urlquery - report: ouo.press/1LISgCW

Fully Qualifying Domain Name	Rank	First Seen	Last Seen	IP	Comment
firefox.settings.services.mozilla.com (2)	867	2020-06-04 20:08:41 UTC	2022-11-27 05:29:56 UTC	34.102.187.140
ecdn.analysis.fi (1)	22604	2021-04-26 06:44:49 UTC	2022-11-26 12:29:09 UTC	54.230.111.81
ecdn.firstimpression.io (3)	18146	2021-02-01 12:00:32 UTC	2022-11-26 12:29:09 UTC	54.230.111.99
fonts.gstatic.com (1)	0	2014-09-09 00:40:21 UTC	2022-11-27 05:33:29 UTC	216.58.207.195	Domain (gstatic.com) ranked at: 540
run-syndicate.com (1)	35071	2017-12-01 10:35:57 UTC	2022-11-26 15:27:36 UTC	136.243.81.150
bidder.criteo.com (1)	750	2017-01-30 05:01:16 UTC	2020-04-04 21:53:35 UTC	178.250.0.165
unseenreport.com (1)	0	2022-03-30 14:33:17 UTC	2022-11-26 11:22:39 UTC	192.243.61.227	Unknown ranking
r3.o.lencr.org (9)	344	No data	No data	23.36.77.32
ocsp.digicert.com (5)	86	2012-05-21 07:02:23 UTC	2020-05-02 20:58:10 UTC	93.184.220.29
ocsp.pki.goog (5)	175	2018-07-01 06:43:07 UTC	2020-05-02 20:58:16 UTC	142.250.74.3
widgets.outbrain.com (1)	1272	2012-05-22 16:25:59 UTC	2021-09-19 11:36:18 UTC	23.38.201.81
ad.doubleclick.net (1)	186	2013-05-06 20:24:43 UTC	2022-11-27 05:34:59 UTC	142.250.74.102
ocsp.sectigo.com (3)	487	2019-11-29 11:50:24 UTC	2021-09-17 20:05:40 UTC	172.64.155.188
cdn.barscreative1.com (1)	25648	2021-09-16 11:14:42 UTC	2022-07-13 08:11:12 UTC	45.133.44.3
ouo.press (13)	89754	2016-10-08 20:09:51 UTC	2022-11-26 05:26:36 UTC	172.67.22.15
ocsp.sca1b.amazontrust.com (1)	1015	2017-03-03 15:20:51 UTC	2019-03-27 04:05:54 UTC	143.204.42.88
simplewebanalysis.com (1)	0	2022-02-25 04:06:25 UTC	2022-11-27 05:53:21 UTC	52.28.211.11	Unknown ranking
tag.1rx.io (1)	1330	2017-01-30 04:25:47 UTC	2022-11-26 11:55:42 UTC	213.19.147.43
tv.gourdycortes.com (1)	0	No data	No data	172.255.6.233	Unknown ranking
ocsp.globalsign.com (1)	2075	2012-07-20 17:46:16 UTC	2020-05-02 20:58:10 UTC	104.18.20.226
ib.adnxs.com (2)	241	2013-11-13 21:17:09 UTC	2020-03-22 02:54:33 UTC	185.89.210.244
integrityprinciplesthorough.com (5)	0	2022-11-11 10:44:19 UTC	2022-11-26 07:45:30 UTC	173.233.137.52	Unknown ranking
content-signature-2.cdn.mozilla.net (1)	1152	No data	No data	34.160.144.191
img-getpocket.cdn.mozilla.net (6)	1631	2018-06-21 23:36:00 UTC	2020-02-19 04:43:25 UTC	34.120.237.76
www.gstatic.com (1)	0	2016-07-26 09:37:06 UTC	2022-11-27 05:33:29 UTC	142.250.74.163	Domain (gstatic.com) ranked at: 540
pxl.tsyndicate.com (2)	14763	2017-07-05 13:51:06 UTC	2022-11-26 12:22:04 UTC	94.130.141.49
e1.o.lencr.org (2)	6159	No data	No data	23.36.76.226
cdn.firstimpression.io (2)	18692	2021-01-14 07:12:29 UTC	2022-11-26 12:29:13 UTC	54.230.111.99
contile.services.mozilla.com (1)	1114	2021-05-27 18:32:35 UTC	2022-11-27 05:29:57 UTC	34.117.237.239
cloudflare.hcaptcha.com (1)	0	2022-02-23 15:28:14 UTC	2022-11-26 05:26:50 UTC	104.18.19.132	Domain (hcaptcha.com) ranked at: 5458
push.services.mozilla.com (1)	2140	2014-10-24 08:27:06 UTC	2020-05-03 10:09:39 UTC	52.36.24.174
cdn.runative-syndicate.com (1)	34853	2019-03-18 11:54:28 UTC	2020-06-30 05:57:14 UTC	8.247.219.121
lcdn.tsyndicate.com (2)	12634	No data	No data	8.247.219.121
cdn.creative-bars1.com (7)	0	2022-11-15 16:46:22 UTC	2022-11-27 05:12:55 UTC	172.64.108.13	Unknown ranking
challenges.cloudflare.com (2)	0	2021-10-20 05:02:03 UTC	2022-11-26 10:10:52 UTC	104.18.7.185	Domain (cloudflare.com) ranked at: 342
hhklc.com (2)	0	2022-06-12 16:30:56 UTC	2022-11-26 06:47:39 UTC	104.21.70.122	Unknown ranking
www.google.com (1)	7	2016-03-22 03:56:07 UTC	2022-11-27 06:12:59 UTC	142.250.74.164
itineraryupper.com (1)	280787	2020-07-23 02:40:11 UTC	2022-11-26 06:47:49 UTC	173.233.137.60
cdn.run-syndicate.com (1)	36414	2018-01-28 18:16:24 UTC	2020-07-01 07:17:16 UTC	8.247.219.121
friendshipmale.com (1)	0	2022-10-21 12:15:25 UTC	2022-11-27 05:12:49 UTC	172.64.203.23	Unknown ranking
c.amazon-adsystem.com (3)	300	2013-12-19 15:10:01 UTC	2020-03-20 03:39:56 UTC	143.204.46.73
fonts.googleapis.com (2)	8877	2013-06-10 20:14:26 UTC	2022-11-27 05:34:18 UTC	142.250.74.10
fastlane.rubiconproject.com (1)	459	2018-06-14 02:15:35 UTC	2019-11-13 04:41:44 UTC	213.19.162.21
aax-dtb-cf.amazon-adsystem.com (1)	0	No data	No data	54.230.241.131	Domain (amazon-adsystem.com) ranked at: 3190

Scan Date	Severity	Indicator	Comment
2022-11-27	2	itineraryupper.com/ed/36/01/ed36014633829dc70a42dccaefdf3f11.js	Malware
2022-11-27	2	integrityprinciplesthorough.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSz2skxRvGq%2Ff (...)	Malware
2022-11-27	2	cdn.barscreative1.com/sb/notifications/games/nutaku/multi/4/index.html	Phishing
2022-11-27	2	integrityprinciplesthorough.com/impr.gif?sid=H4sIAAAAAAAC%2F1SSz2skxRvGq%2F (...)	Malware

Scan Date	Severity	Indicator	Comment
2022-11-27	2	unseenreport.com	Sinkholed
2022-11-27	2	integrityprinciplesthorough.com	Sinkholed
2022-11-27	2	integrityprinciplesthorough.com	Sinkholed
2022-11-27	2	integrityprinciplesthorough.com	Sinkholed
2022-11-27	2	integrityprinciplesthorough.com	Sinkholed
2022-11-27	2	integrityprinciplesthorough.com	Sinkholed

Date	UQ / IDS / BL	URL	IP
2022-11-29 18:26:10 +0000	0 - 0 - 10	ouo.press/gG0kqj	104.22.58.251
2022-11-29 15:11:11 +0000	0 - 0 - 6	ouo.press/ct3d85	104.22.58.251
2022-11-29 15:11:03 +0000	0 - 0 - 7	ouo.press/32yQZ4	104.22.58.251
2022-11-27 13:30:45 +0000	0 - 0 - 8	ouo.press/vvvts8	104.22.58.251
2022-11-27 07:48:36 +0000	0 - 0 - 10	ouo.press/1LISgCW	104.22.58.251

Date	UQ / IDS / BL	URL	IP
2023-03-27 19:21:32 +0000	0 - 1 - 0	cdn.discordapp.com/attachments/42665860655795 (...)	162.159.130.233
2023-03-27 19:21:28 +0000	0 - 1 - 0	cdn.discordapp.com/attachments/35328694382152 (...)	162.159.129.233
2023-03-27 19:21:25 +0000	0 - 1 - 0	cdn.discordapp.com/attachments/26585298214964 (...)	162.159.129.233
2023-03-27 19:21:20 +0000	0 - 1 - 0	cdn.discordapp.com/attachments/32807451274051 (...)	162.159.133.233
2023-03-27 19:21:16 +0000	0 - 1 - 0	cdn.discordapp.com/attachments/30538430408569 (...)	162.159.130.233

Date	UQ / IDS / BL	URL	IP
2023-01-28 02:29:50 +0000	0 - 1 - 0	ouo.press/9XZ3L4	104.22.59.251
2023-01-14 07:50:27 +0000	0 - 1 - 0	ouo.press/JtWT90	172.67.22.15
2022-11-29 18:26:10 +0000	0 - 0 - 10	ouo.press/gG0kqj	104.22.58.251
2022-11-29 15:11:11 +0000	0 - 0 - 6	ouo.press/ct3d85	104.22.58.251
2022-11-29 15:11:03 +0000	0 - 0 - 7	ouo.press/32yQZ4	104.22.58.251

Request	Response
GET /1LISgCW HTTP/1.1 Host: ouo.press User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	URL: ouo.press/1LISgCW FQDN: ouo.press IP: 172.67.22.15 HASH: f4780a0d2a255ca08683aa9d24d8fe3e834134ceabf3ec0e1845c309dc082181 172.67.22.15 HTTP/1.1 403 Forbidden Content-Type: text/html; charset=UTF-8 Date: Sun, 27 Nov 2022 07:48:24 GMT Transfer-Encoding: chunked Connection: close CF-Chl-Bypass: 1 Referrer-Policy: same-origin Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Expires: Thu, 01 Jan 1970 00:00:01 GMT X-Frame-Options: SAMEORIGIN Set-Cookie: __cf_bm=ipQuqFlADhJKrZGEtQ.lAnBGTqXxuOqtSvbZ7zbov.k-1669535304-0-ARe0xDm11NQYj/0qVjmf93im3ssqqAOVVZXyPPEtvBWwk+JuH12PHPJLgtOj319T+ro+XS5YerXOzxS3vXzWyK0=; path=/; expires=Sun, 27-Nov-22 08:18:24 GMT; domain=.ouo.press; HttpOnly; SameSite=None Vary: Accept-Encoding Server: cloudflare CF-RAY: 770942e76ae40b65-OSL Content-Encoding: gzip --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (836) Size: 3825 Md5: 2ee0ba565544ea3af0b6b9741d5e8dc1 Sha1: 7f6eb17b9edd29a3a3e96a797660a3e129b339a6 Sha256: f4780a0d2a255ca08683aa9d24d8fe3e834134ceabf3ec0e1845c309dc082181
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 72937c756d3feeae6d04a6f445398b0436bdf559f8c7437e3a3233263943900e 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "72937C756D3FEEAE6D04A6F445398B0436BDF559F8C7437E3A3233263943900E" Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=8365 Expires: Sun, 27 Nov 2022 10:07:50 GMT Date: Sun, 27 Nov 2022 07:48:25 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 150792cfc458af013998f4ef6bdf5f74 Sha1: d5179b2dcb11d06f82606bf6eb6648319998d63e Sha256: 72937c756d3feeae6d04a6f445398b0436bdf559f8c7437e3a3233263943900e
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 8c72a45737c2eeddf328b0ed3236f3243551d904e94ec9dd7254972ebfb9229e 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 2111 Cache-Control: 'max-age=158059' Date: Sun, 27 Nov 2022 07:48:25 GMT Last-Modified: Sun, 27 Nov 2022 07:13:14 GMT Server: ECS (ska/F718) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 15b59d5e62caedb4bec3ba6724906c1e Sha1: 960f801e608a56fdd11449f4face29f62cad2b21 Sha256: 8c72a45737c2eeddf328b0ed3236f3243551d904e94ec9dd7254972ebfb9229e
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 5ea71ce6dd9e927f9bb3f97f59cc1ac7dc25a949024815965b29bc5835614786 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "5EA71CE6DD9E927F9BB3F97F59CC1AC7DC25A949024815965B29BC5835614786" Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=11457 Expires: Sun, 27 Nov 2022 10:59:22 GMT Date: Sun, 27 Nov 2022 07:48:25 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 71f9c681a82440fd55e76c780a20e55d Sha1: 3147768cfbcdd06e0c6e69684292e68e99917a80 Sha256: 5ea71ce6dd9e927f9bb3f97f59cc1ac7dc25a949024815965b29bc5835614786
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/ FQDN: firefox.settings.services.mozilla.com IP: 34.102.187.140 HASH: e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0 34.102.187.140 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Sun, 27 Nov 2022 07:17:37 GMT cache-control: public,max-age=3600 age: 1848 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 567df7db606cf5d0871aa5bc9311b6da Sha1: 4263faac7cbab2fcaf6661911dcad5091c06be17 Sha256: e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: content-signature-2.cdn.mozilla.net/chains/remote-setti (...) FQDN: content-signature-2.cdn.mozilla.net IP: 34.160.144.191 HASH: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5 34.160.144.191 HTTP/2 200 OK content-type: binary/octet-stream x-amz-id-2: TaaAQ/DggdcYuzaNhKY9uLSYWC/rbE8wvKxWppfJC/hcepFYWYTAxElAgOjeET+CiEF4k7dBMdA= x-amz-request-id: RBCQEHBEFV2GDE54 content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Sun, 27 Nov 2022 07:41:33 GMT age: 412 last-modified: Thu, 10 Nov 2022 09:21:27 GMT etag: "9ebddc2b260d081ebbefee47c037cb28" cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 9ebddc2b260d081ebbefee47c037cb28 Sha1: 492bad62a7ca6a74738921ef5ae6f0be5edebf39 Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /cdn-cgi/styles/challenges.css HTTP/1.1 Host: ouo.press User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://ouo.press/1LISgCW Connection: keep-alive	URL: ouo.press/cdn-cgi/styles/challenges.css FQDN: ouo.press IP: 172.67.22.15 HASH: 63b366fdbfea7cbec639f9a5f24714a831e171570625def9462d724b5c8fdc59 172.67.22.15 HTTP/1.1 200 OK Content-Type: text/css Date: Sun, 27 Nov 2022 07:48:25 GMT Transfer-Encoding: chunked Connection: keep-alive Last-Modified: Tue, 22 Nov 2022 13:34:50 GMT ETag: W/"637ccffa-1896" Server: cloudflare CF-RAY: 770942e9ad4fb527-OSL X-Frame-Options: DENY X-Content-Type-Options: nosniff Vary: Accept-Encoding Expires: Sun, 27 Nov 2022 09:48:25 GMT Cache-Control: max-age=7200, public Content-Encoding: gzip --- Additional Info --- Magic: ASCII text, with very long lines (6294), with no line terminators Size: 2604 Md5: ba2d8534d208d2a5b158507e004d7150 Sha1: ab81307634698ea304a68783fa38937f562009a2 Sha256: 63b366fdbfea7cbec639f9a5f24714a831e171570625def9462d724b5c8fdc59
