ouo.press/CJp6xC
104.22.59.251403 Forbidden 3.8 kB IP 104.22.59.251:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (836)
Hash a163d4bee47dae842e902282bae57c5c
e3461717186f995364d19cdfcbd00dcfede33ed4
2caded987eff706f8ffd2a75ef2288e9d65daf1b33866c2d632496effe9a5601
GET /CJp6xC HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 403 Forbidden
Date: Tue, 29 Nov 2022 14:15:49 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
CF-Chl-Bypass: 1
Referrer-Policy: same-origin
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Frame-Options: SAMEORIGIN
Set-Cookie: __cf_bm=v0_J0_KI5uuhqGNOjIhQWAA2hq5W.yYbn6OlDsZR3IU-1669731349-0-AQilhjb/G+MA7r+6dKyt1j2VpPcA9yBDSsk0e2Vmdbo8cJSkyWJqy/MBojFja8oZY8Bw3zPGOg5Cg4FHm+6pvZE=; path=/; expires=Tue, 29-Nov-22 14:45:49 GMT; domain=.ouo.press; HttpOnly; SameSite=None
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 771bf5254b97b518-OSL
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2d2e7649ce9e9ba6fc8b68aa89352e3c
0153d1d3d830a457043e16bb40d48a0b9ddef4b8
8eed57c91b42ef7b2d5eff1309e306e23e13c3de21219af24a693cbf3e8977fc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8EED57C91B42EF7B2D5EFF1309E306E23E13C3DE21219AF24A693CBF3E8977FC"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4015
Expires: Tue, 29 Nov 2022 15:22:44 GMT
Date: Tue, 29 Nov 2022 14:15:49 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4ed065cb23b5fca1a179dd73b3c5b7b2
4422eb24688f5e056fc1b18b127c7f63b1dbf5e0
b723d770d0dec7441d8505dc5a4e7d34f55c9f564ec52f20d9b70c7c3a0d9d35
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3580
Cache-Control: max-age=162902
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 14:15:49 GMT
Etag: "6385df6f-1d7"
Expires: Thu, 01 Dec 2022 11:30:51 GMT
Last-Modified: Tue, 29 Nov 2022 10:31:11 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 29 Nov 2022 13:17:55 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3474
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9fce5679881bf302a8978a0b462f01a9
b699fe030ea13ac73813e655c42ed9b531925e2b
a3ec545a8f9364ac9062eddb41279e1465687a1b60f9c1dec6b3a3df8b033eb3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3EC545A8F9364AC9062EDDB41279E1465687A1B60F9C1DEC6B3A3DF8B033EB3"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6397
Expires: Tue, 29 Nov 2022 16:02:26 GMT
Date: Tue, 29 Nov 2022 14:15:49 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: pWySt8TKobF+dssqgVpyxoKpS3ENuv7jYmnx4Lhx1wdCq7wuhO4iI8tkVEZMLZbcbGbvdjkx71U=
x-amz-request-id: 31252HQGX78KRPMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 29 Nov 2022 13:42:31 GMT
age: 1998
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ouo.press/cdn-cgi/styles/challenges.css
104.22.59.251200 OK 2.6 kB URL HTTP/1.1 ouo.press/cdn-cgi/styles/challenges.css
IP 104.22.59.251:0
File type ASCII text, with very long lines (6294), with no line terminators
Hash ba2d8534d208d2a5b158507e004d7150
ab81307634698ea304a68783fa38937f562009a2
63b366fdbfea7cbec639f9a5f24714a831e171570625def9462d724b5c8fdc59
GET /cdn-cgi/styles/challenges.css HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ouo.press/CJp6xC
Connection: keep-alive
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 14:15:49 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 13:34:50 GMT
ETag: W/"637ccffa-1896"
Server: cloudflare
CF-RAY: 771bf527d9170b4d-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Expires: Tue, 29 Nov 2022 16:15:49 GMT
Cache-Control: max-age=7200, public
Content-Encoding: gzip
ouo.press/favicon.ico
104.22.59.251200 OK 0 B IP 104.22.59.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ouo.press/CJp6xC
Connection: keep-alive
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 14:15:49 GMT
Content-Type: image/x-icon
Content-Length: 0
Connection: keep-alive
Last-Modified: Sat, 14 Feb 2015 06:41:24 GMT
ETag: "54deee14-0"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=86400
CF-Cache-Status: HIT
Age: 3615
Accept-Ranges: bytes
Set-Cookie: __cf_bm=88zPu35PZNNwI47BJBoKVwpeoEoUzlcvGRycLMi5kvY-1669731349-0-AWvKotG2cTm0nfOBi8hOuZqtKT6rUiAFkEG7HBvuPgnodXWXdeL6X1DdB0Xc6mUg6rO53RM7DTqJxl2n7aQxI20=; path=/; expires=Tue, 29-Nov-22 14:45:49 GMT; domain=.ouo.press; HttpOnly; SameSite=None
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 771bf527edfbb51b-OSL
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 14:15:49 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ouo.press/cdn-cgi/images/trace/managed/js/transparent.gif?ray=771bf5254b97b518
104.22.59.251200 OK 42 B URL HTTP/1.1 ouo.press/cdn-cgi/images/trace/managed/js/transparent.gif?ray=771bf5254b97b518
IP 104.22.59.251:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /cdn-cgi/images/trace/managed/js/transparent.gif?ray=771bf5254b97b518 HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ouo.press/CJp6xC
Connection: keep-alive
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 14:15:49 GMT
Content-Type: image/gif
Content-Length: 42
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 13:34:50 GMT
ETag: "637ccffa-2a"
Server: cloudflare
CF-RAY: 771bf528797e0b4d-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Expires: Tue, 29 Nov 2022 16:15:49 GMT
Cache-Control: max-age=7200, public
Accept-Ranges: bytes
ouo.press/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=771bf5254b97b518
104.22.59.251200 OK 25 kB URL HTTP/1.1 ouo.press/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=771bf5254b97b518
IP 104.22.59.251:0
File type ASCII text, with very long lines (57581), with no line terminators
Hash e795c47fd2a4e182d4ae4a53debb9145
86286bf70d15aaaa4f5adc8d6019e2986fedb66e
e4a9e06d9aeae228ebb19fdb72ee63e52a289856d834f348ce8a15faabb8f30f
GET /cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=771bf5254b97b518 HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ouo.press/CJp6xC?__cf_chl_rt_tk=CnGpEc6nFjoL3xMLKXfdnJt6GrFe7vb42leV7aeKquE-1669731349-0-gaNycGzNAxE
Connection: keep-alive
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 14:15:49 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: max-age=0, must-revalidate
Set-Cookie: __cf_bm=lCzJZ2XSiZpCYdmauKveY1i85xAGPXYGxVfg.pdtui0-1669731349-0-AXz3jfO6KLeRnvjBG4QQkSC6Ltvc8tnR0QJd3+Dm4hUr/UldJdVDWh22ZUvwLf3amfgwAw7StKoFjv2zWhBSK0U=; path=/; expires=Tue, 29-Nov-22 14:45:49 GMT; domain=.ouo.press; HttpOnly; SameSite=None
Server: cloudflare
CF-RAY: 771bf52899a50b4d-OSL
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 381ec5590b3943dc09bdafa08c96eb04
f3fe85cb6c55276d5501ac74c747bd8537ed79e4
721858cbf15420c66986526f57d5517d5c4465867a3a6c26bd3bfd10652015dd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3015
Cache-Control: max-age=163058
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 14:15:49 GMT
Etag: "6385e240-116"
Expires: Thu, 01 Dec 2022 11:33:27 GMT
Last-Modified: Tue, 29 Nov 2022 10:43:12 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 278
ouo.press/cdn-cgi/challenge-platform/h/b/flow/ov1/0.42407724149232595:1669727174:noox-128eIBHS59jgVFd5322ljXMAnxzf8J10ckcBhk/771bf5254b97b518/11ee41efcc0a745
104.22.59.251200 OK 66 kB URL HTTP/1.1 ouo.press/cdn-cgi/challenge-platform/h/b/flow/ov1/0.42407724149232595:1669727174:noox-128eIBHS59jgVFd5322ljXMAnxzf8J10ckcBhk/771bf5254b97b518/11ee41efcc0a745
IP 104.22.59.251:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash e5bb15d52753d5aea2074fc3495a2fa7
b92da123658c09015bac82f839cb7cc020ed2d9b
348643144f1c942fed5b74f39ad067001ef4e4dc58a131521b94f30705576a15
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/0.42407724149232595:1669727174:noox-128eIBHS59jgVFd5322ljXMAnxzf8J10ckcBhk/771bf5254b97b518/11ee41efcc0a745 HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ouo.press/CJp6xC
Content-type: application/x-www-form-urlencoded
CF-Challenge: 11ee41efcc0a745
Content-Length: 1816
Origin: http://ouo.press
Connection: keep-alive
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 14:15:50 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf_chl_gen: T7fit3CqEbulFSxN7bolXGjy1elYa3/1CjEdCKv8btn8v54rd+bW211HgQqcy4m+XWh0h1UvUbNYTiKJg7Em6Hk/8bqnkaLk3eKJbfa9qyJB/6GjNBYEDjTtYbO9jLywVbX9dis+Blf3r5Z93OCXKKZ6/UWM8vBDBCr602Cl6+G34VpFZa3pS/HfFwFXFB6hK5ZcjtBF1yzkB0pi/NFPnas+hPmctcfJS/q7ZIY+Okbz7Dl0XYiDeYoxo4694AZFmJ3WEa+O4T+ExrS1l05eLXZAyNWS1SH2NyiQ+sFej5m+nxvwIJcq8F7+3KWQEek3/5zuTILZMdAN2mIk9a/UDg==$7/8bWSl9pW0KLf54s4lURQ==
