size 100 kB (100273 bytes)
Hash f3a51e984c5830552ae05886d557be00
88178adec3a9b80d475a9ff34e80371b81156b4b
5eb145bb8e1fecd101b55d86c907dc685b3554fb019910dc2a4338e86d121e4c
GET /fi_client.js HTTP/1.1
Host: ecdn.firstimpression.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Date: Sun, 16 Oct 2022 17:35:24 GMT
Server: nginx/1.20.0
X-Powered-By: PHP/8.0.14
X-XSS-Protection: 0
Last-Modified: Sun, 16 Oct 2022 17:35:24 UTC
ETag: W/"42d661cd55a0e8d4b281e6dbc6dab10c"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 6f5i0zC-lddkekJpFwwUOi75rUVGGZU0JPzRNKRK0SwY20ERB4gIZw==
Age: 73
www.google.com/recaptcha/api.js?render=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x
142.250.74.164200 OK 584 B URL HTTP/2 www.google.com/recaptcha/api.js?render=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x
IP 142.250.74.164:0
File type ASCII text, with very long lines (884), with no line terminators
Hash 155c313faccc174b2c519b7cc9ee7070
49b24a9796a329d2f77ead8183640b4daff6d620
9d4270dbc98a51dfac7057db8de5bdc132559caf8f14f876202cd91e9a05b4b6
GET /recaptcha/api.js?render=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Sun, 16 Oct 2022 17:36:37 GMT
date: Sun, 16 Oct 2022 17:36:37 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 584
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ouo.press/images/world.png
104.22.58.251200 OK 5.7 kB URL HTTP/1.1 ouo.press/images/world.png
IP 104.22.58.251:0
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 4eea420a8830a6d695114427bf52b556
35579e7f1a656beb3a07a7093166ff37c634bade
70f03c74cc197cf154af36fa552a448d9ffebb55081c96e55ef4cf469123fe22
GET /images/world.png HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/aoA6nr7
Cookie: cf_clearance=dxnOBcYmZXld_9jjhA2TOyNJbw.9czBXsdPj3ZqeBis-1665941796-0-250; ouoio_session=eyJpdiI6Ik9aalwvdUkwdmJhUDJwVTd2UkRvUVdWMHh4UTJIbkFrdGJxYzA3ZFZ0MXZzPSIsInZhbHVlIjoiUTNobjdxWVJjUEIybGZId3NNNWE4K3lOQnlOdVJmd1NYUXFcL0RibFZ1U2Z4dU1Kc2RENzlLOGg4eDV0elA5OHQ5czAxVEl3ZVJic0V5cmYrSGZSU2xRPT0iLCJtYWMiOiJkMjA0NzZjNDcxMzkxZjU2YjA3NjkyYTNmMWM1YzEwOGE3MjRkZWQ0OWRjOTllOGY1MGQ0OGQyMjliNmY3Mzc0In0%3D; language=eyJpdiI6IlwvNTZYYkNmNmF0QU9TWkkwcE04WnliUUtzUGtLck41bmh5TFpXbzcxcXhzPSIsInZhbHVlIjoiR2JPTFNzVzVtUFlsU3ZzS2pRTDhQYjExQ0lGcTRRSEVHMFRUbTdwbnlzMD0iLCJtYWMiOiIzOWIwZWE2ZDBkY2EyZTdiNzA4ZWYyNmMyOWQ3YWViYjhkYzMzNTE0MjAyMWQ1MDQ5YzBhODQzYzM3NDIwMzc3In0%3D; bfec41f5b094d823ac3696a453fe1893bf0618f2=eyJpdiI6Im55RVwveTA3MklIeGNFZWk3Wkt4aWFaUFhhOHNlaWlEQnFNWkR3ZWhuRStJPSIsInZhbHVlIjoia2ZuNEY3SkNOaVBFS202VTRicVp5MFRYZ2xGRDZcL0g5ZlJmd3ZvZ1Z2NHkwd2IralRZWWQ1Y2hkTGdGb25uaFhUN05FRnlDVUtxckM5MUhPdlNlMHk5RWU5WHdSR1g1bDVHSDloMGU4MkF1eG5mNjlXRnV2eGh3bXBiRllwZHF6WEJtbnR1VWVYK3BUcmgyY3JLeVwvbHpxbUY1UjdZV2t2RnhQRGgwbklBdEpINTUxMzlUMndycWJwbVp0RHowOUY3dDMyWUplZzBuRk9jVkJNY1wveStMcHZ0Y3RuaFozWk5SVzV5anlwN2hjQ2hXOHFLSmF1TXplWFwvdFdMS1N0bXo0bEJsMXNMamxGZDA3akVUcEFxRzI5ZWt0OXltcSswZU55bjc5Y1RmSEp4OFVvaFZadmNYRGt6NFJjTVQ3b1NHYzFiblJJbTZiMXZMdUhuZ1N3bGd2TDVPZUlxOElwbUNsUlwvMXZkSSszdGt1ZlNZN2ZoRWVybEVVcUtOSVV1TFMiLCJtYWMiOiIzZWJlMjA2NWNiNTFkOTA2NjRiMzRjOTQwYTM3Mjc0N2Y2ZjhhYjQ0MmYxZTg0ZjRjNDhiZmI4NDExMWI1OGMwIn0%3D
HTTP/1.1 200 OK
Date: Sun, 16 Oct 2022 17:36:37 GMT
Content-Type: image/png
Content-Length: 5692
Connection: keep-alive
Cache-Control: max-age=2592000
Cf-Bgj: imgq:85,h2pri
Cf-Polished: status=not_needed
ETag: "5549a07c-163c"
Expires: Thu, 03 Nov 2022 22:32:37 GMT
Last-Modified: Wed, 06 May 2015 05:02:52 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
CF-Cache-Status: HIT
Age: 1019040
Accept-Ranges: bytes
Set-Cookie: __cf_bm=LVkmVFsPDorSDh9KABzpn5_yaOxQOho9gOD.RPZLHPs-1665941797-0-AZTE+tpIesBf7w9vcOp0tuWjuZUZ8VkO94X6hqd6sYTMIpbGn3CgxcwnuEeIUIrm/MNdiIztlWUnPG1m1cpyoxg=; path=/; expires=Sun, 16-Oct-22 18:06:37 GMT; domain=.ouo.press; HttpOnly; SameSite=None
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75b28ec7ce5bb4f4-OSL
challenges.cloudflare.com/turnstile/v0/25af1a1d/api.js?onload=_cf_chl_turnstile_l&render=explicit
104.18.6.185200 OK 3.5 kB URL HTTP/2 challenges.cloudflare.com/turnstile/v0/25af1a1d/api.js?onload=_cf_chl_turnstile_l&render=explicit
IP 104.18.6.185:0
File type ASCII text, with very long lines (7951)
Hash b340b21e8165a7b05c86e2c6b4b162f4
c3fc5a5cafe1d18bcda00d56c527e85caecb0f07
1eda0d2d7e093801688a9057ce99a40bbbf264a132d1040c96748f4851917684
GET /turnstile/v0/25af1a1d/api.js?onload=_cf_chl_turnstile_l&render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ouo.press/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 17:36:33 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000
vary: Accept-Encoding
server: cloudflare
cf-ray: 75b28eb10b020b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
itineraryupper.com/ed/36/01/ed36014633829dc70a42dccaefdf3f11.js
192.243.61.225200 OK 13 kB URL HTTP/1.1 itineraryupper.com/ed/36/01/ed36014633829dc70a42dccaefdf3f11.js
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (37176), with no line terminators
Hash 1f96ef5a99f7a1bb6439ec87d9351954
c7e5a23d759c2fc52079361c086099d81435b9e9
617573f1ed7cffcd7f80aa97972041fca35d2aa61f239b17fc0970e4f2b8c81b
Analyzer Verdict Alert fortinet Malware
GET /ed/36/01/ed36014633829dc70a42dccaefdf3f11.js HTTP/1.1