GET /favicon.ico HTTP/1.1 Host: ouo.press User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://ouo.press/1LISgCW Connection: keep-alive	URL: ouo.press/favicon.ico FQDN: ouo.press IP: 172.67.22.15 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 172.67.22.15 HTTP/1.1 200 OK Content-Type: image/x-icon Date: Sun, 27 Nov 2022 07:48:25 GMT Content-Length: 0 Connection: keep-alive Last-Modified: Sat, 14 Feb 2015 06:41:24 GMT ETag: "54deee14-0" X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Cache-Control: max-age=86400 CF-Cache-Status: HIT Age: 4787 Accept-Ranges: bytes Set-Cookie: __cf_bm=6Rkbz_9YoRlAr9fYhlefuJR4HncmNN083tmsrvciDdY-1669535305-0-AapuMQVJEoWIsrNpxhMgt6rOaSfWE+9XJcxGxQbIsznOJsMcTTeptEvzjbhD5vJuEhpcpE54VSt1aBTRLqzaZ9g=; path=/; expires=Sun, 27-Nov-22 08:18:25 GMT; domain=.ouo.press; HttpOnly; SameSite=None Vary: Accept-Encoding Server: cloudflare CF-RAY: 770942e9db31b505-OSL --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cdn-cgi/images/trace/managed/js/transparent.gif?ray=770942e76ae40b65 HTTP/1.1 Host: ouo.press User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://ouo.press/1LISgCW Connection: keep-alive	URL: ouo.press/cdn-cgi/images/trace/managed/js/transparent.g (...) FQDN: ouo.press IP: 172.67.22.15 HASH: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 172.67.22.15 HTTP/1.1 200 OK Content-Type: image/gif Date: Sun, 27 Nov 2022 07:48:25 GMT Content-Length: 42 Connection: keep-alive Last-Modified: Tue, 22 Nov 2022 13:34:50 GMT ETag: "637ccffa-2a" Server: cloudflare CF-RAY: 770942ea4e5eb527-OSL X-Frame-Options: DENY X-Content-Type-Options: nosniff Vary: Accept-Encoding Expires: Sun, 27 Nov 2022 09:48:25 GMT Cache-Control: max-age=7200, public Accept-Ranges: bytes --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 42 Md5: d89746888da2d9510b64a9f031eaecd5 Sha1: d5fceb6532643d0d84ffe09c40c481ecdf59e15a Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=770942e76ae40b65 HTTP/1.1 Host: ouo.press User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://ouo.press/1LISgCW?__cf_chl_rt_tk=kBkES2K8GFl5ijWgLFExZKTGBLWhYEwIRLXVjvHgGkk-1669535304-0-gaNycGzNAv0 Connection: keep-alive	URL: ouo.press/cdn-cgi/challenge-platform/h/b/orchestrate/ma (...) FQDN: ouo.press IP: 172.67.22.15 HASH: 9ccf2038c419d9af526fe8e5dcdf21409f8f154d5ca45117f27dd720c1c77037 172.67.22.15 HTTP/1.1 200 OK Content-Type: application/javascript; charset=UTF-8 Date: Sun, 27 Nov 2022 07:48:25 GMT Transfer-Encoding: chunked Connection: keep-alive cache-control: max-age=0, must-revalidate Set-Cookie: __cf_bm=IC8qem_2FOLC3lnQq2Wit9f5aM.4_8hK84mpn80DtIU-1669535305-0-AQD/LEUFJ6x8NKNmwvC6qmbqiFo3OcuBV52kQbXczxHpuAuU+qj+gHluiFBkMiC1tu6p+yhmvpTG1vTiEd+KO/U=; path=/; expires=Sun, 27-Nov-22 08:18:25 GMT; domain=.ouo.press; HttpOnly; SameSite=None Server: cloudflare CF-RAY: 770942ea4b8ab505-OSL Content-Encoding: gzip --- Additional Info --- Magic: ASCII text, with very long lines (54421), with no line terminators Size: 23529 Md5: 508f352badfb178097ec7ee8d7c946ab Sha1: 3238ea804e059301cdc7b0b4b986df140f6996a7 Sha256: 9ccf2038c419d9af526fe8e5dcdf21409f8f154d5ca45117f27dd720c1c77037
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: contile.services.mozilla.com/v1/tiles FQDN: contile.services.mozilla.com IP: 34.117.237.239 HASH: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 34.117.237.239 HTTP/2 200 OK content-type: application/json server: nginx date: Sun, 27 Nov 2022 07:48:25 GMT content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 387f6f0000771501e870857a71413c6ef449cd11debb25ebdcb50646c15be718 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 2043 Cache-Control: max-age=98934 Date: Sun, 27 Nov 2022 07:48:25 GMT Etag: "6381edc4-117" Expires: Mon, 28 Nov 2022 11:17:19 GMT Last-Modified: Sat, 26 Nov 2022 10:43:16 GMT Server: ECS (ska/F718) X-Cache: HIT Content-Length: 279 --- Additional Info --- Magic: data Size: 279 Md5: 9ff2965bfb74237d53e4809ffc97aa59 Sha1: 6e7b5d0fc191140e56bc4ca0f1f223153f8d70df Sha256: 387f6f0000771501e870857a71413c6ef449cd11debb25ebdcb50646c15be718
GET /1/api.js?endpoint=https%3A%2F%2Fcloudflare.hcaptcha.com&assethost=https%3A%2F%2Fcf-assets.hcaptcha.com&imghost=https%3A%2F%2Fcf-imgs.hcaptcha.com&render=explicit&recaptchacompat=off&onload=_cf_chl_hload HTTP/1.1 Host: cloudflare.hcaptcha.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: cloudflare.hcaptcha.com/1/api.js?endpoint=https%3A%2F%2 (...) FQDN: cloudflare.hcaptcha.com IP: 104.18.19.132 HASH: 600cd3d62863915de6d85c492c1ebc0cda58d31610ba4cd10c7bab8f3aa158a4 104.18.19.132 HTTP/2 200 OK content-type: application/javascript date: Sun, 27 Nov 2022 07:48:25 GMT cf-ray: 770942eb2cc4b50f-OSL access-control-allow-origin: * age: 0 cache-control: max-age=120 etag: W/"4a87133d7cfb9f9797187d43ffdd5417" last-modified: Fri, 25 Nov 2022 11:46:32 GMT strict-transport-security: max-age=0 via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront) cf-cache-status: MISS x-amz-cf-id: e-vtjjiTuJNWqympaO3s7V_aWlOK4yXOIyZWB7ZnvSo2w49xVfwmGQ== x-amz-cf-pop: OSL50-P1 x-cache: Hit from cloudfront x-content-type-options: nosniff vary: Accept-Encoding server: cloudflare content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: Unicode text, UTF-8 text, with very long lines (57362) Size: 132939 Md5: 3bad08e6e9a3b0e2868eba6936dc3c6e Sha1: 93e1982581c277740e5c3e09bda59c082bbc8526 Sha256: 600cd3d62863915de6d85c492c1ebc0cda58d31610ba4cd10c7bab8f3aa158a4
GET /cdn-cgi/challenge-platform/h/b/img/770942e76ae40b65/1669535305524/EoGROaKE07bj_5Q HTTP/1.1 Host: ouo.press User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://ouo.press/1LISgCW Connection: keep-alive	URL: ouo.press/cdn-cgi/challenge-platform/h/b/img/770942e76a (...) FQDN: ouo.press IP: 172.67.22.15 HASH: 9bce50ba2135e0d76a48174501db2b561abe91d3875aa47a4eaf517539e47708 172.67.22.15 HTTP/1.1 200 OK Content-Type: image/png Date: Sun, 27 Nov 2022 07:48:25 GMT Transfer-Encoding: chunked Connection: keep-alive Set-Cookie: __cf_bm=3IeNn7047d3y7gxs5d3DyGKYNfpKGt7CRFv9nXrZt68-1669535305-0-AS5icMb0xJ1297nTnqfLSBPCiUDbSEcdK6ZoBZ9uauqbhfTUTWPBpp1Ap9cc5ONbyB262VRnH+LCICAOKb8dh5M=; path=/; expires=Sun, 27-Nov-22 08:18:25 GMT; domain=.ouo.press; HttpOnly; SameSite=None Server: cloudflare CF-RAY: 770942ec1d03b505-OSL --- Additional Info --- Magic: PNG image data, 21 x 24, 8-bit/color RGB, non-interlaced\012- data Size: 61 Md5: 34ef4af31f12c1e3a30414d0130ba6ad Sha1: 2aea4016db573797dab30c4c7b0cae5dffdbce7e Sha256: 9bce50ba2135e0d76a48174501db2b561abe91d3875aa47a4eaf517539e47708
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/main/c (...) FQDN: firefox.settings.services.mozilla.com IP: 34.102.187.140 HASH: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 34.102.187.140 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Sun, 27 Nov 2022 07:11:12 GMT cache-control: public,max-age=3600 age: 2233 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: a616c1e54e896576601e6107c1814adbebf35364d8ed807cdd89ac36b8200c88 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 5369 Cache-Control: 'max-age=158059' Date: Sun, 27 Nov 2022 07:48:25 GMT Last-Modified: Sun, 27 Nov 2022 06:18:57 GMT Server: ECS (ska/F718) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: d3df71aab146eefc49acb608796aab63 Sha1: 8401892995193919376dfcd798b09c8261579454 Sha256: a616c1e54e896576601e6107c1814adbebf35364d8ed807cdd89ac36b8200c88
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/0.22172344362372193:1669533856:4gPEQJsXUvO3why57MVI8ZTLg_zp8K4pyIdbYtzNXCI/770942e76ae40b65/612983ef4258149 HTTP/1.1 Host: ouo.press User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://ouo.press/1LISgCW Content-type: application/x-www-form-urlencoded CF-Challenge: 612983ef4258149 Content-Length: 15081 Origin: http://ouo.press Connection: keep-alive	URL: ouo.press/cdn-cgi/challenge-platform/h/b/flow/ov1/0.221 (...) FQDN: ouo.press IP: 172.67.22.15 HASH: 6ccd317abc6de0f4446b9ef078b2c1a0a78e01006770e6f5c8463323f66b49b7 172.67.22.15 HTTP/1.1 200 OK Content-Type: text/plain; charset=UTF-8 Date: Sun, 27 Nov 2022 07:48:26 GMT Transfer-Encoding: chunked Connection: keep-alive cf_chl_gen: ERrHXrKl2aseY38b7maJVnz1luucrunJjZvX2ek7fCo=$agwe5NLc7dvxhqNaG1/yRQ== Set-Cookie: __cf_bm=QLhTYGog55n6IXGOt1etOdDcBuoQRFDmjuAjv1i_QZE-1669535306-0-AVQeKdJrhos8OLeD21niFMO1vt8WN2Rx4OWBEPsk6dcq7u3lMilwujC29RVk0DiVr+ksXCt8izOYgQKvDplx0Z4=; path=/; expires=Sun, 27-Nov-22 08:18:26 GMT; domain=.ouo.press; HttpOnly; SameSite=None Server: cloudflare CF-RAY: 770942eeef6bb505-OSL Content-Encoding: gzip --- Additional Info --- Magic: ASCII text, with very long lines (5036), with no line terminators Size: 3779 Md5: a0f021884627df85b9ee327338b7b493 Sha1: 1204aa067633623200bbf8c9b662c16f5ef3d78b Sha256: 6ccd317abc6de0f4446b9ef078b2c1a0a78e01006770e6f5c8463323f66b49b7
GET /turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit HTTP/1.1 Host: challenges.cloudflare.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: challenges.cloudflare.com/turnstile/v0/api.js?onload=_c (...) FQDN: challenges.cloudflare.com IP: 104.18.7.185 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 104.18.7.185 HTTP/2 302 Found date: Sun, 27 Nov 2022 07:48:26 GMT content-length: 0 location: /turnstile/v0/75e640aa/api.js?onload=_cf_chl_turnstile_l&render=explicit cache-control: max-age: 300 vary: Accept-Encoding server: cloudflare cf-ray: 770942ef4fbe0b31-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: n9YTY1x3BiIEcPRTT/zcTw== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	URL: push.services.mozilla.com/ FQDN: push.services.mozilla.com IP: 52.36.24.174 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 52.36.24.174 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: PiwhF2e2odieAXwacjuZLD8csMM= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: b6f3d9ac8f59148a356227e2a3a600ca31a94c0363484e966eb37c03636567f1 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB" Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=11818 Expires: Sun, 27 Nov 2022 11:05:25 GMT Date: Sun, 27 Nov 2022 07:48:27 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 7855 Md5: 64dc663e4bf55e7df4db2a5fb13cc57c Sha1: 474458aa615f4aba02bdc66d4e7f4840cefd647d Sha256: b6f3d9ac8f59148a356227e2a3a600ca31a94c0363484e966eb37c03636567f1
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB" Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=11818 Expires: Sun, 27 Nov 2022 11:05:25 GMT Date: Sun, 27 Nov 2022 07:48:27 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: aebda342a81ad83f60d2523f54ccda67 Sha1: e590d9326e4a283e0929a8ffccb13cc4308af0e6 Sha256: bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB" Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=11818 Expires: Sun, 27 Nov 2022 11:05:25 GMT Date: Sun, 27 Nov 2022 07:48:27 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: aebda342a81ad83f60d2523f54ccda67 Sha1: e590d9326e4a283e0929a8ffccb13cc4308af0e6 Sha256: bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB" Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=11818 Expires: Sun, 27 Nov 2022 11:05:25 GMT Date: Sun, 27 Nov 2022 07:48:27 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: aebda342a81ad83f60d2523f54ccda67 Sha1: e590d9326e4a283e0929a8ffccb13cc4308af0e6 Sha256: bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB" Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=11818 Expires: Sun, 27 Nov 2022 11:05:25 GMT Date: Sun, 27 Nov 2022 07:48:27 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: aebda342a81ad83f60d2523f54ccda67 Sha1: e590d9326e4a283e0929a8ffccb13cc4308af0e6 Sha256: bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: bad283c15531000b7a8c126d442154b64a880cc26196a46cbd2e6266a526db67 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 10199 x-amzn-requestid: baee3bbe-7ded-425a-ae39-fccfc8169217 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cOo4iF1VIAMF09g= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63828836-5522727b2f09b27e63b23270;Sampled=0 x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: CXOqm7bjsSV0aJBTkTI7LsMovjgPeISPt3sZotEc7CjZnUL_y4_OoQ== via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google date: Sat, 26 Nov 2022 21:51:41 GMT age: 35806 etag: "ae8aa4ce6ddaccba771fe65446926b60fc5628da" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 10199 Md5: 2cd887044e91d7ed0f1a8d7119ff7dd0 Sha1: ae8aa4ce6ddaccba771fe65446926b60fc5628da Sha256: bad283c15531000b7a8c126d442154b64a880cc26196a46cbd2e6266a526db67