Set-Cookie: __cf_bm=jl4wepcLK_7oCruqRDJ76pvLGD8VNyEHGq5Qbynadbo-1669731350-0-AXj+XzBc8QRGOyDRAQgWrFSv9NpH4w9KJKrqEDjxJIxPetuGi+TTdcFyC9gm7HkDvTufDYJio9iR7OrqYtjNAm4=; path=/; expires=Tue, 29-Nov-22 14:45:50 GMT; domain=.ouo.press; HttpOnly; SameSite=None
Server: cloudflare
CF-RAY: 771bf529ea930b4d-OSL
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 29 Nov 2022 14:08:56 GMT
cache-control: public,max-age=3600
age: 414
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3c8c689bd654417640d85f3da51af313
85123b6d46230a23d03768bf304b386e5d301305
516138ca79703b45e904d32d7dde1c1e9fd35995b9f1bb1331c547542745676d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4802
Cache-Control: max-age=159060
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 14:15:50 GMT
Etag: "6385cba8-1d7"
Expires: Thu, 01 Dec 2022 10:26:50 GMT
Last-Modified: Tue, 29 Nov 2022 09:06:48 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.165.176.211101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.165.176.211:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: gINT55ncyFMbWAXbBZofbA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: RYZzxP/RCVGTolY2BMGQ7qEBBZ8=
ouo.press/cdn-cgi/challenge-platform/h/b/img/771bf5254b97b518/1669731350082/DdQYPGeCiOiimsh
104.22.59.251200 OK 61 B URL HTTP/1.1 ouo.press/cdn-cgi/challenge-platform/h/b/img/771bf5254b97b518/1669731350082/DdQYPGeCiOiimsh
IP 104.22.59.251:0
File type PNG image data, 6 x 33, 8-bit/color RGB, non-interlaced\012- data
Hash 612ea30cde651e509d03f15bfaca921a
42e746fce981b37c782937bb7b81fd3c9ff42c6e
b41e511bf6ca2271481797e926dd4abe885e464a9c56e7456ad507d0f868bff5
GET /cdn-cgi/challenge-platform/h/b/img/771bf5254b97b518/1669731350082/DdQYPGeCiOiimsh HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ouo.press/CJp6xC
Connection: keep-alive
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 14:15:51 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cf_bm=7MqsfpVaKgV1l3KtoExk0I3NM1QAqiAdV1YtJvNahlQ-1669731351-0-AQw9QSSyoJm8ES3rbpOBpE5g7uSRqQDGy+0tkoiw1Jp3BsguQcGkJzeQdwY3y/BZEXWOVfwEng8SOEigKJ69lLM=; path=/; expires=Tue, 29-Nov-22 14:45:51 GMT; domain=.ouo.press; HttpOnly; SameSite=None
Server: cloudflare
CF-RAY: 771bf5315a1f0b4d-OSL
ouo.press/cdn-cgi/challenge-platform/h/b/flow/ov1/0.42407724149232595:1669727174:noox-128eIBHS59jgVFd5322ljXMAnxzf8J10ckcBhk/771bf5254b97b518/11ee41efcc0a745
104.22.59.251200 OK 3.9 kB URL HTTP/1.1 ouo.press/cdn-cgi/challenge-platform/h/b/flow/ov1/0.42407724149232595:1669727174:noox-128eIBHS59jgVFd5322ljXMAnxzf8J10ckcBhk/771bf5254b97b518/11ee41efcc0a745
IP 104.22.59.251:0
File type ASCII text, with very long lines (5148), with no line terminators
Hash a56ccb66bac85b40949d83efe8da7493
99d665f8eb71ad7f00de827664204d9a0bc90f73
1664de679809957ad24e2c2c4efd9ce5147b82f045caa7688f993f8825c57927
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/0.42407724149232595:1669727174:noox-128eIBHS59jgVFd5322ljXMAnxzf8J10ckcBhk/771bf5254b97b518/11ee41efcc0a745 HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ouo.press/CJp6xC
Content-type: application/x-www-form-urlencoded
CF-Challenge: 11ee41efcc0a745
Content-Length: 15914
Origin: http://ouo.press
Connection: keep-alive
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 14:15:51 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf_chl_gen: RZOH8BpYQ2SWxxkQ65/UD/4s/Q7iHG8dPMBjD7pxW+M=$8xQcaF64Hty6jV3e7s87Aw==
Set-Cookie: __cf_bm=svdysGOqldkvurygdI3vwXP0cVwhRwu5guj9toeN8Hg-1669731351-0-AcOHgEYtfIFFEpNHC7ioV+Xo2DMu7XUbVD4oOywg2YSw/stWeBfxMeDkoL8kP0OmA/r1W9CP+pD4NvVF6gqAVG0=; path=/; expires=Tue, 29-Nov-22 14:45:51 GMT; domain=.ouo.press; HttpOnly; SameSite=None
Server: cloudflare
CF-RAY: 771bf5321af00b4d-OSL
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 544169851262b1699a38b0a17d79deb8
80c19774b8ead93cba0abdf8d3f8816fabc2174c
d2f6a3b5c1b1de9ea87713224c9f056bd03096e0d87e6e6c5176c53eb5e390d7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5593
Cache-Control: max-age=93994
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 14:15:51 GMT
Etag: "6384ca68-118"
Expires: Wed, 30 Nov 2022 16:22:25 GMT
Last-Modified: Mon, 28 Nov 2022 14:49:12 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 544169851262b1699a38b0a17d79deb8
80c19774b8ead93cba0abdf8d3f8816fabc2174c
d2f6a3b5c1b1de9ea87713224c9f056bd03096e0d87e6e6c5176c53eb5e390d7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5593
Cache-Control: max-age=93994
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 14:15:51 GMT
Etag: "6384ca68-118"
Expires: Wed, 30 Nov 2022 16:22:25 GMT
Last-Modified: Mon, 28 Nov 2022 14:49:12 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 280
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2663
Expires: Tue, 29 Nov 2022 15:00:15 GMT
Date: Tue, 29 Nov 2022 14:15:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2663
Expires: Tue, 29 Nov 2022 15:00:15 GMT
Date: Tue, 29 Nov 2022 14:15:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2663
Expires: Tue, 29 Nov 2022 15:00:15 GMT
Date: Tue, 29 Nov 2022 14:15:52 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabddece8-6c4f-4cb5-9041-4d427b16b826.jpeg
34.120.237.76200 OK 4.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabddece8-6c4f-4cb5-9041-4d427b16b826.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a2a5c8d4113d282600462749315f2c4f
e2b4d2e15bb7c086333c0da438873e4c139ba931
9b5d0e5dd11d4cbf1c78a71730cd63544170c91ab635bf3cf917827ac84874e6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabddece8-6c4f-4cb5-9041-4d427b16b826.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4417
x-amzn-requestid: 01de83c2-51d2-4329-98f6-09a0edf46942
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVNnGEcRIAMFaXA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63852960-34583b6c588a0e937fcfaa46;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:24 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wqEe45jzMOryT-E-vThc39-cLiZudKF4gn6cS3LBmeaJ2amJF5GPIA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:46:54 GMT
age: 59338
etag: "e2b4d2e15bb7c086333c0da438873e4c139ba931"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51b530e0-9ee5-45ee-95e9-a687ac33f22c.jpeg
34.120.237.76200 OK 3.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51b530e0-9ee5-45ee-95e9-a687ac33f22c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 22e7d3e11e78242383e452adb9299016
035a1b4a2a7889787532ec2637d5c21e06daf672
990f18423bafc9cc3daaa1bd1290313b6cb3d3a391f642d01fd6797ad4fc9ca8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51b530e0-9ee5-45ee-95e9-a687ac33f22c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 3004
x-amzn-requestid: 1e6e228a-fb73-4ed3-881b-6b0e5c8297c7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPYcrFRXoAMFUJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382d450-45059338501b45d943d7e08c;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 03:06:57 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: rmBhEB-x2sOvI7XfEpZQ0-lXEDWZ4los77q017Im-Lwb32ZLA0Zvcg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 04:45:15 GMT
age: 34237
etag: "035a1b4a2a7889787532ec2637d5c21e06daf672"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1f434933b5bd6377d299ada22d1ae7ef
075531f525e625b117b2497f31139c9824d0e9c5
b587a3249e4f20112088608e3651c2ccbc44225a5c9d88d3bf5884d7f0e9029c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9430
x-amzn-requestid: 454ca8bd-a256-45f2-8b41-feee86c5af82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR7wyGCIIAMFhgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d99e-1488f8ce71a91ebc3ad6b7e0;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:41:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NMMuQ1NNks65LJK_HDAK69MfCJ3pS0Y6VzBs8_5Oku64v4FSWADCdw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 22:01:55 GMT
age: 58437
etag: "075531f525e625b117b2497f31139c9824d0e9c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5e6403-f1a3-4b44-a62d-0e47d56bb08e.webp
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5e6403-f1a3-4b44-a62d-0e47d56bb08e.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 83c1fedec73299637cc7dc47c48af758