Host: itineraryupper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 16 Oct 2022 17:36:37 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 190bd2a0a05c2e707aecee21f5326f2f
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
fonts.gstatic.com/s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2
216.58.207.195200 OK 19 kB URL HTTP/1.1 fonts.gstatic.com/s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 19292, version 1.0\012- data
Hash 19007b17e56daa60133bce9e9b352a95
bac1384caeae5762e7a1d8c18037f69c8cd21bc4
fd88a03358ba14440b78c6329717bdf6ed1a9fe97c3ad4e0a0a39d31fb1ac546
GET /s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://ouo.press
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 19292
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 13 Oct 2022 10:09:41 GMT
Expires: Fri, 13 Oct 2023 10:09:41 GMT
Cache-Control: public, max-age=31536000
Age: 286016
Last-Modified: Wed, 27 Apr 2022 16:12:54 GMT
Content-Type: font/woff2
exchange.adtrue.com/delivery/impress?pzoneid=12953&ref=http%3A%2F%2Fouo.press%2FaoA6nr7&cb=1738574014&timeZone=0&adWidth=300&adHeight=250&loc=http://ouo.press/aoA6nr7
172.67.144.172301 Moved Permanently 0 B URL HTTP/1.1 exchange.adtrue.com/delivery/impress?pzoneid=12953&ref=http%3A%2F%2Fouo.press%2FaoA6nr7&cb=1738574014&timeZone=0&adWidth=300&adHeight=250&loc=http://ouo.press/aoA6nr7
IP 172.67.144.172:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /delivery/impress?pzoneid=12953&ref=http%3A%2F%2Fouo.press%2FaoA6nr7&cb=1738574014&timeZone=0&adWidth=300&adHeight=250&loc=http://ouo.press/aoA6nr7 HTTP/1.1
Host: exchange.adtrue.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 301 Moved Permanently
Date: Sun, 16 Oct 2022 17:36:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 16 Oct 2022 18:36:37 GMT
Location: https://exchange.adtrue.com/delivery/impress?pzoneid=12953&ref=http%3A%2F%2Fouo.press%2FaoA6nr7&cb=1738574014&timeZone=0&adWidth=300&adHeight=250&loc=http://ouo.press/aoA6nr7
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BlOqEbJl%2BSVJA%2FwAtm%2FokUcjnVRPt82R9tMSbrlx8cb%2BojkyVnz1V6wMwf%2Bzcfd6roKNUIg1ekpLBNGyprvs%2B8u3%2FFe6fo1smPcNqd%2FBqiTCFUay8dH%2FaqNqn%2BcrmojXjqAZT90d"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75b28ecaf845b4fa-OSL
alt-svc: h2=":443"; ma=60
cdn.adtrue.com/pb/prebid.js
104.21.81.154301 Moved Permanently 0 B URL HTTP/1.1 cdn.adtrue.com/pb/prebid.js
IP 104.21.81.154:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pb/prebid.js HTTP/1.1
Host: cdn.adtrue.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 301 Moved Permanently
Date: Sun, 16 Oct 2022 17:36:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 16 Oct 2022 18:36:37 GMT
Location: https://cdn.adtrue.com/pb/prebid.js
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ldb4zYg%2BbF2MTyESMRy4oO3w7DWJmGG5O0Uz3s5omMLS0ODedxx52Y8BWbR4%2FeK3vmTOu01oc9NIaIdLOVvDy9eHuO%2FQ9oD0c8WJBpNl%2FWfC5%2BPIK8fa5Hi08XP6dqS46g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75b28ecb6afbb4fd-OSL
alt-svc: h2=":443"; ma=60
track.adtrue.com/track/request?pzoneid=12953&domain=ouo.press&ref=http%3A%2F%2Fouo.press%2FaoA6nr7&loc=http%3A%2F%2Fouo.press%2FaoA6nr7
104.21.81.154301 Moved Permanently 0 B URL HTTP/1.1 track.adtrue.com/track/request?pzoneid=12953&domain=ouo.press&ref=http%3A%2F%2Fouo.press%2FaoA6nr7&loc=http%3A%2F%2Fouo.press%2FaoA6nr7
IP 104.21.81.154:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /track/request?pzoneid=12953&domain=ouo.press&ref=http%3A%2F%2Fouo.press%2FaoA6nr7&loc=http%3A%2F%2Fouo.press%2FaoA6nr7 HTTP/1.1
Host: track.adtrue.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 16 Oct 2022 17:36:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 16 Oct 2022 18:36:37 GMT
Location: https://track.adtrue.com/track/request?pzoneid=12953&domain=ouo.press&ref=http%3A%2F%2Fouo.press%2FaoA6nr7&loc=http%3A%2F%2Fouo.press%2FaoA6nr7
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ziUTuABnm9tEKnSW7v86Jo0W%2B2MVJ6IHQWoX%2B%2FNoSuFWuJyIBTVuu3hqLwH%2BJVNEBy5KH4Sv2sa2Azmg9Uk9OysotbctOYXGlvIEY%2BSAVza7q1p%2FLML%2F9mfKfjmBJlMW5ejx"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75b28ecb797f0b61-OSL
alt-svc: h2=":443"; ma=60
ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
23.38.200.201200 OK 180 kB URL HTTP/1.1 ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
IP 23.38.200.201:0
Size 180 kB (180179 bytes)
Hash a3aaafb385b97544891f99fd2025572a
245d75161ba69b77bfa5e9ff21b68c313d929248
60eabdaaf1e8a22c1f2255eadb63b0527f7a0103492f48f5b659ca3c75d899ce
GET /AdServer/js/pwt/155495/4202/pwt.js HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 200 OK
Last-Modified: Wed, 27 Oct 2021 05:33:12 GMT
ETag: "1241a12-3fca8-5cf4eee137dd8"
Server: Apache
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Type: text/javascript
Content-Length: 80538
Cache-Control: max-age=138636
Expires: Tue, 18 Oct 2022 08:07:13 GMT
Date: Sun, 16 Oct 2022 17:36:37 GMT
Connection: keep-alive
Vary: Accept-Encoding
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash f0413efff3fc4435819eea0892565002
68f2cbf9d99cbc2f3500c911fe2906ea03a6d72f
f5ebdb13ab4ad27844b4ad00d4bb79c9238bd02937bdab5dc83d0802d956895f
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=157058
Date: Sun, 16 Oct 2022 17:36:37 GMT
Etag: "634bf982-1d7"
Expires: Tue, 18 Oct 2022 13:14:15 GMT
Last-Modified: Sun, 16 Oct 2022 12:30:58 GMT