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46a2bb7d-e57c-4751-a56f-0802ae9eaee6.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 853f68bf79a553b9fbf0e10391424faf0a3c071370d05d369563f7824d1bda84 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 9063 x-amzn-requestid: f00ac8bd-6466-4c92-9b99-0e71b4b2345c x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: b8Jr4ENtoAMFzvA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-637b2318-0e3a57932987e29521388dd7;Sampled=0 x-amzn-remapped-date: Mon, 21 Nov 2022 07:04:56 GMT x-amz-cf-pop: SEA19-C3 x-cache: Hit from cloudfront x-amz-cf-id: ntfumip5IjOlyoe6ASlwJ1PjPLN1yZHkK_iiDDKfmMCyI__PrrGVMA== via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 82893cc36087a50f9a150a621d10e740.cloudfront.net (CloudFront), 1.1 google date: Sat, 26 Nov 2022 11:33:57 GMT age: 72870 etag: "71f737c3cee7766494157cd6491ce247a785c09e" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9063 Md5: e615cdc2e330b5cf76435abce9aa631a Sha1: 71f737c3cee7766494157cd6491ce247a785c09e Sha256: 853f68bf79a553b9fbf0e10391424faf0a3c071370d05d369563f7824d1bda84
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15290721-a62e-49b8-80c6-967680cff24f.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 4224287ba765da59c877ac4f1dec65accc5bec934b7598d9cbbee669ba4ab12e 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 6883 x-amzn-requestid: 9e3878c9-1817-427e-b121-969a8cbc7ad8 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cL1ySF0tIAMFY4Q= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638169a8-5143ffea77b70cf67ef60ad7;Sampled=0 x-amzn-remapped-date: Sat, 26 Nov 2022 01:19:36 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: GT3Futv4Ztnl2Og2TQFk5311m92Mv_jfvkIZYJXpjJMdkxSB6MI06g== via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google date: Sun, 27 Nov 2022 06:42:16 GMT age: 3971 etag: "590c34be54c9889eec4ff7993e070fda836f711f" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6883 Md5: f7f16c0f8a8e710210ce77c0e4c1c2a2 Sha1: 590c34be54c9889eec4ff7993e070fda836f711f Sha256: 4224287ba765da59c877ac4f1dec65accc5bec934b7598d9cbbee669ba4ab12e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 4803 x-amzn-requestid: 80f7f1c8-0316-4181-83ac-2787b1ae825f x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cOo4iFHoIAMF2-g= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63828836-2c0a081b07e0785b4350c10c;Sampled=0 x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: AVwDLlKoy5pc9NNuR_OakMB0ONGAoO-k2AKwV--b2sjiaqYSKAWlZg== via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google date: Sat, 26 Nov 2022 21:51:37 GMT age: 35810 etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 4803 Md5: cc0a257323f882caff067adb86d906e4 Sha1: cedf2f21be7cd366bd46055b62b5513db3011dfc Sha256: c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0b2959f-9d1d-41c7-a7c1-b9f52a7766ac.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 81fb72ab752b2eb39ab6ee015055304490b3b6c3259968703fd07c2a2eed1e61 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 7380 x-amzn-requestid: 18589644-299c-4a39-9376-db1bd1472009 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cOo4iEegIAMFeuQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63828836-23990acc0fdc599a75a534e3;Sampled=0 x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: RqsZxAtbOkWBGbXJ3sZHxcS-ZvWOw7Yg2Qd4zj0QLhrp3wAXC8w6jA== via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google date: Sat, 26 Nov 2022 21:50:08 GMT age: 35899 etag: "97a135335f5b1b042adeb385718f8808cb78528b" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7380 Md5: 76c00eceed956377d7469ef58b0815cb Sha1: 97a135335f5b1b042adeb385718f8808cb78528b Sha256: 81fb72ab752b2eb39ab6ee015055304490b3b6c3259968703fd07c2a2eed1e61
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbfe38fd9-0497-4ec8-8f57-1ba100e73fcc.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 680c39e4ea1d784db9831958942a64f3e83618dc443c8bcaa34223d85bb5b926 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 6859 x-amzn-requestid: 4a1b13ad-9455-401d-a914-c1ada2191977 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cCvYTHRroAMFR8g= x-content-type-options: nosniff x-amzn-trace-id: Root=1-637dc5ce-4e5d630b23cdeb2e4b6d75d1;Sampled=0 x-amzn-remapped-date: Wed, 23 Nov 2022 07:03:42 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: D24B6xoLZ2nu1NdlMU5TgJSc-DfzD6vrMzgU3s6tAiAsUuzBb_t89Q== via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google date: Sat, 26 Nov 2022 08:23:04 GMT age: 84323 etag: "26b8dd82140c0db021048e11bff65a391dc6b444" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6859 Md5: f80a9a9b55da31c98663e157dde74a19 Sha1: 26b8dd82140c0db021048e11bff65a391dc6b444 Sha256: 680c39e4ea1d784db9831958942a64f3e83618dc443c8bcaa34223d85bb5b926
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/0.22172344362372193:1669533856:4gPEQJsXUvO3why57MVI8ZTLg_zp8K4pyIdbYtzNXCI/770942e76ae40b65/612983ef4258149 HTTP/1.1 Host: ouo.press User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://ouo.press/1LISgCW Content-type: application/x-www-form-urlencoded CF-Challenge: 612983ef4258149 Content-Length: 15771 Origin: http://ouo.press Connection: keep-alive	URL: ouo.press/cdn-cgi/challenge-platform/h/b/flow/ov1/0.221 (...) FQDN: ouo.press IP: 172.67.22.15 HASH: aa5db1c3d0b342f52867e92dcc7ca5d21dc4f2182075710f8b8605cd273c3321 172.67.22.15 HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Date: Sun, 27 Nov 2022 07:48:27 GMT Transfer-Encoding: chunked Connection: keep-alive cf_chl_out: Cs0EpC4U4oeNRi4tqvcVSe8CdakORjIPlAq/EvHqTIsJ/h7ncYSf+mFGCIx2vMvxJZxHfkCcYmdg+485q/TInQ==$QaRzFxeaA8kr/kACPSpTFA== cf_chl_out_s: ucGrDEmE8boJWXRtLQ1CAAphAloV59RFKNm/N7chAw7N8g2aSDBOPG8THPXyg2MykOuQaHH8R94Om0eBBNpgBtwmOH+Fj3z0JXp8IzbPBGYBWGHr+ADSSGqBWx7SvMsH4iST1f54BdihDP4biCPc0xzUlm9FqM6s5k0yO4AqvP0YaBBY6QgZiB+1K/Cob0um$+9kksIVlmqfFt/FgeouI+w== set-cookie: cf_chl_rc_m=;Expires=Sat, 26 Nov 2022 07:48:27 GMT;SameSite=Strict __cf_bm=WOHG5E2kQd7rmxdWEn7fqxbA5g_Cmb3zig4by04R2Sg-1669535307-0-AQbQStEIs0xZswaUKHwh9+nvgyijrwU10kvdabxVQ/d6iT80Jtj+pYC0PS/PfvhKBfAFzx4NXZzBLwP9/f2Mboc=; path=/; expires=Sun, 27-Nov-22 08:18:27 GMT; domain=.ouo.press; HttpOnly; SameSite=None Server: cloudflare CF-RAY: 770942f73e4cb505-OSL Content-Encoding: gzip --- Additional Info --- Magic: ASCII text, with very long lines (2660), with no line terminators Size: 2050 Md5: 49681f6078bcbebe167f55a650c1da70 Sha1: d1977a268eecbe757729698b0076a0291dfa9648 Sha256: aa5db1c3d0b342f52867e92dcc7ca5d21dc4f2182075710f8b8605cd273c3321
POST /1LISgCW HTTP/1.1 Host: ouo.press User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://ouo.press/1LISgCW?__cf_chl_tk=kBkES2K8GFl5ijWgLFExZKTGBLWhYEwIRLXVjvHgGkk-1669535304-0-gaNycGzNAv0 Content-Type: application/x-www-form-urlencoded Content-Length: 1754 Origin: http://ouo.press Connection: keep-alive Upgrade-Insecure-Requests: 1	URL: ouo.press/1LISgCW FQDN: ouo.press IP: 172.67.22.15 HASH: e632ce203ea635b5dd73c209ba76bed724cb62cd6157f056415653ebfae93831 172.67.22.15 HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Date: Sun, 27 Nov 2022 07:48:27 GMT Transfer-Encoding: chunked Connection: keep-alive Cache-Control: no-cache X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block CF-Cache-Status: DYNAMIC Set-Cookie: cf_clearance=QFhLAfTn_z54OWxbYYx3ovZ54ftA8ymemmxjXGmkbLI-1669535307-0-250; path=/; expires=Mon, 27-Nov-23 07:48:27 GMT; domain=.ouo.press; HttpOnly ouoio_session=eyJpdiI6IkhVQlJEcXc3c1BvbkV4eEszZGV4NmZcLzZtVXB2eTFHWHVWTE9zTHBaZlVNPSIsInZhbHVlIjoieFBBYkJIc3ZYRGoxMkxJejBLb2Jkanp2NUx0dWlic09RTlwvY2tycFwveG5XZGFVOHhnZGsxSDlnOE1Ld0hCU2JQV0loT01FYWxXektQZWgzOEpBd0g3QT09IiwibWFjIjoiYzFhNTM3Y2Q4NDQ2ODBjNWMyMGU4MTczZGQ0MjZkN2IzYWQ2ZmZhZTc3ZjY3ZWIwZGJjZWZjNWJlNTc3MTJmMiJ9; path=/; httponly language=eyJpdiI6IjFNVHcwc2QzWnBGUnJzXC9mXC9tK2grKzNFOWRocUpvaGZ6Um02OXFSS1R0UT0iLCJ2YWx1ZSI6ImZORlV3N1wvaHU1bWdhdzRDVXNhSEFWbUtDVGJkdVBhak5LZXRQWjNzR2c4PSIsIm1hYyI6ImVhMWVlNzZkYTViMWQ2YmJhZDQzMWNjYTJiNGYzMzY4MDcwYmM2ZGVmMzFiMDg2NTliM2I4MzdjYzNlNjZkMjUifQ%3D%3D; expires=Fri, 26-Nov-2027 07:48:27 GMT; Max-Age=157680000; path=/; httponly 23442255a367e504b1df799cd8f2425604727aa7=eyJpdiI6ImdsSjhxNHhDQVp3QUZoMEdYWjhhUU9LM21kaXJxVHR0ZEx2NXdoc2d4OHc9IiwidmFsdWUiOiJoWDRcL09sYld2cjBDQ2d5bTh2UUNOUmlETjdUa01tTVJmRGVMS0hWdE1UQlhnR1R0NXdUbFdFYUNyMU8rT3FtZ3dVWXRYTmxTYlNtSUc4bkVveHZqQ0F6VXJvNGF1T1I4WHorY1lzcnk5RHp0a1Y1SGxOekJ0NDhIUjVOVjBGalR6XC9aUzNNYkcrc2ROKzR3ZGpxTit1dStOWktHYUpScEFURGJDSytKMTZvR0xCR3JxTHlIVGlxcnZGVnp6SGZad0kxWFFKRWk1a1d4Q2c0NXJBYytaXC8zQjY2R3BLazdmSk1sS1FnQm9rYSthbzdaUlwvZjAwSW1uTzEzK1B0U3VHblkxTVdEbFN4SGNwSG1HM09DdEpZeFVYNDFWWFZNWFQ4TGZwb2swek94czhzeXRVSjAyKzM5bGp0cDFwTk9kR2wwYXJWbHNKeGFIZTBXQW9YT2YzenZ6Y3JTdWY4UlpKK2lrYnVCUnB5UFVoYUg2NUZFamtzZU9SUlwvTWNQTytQQiIsIm1hYyI6IjRlYjg2Yjc1MmYyMjg3Njc5YjcyNWEzMjg0YjlmNjJlNmRiNWM4YjM2NmI2MDEyMGI5YmZlOTI2YTk5MmE2MDgifQ%3D%3D; expires=Sun, 27-Nov-2022 09:48:27 GMT; Max-Age=7200; path=/; httponly __cf_bm=CEhhFGXmU4gNFOcgwOa3arnjvmAaE5FcBCNBAtV5_9E-1669535307-0-AeKL/vpl2jkP4/P7sv78MFvOfdcqnp8rrd0bk3F0fVHuaozmhcKlxFQv8acVGQTuS/p6WfcHIfh01dKGL+QozwI=; path=/; expires=Sun, 27-Nov-22 08:18:27 GMT; domain=.ouo.press; HttpOnly; SameSite=None Server: cloudflare CF-RAY: 770942f82ef7b505-OSL Content-Encoding: gzip --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1938) Size: 3772 Md5: 55d650f8adca65fece1080fa0694c442 Sha1: 4d046085b3e7c07595bcdb997cf717b880541937 Sha256: e632ce203ea635b5dd73c209ba76bed724cb62cd6157f056415653ebfae93831
GET /css/link-safe.css HTTP/1.1 Host: ouo.press User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://ouo.press/1LISgCW Cookie: cf_clearance=QFhLAfTn_z54OWxbYYx3ovZ54ftA8ymemmxjXGmkbLI-1669535307-0-250; ouoio_session=eyJpdiI6IkhVQlJEcXc3c1BvbkV4eEszZGV4NmZcLzZtVXB2eTFHWHVWTE9zTHBaZlVNPSIsInZhbHVlIjoieFBBYkJIc3ZYRGoxMkxJejBLb2Jkanp2NUx0dWlic09RTlwvY2tycFwveG5XZGFVOHhnZGsxSDlnOE1Ld0hCU2JQV0loT01FYWxXektQZWgzOEpBd0g3QT09IiwibWFjIjoiYzFhNTM3Y2Q4NDQ2ODBjNWMyMGU4MTczZGQ0MjZkN2IzYWQ2ZmZhZTc3ZjY3ZWIwZGJjZWZjNWJlNTc3MTJmMiJ9; language=eyJpdiI6IjFNVHcwc2QzWnBGUnJzXC9mXC9tK2grKzNFOWRocUpvaGZ6Um02OXFSS1R0UT0iLCJ2YWx1ZSI6ImZORlV3N1wvaHU1bWdhdzRDVXNhSEFWbUtDVGJkdVBhak5LZXRQWjNzR2c4PSIsIm1hYyI6ImVhMWVlNzZkYTViMWQ2YmJhZDQzMWNjYTJiNGYzMzY4MDcwYmM2ZGVmMzFiMDg2NTliM2I4MzdjYzNlNjZkMjUifQ%3D%3D; 23442255a367e504b1df799cd8f2425604727aa7=eyJpdiI6ImdsSjhxNHhDQVp3QUZoMEdYWjhhUU9LM21kaXJxVHR0ZEx2NXdoc2d4OHc9IiwidmFsdWUiOiJoWDRcL09sYld2cjBDQ2d5bTh2UUNOUmlETjdUa01tTVJmRGVMS0hWdE1UQlhnR1R0NXdUbFdFYUNyMU8rT3FtZ3dVWXRYTmxTYlNtSUc4bkVveHZqQ0F6VXJvNGF1T1I4WHorY1lzcnk5RHp0a1Y1SGxOekJ0NDhIUjVOVjBGalR6XC9aUzNNYkcrc2ROKzR3ZGpxTit1dStOWktHYUpScEFURGJDSytKMTZvR0xCR3JxTHlIVGlxcnZGVnp6SGZad0kxWFFKRWk1a1d4Q2c0NXJBYytaXC8zQjY2R3BLazdmSk1sS1FnQm9rYSthbzdaUlwvZjAwSW1uTzEzK1B0U3VHblkxTVdEbFN4SGNwSG1HM09DdEpZeFVYNDFWWFZNWFQ4TGZwb2swek94czhzeXRVSjAyKzM5bGp0cDFwTk9kR2wwYXJWbHNKeGFIZTBXQW9YT2YzenZ6Y3JTdWY4UlpKK2lrYnVCUnB5UFVoYUg2NUZFamtzZU9SUlwvTWNQTytQQiIsIm1hYyI6IjRlYjg2Yjc1MmYyMjg3Njc5YjcyNWEzMjg0YjlmNjJlNmRiNWM4YjM2NmI2MDEyMGI5YmZlOTI2YTk5MmE2MDgifQ%3D%3D	URL: ouo.press/css/link-safe.css FQDN: ouo.press IP: 172.67.22.15 HASH: 4bb66b15dd5791ec4c9867c3a89ee2ef9bdb5f0bbd0d442a1fbfe2c34e9bc86b 172.67.22.15 HTTP/1.1 200 OK Content-Type: text/css Date: Sun, 27 Nov 2022 07:48:27 GMT Transfer-Encoding: chunked Connection: keep-alive Cache-Control: max-age=86400 Cf-Bgj: minify Cf-Polished: status=cannot_optimize ETag: W/"5d951ace-1830" Expires: Sun, 27 Nov 2022 13:22:51 GMT Last-Modified: Wed, 02 Oct 2019 21:46:54 GMT X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block CF-Cache-Status: HIT Age: 23136 Set-Cookie: __cf_bm=RTGOooKGWC0kGJkzA7t_DqSsa5GxbwaNIXBIBySXvC8-1669535307-0-AQzeivu7sx7iymxfjNcOwxm5cq7I4JyskdK8pfZiMhRi89dfeHBVNyjY/CfeYlGrU/8uG6d34C/Pjvw76ZdJI/8=; path=/; expires=Sun, 27-Nov-22 08:18:27 GMT; domain=.ouo.press; HttpOnly; SameSite=None Vary: Accept-Encoding Server: cloudflare CF-RAY: 770942fac909b527-OSL Content-Encoding: gzip --- Additional Info --- Magic: ASCII text Size: 1750 Md5: d91a45478adaa488ef4f1733dfa3c44c Sha1: 3686ea901ce8ca85bb82f42bf0a8d39095ebf73d Sha256: 4bb66b15dd5791ec4c9867c3a89ee2ef9bdb5f0bbd0d442a1fbfe2c34e9bc86b