2e3f7326aeea6be8a34bf2c39b34862c07bfdc41
1fea143e23bb0156062f4c06569824900a67ed83cb99fd635d4c4ab968dc65e9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5e6403-f1a3-4b44-a62d-0e47d56bb08e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4916
x-amzn-requestid: b8c80a6c-e3f1-4f20-beb8-27b0af760692
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPYcrELFoAMFaeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382d450-155cfb365525173c0ede8adb;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 03:06:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Twtw6dO3pjTB9OLi0HliKKCDgCuHRqgtx4PFTczrZQ9f8JztgXZoSg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 03:18:11 GMT
age: 39461
etag: "2e3f7326aeea6be8a34bf2c39b34862c07bfdc41"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc326607e-c0fa-4e9d-b8d4-1c9173793bed.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc326607e-c0fa-4e9d-b8d4-1c9173793bed.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cce27a1fe8c0222811a5ce0e7f89e1cb
28c165bac8cf68cd1b0763c311aece00672cb3a5
4530e34a47ef78c2c2b0d34a0511253a61f1927b192ab42f82361002ff10819e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc326607e-c0fa-4e9d-b8d4-1c9173793bed.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9376
x-amzn-requestid: c52b3092-90d2-4289-b6e0-ab99c9d4710a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPmz3EVUoAMFWUw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382eb4b-39f46c89238eff696e9f2dba;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 04:44:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ofQEhaEiX1vE25a_1xHeab9Px9zgGpk8omlX_aHmLE1oN1aZTPzWxQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 10:09:32 GMT
age: 14780
etag: "28c165bac8cf68cd1b0763c311aece00672cb3a5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 03014221d7f49b50ffc2d1b0a0e75457
772d86ad983042a728ee3490630a9cf1134ad0dd
81fb954fa569955907952987e9d8efd1dac80e0e4a682826abf3c5d90eb31771
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10176
x-amzn-requestid: c2231955-5c78-4073-8399-b8b90f1add78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMo3oHpSoAMF5Qw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bb63-55a1cb004ac73c8b02f2fb8d;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:08:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: uGocx-Lv8ieJVvICjnTGQZyzaQzjVdICX2RZaNyBTQvUKeIcNxaCJQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 04:49:50 GMT
age: 33962
etag: "772d86ad983042a728ee3490630a9cf1134ad0dd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ouo.press/cdn-cgi/challenge-platform/h/b/flow/ov1/0.42407724149232595:1669727174:noox-128eIBHS59jgVFd5322ljXMAnxzf8J10ckcBhk/771bf5254b97b518/11ee41efcc0a745
104.22.59.251200 OK 2.1 kB URL HTTP/1.1 ouo.press/cdn-cgi/challenge-platform/h/b/flow/ov1/0.42407724149232595:1669727174:noox-128eIBHS59jgVFd5322ljXMAnxzf8J10ckcBhk/771bf5254b97b518/11ee41efcc0a745
IP 104.22.59.251:0
File type ASCII text, with very long lines (2692), with no line terminators
Hash eb375438a1cf104178b1de2dc210a66e
30c8b14149753d8095021d49f184c7ce7fb28c16
59980cb128aa76e3b7cddba3e13dcec7d2f5ca9cad6a39c5c1927a113473bf45
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/0.42407724149232595:1669727174:noox-128eIBHS59jgVFd5322ljXMAnxzf8J10ckcBhk/771bf5254b97b518/11ee41efcc0a745 HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ouo.press/CJp6xC
Content-type: application/x-www-form-urlencoded
CF-Challenge: 11ee41efcc0a745
Content-Length: 16641
Origin: http://ouo.press
Connection: keep-alive
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 14:15:55 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf_chl_out: LLog4I0m+rTZmj+3UpB5rSdyANiRk22b4JVgrD9Jmvr4+9V2FQXDQi8F02AxzLRcszk/jYZFgcGo32VNMo4/qQ==$EVlSREgiySfrEbecReQa2A==
cf_chl_out_s: PMsHdzC5TMe4JrzKv08xcMb/PDCkRCwe55Xs1edbOCSLqVdoc0wjUWu3XrnFiCNdlTz3aJkZsubnTb/20ZdEDxdPLppZPI8+TcyYbNKlzG/Ighhb7iSSjFu7v+haYAiV3I6NfqUfv37N08A5GdVMZ1zgh22A2bdNy1Ztb99AeCWHI902lV2Etyx0t9keGixG$vizBEJg/nvga9KspgX/uEg==
set-cookie: cf_chl_rc_m=;Expires=Mon, 28 Nov 2022 14:15:55 GMT;SameSite=Strict
__cf_bm=afkPSCs9Gc5EJZHKH6BrOdX6QFMNir43N38PpWtyHxw-1669731355-0-AX5YbCNO2QpVDhTX+YaNymn2cJGCVZwtjOzPYuylYUu2hmaOZC+i/0jJVBIF0ViACAnYQfH8bhTAo58WYEaAxOk=; path=/; expires=Tue, 29-Nov-22 14:45:55 GMT; domain=.ouo.press; HttpOnly; SameSite=None
Server: cloudflare
CF-RAY: 771bf547df930b4d-OSL
Content-Encoding: gzip
ouo.press/CJp6xC
104.22.59.251200 OK 3.8 kB IP 104.22.59.251:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1938)
Hash 070d5caf858b4ece951e7cc5318c6545
9066d1bcab96125608bdccd34aefc61f67310abb
3e35baf69d734e3eae4c99fc467daf6e7217552cbc17ac05a8dd64d7e0761888
POST /CJp6xC HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ouo.press/CJp6xC?__cf_chl_tk=CnGpEc6nFjoL3xMLKXfdnJt6GrFe7vb42leV7aeKquE-1669731349-0-gaNycGzNAxE
Content-Type: application/x-www-form-urlencoded
Content-Length: 1774
Origin: http://ouo.press
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 14:15:55 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
CF-Cache-Status: DYNAMIC
Set-Cookie: cf_clearance=nCJywdOkRqmfwFNjjZ0rzBeD.cYEJJCsYoTgA2AOsHw-1669731355-0-250; path=/; expires=Wed, 29-Nov-23 14:15:55 GMT; domain=.ouo.press; HttpOnly
ouoio_session=eyJpdiI6ImxRR2hJeW1DeFBRTXZEc2pCRHBpbDgzUk1sdWg0aGR6bXBsMHJvVGhjSkk9IiwidmFsdWUiOiJmYXdzXC9pbEx3XC8yTUxZNUgybzl1aVJ4TUExeXY2bW05bzlZaGROUGwyT2dyTFdVRmxcL2I2UHpIRWFTYXllcytKMXNNQlM2WHVUbEFhK1pNNUtEQzNPUT09IiwibWFjIjoiNjk0MGRmNjcxYWE0ZGQwYWJjNjg3ODAxMjdlNzMxODc3YTNmZTQ1NTlmMDdlOTcwYjczMTM3NTY1ZmE4MWM5NSJ9; path=/; httponly
language=eyJpdiI6Ikt2eCtJTVRaS3Q4KytGRjF4bG9TS0EyaTJCN2laV29YWUl1QTBTTGVLNFE9IiwidmFsdWUiOiJFYkxPb1VxWHBkb29oWXY1bFVRK3BDbWZ0OGQ2SFRFQk1jWW9NSm5reStZPSIsIm1hYyI6ImE2MjJlMGZlOWJjZWMxY2Y4ZjMzNmIyZDFmMTc0YTJhZWNlYjk1MjJiZjJjNzZjODBiYzQ1NTIxZmZkMzhmMzYifQ%3D%3D; expires=Sun, 28-Nov-2027 14:15:55 GMT; Max-Age=157680000; path=/; httponly
c05cd53353f8b613ee469689ba585602b94e8a21=eyJpdiI6IjJoU1pDaEJjcEpUWjJhUFNFN0hiaVdPUHpVRmVscVRZVVVweTdma245aHM9IiwidmFsdWUiOiJZYkZJTlBvU1Q4MUloangxbHV3d1VMcmtDYXB3YTU5TFpWRU92S1pNQ05YTUNTVm5pSk5PNFFqT3l2RG1kWGZzTWxCdnlaVWJxaHBwWE9aVkZmMEhaOHY2cEowTTZaa1ZCRUJMYzBUaTM4MTVuZ05XZE5vc01BSUlQczRKMit6NFNCOTJWVDVrVHdHVmh5cjlObHI5bHBpUEZzWUJ4aVowdERXNWFNbWdcL20xakRZUGY1cm9CYnRtaGd4cktcL3pyY0FzNFlNQkIzeE91YjB5N0hkS09pM1RyTXpLcllpa1BTMFE1aStRUk05OEYycktjOG4zV29yZXpDWnpoaFNReEU3U29TRXhqMjJMQTdcL055N2piY1A2OFVVZ0hITHRIVlhLdUlTNUNqS1ZLTUFMeFZCbjRlZWtJVGRHcE1ncGlmRWNrcFdCakxqSHVtUFlTZktXWWplUHExY1lqWWJmdDd2cmRcL3N4K2JXV0E4ejM2a1YxMUdmMHl1U0hUU0o3Y2lZIiwibWFjIjoiM2U5YjFhNzJkYjBhMzNmNWM5ODg2NGY1ODAwYmUyOWI4ZTEzNDI4YTA0NDUzYjEzZGYyMzdhNWQ0YTc1MTY4NiJ9; expires=Tue, 29-Nov-2022 16:15:55 GMT; Max-Age=7200; path=/; httponly
__cf_bm=o0KXai9A5GaGAXoCU6HqUiyboyPuR6wOhnqc48PKsFo-1669731355-0-ARaAagomidYjZeG+XpuWx0OyG7bauIQEh1kqJ48jHlhfto2yc3GJApx0EPjltnX1+yVGWU6I+PGVGgr7uhu50bo=; path=/; expires=Tue, 29-Nov-22 14:45:55 GMT; domain=.ouo.press; HttpOnly; SameSite=None
Server: cloudflare
CF-RAY: 771bf54929020b4d-OSL
Content-Encoding: gzip
ouo.press/css/link-safe.css
104.22.59.251200 OK 1.8 kB URL HTTP/1.1 ouo.press/css/link-safe.css
IP 104.22.59.251:0
Hash d91a45478adaa488ef4f1733dfa3c44c
3686ea901ce8ca85bb82f42bf0a8d39095ebf73d
4bb66b15dd5791ec4c9867c3a89ee2ef9bdb5f0bbd0d442a1fbfe2c34e9bc86b
GET /css/link-safe.css HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/CJp6xC
Cookie: cf_clearance=nCJywdOkRqmfwFNjjZ0rzBeD.cYEJJCsYoTgA2AOsHw-1669731355-0-250; ouoio_session=eyJpdiI6ImxRR2hJeW1DeFBRTXZEc2pCRHBpbDgzUk1sdWg0aGR6bXBsMHJvVGhjSkk9IiwidmFsdWUiOiJmYXdzXC9pbEx3XC8yTUxZNUgybzl1aVJ4TUExeXY2bW05bzlZaGROUGwyT2dyTFdVRmxcL2I2UHpIRWFTYXllcytKMXNNQlM2WHVUbEFhK1pNNUtEQzNPUT09IiwibWFjIjoiNjk0MGRmNjcxYWE0ZGQwYWJjNjg3ODAxMjdlNzMxODc3YTNmZTQ1NTlmMDdlOTcwYjczMTM3NTY1ZmE4MWM5NSJ9; language=eyJpdiI6Ikt2eCtJTVRaS3Q4KytGRjF4bG9TS0EyaTJCN2laV29YWUl1QTBTTGVLNFE9IiwidmFsdWUiOiJFYkxPb1VxWHBkb29oWXY1bFVRK3BDbWZ0OGQ2SFRFQk1jWW9NSm5reStZPSIsIm1hYyI6ImE2MjJlMGZlOWJjZWMxY2Y4ZjMzNmIyZDFmMTc0YTJhZWNlYjk1MjJiZjJjNzZjODBiYzQ1NTIxZmZkMzhmMzYifQ%3D%3D; c05cd53353f8b613ee469689ba585602b94e8a21=eyJpdiI6IjJoU1pDaEJjcEpUWjJhUFNFN0hiaVdPUHpVRmVscVRZVVVweTdma245aHM9IiwidmFsdWUiOiJZYkZJTlBvU1Q4MUloangxbHV3d1VMcmtDYXB3YTU5TFpWRU92S1pNQ05YTUNTVm5pSk5PNFFqT3l2RG1kWGZzTWxCdnlaVWJxaHBwWE9aVkZmMEhaOHY2cEowTTZaa1ZCRUJMYzBUaTM4MTVuZ05XZE5vc01BSUlQczRKMit6NFNCOTJWVDVrVHdHVmh5cjlObHI5bHBpUEZzWUJ4aVowdERXNWFNbWdcL20xakRZUGY1cm9CYnRtaGd4cktcL3pyY0FzNFlNQkIzeE91YjB5N0hkS09pM1RyTXpLcllpa1BTMFE1aStRUk05OEYycktjOG4zV29yZXpDWnpoaFNReEU3U29TRXhqMjJMQTdcL055N2piY1A2OFVVZ0hITHRIVlhLdUlTNUNqS1ZLTUFMeFZCbjRlZWtJVGRHcE1ncGlmRWNrcFdCakxqSHVtUFlTZktXWWplUHExY1lqWWJmdDd2cmRcL3N4K2JXV0E4ejM2a1YxMUdmMHl1U0hUU0o3Y2lZIiwibWFjIjoiM2U5YjFhNzJkYjBhMzNmNWM5ODg2NGY1ODAwYmUyOWI4ZTEzNDI4YTA0NDUzYjEzZGYyMzdhNWQ0YTc1MTY4NiJ9