Server: ECS (nyb/1D1A)
X-Cache: Miss from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 6VuD5hNC3JoB6bGk1Iv5tJTx4demFTuhUO94ELyKZMUlfGSMgN5Y5g==
Age: 2597
simplewebanalysis.com/stats
52.29.95.124200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.29.95.124:0
File type ASCII text, with no line terminators
Hash 91886aaa4863a3eae7327491d45f4fa8
49ed9585277e56315645ef2f065d2e84d20e91eb
91cdd1bd1627f69bfc2ada629d2973fef85269693abec8ccc6e7038fe8f64f62
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 16 Oct 2022 17:36:37 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://ouo.press
access-control-allow-credentials: true
set-cookie: uid_id2=95373d2c-8cac-489d-911d-4728726608ac:2:1; expires=Wed, 13 Oct 2032 17:36:37 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 5f309b801fdcff49c832652cf9f67fed
f0b6a27d0995fd7fd40f23ee385f8fe1fd752c13
53663428a1b73aeee2fc68815b072ad9ced52bfd3726416aaab332c29eb3aab6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 17:36:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=GTM-NPLC9ST
142.250.74.168200 OK 46 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=GTM-NPLC9ST
IP 142.250.74.168:0
File type ASCII text, with very long lines (1934)
Hash 91585ffcc9638269f49f0980924da919
c6e60862e815ae249184e852618a52b5d3d7a5ce
0ebb7b74f375fceabb879100ba9e3a7c2cb57d3a7d29d28526c55a45e76a8c43
GET /gtag/js?id=GTM-NPLC9ST HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.adtrue.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 16 Oct 2022 17:36:37 GMT
expires: Sun, 16 Oct 2022 17:36:37 GMT
cache-control: private, max-age=900
last-modified: Sun, 16 Oct 2022 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 45674
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
widgets.outbrain.com/images/widgetIcons/achoice.svg
23.38.201.81200 OK 2.7 kB URL HTTP/2 widgets.outbrain.com/images/widgetIcons/achoice.svg
IP 23.38.201.81:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2290)
Hash 9d26fa4e7238ed94f1d0d92afb453b3e
ae18efe7d09337bf2f580b3f5bc912284aad7821
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
GET /images/widgetIcons/achoice.svg HTTP/1.1
Host: widgets.outbrain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/svg+xml
etag: "9d26fa4e7238ed94f1d0d92afb453b3e:1662969032.874716"
last-modified: Mon, 12 Sep 2022 07:37:47 GMT
server: AkamaiNetStorage
content-length: 2735
cache-control: max-age=2592000
expires: Tue, 15 Nov 2022 17:36:37 GMT
date: Sun, 16 Oct 2022 17:36:37 GMT
timing-allow-origin: *, *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 5f309b801fdcff49c832652cf9f67fed
f0b6a27d0995fd7fd40f23ee385f8fe1fd752c13
53663428a1b73aeee2fc68815b072ad9ced52bfd3726416aaab332c29eb3aab6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 17:36:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d5fc8a50afe9788942d9e67ccc419503
c3219f0779d5834972aa20bb7e6ac1df97501193
39a88fca80e611f2a649d5747851d188631578a11340ee3245d18a712036ddfd
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5150
Cache-Control: max-age=164638
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 17:36:37 GMT
Etag: "634c0d25-1d7"
Expires: Tue, 18 Oct 2022 15:20:35 GMT
Last-Modified: Sun, 16 Oct 2022 13:54:45 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 254c0f79943125eff7adbf9cb30d2b46
e24342391b47646fbbe9fa6a26dd95c0eadda7e5
35052bd13c72ac6c33ec3aa08ae793c5e12d2edeec5c91c9e2b2ac4762c3fc67
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 17:36:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fptadtrue-d.openx.net/w/1.0/arj?ju=http%3A%2F%2Fouo.press%2FaoA6nr7&ch=UTF-8&res=1280x1024x24&ifr=true&tz=0&tws=1280x939&be=1&bc=hb_pb_3.0.3&dddid=b939f43f-f7af-41ad-b572-10cb48297a83&nocache=1665941801367&aus=300x250&divids=adtrue_ads_12953_wgincvr3p6jh15b3kcr&aucs=adtrue_ads_12953_wgincvr3p6jh15b3kcr&auid=558223497&aumfs=100
35.244.159.8200 OK 79 B URL HTTP/2 fptadtrue-d.openx.net/w/1.0/arj?ju=http%3A%2F%2Fouo.press%2FaoA6nr7&ch=UTF-8&res=1280x1024x24&ifr=true&tz=0&tws=1280x939&be=1&bc=hb_pb_3.0.3&dddid=b939f43f-f7af-41ad-b572-10cb48297a83&nocache=1665941801367&aus=300x250&divids=adtrue_ads_12953_wgincvr3p6jh15b3kcr&aucs=adtrue_ads_12953_wgincvr3p6jh15b3kcr&auid=558223497&aumfs=100
IP 35.244.159.8:0
File type JSON data\012- , ASCII text
Hash 90d868395ff4605dec37d82befc05522
ec01b6f8e364c5a55c789face5abe05f2d9b9fa8
d52ff82a1af3f69d86e13f195ea9dcdf8fcfd51925c224b1139431d880973a7b
GET /w/1.0/arj?ju=http%3A%2F%2Fouo.press%2FaoA6nr7&ch=UTF-8&res=1280x1024x24&ifr=true&tz=0&tws=1280x939&be=1&bc=hb_pb_3.0.3&dddid=b939f43f-f7af-41ad-b572-10cb48297a83&nocache=1665941801367&aus=300x250&divids=adtrue_ads_12953_wgincvr3p6jh15b3kcr&aucs=adtrue_ads_12953_wgincvr3p6jh15b3kcr&auid=558223497&aumfs=100 HTTP/1.1
Host: fptadtrue-d.openx.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept, Accept-Encoding
server: OXGW/0.0.0
pragma: no-cache
p3p: CP="CUR ADM OUR NOR STA NID"
expires: Mon, 26 Jul 1997 05:00:00 GMT
date: Sun, 16 Oct 2022 17:36:37 GMT
content-type: application/json
content-length: 79
content-encoding: gzip
cache-control: private, max-age=0, no-cache
access-control-allow-origin: http://ouo.press
access-control-allow-credentials: true
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e0783c924861043ef88d687f27359d07