GET /css/bootstrap.css HTTP/1.1 Host: ouo.press User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://ouo.press/1LISgCW Cookie: cf_clearance=QFhLAfTn_z54OWxbYYx3ovZ54ftA8ymemmxjXGmkbLI-1669535307-0-250; ouoio_session=eyJpdiI6IkhVQlJEcXc3c1BvbkV4eEszZGV4NmZcLzZtVXB2eTFHWHVWTE9zTHBaZlVNPSIsInZhbHVlIjoieFBBYkJIc3ZYRGoxMkxJejBLb2Jkanp2NUx0dWlic09RTlwvY2tycFwveG5XZGFVOHhnZGsxSDlnOE1Ld0hCU2JQV0loT01FYWxXektQZWgzOEpBd0g3QT09IiwibWFjIjoiYzFhNTM3Y2Q4NDQ2ODBjNWMyMGU4MTczZGQ0MjZkN2IzYWQ2ZmZhZTc3ZjY3ZWIwZGJjZWZjNWJlNTc3MTJmMiJ9; language=eyJpdiI6IjFNVHcwc2QzWnBGUnJzXC9mXC9tK2grKzNFOWRocUpvaGZ6Um02OXFSS1R0UT0iLCJ2YWx1ZSI6ImZORlV3N1wvaHU1bWdhdzRDVXNhSEFWbUtDVGJkdVBhak5LZXRQWjNzR2c4PSIsIm1hYyI6ImVhMWVlNzZkYTViMWQ2YmJhZDQzMWNjYTJiNGYzMzY4MDcwYmM2ZGVmMzFiMDg2NTliM2I4MzdjYzNlNjZkMjUifQ%3D%3D; 23442255a367e504b1df799cd8f2425604727aa7=eyJpdiI6ImdsSjhxNHhDQVp3QUZoMEdYWjhhUU9LM21kaXJxVHR0ZEx2NXdoc2d4OHc9IiwidmFsdWUiOiJoWDRcL09sYld2cjBDQ2d5bTh2UUNOUmlETjdUa01tTVJmRGVMS0hWdE1UQlhnR1R0NXdUbFdFYUNyMU8rT3FtZ3dVWXRYTmxTYlNtSUc4bkVveHZqQ0F6VXJvNGF1T1I4WHorY1lzcnk5RHp0a1Y1SGxOekJ0NDhIUjVOVjBGalR6XC9aUzNNYkcrc2ROKzR3ZGpxTit1dStOWktHYUpScEFURGJDSytKMTZvR0xCR3JxTHlIVGlxcnZGVnp6SGZad0kxWFFKRWk1a1d4Q2c0NXJBYytaXC8zQjY2R3BLazdmSk1sS1FnQm9rYSthbzdaUlwvZjAwSW1uTzEzK1B0U3VHblkxTVdEbFN4SGNwSG1HM09DdEpZeFVYNDFWWFZNWFQ4TGZwb2swek94czhzeXRVSjAyKzM5bGp0cDFwTk9kR2wwYXJWbHNKeGFIZTBXQW9YT2YzenZ6Y3JTdWY4UlpKK2lrYnVCUnB5UFVoYUg2NUZFamtzZU9SUlwvTWNQTytQQiIsIm1hYyI6IjRlYjg2Yjc1MmYyMjg3Njc5YjcyNWEzMjg0YjlmNjJlNmRiNWM4YjM2NmI2MDEyMGI5YmZlOTI2YTk5MmE2MDgifQ%3D%3D	URL: ouo.press/css/bootstrap.css FQDN: ouo.press IP: 172.67.22.15 HASH: 40f5215bfeb4c595389b7d02127c47c94e173dbca21022c9f67eca101d03ab92 172.67.22.15 HTTP/1.1 200 OK Content-Type: text/css Date: Sun, 27 Nov 2022 07:48:27 GMT Transfer-Encoding: chunked Connection: keep-alive Cache-Control: max-age=86400 Cf-Bgj: minify Cf-Polished: origSize=109522 ETag: W/"54def1fc-1abd2" Expires: Sun, 27 Nov 2022 10:39:42 GMT Last-Modified: Sat, 14 Feb 2015 06:58:04 GMT X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block CF-Cache-Status: HIT Age: 32925 Set-Cookie: __cf_bm=UdsZ0vVtD1xXsDQnyuyXwgEls5j3C5SzsqHxUlupDVg-1669535307-0-ATuXlOY6XsUXPWcDe9xI/gnzFiUEHNJz/bpdzf7j4eunyErO9ccRKK6AVsfz2mYo9NZ+SMhqD1XKTK8P/6vdj4k=; path=/; expires=Sun, 27-Nov-22 08:18:27 GMT; domain=.ouo.press; HttpOnly; SameSite=None Vary: Accept-Encoding Server: cloudflare CF-RAY: 770942fac8f3b505-OSL Content-Encoding: gzip --- Additional Info --- Magic: ASCII text, with very long lines (65452) Size: 17990 Md5: ecd7a3b8fdf856cece681f760bad623c Sha1: 3c16d8b0523e3c6de3b20f7c7f9de2ae48a2949a Sha256: 40f5215bfeb4c595389b7d02127c47c94e173dbca21022c9f67eca101d03ab92
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1 Host: ouo.press User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://ouo.press/1LISgCW Cookie: cf_clearance=QFhLAfTn_z54OWxbYYx3ovZ54ftA8ymemmxjXGmkbLI-1669535307-0-250; ouoio_session=eyJpdiI6IkhVQlJEcXc3c1BvbkV4eEszZGV4NmZcLzZtVXB2eTFHWHVWTE9zTHBaZlVNPSIsInZhbHVlIjoieFBBYkJIc3ZYRGoxMkxJejBLb2Jkanp2NUx0dWlic09RTlwvY2tycFwveG5XZGFVOHhnZGsxSDlnOE1Ld0hCU2JQV0loT01FYWxXektQZWgzOEpBd0g3QT09IiwibWFjIjoiYzFhNTM3Y2Q4NDQ2ODBjNWMyMGU4MTczZGQ0MjZkN2IzYWQ2ZmZhZTc3ZjY3ZWIwZGJjZWZjNWJlNTc3MTJmMiJ9; language=eyJpdiI6IjFNVHcwc2QzWnBGUnJzXC9mXC9tK2grKzNFOWRocUpvaGZ6Um02OXFSS1R0UT0iLCJ2YWx1ZSI6ImZORlV3N1wvaHU1bWdhdzRDVXNhSEFWbUtDVGJkdVBhak5LZXRQWjNzR2c4PSIsIm1hYyI6ImVhMWVlNzZkYTViMWQ2YmJhZDQzMWNjYTJiNGYzMzY4MDcwYmM2ZGVmMzFiMDg2NTliM2I4MzdjYzNlNjZkMjUifQ%3D%3D; 23442255a367e504b1df799cd8f2425604727aa7=eyJpdiI6ImdsSjhxNHhDQVp3QUZoMEdYWjhhUU9LM21kaXJxVHR0ZEx2NXdoc2d4OHc9IiwidmFsdWUiOiJoWDRcL09sYld2cjBDQ2d5bTh2UUNOUmlETjdUa01tTVJmRGVMS0hWdE1UQlhnR1R0NXdUbFdFYUNyMU8rT3FtZ3dVWXRYTmxTYlNtSUc4bkVveHZqQ0F6VXJvNGF1T1I4WHorY1lzcnk5RHp0a1Y1SGxOekJ0NDhIUjVOVjBGalR6XC9aUzNNYkcrc2ROKzR3ZGpxTit1dStOWktHYUpScEFURGJDSytKMTZvR0xCR3JxTHlIVGlxcnZGVnp6SGZad0kxWFFKRWk1a1d4Q2c0NXJBYytaXC8zQjY2R3BLazdmSk1sS1FnQm9rYSthbzdaUlwvZjAwSW1uTzEzK1B0U3VHblkxTVdEbFN4SGNwSG1HM09DdEpZeFVYNDFWWFZNWFQ4TGZwb2swek94czhzeXRVSjAyKzM5bGp0cDFwTk9kR2wwYXJWbHNKeGFIZTBXQW9YT2YzenZ6Y3JTdWY4UlpKK2lrYnVCUnB5UFVoYUg2NUZFamtzZU9SUlwvTWNQTytQQiIsIm1hYyI6IjRlYjg2Yjc1MmYyMjg3Njc5YjcyNWEzMjg0YjlmNjJlNmRiNWM4YjM2NmI2MDEyMGI5YmZlOTI2YTk5MmE2MDgifQ%3D%3D	URL: ouo.press/cdn-cgi/scripts/5c5dd728/cloudflare-static/em (...) FQDN: ouo.press IP: 172.67.22.15 HASH: 31331f1b1519882d2f2fb60367708fd56a7a1ec0bddd0554c635547179c7dc8f 172.67.22.15 HTTP/1.1 200 OK Content-Type: application/javascript Date: Sun, 27 Nov 2022 07:48:27 GMT Transfer-Encoding: chunked Connection: keep-alive Last-Modified: Tue, 22 Nov 2022 13:35:09 GMT ETag: W/"637cd00d-4d7" Vary: Accept-Encoding Server: cloudflare CF-RAY: 770942fad925b527-OSL X-Frame-Options: DENY X-Content-Type-Options: nosniff Expires: Tue, 29 Nov 2022 07:48:27 GMT Cache-Control: max-age=172800, public Content-Encoding: gzip --- Additional Info --- Magic: HTML document, ASCII text, with very long lines (1238) Size: 655 Md5: bc3ba461c8a309acf61b6d9c41cb6236 Sha1: 88482306ecc9258d5e9cbb9ba5314dab223a5db4 Sha256: 31331f1b1519882d2f2fb60367708fd56a7a1ec0bddd0554c635547179c7dc8f
GET /css?family=Questrial HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://ouo.press/	URL: fonts.googleapis.com/css?family=Questrial FQDN: fonts.googleapis.com IP: 142.250.74.10 HASH: 1776d3903d4f6fb36773bac4ccb4b86c0658838f29674d1fb506859506a41bc3 142.250.74.10 HTTP/1.1 200 OK Content-Type: text/css; charset=utf-8 Access-Control-Allow-Origin: * Timing-Allow-Origin: * Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin Expires: Sun, 27 Nov 2022 07:48:27 GMT Date: Sun, 27 Nov 2022 07:48:27 GMT Cache-Control: private, max-age=86400 Cross-Origin-Opener-Policy: same-origin-allow-popups Cross-Origin-Resource-Policy: cross-origin Content-Encoding: gzip Transfer-Encoding: chunked Server: ESF X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff --- Additional Info --- Magic: ASCII text Size: 387 Md5: 7b73b3eed6a43db40b0640388112329f Sha1: ad4bb62a66f1f95c0a252f83345b40d40dcd5bb4 Sha256: 1776d3903d4f6fb36773bac4ccb4b86c0658838f29674d1fb506859506a41bc3
GET /c.js HTTP/1.1 Host: hhklc.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://ouo.press/	URL: hhklc.com/c.js FQDN: hhklc.com IP: 104.21.70.122 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 104.21.70.122 HTTP/1.1 301 Moved Permanently Date: Sun, 27 Nov 2022 07:48:27 GMT Transfer-Encoding: chunked Connection: keep-alive Cache-Control: max-age=3600 Expires: Sun, 27 Nov 2022 08:48:27 GMT Location: https://hhklc.com/c.js Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4XAfmOqLnrMpQ6K%2FzOQIp5yjSKuCEAtc4GlJFkK0lbO5rIdUDH72B6QKRS%2Bh0C2nZSTTuR2pSGjY%2BWex%2Br11i8ztaOu8TQFilGvyvmkOPdZgduAsjO66Fp3wpFk%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding Server: cloudflare CF-RAY: 770942fadeafb523-OSL alt-svc: h2=":443"; ma=60 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /static/js/fab.js HTTP/1.1 Host: ecdn.analysis.fi User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://ouo.press/	URL: ecdn.analysis.fi/static/js/fab.js FQDN: ecdn.analysis.fi IP: 54.230.111.81 HASH: d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6 54.230.111.81 HTTP/1.1 200 OK Content-Type: application/javascript Content-Length: 4240 Connection: keep-alive Server: nginx/1.20.0 Last-Modified: Tue, 14 Dec 2021 15:30:51 GMT Access-Control-Allow-Origin: * Accept-Ranges: bytes Date: Sun, 27 Nov 2022 07:23:13 GMT Expires: Sun, 27 Nov 2022 08:23:10 GMT Cache-Control: max-age=3600 ETag: "61b8b8ab-1090" X-Cache: Hit from cloudfront Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: ABzo3IIMf6lWS8tNsWZzqZz6vE0yM3FbZ_K_Oyjdz4SLGovg2YTFvA== Age: 1518 --- Additional Info --- Magic: ASCII text, with very long lines (574) Size: 4240 Md5: 28a0bef1ecb63168106f97b637ab3414 Sha1: e577575dd115f6a95aea8c2ae87d2c30c8464728 Sha256: d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6
GET /fi_client.js HTTP/1.1 Host: ecdn.firstimpression.io User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://ouo.press/	URL: ecdn.firstimpression.io/fi_client.js FQDN: ecdn.firstimpression.io IP: 54.230.111.99 HASH: da0a5c895621b1205cddda7ad3849a2cf8ac4b3f566bb62df8d7c788d9bc479d 54.230.111.99 HTTP/1.1 200 OK Content-Type: application/javascript Transfer-Encoding: chunked Connection: keep-alive Date: Sun, 27 Nov 2022 07:11:48 GMT Server: nginx/1.20.0 X-Powered-By: PHP/8.0.14 X-XSS-Protection: 0 Last-Modified: Sun, 27 Nov 2022 07:11:48 UTC ETag: W/"de80dbf84a6c7dd017a05f9f421c8761" Content-Encoding: gzip Vary: Accept-Encoding X-Cache: Hit from cloudfront Via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: GoJE3bFZ1nLL1qCgb-c9q1V7iBgZUTENOrLh0FVvG7GLRkq2IIbjIg== Age: 2200 --- Additional Info --- Magic: ASCII text, with very long lines (618) Size: 100155 Md5: dc28b507a7da98c64d824f5ec27806de Sha1: c64c026e3be0827b8bedbd0bb5c48352cec99e08 Sha256: da0a5c895621b1205cddda7ad3849a2cf8ac4b3f566bb62df8d7c788d9bc479d
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.3 HASH: e73982e62b92abac3d15b161f4525448cc2bc8b9bacefdcbfc6f87b74ec372e4 142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 27 Nov 2022 07:48:28 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 9f6cc8d3fe9092a6d3901e873a87fd87 Sha1: 2e0aac117a4cc57596efb3d6f6624c269f94b031 Sha256: e73982e62b92abac3d15b161f4525448cc2bc8b9bacefdcbfc6f87b74ec372e4
GET /sdk/v1/n.js HTTP/1.1 Host: cdn.runative-syndicate.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://ouo.press/	URL: cdn.runative-syndicate.com/sdk/v1/n.js FQDN: cdn.runative-syndicate.com IP: 8.247.219.121 HASH: eb6d42f0cdeddc023b69947db248be42bc66aa2da8c59178b7f22b528c4dd60f 8.247.219.121 HTTP/1.1 200 OK Content-Type: application/javascript Date: Fri, 12 Aug 2022 08:59:19 GMT Content-Length: 5220 Connection: keep-alive Last-Modified: Wed, 23 Mar 2022 15:25:35 GMT Server: nginx X-Robots-Tag: noindex, nofollow Content-Encoding: gzip Vary: Accept-Encoding ETag: W/"623b3bef-3202" Age: 9240549 Accept-Ranges: bytes --- Additional Info --- Magic: ASCII text, with very long lines (591) Size: 5220 Md5: e6b953ae4edfbe129269f196fe87eee9 Sha1: eb99511c1d23000bc72b2c640bbcd5792eb431f2 Sha256: eb6d42f0cdeddc023b69947db248be42bc66aa2da8c59178b7f22b528c4dd60f
GET /1clkn/16562 HTTP/1.1 Host: tv.gourdycortes.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://ouo.press/	URL: tv.gourdycortes.com/1clkn/16562 FQDN: tv.gourdycortes.com IP: 172.255.6.233 HASH: d4914e81dd0b4c1d8ee8e789f6b369d107b93ac886f862930e1a98580e79aafa 172.255.6.233 HTTP/1.1 200 OK Content-Type: application/javascript; charset=utf-8 Server: nginx Date: Sun, 27 Nov 2022 07:48:28 GMT Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=20 Set-Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; expires=Mon, 28-Nov-2022 07:48:28 GMT; Max-Age=86400; path=/ GL_GI10=eJxNjM0KgkAYRW0qSwrjQg%2FQC2T%2Fi7bVMnThAwxmXzFg84kz%2FdjTpwbR5nI4cK7jOGLsQ6gcw%2B0i2M6D9TJYbNZoX4khwgjDlO%2FaFqXUyY3ghlw8kxJuQVfFGmK%2BwuDLMuUzoRtG0z%2FXRIPIZDzZ1z8lOqmqt1bwav52vaprXFuZHP4uU69JzNndVi8GniYrTU50hrdPThnNDvER%2Fs82H24LfWVkXvCrrHhk1Y3erEny5WLIVqr1cMUHDLFHVQ%3D%3D; expires=Mon, 28-Nov-2022 07:48:28 GMT; Max-Age=86400; path=/ Content-Encoding: gzip Vary: Accept-Encoding Strict-Transport-Security: max-age=1 X-Content-Type-Options: nosniff --- Additional Info --- Magic: ASCII text, with no line terminators Size: 26 Md5: 414a242a6fee8464282857e475d3ef61 Sha1: f669890350347f53aa9bd19c1a355692e8d17d2f Sha256: d4914e81dd0b4c1d8ee8e789f6b369d107b93ac886f862930e1a98580e79aafa