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 14:15:55 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=86400
Cf-Bgj: minify
Cf-Polished: status=cannot_optimize
ETag: W/"5d951ace-1830"
Expires: Wed, 30 Nov 2022 01:31:13 GMT
Last-Modified: Wed, 02 Oct 2019 21:46:54 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
CF-Cache-Status: HIT
Age: 2682
Set-Cookie: __cf_bm=7DZwZdbbeOhRAIXdyhXI1AE2TS_qZZrmCeS16nA0BaM-1669731355-0-AaznORQHfXfOIK1qf60fm4puftYCu+eGj426KHbIZZ81qQQ9MGG2L4YPQ6mY7rrLKbR1Jixua08QBQ9I/wZqFJc=; path=/; expires=Tue, 29-Nov-22 14:45:55 GMT; domain=.ouo.press; HttpOnly; SameSite=None
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 771bf54bc81ab51b-OSL
Content-Encoding: gzip
challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit
104.18.6.185302 Found 655 B URL HTTP/2 challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit
IP 104.18.6.185:0
File type gzip compressed data, from Unix\012- data
Hash bc3ba461c8a309acf61b6d9c41cb6236
88482306ecc9258d5e9cbb9ba5314dab223a5db4
31331f1b1519882d2f2fb60367708fd56a7a1ec0bddd0554c635547179c7dc8f
GET /turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Tue, 29 Nov 2022 14:15:51 GMT
location: /turnstile/v0/b/75e640aa/api.js?onload=_cf_chl_turnstile_l&render=explicit
vary: accept-encoding
cache-control: max-age=300, public
server: cloudflare
cf-ray: 771bf53289440b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ouo.press/css/bootstrap.css
104.22.59.251200 OK 18 kB URL HTTP/1.1 ouo.press/css/bootstrap.css
IP 104.22.59.251:0
File type ASCII text, with very long lines (65452)
Hash ecd7a3b8fdf856cece681f760bad623c
3c16d8b0523e3c6de3b20f7c7f9de2ae48a2949a
40f5215bfeb4c595389b7d02127c47c94e173dbca21022c9f67eca101d03ab92
GET /css/bootstrap.css HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/CJp6xC
Cookie: cf_clearance=nCJywdOkRqmfwFNjjZ0rzBeD.cYEJJCsYoTgA2AOsHw-1669731355-0-250; ouoio_session=eyJpdiI6ImxRR2hJeW1DeFBRTXZEc2pCRHBpbDgzUk1sdWg0aGR6bXBsMHJvVGhjSkk9IiwidmFsdWUiOiJmYXdzXC9pbEx3XC8yTUxZNUgybzl1aVJ4TUExeXY2bW05bzlZaGROUGwyT2dyTFdVRmxcL2I2UHpIRWFTYXllcytKMXNNQlM2WHVUbEFhK1pNNUtEQzNPUT09IiwibWFjIjoiNjk0MGRmNjcxYWE0ZGQwYWJjNjg3ODAxMjdlNzMxODc3YTNmZTQ1NTlmMDdlOTcwYjczMTM3NTY1ZmE4MWM5NSJ9; language=eyJpdiI6Ikt2eCtJTVRaS3Q4KytGRjF4bG9TS0EyaTJCN2laV29YWUl1QTBTTGVLNFE9IiwidmFsdWUiOiJFYkxPb1VxWHBkb29oWXY1bFVRK3BDbWZ0OGQ2SFRFQk1jWW9NSm5reStZPSIsIm1hYyI6ImE2MjJlMGZlOWJjZWMxY2Y4ZjMzNmIyZDFmMTc0YTJhZWNlYjk1MjJiZjJjNzZjODBiYzQ1NTIxZmZkMzhmMzYifQ%3D%3D; c05cd53353f8b613ee469689ba585602b94e8a21=eyJpdiI6IjJoU1pDaEJjcEpUWjJhUFNFN0hiaVdPUHpVRmVscVRZVVVweTdma245aHM9IiwidmFsdWUiOiJZYkZJTlBvU1Q4MUloangxbHV3d1VMcmtDYXB3YTU5TFpWRU92S1pNQ05YTUNTVm5pSk5PNFFqT3l2RG1kWGZzTWxCdnlaVWJxaHBwWE9aVkZmMEhaOHY2cEowTTZaa1ZCRUJMYzBUaTM4MTVuZ05XZE5vc01BSUlQczRKMit6NFNCOTJWVDVrVHdHVmh5cjlObHI5bHBpUEZzWUJ4aVowdERXNWFNbWdcL20xakRZUGY1cm9CYnRtaGd4cktcL3pyY0FzNFlNQkIzeE91YjB5N0hkS09pM1RyTXpLcllpa1BTMFE1aStRUk05OEYycktjOG4zV29yZXpDWnpoaFNReEU3U29TRXhqMjJMQTdcL055N2piY1A2OFVVZ0hITHRIVlhLdUlTNUNqS1ZLTUFMeFZCbjRlZWtJVGRHcE1ncGlmRWNrcFdCakxqSHVtUFlTZktXWWplUHExY1lqWWJmdDd2cmRcL3N4K2JXV0E4ejM2a1YxMUdmMHl1U0hUU0o3Y2lZIiwibWFjIjoiM2U5YjFhNzJkYjBhMzNmNWM5ODg2NGY1ODAwYmUyOWI4ZTEzNDI4YTA0NDUzYjEzZGYyMzdhNWQ0YTc1MTY4NiJ9
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 14:15:55 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=86400
Cf-Bgj: minify
Cf-Polished: origSize=109522
ETag: W/"54def1fc-1abd2"
Expires: Tue, 29 Nov 2022 23:09:11 GMT
Last-Modified: Sat, 14 Feb 2015 06:58:04 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
CF-Cache-Status: HIT
Age: 11204
Set-Cookie: __cf_bm=HUX4oCA8MbEaMMlZk8vKM965T74iOZhjcuJLS57PJR4-1669731355-0-Ac2AYlkYYbCM69F1TVqNFmfBTX4vUsYihMGd9nQic0JcpfWwJ2jV27T8MkcboFT6Uyc8vVDXm1UFBXmo0JRIS20=; path=/; expires=Tue, 29-Nov-22 14:45:55 GMT; domain=.ouo.press; HttpOnly; SameSite=None
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 771bf54bcbc70b4d-OSL
Content-Encoding: gzip
hhklc.com/c.js
104.21.70.122301 Moved Permanently 0 B IP 104.21.70.122:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.js HTTP/1.1
Host: hhklc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 301 Moved Permanently
Date: Tue, 29 Nov 2022 14:15:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 29 Nov 2022 15:15:55 GMT
Location: https://hhklc.com/c.js
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AwOlYtCSf8rcZB8pBDALEZj%2FskulE%2Ff9wy275O%2F6Wl%2BwuUAeRX6lGP%2FgmBi7S1vlXNuSTkvbfPYfpEGdCpUs65IhJOYZxA%2Bth%2BzepGXiDbYgyFTFMSY8x2eYhLc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 771bf54bdcbcb512-OSL
alt-svc: h2=":443"; ma=60
fonts.googleapis.com/css?family=Questrial
142.250.74.10200 OK 387 B URL HTTP/1.1 fonts.googleapis.com/css?family=Questrial
IP 142.250.74.10:0
Hash 7b73b3eed6a43db40b0640388112329f
ad4bb62a66f1f95c0a252f83345b40d40dcd5bb4
1776d3903d4f6fb36773bac4ccb4b86c0658838f29674d1fb506859506a41bc3
GET /css?family=Questrial HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Tue, 29 Nov 2022 14:15:55 GMT
Date: Tue, 29 Nov 2022 14:15:55 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a0fe20d41a043db700a84924cd9793f3
c0da481fef6cd00558f6e68b074acb34bef8292f
03caeb65ab9e22f6d6fe0d344d327950d20ee9ed144e2da0e5e062943a03fc56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 14:15:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ecdn.analysis.fi/static/js/fab.js
54.230.111.87200 OK 4.2 kB URL HTTP/1.1 ecdn.analysis.fi/static/js/fab.js
IP 54.230.111.87:0
File type ASCII text, with very long lines (574)
Hash 28a0bef1ecb63168106f97b637ab3414
e577575dd115f6a95aea8c2ae87d2c30c8464728
d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6
GET /static/js/fab.js HTTP/1.1
Host: ecdn.analysis.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 4240
Connection: keep-alive
Server: nginx/1.20.0
Last-Modified: Tue, 14 Dec 2021 15:30:51 GMT
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Date: Tue, 29 Nov 2022 13:23:11 GMT
Expires: Tue, 29 Nov 2022 14:23:10 GMT
Cache-Control: max-age=3600
ETag: "61b8b8ab-1090"
X-Cache: Hit from cloudfront
Via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 8g7ZzV2IEg1W6OMsTaEhJWzmZ9-mYb6WtUHIAb7XJ7fX4MI93ww0hw==
Age: 3165
ecdn.firstimpression.io/fi_client.js
54.230.111.73200 OK 100 kB URL HTTP/1.1 ecdn.firstimpression.io/fi_client.js
IP 54.230.111.73:0
File type ASCII text, with very long lines (618)
Size 100 kB (100201 bytes)
Hash 1c858a95f0a66948202ca61d5b16f461
34200b195928bae14f4f365fe53f98099545854f
eb52555e6b4271a4f0287b5a00bef6bb42a0613dba1d2c22ca61957fd6fa79ce
GET /fi_client.js HTTP/1.1
Host: ecdn.firstimpression.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Date: Tue, 29 Nov 2022 14:11:52 GMT
Server: nginx/1.20.0
X-Powered-By: PHP/8.0.14
X-XSS-Protection: 0
Last-Modified: Tue, 29 Nov 2022 14:11:52 UTC
ETag: W/"4ad874682fe1ab0ad75dc02bf1908f48"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: YSYmr41JFZlEQ_-oNpyt1x3piB-WJXgvz5P21huJBqW0lTnoCCvTLQ==
Age: 243
www.google.com/recaptcha/api.js?render=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x
142.250.74.164200 OK 582 B URL HTTP/2 www.google.com/recaptcha/api.js?render=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x
IP 142.250.74.164:0
File type ASCII text, with very long lines (884), with no line terminators
Hash 729acee2a72aedc9406dba71bf4c1d00
e7f1dea037aaa2df1c1e5b884dc5d73b7bc35e82
7e9b8e953f317a7a47db6df1d1ac8be5c78e9a9524a0a07755c748c2198f816a
GET /recaptcha/api.js?render=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Tue, 29 Nov 2022 14:15:55 GMT
date: Tue, 29 Nov 2022 14:15:55 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 582