622ea44bee0a6069bbb5ae6e9b33c8745635c84a
d58b4a6a70aa0c265316a47572e8d02cac08fed3f1a3bec8ccdca25d8e8527f8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 17:36:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 7e213042242ead10ba5b594ce23fd8a1
3990c0fdbadb86da4c48ae712932fcfdb72e0a56
995bc9ad4c8bb7b9bc0b4067416b5420faaf27f667423367c2d1eea3c9e23fa1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1923
Cache-Control: max-age=119322
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 17:36:37 GMT
Etag: "634b68bc-13a"
Expires: Tue, 18 Oct 2022 02:45:19 GMT
Last-Modified: Sun, 16 Oct 2022 02:13:16 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c6b680b733ece18b8020576178b31ffa
ae2bfec3bf72b14a032aeb6bde664731318e172d
2daa668acf36b5fa13fbfdbd2d6a7e1580be32a8eb68949595e298c866ae6fb6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3176
Cache-Control: max-age=143566
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 17:36:37 GMT
Etag: "634bc28b-1d7"
Expires: Tue, 18 Oct 2022 09:29:23 GMT
Last-Modified: Sun, 16 Oct 2022 08:36:27 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
216.58.207.198200 OK 104 B URL HTTP/2 ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
IP 216.58.207.198:0
File type MS Windows icon resource - 2 icons, 16x16, 16 colors, 32x32, 16 colors\012- data
Hash 32ac8a9b81788b981a3a7e13c14082d4
fbfd48a2bfe8d4247a975176f88d18c3c2ad1952
00cc7617e054596ff0aaabd8a93a9214dc5304bfe317316022dbf4fb3ea073d2
GET /favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250 HTTP/1.1
Host: ad.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 104
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Sun, 16 Oct 2022 12:07:31 GMT
expires: Mon, 17 Oct 2022 12:07:31 GMT
cache-control: public, max-age=86400
age: 19746
last-modified: Tue, 08 May 2012 13:08:06 GMT
content-type: image/x-icon
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__en.js
142.250.74.163200 OK 160 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__en.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (608)
Size 160 kB (159789 bytes)
Hash 1230a090d5cedcb9e764406ab9497c1b
3d175bcf4ad9957c3e32611713c01347299b173e
585cafe3d6a3b932804aaa5aeb19a650688a2c15767f513d0d60c1941475c428
GET /recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 159789
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 15 Oct 2022 14:11:40 GMT
expires: Sun, 15 Oct 2023 14:11:40 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 02 Oct 2022 20:02:07 GMT
content-type: text/javascript
age: 98697
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d5fc8a50afe9788942d9e67ccc419503
c3219f0779d5834972aa20bb7e6ac1df97501193
39a88fca80e611f2a649d5747851d188631578a11340ee3245d18a712036ddfd
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2788
Cache-Control: max-age=162276
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 17:36:37 GMT
Etag: "634c0d25-1d7"
Expires: Tue, 18 Oct 2022 14:41:13 GMT
Last-Modified: Sun, 16 Oct 2022 13:54:45 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
bidder.criteo.com/cdb?profileId=207&av=34&wv=7.12.0-pre&cb=85156942945&lsavail=0
178.250.0.165204 No Content 0 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=7.12.0-pre&cb=85156942945&lsavail=0
IP 178.250.0.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdb?profileId=207&av=34&wv=7.12.0-pre&cb=85156942945&lsavail=0 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 406
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 16 Oct 2022 17:36:37 GMT
vary: Origin
server: Finatra
timing-allow-origin: *
access-control-allow-origin: http://ouo.press
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
37.252.172.250200 OK 138 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 37.252.172.250:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 7cba8db14eab50f850d7d791be5fe3f6
646140ef3948d802553084cf59d26a887ea78523
6e75128695c71e9c45b4f0a55f5c3eb639b8232c044eb2c40ac5d5174e21a539
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 534
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 16 Oct 2022 17:36:37 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 138
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://ouo.press
AN-X-Request-Uuid: 468c8d53-3873-45ce-8cb1-002e6cd5ea0a
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
www.google-analytics.com/analytics.js
216.239.38.178200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 216.239.38.178:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.adtrue.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sun, 16 Oct 2022 16:46:56 GMT
expires: Sun, 16 Oct 2022 18:46:56 GMT
cache-control: public, max-age=7200
age: 2981
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 254c0f79943125eff7adbf9cb30d2b46
e24342391b47646fbbe9fa6a26dd95c0eadda7e5
35052bd13c72ac6c33ec3aa08ae793c5e12d2edeec5c91c9e2b2ac4762c3fc67
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 17:36:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e0783c924861043ef88d687f27359d07
622ea44bee0a6069bbb5ae6e9b33c8745635c84a
d58b4a6a70aa0c265316a47572e8d02cac08fed3f1a3bec8ccdca25d8e8527f8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 17:36:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