GET /recaptcha/api.js?render=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://ouo.press/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.google.com/recaptcha/api.js?render=6Lcr1ncUAAAAAH3c (...) FQDN: www.google.com IP: 142.250.74.164 HASH: 7e9b8e953f317a7a47db6df1d1ac8be5c78e9a9524a0a07755c748c2198f816a 142.250.74.164 HTTP/2 200 OK content-type: text/javascript; charset=UTF-8 expires: Sun, 27 Nov 2022 07:48:28 GMT date: Sun, 27 Nov 2022 07:48:28 GMT cache-control: private, max-age=300 cross-origin-resource-policy: cross-origin content-encoding: gzip x-content-type-options: nosniff x-frame-options: SAMEORIGIN content-security-policy: frame-ancestors 'self' x-xss-protection: 1; mode=block content-length: 582 server: GSE alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (884), with no line terminators Size: 582 Md5: 729acee2a72aedc9406dba71bf4c1d00 Sha1: e7f1dea037aaa2df1c1e5b884dc5d73b7bc35e82 Sha256: 7e9b8e953f317a7a47db6df1d1ac8be5c78e9a9524a0a07755c748c2198f816a
GET /images/world.png HTTP/1.1 Host: ouo.press User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://ouo.press/1LISgCW Cookie: cf_clearance=QFhLAfTn_z54OWxbYYx3ovZ54ftA8ymemmxjXGmkbLI-1669535307-0-250; ouoio_session=eyJpdiI6IkhVQlJEcXc3c1BvbkV4eEszZGV4NmZcLzZtVXB2eTFHWHVWTE9zTHBaZlVNPSIsInZhbHVlIjoieFBBYkJIc3ZYRGoxMkxJejBLb2Jkanp2NUx0dWlic09RTlwvY2tycFwveG5XZGFVOHhnZGsxSDlnOE1Ld0hCU2JQV0loT01FYWxXektQZWgzOEpBd0g3QT09IiwibWFjIjoiYzFhNTM3Y2Q4NDQ2ODBjNWMyMGU4MTczZGQ0MjZkN2IzYWQ2ZmZhZTc3ZjY3ZWIwZGJjZWZjNWJlNTc3MTJmMiJ9; language=eyJpdiI6IjFNVHcwc2QzWnBGUnJzXC9mXC9tK2grKzNFOWRocUpvaGZ6Um02OXFSS1R0UT0iLCJ2YWx1ZSI6ImZORlV3N1wvaHU1bWdhdzRDVXNhSEFWbUtDVGJkdVBhak5LZXRQWjNzR2c4PSIsIm1hYyI6ImVhMWVlNzZkYTViMWQ2YmJhZDQzMWNjYTJiNGYzMzY4MDcwYmM2ZGVmMzFiMDg2NTliM2I4MzdjYzNlNjZkMjUifQ%3D%3D; 23442255a367e504b1df799cd8f2425604727aa7=eyJpdiI6ImdsSjhxNHhDQVp3QUZoMEdYWjhhUU9LM21kaXJxVHR0ZEx2NXdoc2d4OHc9IiwidmFsdWUiOiJoWDRcL09sYld2cjBDQ2d5bTh2UUNOUmlETjdUa01tTVJmRGVMS0hWdE1UQlhnR1R0NXdUbFdFYUNyMU8rT3FtZ3dVWXRYTmxTYlNtSUc4bkVveHZqQ0F6VXJvNGF1T1I4WHorY1lzcnk5RHp0a1Y1SGxOekJ0NDhIUjVOVjBGalR6XC9aUzNNYkcrc2ROKzR3ZGpxTit1dStOWktHYUpScEFURGJDSytKMTZvR0xCR3JxTHlIVGlxcnZGVnp6SGZad0kxWFFKRWk1a1d4Q2c0NXJBYytaXC8zQjY2R3BLazdmSk1sS1FnQm9rYSthbzdaUlwvZjAwSW1uTzEzK1B0U3VHblkxTVdEbFN4SGNwSG1HM09DdEpZeFVYNDFWWFZNWFQ4TGZwb2swek94czhzeXRVSjAyKzM5bGp0cDFwTk9kR2wwYXJWbHNKeGFIZTBXQW9YT2YzenZ6Y3JTdWY4UlpKK2lrYnVCUnB5UFVoYUg2NUZFamtzZU9SUlwvTWNQTytQQiIsIm1hYyI6IjRlYjg2Yjc1MmYyMjg3Njc5YjcyNWEzMjg0YjlmNjJlNmRiNWM4YjM2NmI2MDEyMGI5YmZlOTI2YTk5MmE2MDgifQ%3D%3D	URL: ouo.press/images/world.png FQDN: ouo.press IP: 172.67.22.15 HASH: 70f03c74cc197cf154af36fa552a448d9ffebb55081c96e55ef4cf469123fe22 172.67.22.15 HTTP/1.1 200 OK Content-Type: image/png Date: Sun, 27 Nov 2022 07:48:28 GMT Content-Length: 5692 Connection: keep-alive Cache-Control: max-age=2592000 Cf-Bgj: imgq:85,h2pri Cf-Polished: status=not_needed ETag: "5549a07c-163c" Expires: Sat, 03 Dec 2022 22:33:44 GMT Last-Modified: Wed, 06 May 2015 05:02:52 GMT X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block CF-Cache-Status: HIT Age: 2020484 Accept-Ranges: bytes Set-Cookie: __cf_bm=yuewbPlddkl.Tl836NlCcfM2jXjj1pw7Ii0CENULWeo-1669535308-0-AQ5FxfTxXndWsq+SMPCBawjEX6xtcIHODha5zSoICCfhjnkxnoSBhdsp8WW6JrvnSAnU64xHrAtsOijtyhfG4S8=; path=/; expires=Sun, 27-Nov-22 08:18:28 GMT; domain=.ouo.press; HttpOnly; SameSite=None Vary: Accept-Encoding Server: cloudflare CF-RAY: 770942fb698db505-OSL --- Additional Info --- Magic: PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data Size: 5692 Md5: 4eea420a8830a6d695114427bf52b556 Sha1: 35579e7f1a656beb3a07a7093166ff37c634bade Sha256: 70f03c74cc197cf154af36fa552a448d9ffebb55081c96e55ef4cf469123fe22
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.3 HASH: 6dce3754a67df878b536c368657a492a1f908d408fe7fe5ba43c5d24c44434b3 142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 27 Nov 2022 07:48:28 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 88e42375d2172305f819b892225cf877 Sha1: 674324641f82700172e72fe259ee2241361e2ea1 Sha256: 6dce3754a67df878b536c368657a492a1f908d408fe7fe5ba43c5d24c44434b3
GET /ed/36/01/ed36014633829dc70a42dccaefdf3f11.js HTTP/1.1 Host: itineraryupper.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://ouo.press/	URL: itineraryupper.com/ed/36/01/ed36014633829dc70a42dccaefd (...) FQDN: itineraryupper.com IP: 173.233.137.60 HASH: 74ae82ee7e279446f39afc8e7fa2a714d3bccdd7eb00b8fd974df9936c9acb85 173.233.137.60 HTTP/1.1 200 OK Content-Type: application/javascript Server: nginx/1.19.5 Date: Sun, 27 Nov 2022 07:48:28 GMT Transfer-Encoding: chunked Connection: keep-alive P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Access-Control-Allow-Origin: * Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA Expires: Thu, 01 Jan 1970 00:00:01 GMT Cache-Control: no-cache X-Request-ID: 96bb35917131055ed3618d33ea4fda7b Strict-Transport-Security: max-age=0; includeSubdomains Content-Encoding: gzip --- Additional Info --- Magic: ASCII text, with very long lines (37198), with no line terminators Size: 13443 Md5: 36444a045ddd4c4a19baad7234144888 Sha1: f8fa02c4faaa7175fe9b0ff64ae517203648d5f3 Sha256: 74ae82ee7e279446f39afc8e7fa2a714d3bccdd7eb00b8fd974df9936c9acb85 Alerts: Blocklists: - fortinet: Malware
GET /sdk/v1/n.css HTTP/1.1 Host: cdn.run-syndicate.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://ouo.press/	URL: cdn.run-syndicate.com/sdk/v1/n.css FQDN: cdn.run-syndicate.com IP: 8.247.219.121 HASH: 24b59f4e4fbf1d4a988ffa478952ceb54e0b2f0774da926bcd2cc0376200dbfe 8.247.219.121 HTTP/1.1 200 OK Content-Type: text/css Date: Thu, 03 Mar 2022 22:40:12 GMT Content-Length: 8277 Connection: keep-alive ETag: "6114dd75-2055" Last-Modified: Thu, 12 Aug 2021 08:36:05 GMT Server: nginx X-Robots-Tag: noindex, nofollow Age: 23188096 Accept-Ranges: bytes --- Additional Info --- Magic: ASCII text, with very long lines (8277), with no line terminators Size: 8277 Md5: 37ebbc4b85fb5383d08547f5fe9d8d9f Sha1: 99dac34980b1fd00028f76e782444bdf948724c5 Sha256: 24b59f4e4fbf1d4a988ffa478952ceb54e0b2f0774da926bcd2cc0376200dbfe
GET /s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: http://ouo.press Connection: keep-alive Referer: http://fonts.googleapis.com/	URL: fonts.gstatic.com/s/questrial/v18/QdVUSTchPBm7nuUeVf70v (...) FQDN: fonts.gstatic.com IP: 216.58.207.195 HASH: fd88a03358ba14440b78c6329717bdf6ed1a9fe97c3ad4e0a0a39d31fb1ac546 216.58.207.195 HTTP/1.1 200 OK Content-Type: font/woff2 Accept-Ranges: bytes Access-Control-Allow-Origin: * Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes" Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} Timing-Allow-Origin: * Content-Length: 19292 X-Content-Type-Options: nosniff Server: sffe X-XSS-Protection: 0 Date: Thu, 24 Nov 2022 15:53:57 GMT Expires: Fri, 24 Nov 2023 15:53:57 GMT Cache-Control: public, max-age=31536000 Age: 230071 Last-Modified: Wed, 27 Apr 2022 16:12:54 GMT --- Additional Info --- Magic: Web Open Font Format (Version 2), TrueType, length 19292, version 1.0\012- data Size: 19292 Md5: 19007b17e56daa60133bce9e9b352a95 Sha1: bac1384caeae5762e7a1d8c18037f69c8cd21bc4 Sha256: fd88a03358ba14440b78c6329717bdf6ed1a9fe97c3ad4e0a0a39d31fb1ac546
GET /sfp.js HTTP/1.1 Host: friendshipmale.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://ouo.press/	URL: friendshipmale.com/sfp.js FQDN: friendshipmale.com IP: 172.64.203.23 HASH: d999c4320df27dc4a1d3de5aec22bb3ef201560b47a7eff3f28f4133c1997a14 172.64.203.23 HTTP/1.1 200 OK Content-Type: application/javascript; charset=utf-8 Date: Sun, 27 Nov 2022 07:48:28 GMT Transfer-Encoding: chunked Connection: keep-alive P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Access-Control-Allow-Origin: * Expires: Thu, 01 Jan 1970 00:00:01 GMT Cache-Control: max-age=14400 X-Request-ID: 48b259962c7e6b4898847b232e802bb3 Strict-Transport-Security: max-age=0; includeSubdomains CF-Cache-Status: EXPIRED Last-Modified: Sun, 27 Nov 2022 07:48:28 GMT Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q53zClaf2ZU3rDccFrcbZfy%2FiYNGIfvDAzqx%2F3NDfshXeQwnVT%2FFRqa2%2FYP%2B%2FrBWNmpE6VVKVwevSy0Euu4JbC%2BZqh9IYyyxoxZ00l%2FrI6be9oJ8mVV8BUUtHThHR7muAKaZOQ4%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding Server: cloudflare CF-RAY: 770942fe7f3e718a-LHR Content-Encoding: gzip alt-svc: h2=":443"; ma=60 --- Additional Info --- Magic: Unicode text, UTF-8 text, with very long lines (65529), with no line terminators Size: 27574 Md5: b1fa950e77a7db5425f9a5257af02e9c Sha1: 2d5580451f34ad96218f8b97edf9708f9ee1be87 Sha256: d999c4320df27dc4a1d3de5aec22bb3ef201560b47a7eff3f28f4133c1997a14
POST / HTTP/1.1 Host: ocsp.sca1b.amazontrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.sca1b.amazontrust.com/ FQDN: ocsp.sca1b.amazontrust.com IP: 143.204.42.88 HASH: 6741505308b8f473e68a567b74e6cd099b7a624b3711cc0acab45b2add675f74 143.204.42.88 HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Accept-Ranges: bytes Cache-Control: 'max-age=158059' Date: Sun, 27 Nov 2022 07:48:28 GMT Last-Modified: Sun, 27 Nov 2022 06:01:05 GMT Server: ECS (bsa/EB19) X-Cache: Miss from cloudfront Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: aEUahuJEvV6wf3gmSo3t8NUKIeG3Tmto-NA4dHn5aw0fndEXnECumw== Age: 6443 --- Additional Info --- Magic: data Size: 471 Md5: 4af47334194a0d10c2bfd52f16eb91ac Sha1: 8ea04d240499dea43f26c738c8428df118dd622d Sha256: 6741505308b8f473e68a567b74e6cd099b7a624b3711cc0acab45b2add675f74
GET /stats HTTP/1.1 Host: simplewebanalysis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: http://ouo.press Connection: keep-alive Referer: http://ouo.press/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: simplewebanalysis.com/stats FQDN: simplewebanalysis.com IP: 52.28.211.11 HASH: 3e8fbe6d716d7d0cea6789bce164eff75078357f4e71e1caba7164ee46fd2bd0 52.28.211.11 HTTP/2 200 OK content-type: text/html; charset=UTF-8 date: Sun, 27 Nov 2022 07:48:28 GMT content-length: 40 server: fasthttp access-control-allow-origin: http://ouo.press access-control-allow-credentials: true set-cookie: uid_id2=6437a6c1-ae41-436c-bed6-40f5c2aadc63:3:1; expires=Wed, 24 Nov 2032 07:48:28 GMT; secure; SameSite=None X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with no line terminators Size: 40 Md5: 495bbb7732095eb1b1d3c9ecd1f24b41 Sha1: 1be28b5c0ec5fbe2050b01903e7404a6a97681b7 Sha256: 3e8fbe6d716d7d0cea6789bce164eff75078357f4e71e1caba7164ee46fd2bd0
GET /do2/048b86cb1ea4453a9397baf204dd5474/dynamic?format=jsonp&count=2&w=1280&h=1024&keywords=ouo,press,short,links,link,shortener,free,URL,shortener,Free,URL,shorten,service,ouo,press,LISgCW&adtype=label-under&callback=callback_075CX HTTP/1.1 Host: run-syndicate.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://ouo.press/	URL: run-syndicate.com/do2/048b86cb1ea4453a9397baf204dd5474/ (...) FQDN: run-syndicate.com IP: 136.243.81.150 HASH: bb9d43a39a58ea2031d74db00e70d4020f606097f34a279a76fb68f26ee633c8 136.243.81.150 HTTP/1.1 200 OK Content-Type: application/javascript; charset=utf-8 Server: nginx Date: Sun, 27 Nov 2022 07:48:28 GMT Transfer-Encoding: chunked Connection: keep-alive Pragma: no-cache Expires: 0 Vary: Accept-Encoding, * X-Api-Version: 2 X-Request-Id: 7a92b84af1da5f31 Set-Cookie: ts_uid=81a32be2-cd80-430c-86e8-182b89760528; expires=Sat, 27 May 2023 07:48:28 GMT; domain=.run-syndicate.com; path=/; HttpOnly; secure; SameSite=None Cache-Control: no-cache, no-store, no-transform, must-revalidate, no-transform X-Robots-Tag: none, noindex, nofollow Report-To: { "url": "https://pxl.runative-syndicate.com/api/v1/heavy-ad/report", "max_age": 86401 } Content-Encoding: gzip --- Additional Info --- Magic: ASCII text, with very long lines (9026), with no line terminators Size: 4555 Md5: e2e759cb5d77723078deea36d8f7ae33 Sha1: 052118ec2c12a77f4af89fbaf42305243f3e6750 Sha256: bb9d43a39a58ea2031d74db00e70d4020f606097f34a279a76fb68f26ee633c8