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tv.gourdycortes.com/1clkn/16562
172.255.6.124200 OK 1.4 kB URL HTTP/1.1 tv.gourdycortes.com/1clkn/16562
IP 172.255.6.124:0
Hash 3838a125813ec506cc733311fd48810a
6ae89f04ef035a9e79f9d6d1d54dd2755453f72f
f17adeb4e38d63bf5c158478993667c9c72d5dc34b3a9313538dab88a9903f1f
GET /1clkn/16562 HTTP/1.1
Host: tv.gourdycortes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 14:15:55 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Set-Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; expires=Wed, 30-Nov-2022 14:15:55 GMT; Max-Age=86400; path=/
GL_GI10=eJxNjM0KgkAYRW0qSwrjQg%2FQC2T%2Fi7bVMnThAwxmXzFg84kz%2FdjTpwbR5nI4cK7jOGLsQ6gcw%2B0i2M6D9TJYbNZoX4khwgjDlO%2FaFqXUyY3ghlw8kxJuQVfFGmK%2BwuDLMuUzoRtG0z%2FXRIPIZDzZ1z8lOqmqt1bwav52vaprXFuZHP4uU69JzNndVi8GniYrTU50hrdPThnNDvER%2Fs82H24LfWVkXvCrrHhk1Y3erEny5WLIVqr1cMUHDLFHVQ%3D%3D; expires=Wed, 30-Nov-2022 14:15:55 GMT; Max-Age=86400; path=/
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
cdn.runative-syndicate.com/sdk/v1/n.js
8.247.219.121200 OK 5.2 kB URL HTTP/1.1 cdn.runative-syndicate.com/sdk/v1/n.js
IP 8.247.219.121:0
File type ASCII text, with very long lines (591)
Hash e6b953ae4edfbe129269f196fe87eee9
eb99511c1d23000bc72b2c640bbcd5792eb431f2
eb6d42f0cdeddc023b69947db248be42bc66aa2da8c59178b7f22b528c4dd60f
GET /sdk/v1/n.js HTTP/1.1
Host: cdn.runative-syndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 200 OK
Date: Fri, 12 Aug 2022 08:59:19 GMT
Content-Type: application/javascript
Content-Length: 5220
Connection: keep-alive
Last-Modified: Wed, 23 Mar 2022 15:25:35 GMT
Server: nginx
X-Robots-Tag: noindex, nofollow
Content-Encoding: gzip
Vary: Accept-Encoding
ETag: W/"623b3bef-3202"
Age: 9436596
Accept-Ranges: bytes
hhklc.com/c.js
104.21.70.122200 OK 2.8 kB IP 104.21.70.122:0
File type ASCII text, with very long lines (8728), with no line terminators
Hash 95f03d5b7797c0a7ca256c6a81183338
68ca90637a09fe5b835d04d63ec69dd6690b6920
2d1b129499b16fb09fc1d56fe2a50b1085f3c6c37afea82166abe6594b5ca245
GET /c.js HTTP/1.1
Host: hhklc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ouo.press/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 14:15:55 GMT
content-type: application/javascript
last-modified: Fri, 11 Nov 2022 16:10:23 GMT
etag: W/"636e73ef-2218"
server-asp-net: Asp Net
expires: Tue, 29 Nov 2022 14:37:26 GMT
cache-control: public, max-age=14400
cf-cache-status: HIT
age: 1409
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UAY4PsIuS%2FE3jKB0wC68u9U%2F9Ely4iDU%2BZ0BGcxsV2hoouTCpbCBv%2B%2BSD88VySydHVwtSnAiPJEfSgdznTUI2SkYj7jtWHZtg6dT1zEFfjkCH62mQ%2Bba4wAfPaw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771bf54c3ab6b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
itineraryupper.com/ed/36/01/ed36014633829dc70a42dccaefdf3f11.js
173.233.137.60200 OK 13 kB URL HTTP/1.1 itineraryupper.com/ed/36/01/ed36014633829dc70a42dccaefdf3f11.js
IP 173.233.137.60:0
File type ASCII text, with very long lines (37189), with no line terminators
Hash 253d61ff47f15fb8b8ab1c2a220a9ac6
aca11759e164e4c7bb9dd0f9fe95d723cf0e2e1a
4d3f23b7684048db63d3665291c7caeb29ab13d2b95ea49e1db3643307838ab0
Analyzer Verdict Alert fortinet Malware
GET /ed/36/01/ed36014633829dc70a42dccaefdf3f11.js HTTP/1.1
Host: itineraryupper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 29 Nov 2022 14:15:55 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2882275905bf7fc5f188bdfac0fd5d8d
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
cdn.run-syndicate.com/sdk/v1/n.css
8.254.252.211200 OK 8.3 kB URL HTTP/1.1 cdn.run-syndicate.com/sdk/v1/n.css
IP 8.254.252.211:0
File type ASCII text, with very long lines (8277), with no line terminators
Hash 37ebbc4b85fb5383d08547f5fe9d8d9f
99dac34980b1fd00028f76e782444bdf948724c5
24b59f4e4fbf1d4a988ffa478952ceb54e0b2f0774da926bcd2cc0376200dbfe
GET /sdk/v1/n.css HTTP/1.1
Host: cdn.run-syndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 200 OK
Date: Thu, 03 Mar 2022 22:40:12 GMT
Content-Type: text/css
Content-Length: 8277
Connection: keep-alive
ETag: "6114dd75-2055"
Last-Modified: Thu, 12 Aug 2021 08:36:05 GMT
Server: nginx
X-Robots-Tag: noindex, nofollow
Age: 23384144
Accept-Ranges: bytes
fonts.gstatic.com/s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2
216.58.207.195200 OK 19 kB URL HTTP/1.1 fonts.gstatic.com/s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 19292, version 1.0\012- data
Hash 19007b17e56daa60133bce9e9b352a95
bac1384caeae5762e7a1d8c18037f69c8cd21bc4
fd88a03358ba14440b78c6329717bdf6ed1a9fe97c3ad4e0a0a39d31fb1ac546
GET /s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://ouo.press
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 19292
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 24 Nov 2022 15:53:57 GMT
Expires: Fri, 24 Nov 2023 15:53:57 GMT
Cache-Control: public, max-age=31536000
Age: 426119
Last-Modified: Wed, 27 Apr 2022 16:12:54 GMT
Content-Type: font/woff2
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 94d394d6beaad25971b7f1e02d93b841
07359fac8e3e5c10dee86bdb0d2a468ab90d8f9a
06c4f25efd09668ee6bc8cc7b4d278841c5abb5d31c0e029cda8b43c4ee4a489
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=88506
Date: Tue, 29 Nov 2022 14:15:56 GMT
Etag: "6384b816-1d7"
Expires: Wed, 30 Nov 2022 14:51:02 GMT
Last-Modified: Mon, 28 Nov 2022 13:31:02 GMT
Server: ECS (nyb/1D28)
X-Cache: Miss from cloudfront
Via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: NSfPHuXL0R5aAtZTlj-FaR03UBEN7HzNELwL3JCI0CPtkX6otORTzA==
Age: 4800
friendshipmale.com/sfp.js
172.64.163.31200 OK 28 kB URL HTTP/1.1 friendshipmale.com/sfp.js
IP 172.64.163.31:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash b1fa950e77a7db5425f9a5257af02e9c
2d5580451f34ad96218f8b97edf9708f9ee1be87
d999c4320df27dc4a1d3de5aec22bb3ef201560b47a7eff3f28f4133c1997a14
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 14:15:56 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: max-age=14400
X-Request-ID: 97e7fd6abb95a43c58d03fd14030104d
Strict-Transport-Security: max-age=0; includeSubdomains
CF-Cache-Status: EXPIRED
Last-Modified: Tue, 29 Nov 2022 14:15:56 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EvPiXaF%2FlfOGrtR1DNWxoRlizk%2FQOU%2F5W0Aiw8OjfCevt4gsAN797%2BmdfjI3AG%2FutEknzPmK1RwEpb4RGjJGYCio77CiCNxqv4fioMGZrE7UiLdQFx%2F0FUh%2FJfIFdGq82g6Y8o4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 771bf5502dab8926-LHR
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
simplewebanalysis.com/stats
52.28.211.11200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.211.11:0
File type ASCII text, with no line terminators
Hash 1015c673848e642d56e42b1bde9b3268
5cc34af890a8155273abee2b686ea820ed6dc247
7ee79e799092b85a8acc9c44f3ce1d901f606c8fca1dc12c56e297c0ae597f92
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 14:15:56 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://ouo.press
access-control-allow-credentials: true
set-cookie: uid_id2=7bf935bf-dd11-4c39-baa7-d8132153a214:2:1; expires=Fri, 26 Nov 2032 14:15:56 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
run-syndicate.com/do2/048b86cb1ea4453a9397baf204dd5474/dynamic?format=jsonp&count=2&w=1280&h=1024&keywords=ouo,press,short,links,link,shortener,free,URL,shortener,Free,URL,shorten,service,ouo,press,CJp,&adtype=label-under&callback=callback_ow5M5
136.243.130.121200 OK 4.8 kB URL HTTP/1.1 run-syndicate.com/do2/048b86cb1ea4453a9397baf204dd5474/dynamic?format=jsonp&count=2&w=1280&h=1024&keywords=ouo,press,short,links,link,shortener,free,URL,shortener,Free,URL,shorten,service,ouo,press,CJp,&adtype=label-under&callback=callback_ow5M5
IP 136.243.130.121:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (9004), with no line terminators
Hash 5e9c56e41863c4eba31af19b754ce81b
59ea72dc52f01c58110a6212ee8416cdba52a0eb
f680d69c053e134cec278ac8127d3b6bd89989b745f4d4999fdcbcfdace7ab04
GET /do2/048b86cb1ea4453a9397baf204dd5474/dynamic?format=jsonp&count=2&w=1280&h=1024&keywords=ouo,press,short,links,link,shortener,free,URL,shortener,Free,URL,shorten,service,ouo,press,CJp,&adtype=label-under&callback=callback_ow5M5 HTTP/1.1
Host: run-syndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 14:15:56 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Pragma: no-cache
Expires: 0
Vary: Accept-Encoding, *