hbopenbid.pubmatic.com/translator?source=prebid-client
198.47.127.22204 No Content 0 B URL HTTP/2 hbopenbid.pubmatic.com/translator?source=prebid-client
IP 198.47.127.22:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /translator?source=prebid-client HTTP/1.1
Host: hbopenbid.pubmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 961
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: http://ouo.press
cache-control: no-cache, no-store, must-revalidate
date: Sun, 16 Oct 2022 17:36:37 GMT
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1
178.250.0.157200 OK 25 kB URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1
IP 178.250.0.157:0
File type JSON data\012- , ASCII text, with very long lines (53396), with no line terminators
Hash a36c7f931a1347ef679471d3aa18d0a8
b18035b8a07211a918192829a0e1a39bb185eb42
a21777059e3638fc8e6ccd1b9f184f4ec288d39e8bfa685c186195480380ae9b
GET /sid/json?origin=prebid&topUrl=http%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 17:36:37 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: http://ouo.press
server-processing-duration-in-ticks: 1146727
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
52.29.95.124200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.29.95.124:0
File type ASCII text, with no line terminators
Hash 91886aaa4863a3eae7327491d45f4fa8
49ed9585277e56315645ef2f065d2e84d20e91eb
91cdd1bd1627f69bfc2ada629d2973fef85269693abec8ccc6e7038fe8f64f62
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Cookie: uid_id2=95373d2c-8cac-489d-911d-4728726608ac:2:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 17:36:38 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://ouo.press
access-control-allow-credentials: true
X-Firefox-Spdy: h2
creepingbrings.com/sfp.js
104.21.234.233200 OK 0 B URL HTTP/1.1 creepingbrings.com/sfp.js
IP 104.21.234.233:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sfp.js HTTP/1.1
Host: creepingbrings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 200 OK
Date: Sun, 16 Oct 2022 17:36:37 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: max-age=14400
X-Request-ID: d5dfd860f04e8192e58a1766c9e7015c
Strict-Transport-Security: max-age=0; includeSubdomains
CF-Cache-Status: EXPIRED
Last-Modified: Sun, 16 Oct 2022 17:36:37 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cw4GR%2BlqsYTdvNZ2jQexYsKcWl9SCqppAR7n45V07radSAnC2Xym%2FEX4kPaziGMlmN5xAlhHYWDsHqgo%2B4W%2FbCYX%2FV8Fg89ZwlDKWBpFyh3r5ldrWbLbk7xo4zUNmQIO7zktyo4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75b28ecb18c0bc82-LHR
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
exchange.adtrue.com/tag/passback?adtrue_pzoneid=12953&divid=1847124225&ref=undefined
172.67.144.172301 Moved Permanently 0 B URL HTTP/1.1 exchange.adtrue.com/tag/passback?adtrue_pzoneid=12953&divid=1847124225&ref=undefined
IP 172.67.144.172:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tag/passback?adtrue_pzoneid=12953&divid=1847124225&ref=undefined HTTP/1.1
Host: exchange.adtrue.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 301 Moved Permanently
Date: Sun, 16 Oct 2022 17:36:38 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 16 Oct 2022 18:36:38 GMT
Location: https://exchange.adtrue.com/tag/passback?adtrue_pzoneid=12953&divid=1847124225&ref=undefined
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tr4AmDC7VTxlWyPdw51WLZvPUJRnkTH2Sjh75OCAMvDUN9dgBdzK1%2FuByH89hgTkUWZyf%2F8u3yjCg5%2Fd5DO5wJsHznKty2IxJMsvw3xl%2FzdkoZ%2BB0RE3j2ZvydiBOLytDA91gnx7"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75b28ed068ebb4fa-OSL
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash f92e069645399930db62eda4dd3df926
93e8dd5b9143392555c781cc2bec9e03d0c48c14
9d3664eb157aad52ee33c8becd54d1113d5baef4d34725142d77a5020e49b31b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5705
Cache-Control: max-age=129223
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 17:36:38 GMT
Etag: "634b80a4-118"
Expires: Tue, 18 Oct 2022 05:30:21 GMT
Last-Modified: Sun, 16 Oct 2022 03:55:16 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 280
jsc.adskeeper.com/a/d/adtrue.ouo.press.991771.js
104.18.4.42200 OK 908 B URL HTTP/2 jsc.adskeeper.com/a/d/adtrue.ouo.press.991771.js
IP 104.18.4.42:0
File type ASCII text, with very long lines (2337)
Hash 4f8f059fbf3b6b0e3a37926f648a3993
83b61eb9d45cdf8f7c708bf4e148d7cab569c596
69190d6c2b78d7b0de0a44dbdde96bb7cf6c793f52481633b4f26ca2cfefcd4e
GET /a/d/adtrue.ouo.press.991771.js HTTP/1.1
Host: jsc.adskeeper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 16 Oct 2022 17:36:38 GMT
content-type: text/javascript
content-length: 908
x-amz-id-2: KAIZM6A8DwIAkmj6PcpKt7XAkOnCDR2Vdq3o2u42jw4XGTvjXjI5FY0S9m8p5l/IwYhKctdrvKM=
x-amz-request-id: 0N7TAAT995RR1W31
last-modified: Wed, 24 Aug 2022 10:09:53 GMT
etag: "4f8f059fbf3b6b0e3a37926f648a3993"
content-encoding: gzip
x-amz-version-id: vjUfJ7PUwRKr5ZG64ubE4TU9vAV4Ff_Q
cf-cache-status: HIT
expires: Sun, 16 Oct 2022 21:36:38 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 75b28ed1a8e41c02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
jsc.adskeeper.com/a/d/adtrue.ouo.press.991771.es6.js
104.18.4.42200 OK 77 kB URL HTTP/2 jsc.adskeeper.com/a/d/adtrue.ouo.press.991771.es6.js
IP 104.18.4.42:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (32897)