GET /images/widgetIcons/achoice.svg HTTP/1.1 Host: widgets.outbrain.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://ouo.press/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: widgets.outbrain.com/images/widgetIcons/achoice.svg FQDN: widgets.outbrain.com IP: 23.38.201.81 HASH: 2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04 23.38.201.81 HTTP/2 200 OK content-type: image/svg+xml accept-ranges: bytes etag: "9d26fa4e7238ed94f1d0d92afb453b3e:1662969032.874716" last-modified: Mon, 12 Sep 2022 07:37:47 GMT server: AkamaiNetStorage content-length: 2735 cache-control: max-age=2592000 expires: Tue, 27 Dec 2022 07:48:28 GMT date: Sun, 27 Nov 2022 07:48:28 GMT timing-allow-origin: , access-control-allow-credentials: false access-control-allow-methods: GET,POST access-control-allow-origin: * X-Firefox-Spdy: h2 --- Additional Info --- Magic: SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2290) Size: 2735 Md5: 9d26fa4e7238ed94f1d0d92afb453b3e Sha1: ae18efe7d09337bf2f580b3f5bc912284aad7821 Sha256: 2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.3 HASH: 82b03e92d004f116875ba023a7e8782d3c124a1c499a6328f29cff70f397a6cc 142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 27 Nov 2022 07:48:28 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 9cff2c2ad4207e09e07c017987177850 Sha1: 833082ded91a1983a1367c48c8076949e079ce95 Sha256: 82b03e92d004f116875ba023a7e8782d3c124a1c499a6328f29cff70f397a6cc
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.3 HASH: c93a71d276aa3f386bef66ed2b4d69e041cccc9a4df5024b14d54ce2569948f0 142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 27 Nov 2022 07:48:28 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: e9895464b828d538dc654c678c82b181 Sha1: af5791cd48761cb3f3f979b481c23e1508692823 Sha256: c93a71d276aa3f386bef66ed2b4d69e041cccc9a4df5024b14d54ce2569948f0
GET /favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250 HTTP/1.1 Host: ad.doubleclick.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://ouo.press/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adn (...) FQDN: ad.doubleclick.net IP: 142.250.74.102 HASH: 00cc7617e054596ff0aaabd8a93a9214dc5304bfe317316022dbf4fb3ea073d2 142.250.74.102 HTTP/2 200 OK content-type: image/x-icon accept-ranges: bytes vary: Accept-Encoding access-control-allow-origin: * cross-origin-resource-policy: cross-origin cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media" report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-length: 104 x-content-type-options: nosniff content-encoding: gzip server: sffe x-xss-protection: 0 date: Sat, 26 Nov 2022 11:00:31 GMT expires: Sun, 27 Nov 2022 11:00:31 GMT cache-control: public, max-age=86400 age: 74877 last-modified: Tue, 08 May 2012 13:08:06 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: MS Windows icon resource - 2 icons, 16x16, 16 colors, 32x32, 16 colors\012- data Size: 104 Md5: 32ac8a9b81788b981a3a7e13c14082d4 Sha1: fbfd48a2bfe8d4247a975176f88d18c3c2ad1952 Sha256: 00cc7617e054596ff0aaabd8a93a9214dc5304bfe317316022dbf4fb3ea073d2
GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1 Host: www.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: http://ouo.press Connection: keep-alive Referer: http://ouo.press/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6sa (...) FQDN: www.gstatic.com IP: 142.250.74.163 HASH: 59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6 142.250.74.163 HTTP/2 200 OK content-type: text/javascript accept-ranges: bytes vary: Accept-Encoding content-encoding: gzip access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha" report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-length: 162976 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Sat, 26 Nov 2022 21:26:04 GMT expires: Sun, 26 Nov 2023 21:26:04 GMT cache-control: public, max-age=31536000 last-modified: Mon, 14 Nov 2022 03:01:59 GMT age: 37344 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (730) Size: 162976 Md5: 79d18cf4265108d7cecca1bf4ada6109 Sha1: e51d0285a545381d4c39e9e0292a650ffeeecbb9 Sha256: 59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.3 HASH: c93a71d276aa3f386bef66ed2b4d69e041cccc9a4df5024b14d54ce2569948f0 142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 27 Nov 2022 07:48:28 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: e9895464b828d538dc654c678c82b181 Sha1: af5791cd48761cb3f3f979b481c23e1508692823 Sha256: c93a71d276aa3f386bef66ed2b4d69e041cccc9a4df5024b14d54ce2569948f0
POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.sectigo.com/ FQDN: ocsp.sectigo.com IP: 172.64.155.188 HASH: f3793d646b320f22c02cde1bee7423484fba1abc89cce4667754107416ab640f 172.64.155.188 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 27 Nov 2022 07:48:29 GMT Content-Length: 472 Connection: keep-alive Last-Modified: Sat, 26 Nov 2022 15:56:29 GMT Expires: Sat, 03 Dec 2022 15:56:28 GMT Etag: "306a448867377ee652726a0ca8f45112ed46f3d2" Cache-Control: max-age=547079,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb2 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 770943011aeb0b65-OSL --- Additional Info --- Magic: data Size: 472 Md5: bbb0f4db8cf5afadcf6aff6e3efd84f5 Sha1: 306a448867377ee652726a0ca8f45112ed46f3d2 Sha256: f3793d646b320f22c02cde1bee7423484fba1abc89cce4667754107416ab640f
GET /images/5/a/28e48d256a3f2fbfb83b09543cbaf5a5a4b7a1/300x250.webp HTTP/1.1 Host: lcdn.tsyndicate.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://ouo.press/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: lcdn.tsyndicate.com/images/5/a/28e48d256a3f2fbfb83b0954 (...) FQDN: lcdn.tsyndicate.com IP: 8.247.219.121 HASH: b50b777891dc9f3c65918d24eabce9e83aed2f6c78da8d8ca784f173955b1ab8 8.247.219.121 HTTP/2 200 OK content-type: image/webp date: Sun, 27 Nov 2022 07:48:29 GMT content-length: 4579 last-modified: Thu, 10 Nov 2022 11:53:00 GMT server: nginx x-robots-tag: noindex, nofollow content-encoding: gzip vary: Accept-Encoding etag: W/"636ce61c-11cc" age: 1363316 accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image, VP8 encoding, 300x225, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Size: 4579 Md5: 28ab8bc86a12a46387751f0d0d3f8d76 Sha1: 752bb87d55026c563d91b60214abd39fe39ce5c8 Sha256: b50b777891dc9f3c65918d24eabce9e83aed2f6c78da8d8ca784f173955b1ab8
GET /static/js/fiamp.js HTTP/1.1 Host: ecdn.firstimpression.io User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://ouo.press/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: ecdn.firstimpression.io/static/js/fiamp.js FQDN: ecdn.firstimpression.io IP: 54.230.111.99 HASH: b04b1746bc8a48137457f383c31cc9039fb562a853e8c093db1c15a58ab9e7c1 54.230.111.99 HTTP/2 200 OK content-type: application/javascript server: nginx/1.20.0 last-modified: Fri, 08 Apr 2022 08:48:22 GMT access-control-allow-origin: * content-encoding: gzip date: Sun, 27 Nov 2022 07:29:59 GMT expires: Sun, 27 Nov 2022 08:29:57 GMT cache-control: max-age=3600 etag: W/"624ff6d6-1b8e9" vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: LbQOO9QlgIgN95Wwwk2xBXvUOKsycfVuye9WRjWTk_hPMplsX1Fk8w== age: 1112 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (65536), with no line terminators Size: 60294 Md5: ba7b84587eb3e7425bf1ff2641250d56 Sha1: 041549a105862eac93c8ce3d388a0df597dee104 Sha256: b04b1746bc8a48137457f383c31cc9039fb562a853e8c093db1c15a58ab9e7c1
GET /aax2/apstag.js HTTP/1.1 Host: c.amazon-adsystem.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://ouo.press/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: c.amazon-adsystem.com/aax2/apstag.js FQDN: c.amazon-adsystem.com IP: 143.204.46.73 HASH: 7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d 143.204.46.73 HTTP/2 301 Moved Permanently content-type: text/html content-length: 167 location: https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js server: CloudFront date: Sun, 27 Nov 2022 00:09:35 GMT via: 1.1 06a27d66e25d02ebcfb014b9d194016a.cloudfront.net (CloudFront), 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront) x-cache: Hit from cloudfront x-amz-cf-pop: FRA60-P1, OSL50-C1 x-amz-cf-id: CNr26bhfSpKPA8hxCcWh3liH2WJHjOUIj3QhrzpkqnDsajlVC-IaOA== age: 27534 X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Size: 167 Md5: f5d40b7259645010f9a248858ad14178 Sha1: b3051d17a6ec8c9e166bf09a62b48261ab86957b Sha256: 7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /turnstile/v0/75e640aa/api.js?onload=_cf_chl_turnstile_l&render=explicit HTTP/1.1 Host: challenges.cloudflare.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: challenges.cloudflare.com/turnstile/v0/75e640aa/api.js? (...) FQDN: challenges.cloudflare.com IP: 104.18.7.185 HASH: 58af77f0968d4fe01e850c3a923498ce7aa685711dfe0c65d269fa7d5a9587a1 104.18.7.185 HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 date: Sun, 27 Nov 2022 07:48:26 GMT cache-control: max-age=31536000 vary: Accept-Encoding server: cloudflare cf-ray: 770942ef8fe80b31-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (9399) Size: 12730 Md5: fa8d1d0a9d1411008f741658f242867c Sha1: 43a0933b7ae6b8ab27e0d5ee8df24ba2cbebb1d5 Sha256: 58af77f0968d4fe01e850c3a923498ce7aa685711dfe0c65d269fa7d5a9587a1
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1 Host: ocsp.globalsign.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1 FQDN: ocsp.globalsign.com IP: 104.18.20.226 HASH: 8cf0cbd914da11bf70089d4863d464334303c293529b96e99830a8f92952d349 104.18.20.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 27 Nov 2022 07:48:29 GMT Transfer-Encoding: chunked Connection: keep-alive Etag: "C4E22605CE36B639E31136E46315B13268D9163B" Expires: Sun, 27 Nov 2022 18:00:00 GMT Last-Modified: Sun, 27 Nov 2022 06:00:00 UTC Cache-Control: s-maxage=3600, public, no-transform, must-revalidate CF-Cache-Status: HIT Age: 2528 Vary: Accept-Encoding Server: cloudflare CF-RAY: 77094301decbb521-OSL --- Additional Info --- Magic: data Size: 41436 Md5: 86ca4959c60745d329b63cf5e9175732 Sha1: 87a48a60461a67c971b12f01d4f4be006b7b111a Sha256: 8cf0cbd914da11bf70089d4863d464334303c293529b96e99830a8f92952d349
POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.sectigo.com/ FQDN: ocsp.sectigo.com IP: 172.64.155.188 HASH: f3793d646b320f22c02cde1bee7423484fba1abc89cce4667754107416ab640f 172.64.155.188 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 27 Nov 2022 07:48:29 GMT Content-Length: 472 Connection: keep-alive Last-Modified: Sat, 26 Nov 2022 15:56:29 GMT Expires: Sat, 03 Dec 2022 15:56:28 GMT Etag: "306a448867377ee652726a0ca8f45112ed46f3d2" Cache-Control: max-age=547078,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb2 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 7709430119810b61-OSL --- Additional Info --- Magic: data Size: 472 Md5: bbb0f4db8cf5afadcf6aff6e3efd84f5 Sha1: 306a448867377ee652726a0ca8f45112ed46f3d2 Sha256: f3793d646b320f22c02cde1bee7423484fba1abc89cce4667754107416ab640f