X-Api-Version: 2
X-Request-Id: d95a4e7ded1baa3b
Set-Cookie: ts_uid=cbce44c2-c3e7-433c-bec6-f1590468f9e0; expires=Mon, 29 May 2023 14:15:56 GMT; domain=.run-syndicate.com; path=/; HttpOnly; secure; SameSite=None
Cache-Control: no-cache, no-store, no-transform, must-revalidate, no-transform
X-Robots-Tag: none, noindex, nofollow
Report-To: { "url": "https://pxl.runative-syndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
Content-Encoding: gzip
widgets.outbrain.com/images/widgetIcons/achoice.svg
23.38.201.81200 OK 2.7 kB URL HTTP/2 widgets.outbrain.com/images/widgetIcons/achoice.svg
IP 23.38.201.81:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2290)
Hash 9d26fa4e7238ed94f1d0d92afb453b3e
ae18efe7d09337bf2f580b3f5bc912284aad7821
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
GET /images/widgetIcons/achoice.svg HTTP/1.1
Host: widgets.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/svg+xml
etag: "9d26fa4e7238ed94f1d0d92afb453b3e:1662969032.874716"
last-modified: Mon, 12 Sep 2022 07:37:47 GMT
server: AkamaiNetStorage
content-length: 2735
cache-control: max-age=2592000
expires: Thu, 29 Dec 2022 14:15:56 GMT
date: Tue, 29 Nov 2022 14:15:56 GMT
timing-allow-origin: *, *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 30462b52571c91f089bed4de98462a46
7e2b322ea5b8f97b2fa76751bcffe2a420f872eb
c5403dfefa9d043ac501963ff09a6d3d70e21f6e6a1b9728183a3490060a4bfc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 14:15:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 49eee25f3ccd585a29e34e80cf5bb160
73eca8be91deedd049304862759a3d8084c0b07e
531e5685527861b3ed7e8e3865c5a6a40d3f92f5c9d89df3f385dab72406fb56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 14:15:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
142.250.74.102200 OK 104 B URL HTTP/2 ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
IP 142.250.74.102:0
File type MS Windows icon resource - 2 icons, 16x16, 16 colors, 32x32, 16 colors\012- data
Hash 32ac8a9b81788b981a3a7e13c14082d4
fbfd48a2bfe8d4247a975176f88d18c3c2ad1952
00cc7617e054596ff0aaabd8a93a9214dc5304bfe317316022dbf4fb3ea073d2
GET /favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250 HTTP/1.1
Host: ad.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 104
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 07:04:08 GMT
expires: Wed, 30 Nov 2022 07:04:08 GMT
cache-control: public, max-age=86400
age: 25908
last-modified: Tue, 08 May 2012 13:08:06 GMT
content-type: image/x-icon
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
142.250.74.163200 OK 163 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (730)
Size 163 kB (162976 bytes)
Hash 79d18cf4265108d7cecca1bf4ada6109
e51d0285a545381d4c39e9e0292a650ffeeecbb9
59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6
GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 26 Nov 2022 21:26:04 GMT
expires: Sun, 26 Nov 2023 21:26:04 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
age: 233392
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 49eee25f3ccd585a29e34e80cf5bb160
73eca8be91deedd049304862759a3d8084c0b07e
531e5685527861b3ed7e8e3865c5a6a40d3f92f5c9d89df3f385dab72406fb56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 14:15:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash bbb0f4db8cf5afadcf6aff6e3efd84f5
306a448867377ee652726a0ca8f45112ed46f3d2
f3793d646b320f22c02cde1bee7423484fba1abc89cce4667754107416ab640f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 14:15:56 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 26 Nov 2022 15:56:29 GMT
Expires: Sat, 03 Dec 2022 15:56:28 GMT
Etag: "306a448867377ee652726a0ca8f45112ed46f3d2"
Cache-Control: max-age=351031,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 771bf5522a82b517-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash bbb0f4db8cf5afadcf6aff6e3efd84f5
306a448867377ee652726a0ca8f45112ed46f3d2
f3793d646b320f22c02cde1bee7423484fba1abc89cce4667754107416ab640f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 14:15:56 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 26 Nov 2022 15:56:29 GMT
Expires: Sat, 03 Dec 2022 15:56:28 GMT
Etag: "306a448867377ee652726a0ca8f45112ed46f3d2"
Cache-Control: max-age=351031,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 771bf5522a80b4f4-OSL
lcdn.tsyndicate.com/images/a/d/03d7b5c2d567cc6406d8f127e020875cb4eb3e/300x250.webp
8.254.252.211200 OK 5.1 kB URL HTTP/2 lcdn.tsyndicate.com/images/a/d/03d7b5c2d567cc6406d8f127e020875cb4eb3e/300x250.webp
IP 8.254.252.211:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x225, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f57b114ba45b2c271385442ec59a443f
fcf79e45bcc922fc2463db284ff39283658981ad
8724bb91fdb568f4b15893c544f289a7c5d1113b741f37eb1a2f8009eae4b13d
GET /images/a/d/03d7b5c2d567cc6406d8f127e020875cb4eb3e/300x250.webp HTTP/1.1
Host: lcdn.tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 14:15:56 GMT
content-type: image/webp
content-length: 5125
last-modified: Thu, 10 Nov 2022 11:52:59 GMT
server: nginx
x-robots-tag: noindex, nofollow
content-encoding: gzip
vary: Accept-Encoding
etag: W/"636ce61b-13ee"
age: 1559373
accept-ranges: bytes
X-Firefox-Spdy: h2
lcdn.tsyndicate.com/images/2/a/471fb8a7dfcb8077c6a8ff1ce29a8ffe5ed609/300x250.webp
8.254.252.211200 OK 7.9 kB URL HTTP/2 lcdn.tsyndicate.com/images/2/a/471fb8a7dfcb8077c6a8ff1ce29a8ffe5ed609/300x250.webp
IP 8.254.252.211:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x225, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5c843d3d3cd175a3de8102f2585e52a2
8857b308c2026bab5e4a85ef735d01a1d5a960d4
e24701d78986fb36657e11ba86e2636c633d7ed2f1c183f0a2906a753b988ff0
GET /images/2/a/471fb8a7dfcb8077c6a8ff1ce29a8ffe5ed609/300x250.webp HTTP/1.1
Host: lcdn.tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 14:15:56 GMT
content-type: image/webp
content-length: 7863
last-modified: Thu, 10 Nov 2022 11:53:01 GMT
server: nginx
x-robots-tag: noindex, nofollow
content-encoding: gzip
vary: Accept-Encoding
etag: W/"636ce61d-1ea0"
age: 1559363
accept-ranges: bytes
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
52.28.211.11200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.211.11:0
File type ASCII text, with no line terminators
Hash 1015c673848e642d56e42b1bde9b3268
5cc34af890a8155273abee2b686ea820ed6dc247
7ee79e799092b85a8acc9c44f3ce1d901f606c8fca1dc12c56e297c0ae597f92
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Cookie: uid_id2=7bf935bf-dd11-4c39-baa7-d8132153a214:2:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 14:15:56 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://ouo.press
access-control-allow-credentials: true
X-Firefox-Spdy: h2
pxl.tsyndicate.com/api/v1/p/p.gif?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0XIiAEjTA4aM2K0iGEjB4wWNGqIkdECB4wyOVrWKANjRhgcM2bkMINDxMMwdcZk1FkzzAwbNlqYERNGJA0ZMsy0WEljTIsyY3DIMJojx8GmPiGSsbNQBoyaNB7CqSNm4YyNNRxChAOnbA0bbx_OgTNRh04bMGzIsPFwTJu6OmjguJGj5E8yZhYKfijGjRu3MG4otoHjYRs3GHXIoNG1swg4n0PHMHn0YR05bNzmBLzYtYyMaOjQgTNHx4sXePCwKaPGxRk5YeikMZOHDWgyycvMcTHmTZsXP-rQafNlzpvXY8r02DkDBo3MNsY0HjOjDA4aXOqcHTwnRo_yNxjHn29jjoweDY0WAw0x7AcDfTPc11hggxlIXw09KMZYSQ6mx0YaY6zxRRpkADhEFFYcIUUSVlhBRxRqFFFHDnLQwQQbVtSxxhhzVJFDHVGQccQUc5wBgxRD5NGGEDWg4cQVZUAhBx5VKLHGG1DMoYQNedxQxRs1zHFHC3ToMcccbsDgBh5XiEEEGXOQIcQVUnxRxhUtaEHEG2zQgMQZMg7xxBlfzLBEDMM5YccRd3xxRhVJECFFFWlUqIZ9Bcp3oA1q5ABgWGRYl9F3b7gAhxzSKVRYcgttQWAXaskhlF9ltBAYZZHpAIMLMFQkwhioffHpqrPOl5YIctiBmFkPYYXaQr3W5FodaWQ0hhjh0VAVS-yVcQNKOVklBlZJmdGQSTRwZkYONIWVBmIi5BCDCya58JQLDdEQlhwboqsuu7O-G29YdYSRURNv6JEGG2yE8UINtIKAwhVpuJHpHXOA4AQVIHBE6w4gMOyGDTRgjAfHGAfLEAwIw5ACCEdg9eQLZnFUa60gGJEGqGa8gccLHJUc1hiriuDEE2G9QS_PGf0cFhs9F-EEpmXY8QWosTFUQ344cXbWQ3KccZloNdQmwkFOiyHHQjiYBvYXbbxBRlk42GArGXK84dZDbyiUWKo257HQrzTjphscvr3AqaegfvlCWHdkFIMMLoWFhuIHyqtXsBnFTUdyQrdQhxtp0IGtC2SMsTimPR_0ReijW9QGRUjlcENIM9yl-m0Mtf56DLHjNfVjT0sHxxek1l7S7bkX63QYw7Vo9xYz0IAqRGL09XUZZgDFxkRqIY1sYag5jZxycsvqLlSuF6aaDH0oEBA%3D&r=1&s=4af950ec44caaa3a75bc0089ae1ecde44e4caace70a43903d4eed435089e12b31669731356&w=t&ir=245x208