Hash e559caae45cb818b6896845671336a3b
3ce9fd0ad9284532bd6b75814d851ddaa2ed63a3
1fcadff5f97dce2a2bb1e11a2d579b84656d4416e50171bae0d2013a8dc9c3ff
GET /a/d/adtrue.ouo.press.991771.es6.js HTTP/1.1
Host: jsc.adskeeper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 17:36:38 GMT
content-type: text/javascript
content-length: 76738
x-amz-id-2: PnJDZztMxmjTDXtgyAPj/PBR6CL5E6pRM2TrRTb+odsStliOy2V1CJgPRRW6/2lFOUgjvNBOdso=
x-amz-request-id: P8WQNC29BTQYTDWP
last-modified: Wed, 24 Aug 2022 10:09:52 GMT
etag: "e559caae45cb818b6896845671336a3b"
content-encoding: gzip
x-amz-version-id: NX7wQXc7.FGN_u6PGufKW0wdpyDY_3AN
cf-cache-status: HIT
age: 6810
expires: Sun, 16 Oct 2022 21:36:38 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 75b28ed209ea1c02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash f92e069645399930db62eda4dd3df926
93e8dd5b9143392555c781cc2bec9e03d0c48c14
9d3664eb157aad52ee33c8becd54d1113d5baef4d34725142d77a5020e49b31b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5705
Cache-Control: max-age=129223
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 17:36:38 GMT
Etag: "634b80a4-118"
Expires: Tue, 18 Oct 2022 05:30:21 GMT
Last-Modified: Sun, 16 Oct 2022 03:55:16 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 280
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f31588865588398af8d6de664e8f84c7
88a52c610d224c3496968ebfe3881cfa2027ffdf
b17a0ea8a819f624b7bb8b2526226a032088384ccaffdd0cd4063ca7296842c4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B17A0EA8A819F624B7BB8B2526226A032088384CCAFFDD0CD4063CA7296842C4"
Last-Modified: Sat, 15 Oct 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9375
Expires: Sun, 16 Oct 2022 20:12:53 GMT
Date: Sun, 16 Oct 2022 17:36:38 GMT
Connection: keep-alive
unseenreport.com/pxf.gif?uuid=95373d2c-8cac-489d-911d-4728726608ac&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.29&b_frame=0&pk=ed36014633829dc70a42dccaefdf3f11&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=17
192.243.61.227200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=95373d2c-8cac-489d-911d-4728726608ac&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.29&b_frame=0&pk=ed36014633829dc70a42dccaefdf3f11&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=17
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=95373d2c-8cac-489d-911d-4728726608ac&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.29&b_frame=0&pk=ed36014633829dc70a42dccaefdf3f11&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=17 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 16 Oct 2022 17:36:38 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b6775c43e0985e0a1c63765487aef3b5
Strict-Transport-Security: max-age=0; includeSubdomains
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash de1a7c8e509e5d86222cd4ddb2c03fbe
c61b7af71388498ee55515ca4d0f2d6e5a912c3c
33109552bbc1687e070c8e4b5dc05215d8eed9702b585ecfe25ac5df59f7a44a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5961
Cache-Control: max-age=90569
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 17:36:38 GMT
Etag: "634ae8a6-139"
Expires: Mon, 17 Oct 2022 18:46:07 GMT
Last-Modified: Sat, 15 Oct 2022 17:06:46 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash e35e3d459066a688bcf5b43d1aacbd18
50493bfa07ae4918618f692e217e1d07952e2f2b
db5ecc2341fc195a8320650dc731231a58483fbab27a4bb05462b867c05577b8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5709
Cache-Control: max-age=126312
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 17:36:39 GMT
Etag: "634b7542-139"
Expires: Tue, 18 Oct 2022 04:41:51 GMT
Last-Modified: Sun, 16 Oct 2022 03:06:42 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 313
gum.criteo.com/syncframe?origin=publishertag&topUrl=ouo.press
178.250.0.157200 OK 5.1 kB URL HTTP/2 gum.criteo.com/syncframe?origin=publishertag&topUrl=ouo.press
IP 178.250.0.157:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (13465)
Hash 2cf12a61c5f3f23abe6f26d2181f908c
7cc44e27a14d87f3a8180a7b3a99f6fbc52f99c8
f0b7a85374c53a3a5e3dc9074aa1587df2e43cbd4835cb777f23ae7492cf2041
GET /syncframe?origin=publishertag&topUrl=ouo.press HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ouo.press/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 17:36:38 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=221f218e-eab9-4bb7-b100-972c7970bba4; expires=Fri, 10 Nov 2023 17:36:38 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 619215
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 06f30febb544a9da27c6814bac4c83ea
63edb4ee11324e9309045f6d875104f476adf7f0
3a3cc62eedf1cb14a7d075def516b92ab3898d12da63fa00267e525d18c11d68
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4595
Cache-Control: max-age=92083
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 17:36:39 GMT
Etag: "634af3e7-139"
Expires: Mon, 17 Oct 2022 19:11:22 GMT
Last-Modified: Sat, 15 Oct 2022 17:54:47 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 06f30febb544a9da27c6814bac4c83ea
63edb4ee11324e9309045f6d875104f476adf7f0
3a3cc62eedf1cb14a7d075def516b92ab3898d12da63fa00267e525d18c11d68
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6029
Cache-Control: max-age=93517
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 17:36:39 GMT
Etag: "634af3e7-139"