GET /images/a/d/03d7b5c2d567cc6406d8f127e020875cb4eb3e/300x250.webp HTTP/1.1 Host: lcdn.tsyndicate.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://ouo.press/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: lcdn.tsyndicate.com/images/a/d/03d7b5c2d567cc6406d8f127 (...) FQDN: lcdn.tsyndicate.com IP: 8.247.219.121 HASH: 8724bb91fdb568f4b15893c544f289a7c5d1113b741f37eb1a2f8009eae4b13d 8.247.219.121 HTTP/2 200 OK content-type: image/webp date: Sun, 27 Nov 2022 07:48:29 GMT content-length: 5125 last-modified: Thu, 10 Nov 2022 11:52:59 GMT server: nginx x-robots-tag: noindex, nofollow content-encoding: gzip vary: Accept-Encoding etag: W/"636ce61b-13ee" age: 1363326 accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image, VP8 encoding, 300x225, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Size: 5125 Md5: f57b114ba45b2c271385442ec59a443f Sha1: fcf79e45bcc922fc2463db284ff39283658981ad Sha256: 8724bb91fdb568f4b15893c544f289a7c5d1113b741f37eb1a2f8009eae4b13d
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: e7b8f4a2903c81045b0795ce1aea1298807b394ea85548f7f97e635e9cf65a2b 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 5962 Cache-Control: 'max-age=158059' Date: Sun, 27 Nov 2022 07:48:29 GMT Last-Modified: Sun, 27 Nov 2022 06:09:08 GMT Server: ECS (ska/F718) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: f39102a6340bb2fd8c961680d4058687 Sha1: ddb18aa541e869773f4b396894bcaa17a302c1b7 Sha256: e7b8f4a2903c81045b0795ce1aea1298807b394ea85548f7f97e635e9cf65a2b
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: b91f260251b5c2f217f96a3b79f7e32ccfe843d5e9919664153e07802f55026a 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 1121 Cache-Control: max-age=99419 Date: Sun, 27 Nov 2022 07:48:29 GMT Etag: "6381f347-139" Expires: Mon, 28 Nov 2022 11:25:28 GMT Last-Modified: Sat, 26 Nov 2022 11:06:47 GMT Server: ECS (ska/F718) X-Cache: HIT Content-Length: 313 --- Additional Info --- Magic: data Size: 313 Md5: e221c48ca23d0627cfc0cd7907f5bee1 Sha1: b3f3af6074a05d3bddf023bd5dbbf88bb8d5686e Sha256: b91f260251b5c2f217f96a3b79f7e32ccfe843d5e9919664153e07802f55026a
POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.sectigo.com/ FQDN: ocsp.sectigo.com IP: 172.64.155.188 HASH: 0f874cf2a25b7f913badd906ae5deb8429f8eb135973275ed5314162b37c7b31 172.64.155.188 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 27 Nov 2022 07:48:29 GMT Content-Length: 472 Connection: keep-alive Last-Modified: Sat, 26 Nov 2022 13:55:55 GMT Expires: Sat, 03 Dec 2022 13:55:54 GMT Etag: "5be1c6a23b5e6059f4d882148c84eb941c7068ec" Cache-Control: max-age=539844,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb1 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 77094303bcc50b65-OSL --- Additional Info --- Magic: data Size: 472 Md5: ea101f7e711eb66ba76f9e395ce3b919 Sha1: 5be1c6a23b5e6059f4d882148c84eb941c7068ec Sha256: 0f874cf2a25b7f913badd906ae5deb8429f8eb135973275ed5314162b37c7b31
POST /ut/v3/prebid HTTP/1.1 Host: ib.adnxs.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain Content-Length: 561 Origin: http://ouo.press Connection: keep-alive Referer: http://ouo.press/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: ib.adnxs.com/ut/v3/prebid FQDN: ib.adnxs.com IP: 185.89.210.244 HASH: 3ad76a513ec69735d26ada809fcd0d7c763dbb36df4e69da76fddf38353f2d09 185.89.210.244 HTTP/1.1 200 OK Content-Type: application/json; charset=utf-8 Server: nginx/1.21.3 Date: Sun, 27 Nov 2022 07:48:29 GMT Content-Length: 138 Connection: keep-alive Cache-Control: no-store, no-cache, private Pragma: no-cache Expires: Sat, 15 Nov 2008 16:00:00 GMT P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" X-XSS-Protection: 0 Access-Control-Allow-Credentials: true Access-Control-Allow-Origin: http://ouo.press AN-X-Request-Uuid: edb5e566-b840-4ae7-9f18-33e75ac2d46d X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 138 Md5: 7c4a2cc47c2e53420f829b4024832605 Sha1: 8da3788799f3d38cbc4731863e738e63fb73c8f1 Sha256: 3ad76a513ec69735d26ada809fcd0d7c763dbb36df4e69da76fddf38353f2d09
POST /cdb?profileId=207&av=34&wv=6.2.0&cb=77382117440 HTTP/1.1 Host: bidder.criteo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain Content-Length: 486 Origin: http://ouo.press Connection: keep-alive Referer: http://ouo.press/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: bidder.criteo.com/cdb?profileId=207&av=34&wv=6.2.0&cb=7 (...) FQDN: bidder.criteo.com IP: 178.250.0.165 HASH: 3a803b7520764b5266cfac90aa9f9b2ff931109f489d9a1deb24aa686c239a74 178.250.0.165 HTTP/2 200 OK content-type: application/json; charset=utf-8 date: Sun, 27 Nov 2022 07:48:29 GMT vary: Origin server: Finatra timing-allow-origin: * access-control-allow-origin: http://ouo.press cross-origin-resource-policy: cross-origin access-control-allow-credentials: true content-encoding: gzip content-length: 44 strict-transport-security: max-age=31536000; preload; X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 44 Md5: 5f1dcf53824ce88cdb7941d34db3f19d Sha1: 4164a13e3f53e1f002606a807d64a92620720fb0 Sha256: 3a803b7520764b5266cfac90aa9f9b2ff931109f489d9a1deb24aa686c239a74
POST /ut/v3/prebid HTTP/1.1 Host: ib.adnxs.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain Content-Length: 682 Origin: http://ouo.press Connection: keep-alive Referer: http://ouo.press/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: ib.adnxs.com/ut/v3/prebid FQDN: ib.adnxs.com IP: 185.89.210.244 HASH: 1e0ef501150f5777d782b624cd230d8a20934f9e0d965b273157455caecef8ab 185.89.210.244 HTTP/1.1 200 OK Content-Type: application/json; charset=utf-8 Server: nginx/1.21.3 Date: Sun, 27 Nov 2022 07:48:29 GMT Content-Length: 139 Connection: keep-alive Cache-Control: no-store, no-cache, private Pragma: no-cache Expires: Sat, 15 Nov 2008 16:00:00 GMT P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" X-XSS-Protection: 0 Access-Control-Allow-Credentials: true Access-Control-Allow-Origin: http://ouo.press AN-X-Request-Uuid: 9a8a366e-d580-4848-b784-e4026485316b X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 139 Md5: b5df39e7562f32cdb0381632113fd851 Sha1: e5a04215a3b6eb5ad54559157435a7c84e3a82e7 Sha256: 1e0ef501150f5777d782b624cd230d8a20934f9e0d965b273157455caecef8ab
GET /a/api/fastlane.json?account_id=18438&site_id=202928&zone_id=1317174&size_id=2&rp_schain=1.0,1!firstimpression.io,7419,1,,,&rf=http%3A%2F%2Fouo.press%2F1LISgCW&kw=ouo.press%2Cshortlinks%2Clinkshortener%2CfreeURLshortener&tg_i.ref=http%3A%2F%2Fouo.press%2F1LISgCW&tg_i.page=http%3A%2F%2Fouo.press%2F1LISgCW&tg_i.domain=ouo.press&tg_i.figroup=a9&tk_flint=pbjs_lite_v6.2.0&x_source.tid=ab04e3e1-bf86-431d-bfa5-3b2a54487672&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.49436689376994436 HTTP/1.1 Host: fastlane.rubiconproject.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain Origin: http://ouo.press Connection: keep-alive Referer: http://ouo.press/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: fastlane.rubiconproject.com/a/api/fastlane.json?account (...) FQDN: fastlane.rubiconproject.com IP: 213.19.162.21 HASH: 1bc832921d46967b3fb86a39b6e7db090dc5a290af7fc32d9509c77cc06bbba3 213.19.162.21 HTTP/2 200 OK content-type: application/json server: nginx/1.21.4 date: Sun, 27 Nov 2022 07:48:29 GMT cache-control: no-cache, no-store, max-age=0, must-revalidate expires: Wed, 17 Sep 1975 21:32:10 GMT access-control-allow-credentials: true access-control-allow-origin: http://ouo.press pragma: no-cache vary: Accept-Encoding set-cookie: khaos=LAZ27TD7-12-AOJJ; Domain=.rubiconproject.com; Path=/; Expires=Mon, 27-Nov-2023 07:48:29 GMT; Max-Age=31536000; SameSite=None; Secure audit=1\|naVuGyos1qrRjk2f3YtE/u9DtVM30fCgsc7/zDE2e/j99sLIrJxTV5ZjSCqH74hcJhsHlJbldDdJwe9iGXKQTKZr5ZVxLWDe; Domain=.rubiconproject.com; Path=/; Expires=Mon, 27-Nov-2023 07:48:29 GMT; Max-Age=31536000; SameSite=None; Secure p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" content-length: 348 X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (348), with no line terminators Size: 348 Md5: b4341a4c7af04da6efd4c9159db78cf1 Sha1: de10b8a0b144a253295d6e4bbaca4de98d86b04c Sha256: 1bc832921d46967b3fb86a39b6e7db090dc5a290af7fc32d9509c77cc06bbba3
POST /rmp/212927/0/mvo?z=1r&hbv=6.2,2.1 HTTP/1.1 Host: tag.1rx.io User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain Content-Length: 617 Origin: http://ouo.press Connection: keep-alive Referer: http://ouo.press/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: tag.1rx.io/rmp/212927/0/mvo?z=1r&hbv=6.2,2.1 FQDN: tag.1rx.io IP: 213.19.147.43 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 213.19.147.43 HTTP/2 204 No Content date: Sun, 27 Nov 2022 07:48:29 GMT access-control-allow-origin: http://ouo.press access-control-allow-credentials: true pragma: no-cache cache-control: private, max-age=0, no-cache, no-store X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/v1/p/p.gif?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0XckEGmBo4ZOci0sAHDYwsaNmiEaREmhpkcLcbImBHjRsQaZGzkyCHiYZg6YzKWyTHGzAwcNmS0uFEGh5iTMWaYaSGGzNEWMcbMsCGGRgwcMMLIiNETIhk7C2XAgDGDxkM4dcQsnDG2hkOIcOCkrWGD7sM5cCbqAEkyqY2HY9ro1UEDx40cOn2SMbMw6UMxbtzMhXGjsWURbdxg1CGDxk4cb0OPjpGD7WERdeSwmTtjKwwcFWHLyIiGDh04c3S8eIEHD5syalyckROGThozediIJtO8zBwXY960efGjDp02X-a8iT2mTI8cRmHQ4GxjDGStTWlwqbNWho05MXrM4Px4fv37MvTQUGkxeOUfDPbNMYN-kMFg2IEJ1tBDY4_pBGF7bKQxxhpfpEFGD1YgIcUaa9SBhhFwnLHGE3a04cQMVMTwRRZXHCGEEVaQcYYVQVyhxBJxmPFFDmugkQUeUGQxBhRLrAEHEkq0UcMROCARRRxGfMXGEC3YkYUdbMSBhx5aBKEEFnW0QUMUWuTwxo41ECHGGWrkcYYTWSRZRxptDPGFGlfoEQYTeTARxRdnVJEEEVJUkcaFauQXA6Q5CFgWGdplNN4bLsAhh3UKIdbcQlt41cVbcgQ1WBktOHgZZTrA4AIMuY0BB3ieqiprfW6JIIcdi6n1UBm2trHQrmw9VMeeGeEWBl1ilKHUGGSAddJ-Y7SAVFNY4SCDGDjkcANJNciAQ1lpLCZCDjG40JoLNMjgQkM0lCVHh-qy666s8c5bQ73KhpFRE2_okQYbbITxQg2zgoDCFWm4gekdc4DgBBUgxLDrDiBA7EZKHOMBMgi_MlTSrCmAcASxa7zxgloa00orCEak8akZb-DxgsYMw1DWGKqK4MQTZb1xL9AZDV0WG0EX4cSlZdjxxaezMVTDDTd8ZANYMDwkxxmakebRDQ8dJLUYciyEA2oimP1FG2-QkRZSuZEhxxtzPfSGQoyhmnMeC_V6M2--wSHcC5t2-ukcc7xQ1h0ZxWCuzw-hETmCAIswx68Z3U1Hc0a3UIcbadAxkg0ukDGG5JcGfdAXqrNukbEM2aBTDTPgftvsu9V-e-77OSaDDJJNbR0cX4zqew6468521MkfJwcdfG_R1qkQiSFY22WY8RMbE73FNEWI3So1c87hHSu8MdT02hirydCHAgEB&r=1&s=394d19cab3e82e391a22a154c7282dd586c8d616ff744cb0e2ad38c6c53be2481669535308&w=t&ir=245x208 HTTP/1.1 Host: pxl.tsyndicate.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://ouo.press/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: pxl.tsyndicate.com/api/v1/p/p.gif?p=APeIQFMmDJkycuaI0BG (...) FQDN: pxl.tsyndicate.com IP: 94.130.141.49 HASH: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 94.130.141.49 HTTP/2 200 OK content-type: text/plain; charset=utf-8 server: nginx date: Sun, 27 Nov 2022 07:48:29 GMT content-length: 35 x-robots-tag: noindex, nofollow X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 35 Md5: c2196de8ba412c60c22ab491af7b1409 Sha1: 5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b Sha256: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /api/v1/p/p.gif?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0WIySHGTI2NMlrAgCFmTAsaMnLcaCEGxgyTN8yEoYGDhpkYY2iUESPiYZg6YzKWyTHGzAwcNkLeKINDzMkYM8ywJHO0Bc4ZNsTQiIEDRhgZMXpCJGNnoYyRM2g8hFOHp44ZYGs4hAgHjtkaNuA-nANn4tscNmAktfFwTBu7OmjeAJzDJxkzC5M-FOPGzcIZMG7QtKFWRBs3GHXIoJEjB461n0PHyOGSsIg6cthcnoEVBo4ZD-vIyIiGDh04c3S8eIEHD5syalyckROGThozediAJtO8zBwXY960efGjDp02X-a8gT2mTI8cRmHQyGxjDOAxM5jS4FJnpAwbc2L0wHxjMX37-MnQQ0OjxbDVfzDcN8cM-wEm2H0IKlhDD4oxFmF7bKQxxhpfpEFGD2-YcQMTVsTBhhhTfNHCG2ucgUcYU6BRQxUzkPEdDG9IcQQTVESBBQxLPDGHFVIoAQUWQ4whxxRl0IHEEGsQ8cQZU8iRRRA1RGGGGeE9oQcUcNgxxxJx4MDRGzRYocUZLeSRRB5ZqKHFFDC0gUYRddDARhZnoKFHHGPAcEQVUaRxxhdnVJEEEVJUkcaFaugXA6Q5DCgWGdplNN4bLsAhh3UKFdbcQlts1cVacgT1VhkiudbRQjC4AENFIowBB3ieqhqrfZ3JYQdiZz1Uhq1twCqrS7nVkUZGOMQQBlxilBHSGGR0dRJmJiHFlFU4yCCGmTcEVoMMOIiVBmIi5BCDC6y5gJILDdEglhwdoqsuu7G-G69YdYSRURNv6JEGG2yE8UINsoKAwhVpuIHpHXOA4AQVIMSw6w4gMOwGZxjjwTEIvjIEA8IwpADCEcOu8cYLZ1k866wgGJHGp2a8gccLFpMs1hiqiuDEE2K9QS_PGf0sFhs9F-HEpWXY8cWnsjFUQ3-32dAVDA_JcYZlotWAww0PHeS0GHIshMNpIoj9RRtvkGEWUrSSIccblz30hkKJoWpzHgv1WgZkOgzkGxzCvbBpp5_OMccLYt2RUQzkwiAWGo8nKO9evmY0Nx3NCd1CHW6kQUcLNtjgAhljQH5pzwd9gbrqFhXLUOk51DCD7bbFvtvsNtR-O2Zfg-XY09bB8cWovPuOO9pNH3-cHHTgvUVap0Ikhl9p__0TGxOthTSshd3qNHPO0a1DvjKkBHatqsnQhwIBAQ%3D%3D&r=1&s=9f8fdf3a49886f82a29ae2d006413656aa866a36d0dd3d4d783cf24d7399e4211669535308&w=t&ir=245x208 HTTP/1.1 Host: pxl.tsyndicate.