136.243.51.171200 OK 35 B URL HTTP/2 pxl.tsyndicate.com/api/v1/p/p.gif?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0XIiAEjTA4aM2K0iGEjB4wWNGqIkdECB4wyOVrWKANjRhgcM2bkMINDxMMwdcZk1FkzzAwbNlqYERNGJA0ZMsy0WEljTIsyY3DIMJojx8GmPiGSsbNQBoyaNB7CqSNm4YyNNRxChAOnbA0bbx_OgTNRh04bMGzIsPFwTJu6OmjguJGj5E8yZhYKfijGjRu3MG4otoHjYRs3GHXIoNG1swg4n0PHMHn0YR05bNzmBLzYtYyMaOjQgTNHx4sXePCwKaPGxRk5YeikMZOHDWgyycvMcTHmTZsXP-rQafNlzpvXY8r02DkDBo3MNsY0HjOjDA4aXOqcHTwnRo_yNxjHn29jjoweDY0WAw0x7AcDfTPc11hggxlIXw09KMZYSQ6mx0YaY6zxRRpkADhEFFYcIUUSVlhBRxRqFFFHDnLQwQQbVtSxxhhzVJFDHVGQccQUc5wBgxRD5NGGEDWg4cQVZUAhBx5VKLHGG1DMoYQNedxQxRs1zHFHC3ToMcccbsDgBh5XiEEEGXOQIcQVUnxRxhUtaEHEG2zQgMQZMg7xxBlfzLBEDMM5YccRd3xxRhVJECFFFWlUqIZ9Bcp3oA1q5ABgWGRYl9F3b7gAhxzSKVRYcgttQWAXaskhlF9ltBAYZZHpAIMLMFQkwhioffHpqrPOl5YIctiBmFkPYYXaQr3W5FodaWQ0hhjh0VAVS-yVcQNKOVklBlZJmdGQSTRwZkYONIWVBmIi5BCDCya58JQLDdEQlhwboqsuu7O-G29YdYSRURNv6JEGG2yE8UINtIKAwhVpuJHpHXOA4AQVIHBE6w4gMOyGDTRgjAfHGAfLEAwIw5ACCEdg9eQLZnFUa60gGJEGqGa8gccLHJUc1hiriuDEE2G9QS_PGf0cFhs9F-EEpmXY8QWosTFUQ344cXbWQ3KccZloNdQmwkFOiyHHQjiYBvYXbbxBRlk42GArGXK84dZDbyiUWKo257HQrzTjphscvr3AqaegfvlCWHdkFIMMLoWFhuIHyqtXsBnFTUdyQrdQhxtp0IGtC2SMsTimPR_0ReijW9QGRUjlcENIM9yl-m0Mtf56DLHjNfVjT0sHxxek1l7S7bkX63QYw7Vo9xYz0IAqRGL09XUZZgDFxkRqIY1sYag5jZxycsvqLlSuF6aaDH0oEBA%3D&r=1&s=4af950ec44caaa3a75bc0089ae1ecde44e4caace70a43903d4eed435089e12b31669731356&w=t&ir=245x208
IP 136.243.51.171:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /api/v1/p/p.gif?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0XIiAEjTA4aM2K0iGEjB4wWNGqIkdECB4wyOVrWKANjRhgcM2bkMINDxMMwdcZk1FkzzAwbNlqYERNGJA0ZMsy0WEljTIsyY3DIMJojx8GmPiGSsbNQBoyaNB7CqSNm4YyNNRxChAOnbA0bbx_OgTNRh04bMGzIsPFwTJu6OmjguJGj5E8yZhYKfijGjRu3MG4otoHjYRs3GHXIoNG1swg4n0PHMHn0YR05bNzmBLzYtYyMaOjQgTNHx4sXePCwKaPGxRk5YeikMZOHDWgyycvMcTHmTZsXP-rQafNlzpvXY8r02DkDBo3MNsY0HjOjDA4aXOqcHTwnRo_yNxjHn29jjoweDY0WAw0x7AcDfTPc11hggxlIXw09KMZYSQ6mx0YaY6zxRRpkADhEFFYcIUUSVlhBRxRqFFFHDnLQwQQbVtSxxhhzVJFDHVGQccQUc5wBgxRD5NGGEDWg4cQVZUAhBx5VKLHGG1DMoYQNedxQxRs1zHFHC3ToMcccbsDgBh5XiEEEGXOQIcQVUnxRxhUtaEHEG2zQgMQZMg7xxBlfzLBEDMM5YccRd3xxRhVJECFFFWlUqIZ9Bcp3oA1q5ABgWGRYl9F3b7gAhxzSKVRYcgttQWAXaskhlF9ltBAYZZHpAIMLMFQkwhioffHpqrPOl5YIctiBmFkPYYXaQr3W5FodaWQ0hhjh0VAVS-yVcQNKOVklBlZJmdGQSTRwZkYONIWVBmIi5BCDCya58JQLDdEQlhwboqsuu7O-G29YdYSRURNv6JEGG2yE8UINtIKAwhVpuJHpHXOA4AQVIHBE6w4gMOyGDTRgjAfHGAfLEAwIw5ACCEdg9eQLZnFUa60gGJEGqGa8gccLHJUc1hiriuDEE2G9QS_PGf0cFhs9F-EEpmXY8QWosTFUQ344cXbWQ3KccZloNdQmwkFOiyHHQjiYBvYXbbxBRlk42GArGXK84dZDbyiUWKo257HQrzTjphscvr3AqaegfvlCWHdkFIMMLoWFhuIHyqtXsBnFTUdyQrdQhxtp0IGtC2SMsTimPR_0ReijW9QGRUjlcENIM9yl-m0Mtf56DLHjNfVjT0sHxxek1l7S7bkX63QYw7Vo9xYz0IAqRGL09XUZZgDFxkRqIY1sYag5jZxycsvqLlSuF6aaDH0oEBA%3D&r=1&s=4af950ec44caaa3a75bc0089ae1ecde44e4caace70a43903d4eed435089e12b31669731356&w=t&ir=245x208 HTTP/1.1
Host: pxl.tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 14:15:57 GMT
content-type: text/plain; charset=utf-8
content-length: 35
x-robots-tag: noindex, nofollow
X-Firefox-Spdy: h2
pxl.tsyndicate.com/api/v1/p/p.gif?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0XMsGGmjJgbNm60CGMjxpgWNMyEiTFyjJkZKHHUmCEjhxkaZHKAFPEwTJ0xGWfkgDEjzEYbLcyIWYlShgwzLcTIoHGyzBgcMozmyHFwJU-IZOwslAGDKI2HcOqIWUizoUOIcOCMrWGD5sM5cCbqEGoDhg0ZNh6OaSNXBw0cN3LYyNGTjJmFfx-KceOGLYwbhxc_bOMGo46pW3Gg5ew5xtCND-vIYcN2xkYYOESLqCMjIxo6dODM0fHiBR48bMqocXFGThg6aczkYdOZzPEyc1yMedPmxY86dNp8mfNG9ZgyPWzOgEHjso0xisfMKIODBpc6ZQHPidFj_I3E7-PbmCOjR8OpMdAQQ34wyDdDfYr5BRiB8tXQw2GJLcbgeWykMcYaX6RBRg9WTPHTFzJEcUcVLTiBBhRypNGCGnpQIcYQMECRRxNBpAFFDmwoIUURWtRARBBDUCGFGVZYkYUMaUTxBh150EEGFlQ8EUcbMTxRYhNv4EAEDU9EEQYcVWBxhRJLGEGDETk8AYUbQbSAhxlMKKFGEEsw8YUQX-CARxtM1JDFEnfkMUUUX5xRRRJESFFFGhOqQd-A8BVogxo5-PcVGdRl1N0bLsAhB3QKCXbcQlsI2AVacgC1Vxkt-CXZYzrA4AIMFYkwBhzaeaqqrPGdJYIcdhRG1kNW4boQr0SlVkcaGY0hxnc0UCVDC-qVIRINrp0khlVImdHQUDTYgIMZOZQBw1dpFCZCDjG4MJQLNMjgQkM0fCVHhuqy666s8c5bQ72phZERlnqkwQYbYbxQw6wgoHBFGm5gesccIDhBBQgx8LoDCA-7YQMNG-Px8cbAMgTDwjCkAMIRVq3xxgtkZUwrrSAYkcanZryBxwsZo_zVGKqK4MQTX71xL9AZDf0VG0EX4cSlZdjxxaesMVTDfThshENZD8lxRmWf1YDYQwdJLYYcC8VGdtRftPEGGWPhUBLZcrzB1kNvKGQYqjrnsZCvONuGGxy8vbBpp5_OMccLX92RUQwybP0VGo8XCLAIcwCbUd10HGd0C3W4kQYdKM3gAhljQH5p0Ad9gbrqFrVBkQ2L3TBDDDPQFXttDNGu0-2513V1Y1NDB8cXo_ZeO_C6i8B2GMHJQYfeW8xAw6kQiaGXCAepVAcbE6HFNEWC4Sq1ccjZHSu8McQAkmClydCHAgEB&r=1&s=b2ff2e3e4e79bdea76760f0c90e0fd6ec356deb2a55ce4ec3b2fb5f0bd4511d41669731356&w=t&ir=245x208
136.243.51.171200 OK 35 B URL HTTP/2 pxl.tsyndicate.com/api/v1/p/p.gif?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0XMsGGmjJgbNm60CGMjxpgWNMyEiTFyjJkZKHHUmCEjhxkaZHKAFPEwTJ0xGWfkgDEjzEYbLcyIWYlShgwzLcTIoHGyzBgcMozmyHFwJU-IZOwslAGDKI2HcOqIWUizoUOIcOCMrWGD5sM5cCbqEGoDhg0ZNh6OaSNXBw0cN3LYyNGTjJmFfx-KceOGLYwbhxc_bOMGo46pW3Gg5ew5xtCND-vIYcN2xkYYOESLqCMjIxo6dODM0fHiBR48bMqocXFGThg6aczkYdOZzPEyc1yMedPmxY86dNp8mfNG9ZgyPWzOgEHjso0xisfMKIODBpc6ZQHPidFj_I3E7-PbmCOjR8OpMdAQQ34wyDdDfYr5BRiB8tXQw2GJLcbgeWykMcYaX6RBRg9WTPHTFzJEcUcVLTiBBhRypNGCGnpQIcYQMECRRxNBpAFFDmwoIUURWtRARBBDUCGFGVZYkYUMaUTxBh150EEGFlQ8EUcbMTxRYhNv4EAEDU9EEQYcVWBxhRJLGEGDETk8AYUbQbSAhxlMKKFGEEsw8YUQX-CARxtM1JDFEnfkMUUUX5xRRRJESFFFGhOqQd-A8BVogxo5-PcVGdRl1N0bLsAhB3QKCXbcQlsI2AVacgC1Vxkt-CXZYzrA4AIMFYkwBhzaeaqqrPGdJYIcdhRG1kNW4boQr0SlVkcaGY0hxnc0UCVDC-qVIRINrp0khlVImdHQUDTYgIMZOZQBw1dpFCZCDjG4MJQLNMjgQkM0fCVHhuqy666s8c5bQ72phZERlnqkwQYbYbxQw6wgoHBFGm5gesccIDhBBQgx8LoDCA-7YQMNG-Px8cbAMgTDwjCkAMIRVq3xxgtkZUwrrSAYkcanZryBxwsZo_zVGKqK4MQTX71xL9AZDf0VG0EX4cSlZdjxxaesMVTDfThshENZD8lxRmWf1YDYQwdJLYYcC8VGdtRftPEGGWPhUBLZcrzB1kNvKGQYqjrnsZCvONuGGxy8vbBpp5_OMccLX92RUQwybP0VGo8XCLAIcwCbUd10HGd0C3W4kQYdKM3gAhljQH5p0Ad9gbrqFrVBkQ2L3TBDDDPQFXttDNGu0-2513V1Y1NDB8cXo_ZeO_C6i8B2GMHJQYfeW8xAw6kQiaGXCAepVAcbE6HFNEWC4Sq1ccjZHSu8McQAkmClydCHAgEB&r=1&s=b2ff2e3e4e79bdea76760f0c90e0fd6ec356deb2a55ce4ec3b2fb5f0bd4511d41669731356&w=t&ir=245x208
IP 136.243.51.171:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /api/v1/p/p.gif?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0XMsGGmjJgbNm60CGMjxpgWNMyEiTFyjJkZKHHUmCEjhxkaZHKAFPEwTJ0xGWfkgDEjzEYbLcyIWYlShgwzLcTIoHGyzBgcMozmyHFwJU-IZOwslAGDKI2HcOqIWUizoUOIcOCMrWGD5sM5cCbqEGoDhg0ZNh6OaSNXBw0cN3LYyNGTjJmFfx-KceOGLYwbhxc_bOMGo46pW3Gg5ew5xtCND-vIYcN2xkYYOESLqCMjIxo6dODM0fHiBR48bMqocXFGThg6aczkYdOZzPEyc1yMedPmxY86dNp8mfNG9ZgyPWzOgEHjso0xisfMKIODBpc6ZQHPidFj_I3E7-PbmCOjR8OpMdAQQ34wyDdDfYr5BRiB8tXQw2GJLcbgeWykMcYaX6RBRg9WTPHTFzJEcUcVLTiBBhRypNGCGnpQIcYQMECRRxNBpAFFDmwoIUURWtRARBBDUCGFGVZYkYUMaUTxBh150EEGFlQ8EUcbMTxRYhNv4EAEDU9EEQYcVWBxhRJLGEGDETk8AYUbQbSAhxlMKKFGEEsw8YUQX-CARxtM1JDFEnfkMUUUX5xRRRJESFFFGhOqQd-A8BVogxo5-PcVGdRl1N0bLsAhB3QKCXbcQlsI2AVacgC1Vxkt-CXZYzrA4AIMFYkwBhzaeaqqrPGdJYIcdhRG1kNW4boQr0SlVkcaGY0hxnc0UCVDC-qVIRINrp0khlVImdHQUDTYgIMZOZQBw1dpFCZCDjG4MJQLNMjgQkM0fCVHhuqy666s8c5bQ72phZERlnqkwQYbYbxQw6wgoHBFGm5gesccIDhBBQgx8LoDCA-7YQMNG-Px8cbAMgTDwjCkAMIRVq3xxgtkZUwrrSAYkcanZryBxwsZo_zVGKqK4MQTX71xL9AZDf0VG0EX4cSlZdjxxaesMVTDfThshENZD8lxRmWf1YDYQwdJLYYcC8VGdtRftPEGGWPhUBLZcrzB1kNvKGQYqjrnsZCvONuGGxy8vbBpp5_OMccLX92RUQwybP0VGo8XCLAIcwCbUd10HGd0C3W4kQYdKM3gAhljQH5p0Ad9gbrqFrVBkQ2L3TBDDDPQFXttDNGu0-2513V1Y1NDB8cXo_ZeO_C6i8B2GMHJQYfeW8xAw6kQiaGXCAepVAcbE6HFNEWC4Sq1ccjZHSu8McQAkmClydCHAgEB&r=1&s=b2ff2e3e4e79bdea76760f0c90e0fd6ec356deb2a55ce4ec3b2fb5f0bd4511d41669731356&w=t&ir=245x208 HTTP/1.1
Host: pxl.tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 14:15:57 GMT
content-type: text/plain; charset=utf-8
content-length: 35
x-robots-tag: noindex, nofollow
X-Firefox-Spdy: h2
unseenreport.com/pxf.gif?uuid=7bf935bf-dd11-4c39-baa7-d8132153a214&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=ed36014633829dc70a42dccaefdf3f11&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=14
192.243.59.13200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=7bf935bf-dd11-4c39-baa7-d8132153a214&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=ed36014633829dc70a42dccaefdf3f11&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=14
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=7bf935bf-dd11-4c39-baa7-d8132153a214&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=ed36014633829dc70a42dccaefdf3f11&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=14 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 29 Nov 2022 14:15:57 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 352be9602e4591fb5457ae589c1809de
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9202729f02c6338d7a24388f8bd6e736
20900b5f2d70ceadf656a7a83048a52f84f3133e
15920417d134ee8f348a15a9f2a344f84e9066c2040f903bce053b6ea7b2bb45