Expires: Mon, 17 Oct 2022 19:35:16 GMT
Last-Modified: Sat, 15 Oct 2022 17:54:47 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 313
harshlygiraffediscover.com/sbar.json?key=ed36014633829dc70a42dccaefdf3f11&uuid=95373d2c-8cac-489d-911d-4728726608ac%3A2%3A1
192.243.59.20200 OK 4.6 kB URL HTTP/1.1 harshlygiraffediscover.com/sbar.json?key=ed36014633829dc70a42dccaefdf3f11&uuid=95373d2c-8cac-489d-911d-4728726608ac%3A2%3A1
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
Hash 1cf926620aac5a9bd108c6be13390123
3a08a96aa5d7d471ae0dd2061b2f58a9c918ad73
be4da4a7f967f721a392aa39facb42a78f950df8a452470a0c61d6d142aa9bac
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=ed36014633829dc70a42dccaefdf3f11&uuid=95373d2c-8cac-489d-911d-4728726608ac%3A2%3A1 HTTP/1.1
Host: harshlygiraffediscover.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Sun, 16 Oct 2022 17:36:39 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://ouo.press
Access-Control-Allow-Origin: http://ouo.press
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=15424691; expires=Mon, 17 Oct 2022 17:36:39 GMT; secure; SameSite=None
uid_id2=95373d2c-8cac-489d-911d-4728726608ac:2:1; expires=Sun, 23 Oct 2022 17:36:39 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 17 Oct 2022 17:36:39 GMT; secure; SameSite=None
uncs=1; expires=Mon, 17 Oct 2022 17:36:39 GMT; secure; SameSite=None
pdhtkv29=true; expires=Mon, 17 Oct 2022 17:36:39 GMT; secure; SameSite=None
uncs29=1; expires=Mon, 17 Oct 2022 17:36:39 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 58b53e55945b5706804fe03fb48883a5
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ag.gbc.criteo.com/newidsd
178.250.6.0200 OK 859 B URL HTTP/2 ag.gbc.criteo.com/newidsd
IP 178.250.6.0:0
Hash de18cf9f7de58855bcf8f9b047528185
82408dec28f274a231a527f7c039ab3677a5cdad
5120b36b1a4d5651b3e4fd283e59b3f903c471596c08f0907d4e4f78759a22ff
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sun, 16 Oct 2022 17:36:38 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 60515
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
harshlygiraffediscover.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSzYscRRjGq5N40ICgBEQkYRDBBNzZ%2FpjtnjGHJeu6srgmIevXIRCqq3pmy63paqq6pmcXD4sByc3xP%2Bh9Zj%2BILhLxKAbpDXjY044HmYP7D3gMCt5kJour7%2BV9q56n4MdT75fb9oS4sHS8%2BIHaFFLS2bm6W7v6qeddr62I1PZr%2FWZ4L2xcr%2Bne262w7l6rvZewdTXru57req5XWxI6aav%2B7ESEyA5aXr3l1ht%2B3ZtroK%2F%2FfzbWgaEOeO%2BEvAzBRxeeOJcgWIW0%2B2gxMeu5yt56t2slzZVGj%2B9%2FlK6nqkjRPRvb2kE73T91Q5njpcdQ6e4UF6r3rzEWI%2BL88hhxun8Kibi3M%2BWMJZIUMb%2BIolchkRUErcDUfQh%2BTADGcfMW0u7eTaULuvFMpRN1RC789RSiGJELv19C2v1uQYp%2BbVVJmwuVGvTbJUS%2FguhUyOwh8s1zEMUhWP4FBCdIuyUEH7%2FRmguigPtspskom2k0W3ym5Xl8phH5zcgPQ7dJ2TQYISqIdgWZDEDNOVjjwAoHtu3AZg66fFxjnudFLmfUbbYYC3iUxCF3PRq1Peq5YROWTdgHyLMBmByA6S1kegvrYgBtf4ZZK2G4A5MT9HiJIiEoDEFBCQpBUOQERa%2Fc5dL4ptzj0tjYO%2B3%2BaQ%2FKoco723RX5Z0kJdvZCXlpGtgfd3%2FAejKuJTwIXa8RBkHTb3EWubThc8Zo0ubtoO15MKKEMOdAjYNNcfzib8jE8fMlYnoIIw%2FBxOug9jJoMYx8F3Rt2Gi62EwfKqvqmU6MAVclsvw55BvOtjwhr04Bmnv3kLCj%2BYOrf1Zf3b0GpktkusRn4glBRz4Y3lEF2bmjCkO%2Bv5Xlois26eQ3V3OaJ%2Be%2FeT%2FZKJTmy4tm8PAGmwiT8eDDxOQrNOUi7Rjy7YLgPNFLSrOE%2FLRsPkni29asLVid2mzl9jtLy90poFBpBSqOP%2F4cTIzIC6%2FVp2t65eIYQlfQtkTXHpHTglAVWLYFk53RG3UeWp554sxBYcuh9uOzSylGxH%2B6CpkczQ8v%2F%2F3jK91HoHEJk%2Fzn4dm8bR6go6%2BA5venG9rTJXqyBJUDGHt%2BmGf6aP7XYFqIpTOMpXZ2Yqnl18%2FiNWJci4LApWFrzosimkRxw2%2B2Q49T6jdCPwxpgNyM2MqNN%2F8BAAD%2F%2FwEAAP%2F%2FjDbIg3UEAAA%3D
192.243.59.20200 OK 7 B URL HTTP/1.1 harshlygiraffediscover.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSzYscRRjGq5N40ICgBEQkYRDBBNzZ%2FpjtnjGHJeu6srgmIevXIRCqq3pmy63paqq6pmcXD4sByc3xP%2Bh9Zj%2BILhLxKAbpDXjY044HmYP7D3gMCt5kJour7%2BV9q56n4MdT75fb9oS4sHS8%2BIHaFFLS2bm6W7v6qeddr62I1PZr%2FWZ4L2xcr%2Bne262w7l6rvZewdTXru57req5XWxI6aav%2B7ESEyA5aXr3l1ht%2B3ZtroK%2F%2FfzbWgaEOeO%2BEvAzBRxeeOJcgWIW0%2B2gxMeu5yt56t2slzZVGj%2B9%2FlK6nqkjRPRvb2kE73T91Q5njpcdQ6e4UF6r3rzEWI%2BL88hhxun8Kibi3M%2BWMJZIUMb%2BIolchkRUErcDUfQh%2BTADGcfMW0u7eTaULuvFMpRN1RC789RSiGJELv19C2v1uQYp%2BbVVJmwuVGvTbJUS%2FguhUyOwh8s1zEMUhWP4FBCdIuyUEH7%2FRmguigPtspskom2k0W3ym5Xl8phH5zcgPQ7dJ2TQYISqIdgWZDEDNOVjjwAoHtu3AZg66fFxjnudFLmfUbbYYC3iUxCF3PRq1Peq5YROWTdgHyLMBmByA6S1kegvrYgBtf4ZZK2G4A5MT9HiJIiEoDEFBCQpBUOQERa%2Fc5dL4ptzj0tjYO%2B3%2BaQ%2FKoco723RX5Z0kJdvZCXlpGtgfd3%2FAejKuJTwIXa8RBkHTb3EWubThc8Zo0ubtoO15MKKEMOdAjYNNcfzib8jE8fMlYnoIIw%2FBxOug9jJoMYx8F3Rt2Gi62EwfKqvqmU6MAVclsvw55BvOtjwhr04Bmnv3kLCj%2BYOrf1Zf3b0GpktkusRn4glBRz4Y3lEF2bmjCkO%2Bv5Xlois26eQ3V3OaJ%2Be%2FeT%2FZKJTmy4tm8PAGmwiT8eDDxOQrNOUi7Rjy7YLgPNFLSrOE%2FLRsPkni29asLVid2mzl9jtLy90poFBpBSqOP%2F4cTIzIC6%2FVp2t65eIYQlfQtkTXHpHTglAVWLYFk53RG3UeWp554sxBYcuh9uOzSylGxH%2B6CpkczQ8v%2F%2F3jK91HoHEJk%2Fzn4dm8bR6go6%2BA5venG9rTJXqyBJUDGHt%2BmGf6aP7XYFqIpTOMpXZ2Yqnl18%2FiNWJci4LApWFrzosimkRxw2%2B2Q49T6jdCPwxpgNyM2MqNN%2F8BAAD%2F%2FwEAAP%2F%2FjDbIg3UEAAA%3D
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1SSzYscRRjGq5N40ICgBEQkYRDBBNzZ%2FpjtnjGHJeu6srgmIevXIRCqq3pmy63paqq6pmcXD4sByc3xP%2Bh9Zj%2BILhLxKAbpDXjY044HmYP7D3gMCt5kJour7%2BV9q56n4MdT75fb9oS4sHS8%2BIHaFFLS2bm6W7v6qeddr62I1PZr%2FWZ4L2xcr%2Bne262w7l6rvZewdTXru57req5XWxI6aav%2B7ESEyA5aXr3l1ht%2B3ZtroK%2F%2FfzbWgaEOeO%2BEvAzBRxeeOJcgWIW0%2B2gxMeu5yt56t2slzZVGj%2B9%2FlK6nqkjRPRvb2kE73T91Q5njpcdQ6e4UF6r3rzEWI%2BL88hhxun8Kibi3M%2BWMJZIUMb%2BIolchkRUErcDUfQh%2BTADGcfMW0u7eTaULuvFMpRN1RC789RSiGJELv19C2v1uQYp%2BbVVJmwuVGvTbJUS%2FguhUyOwh8s1zEMUhWP4FBCdIuyUEH7%2FRmguigPtspskom2k0W3ym5Xl8phH5zcgPQ7dJ2TQYISqIdgWZDEDNOVjjwAoHtu3AZg66fFxjnudFLmfUbbYYC3iUxCF3PRq1Peq5YROWTdgHyLMBmByA6S1kegvrYgBtf4ZZK2G4A5MT9HiJIiEoDEFBCQpBUOQERa%2Fc5dL4ptzj0tjYO%2B3%2BaQ%2FKoco723RX5Z0kJdvZCXlpGtgfd3%2FAejKuJTwIXa8RBkHTb3EWubThc8Zo0ubtoO15MKKEMOdAjYNNcfzib8jE8fMlYnoIIw%2FBxOug9jJoMYx8F3Rt2Gi62EwfKqvqmU6MAVclsvw55BvOtjwhr04Bmnv3kLCj%2BYOrf1Zf3b0GpktkusRn4glBRz4Y3lEF2bmjCkO%2Bv5Xlois26eQ3V3OaJ%2Be%2FeT%2FZKJTmy4tm8PAGmwiT8eDDxOQrNOUi7Rjy7YLgPNFLSrOE%2FLRsPkni29asLVid2mzl9jtLy90poFBpBSqOP%2F4cTIzIC6%2FVp2t65eIYQlfQtkTXHpHTglAVWLYFk53RG3UeWp554sxBYcuh9uOzSylGxH%2B6CpkczQ8v%2F%2F3jK91HoHEJk%2Fzn4dm8bR6go6%2BA5venG9rTJXqyBJUDGHt%2BmGf6aP7XYFqIpTOMpXZ2Yqnl18%2FiNWJci4LApWFrzosimkRxw2%2B2Q49T6jdCPwxpgNyM2MqNN%2F8BAAD%2F%2FwEAAP%2F%2FjDbIg3UEAAA%3D HTTP/1.1
Host: harshlygiraffediscover.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ouo.press/
Cookie: u_pl=15424691; uid_id2=95373d2c-8cac-489d-911d-4728726608ac:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Sun, 16 Oct 2022 17:36:39 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ec9ee627644b04e275beda4c2dd1186d
Strict-Transport-Security: max-age=0; includeSubdomains
gem.gbc.criteo.com/newidsd
178.250.6.176200 OK 0 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP 178.250.6.176:0
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sun, 16 Oct 2022 17:36:39 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 92333
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
cdn.barscreative1.com/sb/au/b1/bf/91/b1bf912149c35e275743aef99160a6a6/1632399592.html
45.133.44.3200 OK 0 B URL HTTP/2 cdn.barscreative1.com/sb/au/b1/bf/91/b1bf912149c35e275743aef99160a6a6/1632399592.html
IP 45.133.44.3:0
ASN #39572 DataWeb Global Group B.V.
GET /sb/au/b1/bf/91/b1bf912149c35e275743aef99160a6a6/1632399592.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 16 Oct 2022 17:36:39 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Thu, 23 Sep 2021 12:20:15 GMT
etag: W/"614c70ff-563"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Sun, 16 Oct 2022 18:36:39 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
static.criteo.net/js/ld/publishertag.prebid.123.js
178.250.0.130200 OK 0 B URL HTTP/2 static.criteo.net/js/ld/publishertag.prebid.123.js
IP 178.250.0.130:0
GET /js/ld/publishertag.prebid.123.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 17:36:38 GMT
content-type: text/javascript
last-modified: Tue, 03 May 2022 11:21:03 GMT
etag: W/"6271101f-15b58"
expires: Mon, 17 Oct 2022 17:36:38 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
cdn.adtrue.com/rtb/async.js
104.21.81.154200 OK 0 B URL HTTP/2 cdn.adtrue.com/rtb/async.js
IP 104.21.81.154:0
GET /rtb/async.js HTTP/1.1
Host: cdn.adtrue.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ouo.press/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 16 Oct 2022 17:36:37 GMT
content-type: application/javascript
last-modified: Mon, 16 Nov 2020 01:20:45 GMT
etag: W/"5fb1d3ed-1c9f"
expires: Sun, 24 Sep 2023 03:46:20 GMT
cache-control: max-age=31104000
access-control-allow-origin: *
cf-cache-status: HIT
age: 1518617
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IFCddrD5H8Yg68MR6qFRfatv1L43AtRU6t7M5gY2p5qaDybKlwX9rPHs9Jur31VZAEryc6j4Xg0KYbO%2F9hJy51Yk9dSV30T8n8BxJoHcupT8cfUgoocr3sBo%2BjkRQpI9BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75b28ec78a411bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1
IP 178.250.0.157:0
OPTIONS /sid/json?origin=prebid&topUrl=http%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: http://ouo.press/
Origin: http://ouo.press
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 16 Oct 2022 17:36:37 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: http://ouo.press
server-processing-duration-in-ticks: 457362
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
hhklc.com/c.js
104.21.70.122200 OK 0 B IP 104.21.70.122:0
GET /c.js HTTP/1.1
Host: hhklc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ouo.press/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 16 Oct 2022 17:36:37 GMT
content-type: application/javascript
last-modified: Tue, 27 Sep 2022 15:56:01 GMT
etag: W/"63331d11-21a9"
server-asp-net: Asp Net
expires: Sun, 16 Oct 2022 18:08:54 GMT
cache-control: public, max-age=14400
cf-cache-status: HIT
age: 763
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=exYdUkhWxORhHv85sefaCyiNsGmQo59kKKXIOwVrTTikeJ%2Fu0hdUvRq65vsEdYfRMPg9EcK2YbAmgcf6i5srMz520fAZ7AqQLraM4MH0PHbJ7cA9Y4gmRTzb2ek%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75b28ec779570b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.0.157200 OK 0 B IP 178.250.0.157:0
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=vr27F180M0RITmhlJTJCZkMwOUJGQlhaMUN2czcwOEh2VjduSW5sMktFSWl0bnJETUx1aHdod09YWjhMWW91TFJ6bmo3eWk
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 17:36:38 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=owV3KF80M0RITmhlJTJCZkMwOUJGQlhaMUN2czcwOEh2VjduSW5sMktFSWl0bnJETUpicDQ2WTlIVGtoOTR5MXU3a3I4eFQ; expires=Fri, 10 Nov 2023 17:36:39 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 463964
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2