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "15920417D134EE8F348A15A9F2A344F84E9066C2040F903BCE053B6EA7B2BB45"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5676
Expires: Tue, 29 Nov 2022 15:50:33 GMT
Date: Tue, 29 Nov 2022 14:15:57 GMT
Connection: keep-alive
tractorfoolproofstandard.com/sbar.json?key=ed36014633829dc70a42dccaefdf3f11&uuid=7bf935bf-dd11-4c39-baa7-d8132153a214%3A2%3A1
192.243.61.227200 OK 4.4 kB URL HTTP/1.1 tractorfoolproofstandard.com/sbar.json?key=ed36014633829dc70a42dccaefdf3f11&uuid=7bf935bf-dd11-4c39-baa7-d8132153a214%3A2%3A1
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , ASCII text, with very long lines (6171), with no line terminators
Hash 95ebb8d07a7882ed1271d67c01ee9a5a
f7811d2e3cf438d0f1f0b4c7dbed43bb65b0adb8
78a37dd9115a1544b38c582db5e9b83277f5d25b122b093d5a9758cb33e9b2a2
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=ed36014633829dc70a42dccaefdf3f11&uuid=7bf935bf-dd11-4c39-baa7-d8132153a214%3A2%3A1 HTTP/1.1
Host: tractorfoolproofstandard.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Tue, 29 Nov 2022 14:15:57 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://ouo.press
Access-Control-Allow-Origin: http://ouo.press
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=15424691; expires=Wed, 30 Nov 2022 14:15:57 GMT; secure; SameSite=None
uid_id2=7bf935bf-dd11-4c39-baa7-d8132153a214:2:1; expires=Tue, 06 Dec 2022 14:15:57 GMT; secure; SameSite=None
pdhtkv=true; expires=Wed, 30 Nov 2022 14:15:57 GMT; secure; SameSite=None
uncs=1; expires=Wed, 30 Nov 2022 14:15:57 GMT; secure; SameSite=None
pdhtkv29=true; expires=Wed, 30 Nov 2022 14:15:57 GMT; secure; SameSite=None
uncs29=1; expires=Wed, 30 Nov 2022 14:15:57 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 25a0a077b19e654cacd3759c1478204a
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
tractorfoolproofstandard.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTWgkRRitzu4eXEFQ9uJhZRAPCmbSPT2TmTGHxbhGojEJu6sB8VJ%2FPSmnpqup6p6eBA%2FBhWUvwnjSY%2BdNsmF1ERfPgky8SEDIeFhyMN5E8CjsWWYyMO53qO979b7De6%2Fq3n52Tnxk9GzzQ7OrtKYLtbJfen1LxcLkrrR%2BpxT4ZX%2BptKXixepSqTc%2BbPetwK%2BV%2FTdK70neNgsVP%2FD9wA9KK8rKyPQWJixU8qgZlJt%2BuVopB7UqevZZ7DIPjnoQ3XPyEpQYXdn%2B9TEUHyLu%2FHBTunZqkjff7WSapsaiK44%2BituxyWN0ZmNkPUTx0XQbxo0I%2BWYOJj6aOoDpHowdgKkR8Z4EYPHRVCZY9%2FBCKdOQMZh4Hnl3CKmHUHQIbu5CiVMCcIH1DcSdB%2BvG5nTngqVjdkQuP%2F0XKh%2BRy39cQ9z5flmrXum20VmqTOzQiwqo3hCqNUSSHSPd9aDyY%2FD0CyjxG1l4uoa4c7DhtIESZ6%2FVWdQMayyaFyII5qs8bM4zSuvzohGElaAW0kpQnUSk1BAqGkLLPqibQ%2BY8ZMpDFnnIEg8dcVaitWbk%2B%2FWIRWHYqHLOw5DzWmNR1ERYbUQ%2BMj720Eea9MF1H9zuIbF7aKs%2BbPYz3HYBJzy4lKArCuSSIHcEOSXIFUGeEuTd4lBoV3HFA6FdxoJpr0x7WAxM2tqnhyZtyZjsJ%2BfkxUlw%2F3z6I9ryrCRFuOgH1cUwbFSagtd9Wq0IzqmMRBRGQQCnCig3B%2Bo87KrTF54gUafPFWD0GE4fg6tXQbProPmgXvFBtwfVho%2Fd%2BKHJTDmx0jkIUyBJryDd8fb1OXl5IqD511VIfnLj6y83%2FlwSn4DbAokt8Jn6haCl7w9umZwc3DK5I483klR11C4dv%2BrtlKby0rcfyJ3cWLF60%2FUfvs3HxHh8dEe6dI3GQsUtR75bVkJIu2Isl%2BSnVbcl2WbmtpczG2fJ2uY7K6udiUBl4iGoOv34c3A1Ildte%2FJfX%2Fn7fSg7hM0KdLITMi0oMwRP9uCSmXpnCKye7bDEQ54VA1ths0utCLScYcoKuP9hNpv33X20rAea3kXcKdC1Bbq6ANV9uOzSIE3syY3fw0mBaW%2FAtPUOmLb6q4tonToryVrkR9KvSBY1WVSnvmhG1SajzUDWWY0GSN2I37t2%2FT8AAAD%2F%2FwEAAP%2F%2FvZf%2Bw4cEAAA%3D
192.243.61.227200 OK 7 B URL HTTP/1.1 tractorfoolproofstandard.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTWgkRRitzu4eXEFQ9uJhZRAPCmbSPT2TmTGHxbhGojEJu6sB8VJ%2FPSmnpqup6p6eBA%2FBhWUvwnjSY%2BdNsmF1ERfPgky8SEDIeFhyMN5E8CjsWWYyMO53qO979b7De6%2Fq3n52Tnxk9GzzQ7OrtKYLtbJfen1LxcLkrrR%2BpxT4ZX%2BptKXixepSqTc%2BbPetwK%2BV%2FTdK70neNgsVP%2FD9wA9KK8rKyPQWJixU8qgZlJt%2BuVopB7UqevZZ7DIPjnoQ3XPyEpQYXdn%2B9TEUHyLu%2FHBTunZqkjff7WSapsaiK44%2BituxyWN0ZmNkPUTx0XQbxo0I%2BWYOJj6aOoDpHowdgKkR8Z4EYPHRVCZY9%2FBCKdOQMZh4Hnl3CKmHUHQIbu5CiVMCcIH1DcSdB%2BvG5nTngqVjdkQuP%2F0XKh%2BRy39cQ9z5flmrXum20VmqTOzQiwqo3hCqNUSSHSPd9aDyY%2FD0CyjxG1l4uoa4c7DhtIESZ6%2FVWdQMayyaFyII5qs8bM4zSuvzohGElaAW0kpQnUSk1BAqGkLLPqibQ%2BY8ZMpDFnnIEg8dcVaitWbk%2B%2FWIRWHYqHLOw5DzWmNR1ERYbUQ%2BMj720Eea9MF1H9zuIbF7aKs%2BbPYz3HYBJzy4lKArCuSSIHcEOSXIFUGeEuTd4lBoV3HFA6FdxoJpr0x7WAxM2tqnhyZtyZjsJ%2BfkxUlw%2F3z6I9ryrCRFuOgH1cUwbFSagtd9Wq0IzqmMRBRGQQCnCig3B%2Bo87KrTF54gUafPFWD0GE4fg6tXQbProPmgXvFBtwfVho%2Fd%2BKHJTDmx0jkIUyBJryDd8fb1OXl5IqD511VIfnLj6y83%2FlwSn4DbAokt8Jn6haCl7w9umZwc3DK5I483klR11C4dv%2BrtlKby0rcfyJ3cWLF60%2FUfvs3HxHh8dEe6dI3GQsUtR75bVkJIu2Isl%2BSnVbcl2WbmtpczG2fJ2uY7K6udiUBl4iGoOv34c3A1Ildte%2FJfX%2Fn7fSg7hM0KdLITMi0oMwRP9uCSmXpnCKye7bDEQ54VA1ths0utCLScYcoKuP9hNpv33X20rAea3kXcKdC1Bbq6ANV9uOzSIE3syY3fw0mBaW%2FAtPUOmLb6q4tonToryVrkR9KvSBY1WVSnvmhG1SajzUDWWY0GSN2I37t2%2FT8AAAD%2F%2FwEAAP%2F%2FvZf%2Bw4cEAAA%3D
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSTWgkRRitzu4eXEFQ9uJhZRAPCmbSPT2TmTGHxbhGojEJu6sB8VJ%2FPSmnpqup6p6eBA%2FBhWUvwnjSY%2BdNsmF1ERfPgky8SEDIeFhyMN5E8CjsWWYyMO53qO979b7De6%2Fq3n52Tnxk9GzzQ7OrtKYLtbJfen1LxcLkrrR%2BpxT4ZX%2BptKXixepSqTc%2BbPetwK%2BV%2FTdK70neNgsVP%2FD9wA9KK8rKyPQWJixU8qgZlJt%2BuVopB7UqevZZ7DIPjnoQ3XPyEpQYXdn%2B9TEUHyLu%2FHBTunZqkjff7WSapsaiK44%2BituxyWN0ZmNkPUTx0XQbxo0I%2BWYOJj6aOoDpHowdgKkR8Z4EYPHRVCZY9%2FBCKdOQMZh4Hnl3CKmHUHQIbu5CiVMCcIH1DcSdB%2BvG5nTngqVjdkQuP%2F0XKh%2BRy39cQ9z5flmrXum20VmqTOzQiwqo3hCqNUSSHSPd9aDyY%2FD0CyjxG1l4uoa4c7DhtIESZ6%2FVWdQMayyaFyII5qs8bM4zSuvzohGElaAW0kpQnUSk1BAqGkLLPqibQ%2BY8ZMpDFnnIEg8dcVaitWbk%2B%2FWIRWHYqHLOw5DzWmNR1ERYbUQ%2BMj720Eea9MF1H9zuIbF7aKs%2BbPYz3HYBJzy4lKArCuSSIHcEOSXIFUGeEuTd4lBoV3HFA6FdxoJpr0x7WAxM2tqnhyZtyZjsJ%2BfkxUlw%2F3z6I9ryrCRFuOgH1cUwbFSagtd9Wq0IzqmMRBRGQQCnCig3B%2Bo87KrTF54gUafPFWD0GE4fg6tXQbProPmgXvFBtwfVho%2Fd%2BKHJTDmx0jkIUyBJryDd8fb1OXl5IqD511VIfnLj6y83%2FlwSn4DbAokt8Jn6haCl7w9umZwc3DK5I483klR11C4dv%2BrtlKby0rcfyJ3cWLF60%2FUfvs3HxHh8dEe6dI3GQsUtR75bVkJIu2Isl%2BSnVbcl2WbmtpczG2fJ2uY7K6udiUBl4iGoOv34c3A1Ildte%2FJfX%2Fn7fSg7hM0KdLITMi0oMwRP9uCSmXpnCKye7bDEQ54VA1ths0utCLScYcoKuP9hNpv33X20rAea3kXcKdC1Bbq6ANV9uOzSIE3syY3fw0mBaW%2FAtPUOmLb6q4tonToryVrkR9KvSBY1WVSnvmhG1SajzUDWWY0GSN2I37t2%2FT8AAAD%2F%2FwEAAP%2F%2FvZf%2Bw4cEAAA%3D HTTP/1.1
Host: tractorfoolproofstandard.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ouo.press/
Cookie: u_pl=15424691; uid_id2=7bf935bf-dd11-4c39-baa7-d8132153a214:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Tue, 29 Nov 2022 14:15:58 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: baac946290527b004de13d72fbb4bf5f
Strict-Transport-Security: max-age=0; includeSubdomains
challenges.cloudflare.com/turnstile/v0/b/75e640aa/api.js?onload=_cf_chl_turnstile_l&render=explicit
104.18.6.185200 OK 0 B URL HTTP/2 challenges.cloudflare.com/turnstile/v0/b/75e640aa/api.js?onload=_cf_chl_turnstile_l&render=explicit
IP 104.18.6.185:0
GET /turnstile/v0/b/75e640aa/api.js?onload=_cf_chl_turnstile_l&render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 14:15:51 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000
vary: Accept-Encoding
server: cloudflare
cf-ray: 771bf532a9550b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cloudflare.hcaptcha.com/1/api.js?endpoint=https%3A%2F%2Fcloudflare.hcaptcha.com&assethost=https%3A%2F%2Fcf-assets.hcaptcha.com&imghost=https%3A%2F%2Fcf-imgs.hcaptcha.com&render=explicit&recaptchacompat=off&onload=_cf_chl_hload
104.18.18.132200 OK 0 B URL HTTP/2 cloudflare.hcaptcha.com/1/api.js?endpoint=https%3A%2F%2Fcloudflare.hcaptcha.com&assethost=https%3A%2F%2Fcf-assets.hcaptcha.com&imghost=https%3A%2F%2Fcf-imgs.hcaptcha.com&render=explicit&recaptchacompat=off&onload=_cf_chl_hload
IP 104.18.18.132:0
GET /1/api.js?endpoint=https%3A%2F%2Fcloudflare.hcaptcha.com&assethost=https%3A%2F%2Fcf-assets.hcaptcha.com&imghost=https%3A%2F%2Fcf-imgs.hcaptcha.com&render=explicit&recaptchacompat=off&onload=_cf_chl_hload HTTP/1.1
Host: cloudflare.hcaptcha.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 14:15:50 GMT
content-type: application/javascript
cf-ray: 771bf5296cf5b51d-OSL
access-control-allow-origin: *
age: 0
cache-control: max-age=120
etag: W/"4a87133d7cfb9f9797187d43ffdd5417"
last-modified: Fri, 25 Nov 2022 11:46:32 GMT
strict-transport-security: max-age=0
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-id: e-vtjjiTuJNWqympaO3s7V_aWlOK4yXOIyZWB7ZnvSo2w49xVfwmGQ==
x-amz-cf-pop: OSL50-P1
x-cache: Hit from cloudfront
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
content-encoding: gzip
X-Firefox-Spdy: h2