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://ouo.press/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: pxl.tsyndicate.com/api/v1/p/p.gif?p=APeIQFMmDJkycuaI0BG (...) FQDN: pxl.tsyndicate.com IP: 94.130.141.49 HASH: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 94.130.141.49 HTTP/2 200 OK content-type: text/plain; charset=utf-8 server: nginx date: Sun, 27 Nov 2022 07:48:29 GMT content-length: 35 x-robots-tag: noindex, nofollow X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 35 Md5: c2196de8ba412c60c22ab491af7b1409 Sha1: 5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b Sha256: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /bao-csm/aps-comm/aps_csm.js HTTP/1.1 Host: c.amazon-adsystem.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Origin: http://ouo.press Connection: keep-alive Referer: http://ouo.press/	URL: c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js FQDN: c.amazon-adsystem.com IP: 143.204.46.73 HASH: 07f71d82eeb36040c2c3fe12bdc73cb8fe3e7e4890f05981842feb491f24020c 143.204.46.73 HTTP/1.1 200 OK Content-Type: application/javascript Transfer-Encoding: chunked Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET Access-Control-Max-Age: 3000 Last-Modified: Fri, 18 Nov 2022 03:05:15 GMT x-amz-version-id: vkCJAv2LVCiDvkjoOZrS5s9fefeFFUOq Server: AmazonS3 Content-Encoding: gzip Date: Sun, 27 Nov 2022 07:48:29 GMT Cache-Control: public, max-age=86400 ETag: W/"a4d296427fc806b21335359e398c025c" Vary: Accept-Encoding,Origin X-Cache: Hit from cloudfront Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: WYCv90BuVHu3a4Y0sfIKA5DLjdppxh5tjB93W9IJlsu7RZMFZY6pxQ== Age: 1292 --- Additional Info --- Magic: ASCII text, with very long lines (6482), with no line terminators Size: 2631 Md5: 7c02d92c228e02f2ddfec1a48bdb044d Sha1: e4cc88b704d6cf3af8cd4949f5c5eee606a573a3 Sha256: 07f71d82eeb36040c2c3fe12bdc73cb8fe3e7e4890f05981842feb491f24020c
GET /cdn/prod/config?src=600&u=http%3A%2F%2Fouo.press&pubid=4cd01fd0-0780-4b33-a4da-c39467660185 HTTP/1.1 Host: c.amazon-adsystem.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: http://ouo.press Connection: keep-alive Referer: http://ouo.press/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: c.amazon-adsystem.com/cdn/prod/config?src=600&u=http%3A (...) FQDN: c.amazon-adsystem.com IP: 143.204.46.73 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 143.204.46.73 HTTP/2 204 No Content access-control-allow-origin: http://ouo.press access-control-allow-credentials: true cache-control: max-age=21550, s-maxage=21600 date: Sun, 27 Nov 2022 07:48:29 GMT server: Server x-cache: Miss from cloudfront via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: CkuMN1m6hnOI_rQpbQohXBxIVB-JfFXzGzoVAUC7NZUHkxOx3NinIQ== X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /e/dtb/bid?src=600&u=http%3A%2F%2Fouo.press%2F1LISgCW&pr=http%3A%2F%2Fouo.press%2F1LISgCW%3F__cf_chl_tk%3DkBkES2K8GFl5ijWgLFExZKTGBLWhYEwIRLXVjvHgGkk-1669535304-0-gaNycGzNAv0&pid=mW5EvpboxIIlR&cb=0&ws=728x90&v=22.1107.1609&t=2000&slots=%5B%7B%22sd%22%3A%2293863%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%5D&schain=1.0%2C1!firstimpression.io%2C7419%2C1%2C%2C%2C&pubid=4cd01fd0-0780-4b33-a4da-c39467660185&gdprl=%7B%22status%22%3A%22no-cmp%22%7D HTTP/1.1 Host: aax-dtb-cf.amazon-adsystem.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: http://ouo.press Connection: keep-alive Referer: http://ouo.press/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=http (...) FQDN: aax-dtb-cf.amazon-adsystem.com IP: 54.230.241.131 HASH: 7e4302335da0ce23c817a82d8d34836aef6ef7fb136f731d4ba29a7e4d762a7b 54.230.241.131 HTTP/2 200 OK content-type: text/javascript;charset=UTF-8 content-length: 165 server: Server date: Sun, 27 Nov 2022 07:48:29 GMT x-amz-rid: QVX7WBQG8DTWVPF3CD20 access-control-allow-origin: http://ouo.press access-control-allow-credentials: true timing-allow-origin: * strict-transport-security: max-age=47474747; includeSubDomains; preload vary: Accept-Encoding,User-Agent x-cache: Miss from cloudfront via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: 9F-B5Y-ZVcCsOCsw9z9NT22Atpk8Hmf9yYImuycrpnrLH5qqPU3GRw== X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with no line terminators Size: 165 Md5: 524702d9c4ac8c61e27c3d850412f10f Sha1: 199d4d5b602799e1a01577115d249b9707dbf37a Sha256: 7e4302335da0ce23c817a82d8d34836aef6ef7fb136f731d4ba29a7e4d762a7b
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 7fe69b639eb6808e7551b00f33482471296308afd7fa504da3c14ca6f44f57cf 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "7FE69B639EB6808E7551B00F33482471296308AFD7FA504DA3C14CA6F44F57CF" Last-Modified: Thu, 24 Nov 2022 20:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4703 Expires: Sun, 27 Nov 2022 09:06:53 GMT Date: Sun, 27 Nov 2022 07:48:30 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: e0b0e9f608a10b7c905c4a51b890ab2a Sha1: 607db8d4c0c88c28738d4428efa82a4750828ef1 Sha256: 7fe69b639eb6808e7551b00f33482471296308afd7fa504da3c14ca6f44f57cf
GET /pxf.gif?uuid=6437a6c1-ae41-436c-bed6-40f5c2aadc63&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=ed36014633829dc70a42dccaefdf3f11&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=7 HTTP/1.1 Host: unseenreport.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://ouo.press/	URL: unseenreport.com/pxf.gif?uuid=6437a6c1-ae41-436c-bed6-4 (...) FQDN: unseenreport.com IP: 192.243.61.227 HASH: 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d 192.243.61.227 HTTP/1.1 200 OK Content-Type: image/gif Server: nginx/1.22.0 Date: Sun, 27 Nov 2022 07:48:30 GMT Content-Length: 1 Connection: keep-alive P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Access-Control-Allow-Origin: * Expires: Thu, 01 Jan 1970 00:00:01 GMT Cache-Control: no-cache X-Request-ID: d6fea1f564d8faf436a35103695c4d21 Strict-Transport-Security: max-age=0; includeSubdomains --- Additional Info --- Magic: very short file (no magic) Size: 1 Md5: 93b885adfe0da089cdf634904fd59f71 Sha1: 5ba93c9db0cff93f52b521d7420e43f6eda2784f Sha256: 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d Alerts: Blocklists: - quad9: Sinkholed
GET /sbar.json?key=ed36014633829dc70a42dccaefdf3f11&uuid=6437a6c1-ae41-436c-bed6-40f5c2aadc63%3A3%3A1 HTTP/1.1 Host: integrityprinciplesthorough.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: http://ouo.press Connection: keep-alive Referer: http://ouo.press/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: integrityprinciplesthorough.com/sbar.json?key=ed3601463 (...) FQDN: integrityprinciplesthorough.com IP: 173.233.137.52 HASH: 3c56738841ad256c7df320625cce3444554abb2d7b297fac0bbb8f4d891fa7d1 173.233.137.52 HTTP/1.1 200 OK Content-Type: text/plain; charset=utf-8 Server: nginx/1.19.5 Date: Sun, 27 Nov 2022 07:48:30 GMT Transfer-Encoding: chunked Connection: keep-alive P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA Custom-Referer: http://ouo.press Access-Control-Allow-Origin: http://ouo.press Access-Control-Allow-Credentials: true Set-Cookie: u_pl=15424691; expires=Mon, 28 Nov 2022 07:48:30 GMT; secure; SameSite=None uid_id2=6437a6c1-ae41-436c-bed6-40f5c2aadc63:3:1; expires=Sun, 04 Dec 2022 07:48:30 GMT; secure; SameSite=None pdhtkv=true; expires=Mon, 28 Nov 2022 07:48:30 GMT; secure; SameSite=None uncs=1; expires=Mon, 28 Nov 2022 07:48:30 GMT; secure; SameSite=None pdhtkv29=true; expires=Mon, 28 Nov 2022 07:48:30 GMT; secure; SameSite=None uncs29=1; expires=Mon, 28 Nov 2022 07:48:30 GMT; secure; SameSite=None sleced36014633829dc70a42dccaefdf3f11=[3789941]; expires=Sun, 27 Nov 2022 07:48:35 GMT; secure; SameSite=None Expires: Thu, 01 Jan 1970 00:00:01 GMT Cache-Control: no-cache X-Request-ID: 4d2121282908c14c19c3613947f1d000 Strict-Transport-Security: max-age=0; includeSubdomains Content-Encoding: gzip --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (5919), with no line terminators Size: 3379 Md5: 8f758b90afc1c9452dc6e992c0902f76 Sha1: ac8f594d6f2b5ba3f412442b081f98efafa495fb Sha256: 3c56738841ad256c7df320625cce3444554abb2d7b297fac0bbb8f4d891fa7d1 Alerts: Blocklists: - quad9: Sinkholed
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: ce33ebbd5115ffaac9721eacc50f458d369b30dbc875379c5602fe846d078207 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "CE33EBBD5115FFAAC9721EACC50F458D369B30DBC875379C5602FE846D078207" Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4093 Expires: Sun, 27 Nov 2022 08:56:43 GMT Date: Sun, 27 Nov 2022 07:48:30 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: c7afa63a2e765a5889feedb036228204 Sha1: 546d048429118d6ff49049b948a6d39c3706b4e1 Sha256: ce33ebbd5115ffaac9721eacc50f458d369b30dbc875379c5602fe846d078207
GET /ren.gif?sid=H4sIAAAAAAAC%2F1SSz2skxRvGq%2FfH4fsVBBcRPCiDeFAwk%2B7pnpmMOQTjbiQYk7C7EhAPVldVT8pUdzVV3dOTnIKBZT0I40mPPc8kG1YXcfEsu0y8aEDIKC5BjH%2BAF0HYs8xkIPge6n3f%2BryH532q7vTzM%2BIip6fr7%2BkdqRSdrVfdymsbMuG6sJXV2xXPrbrzlQ2ZNIL5Snd8mM6bnluvuq9X3hFsS8%2FWXM91PderLEkjIt2dnVDI9EHLq7bcalCrevUAXfPf3uYOLHXAO2fkGiQfXd388SEkGyKJv70u7Fam0zduxLmimTbo8MP3k61EFwniizIyDqLkcDoNbUeEfHkJOjmcbgDd2R9vgFCOiPPEQ5gcTmUi7BycKw0VRIKQP4OiM4RQQ0g6BNN7kPyEAIxjdQ1JfG9Vm4Jun1M6piNy5ek%2FkMWIXPnjeSTxN4tKdiu3tMozqROLblRCdoeQ7SHS%2FAjZjgNZHIFln0Dyn8ns0xUk8f6aVRqSn77aCPwmbTBvhorAmwn8BpsJBW%2FMBG5UZzVKOWv4E4ukHEJGQyjRA7WXkVsHuXSQRw7y1EHMTyu03opctxmFke%2FPBYwx32esPtfgde4Hc5GLnI136CFLe2CqB2Z2kZpdbMkeTP4YdrOE5Q5sRtDhJQpBUFiCghIUkqDICIpOecCVrdnyHlc2D71prk2zXw501u7TA521RUL66Rl5bmLcXx9%2Bhy1xWhHcb7he0PD9uVqLs6ZLgxpnjIqIR37kebCyhLSXQK2DHXny7BOk8uR%2FJUJ6BKuOwOQroPlLoMWgWXNBNwfBnIud5L7OdTU1wlpwXSLNriLbdvrqjLw4EdD6NYdgxwu%2F3ej%2F9HjvGpgpkZoSH8sfCNrq7uCmLsj%2BTV1Y8nAtzWQsd%2Bj4VW9lNBNXvnpXbBfa8OXrtnf%2FLTYG4%2FLBbWGzFZpwmbQt%2BXpRci7MkjZMkO%2BX7YYI13O7uZibJE9X1t9eWo4nAqVOhqDy5KNHYHJE%2Fh%2FfmfzXl3%2F%2FFNIMYfIScX5MpgGpj8DSXdj0eOGLz9b%2BnOcfwGoCoy5mwtRBkZcDUwsvLpUkUOKip2EJKy4sCMXxo7%2FPWd%2FeRds4oNkekrhEx5ToqBJU9WDzy4MsNccLv%2FiTQKicQaiMsx8qoz4%2Ft9bK04qoR24k3JoIo1YYNanLW1HQCmnLE82wTj1kdsT2Xlj9FwAA%2F%2F8BAAD%2F%2F20RrEaHBAAA HTTP/1.1 Host: integrityprinciplesthorough.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://ouo.press/ Cookie: u_pl=15424691; uid_id2=6437a6c1-ae41-436c-bed6-40f5c2aadc63:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleced36014633829dc70a42dccaefdf3f11=[3789941] Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: integrityprinciplesthorough.com/ren.gif?sid=H4sIAAAAAAA (...) FQDN: integrityprinciplesthorough.com IP: 173.233.137.52 HASH: ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c 173.233.137.52 HTTP/1.1 200 OK Content-Type: image/gif Server: nginx/1.19.5 Date: Sun, 27 Nov 2022 07:48:30 GMT Content-Length: 7 Connection: keep-alive P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA Expires: Thu, 01 Jan 1970 00:00:01 GMT Cache-Control: no-cache X-Request-ID: cf0371c84f7225d533409acce2271bd2 Strict-Transport-Security: max-age=0; includeSubdomains --- Additional Info --- Magic: ASCII text, with no line terminators Size: 7 Md5: 132d6af1b46048b45cf86cdee7991d31 Sha1: eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 Sha256: ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c Alerts: Blocklists: - fortinet: Malware - quad9: Sinkholed
POST / HTTP/1.1 Host: e1.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: e1.o.lencr.org/ FQDN: e1.o.lencr.org IP: 23.36.76.226 HASH: 12db50941a08926a1f14146c52b53cfc6acc1dcb6ac858f6fcfb421330dfb12f 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 345 ETag: "12DB50941A08926A1F14146C52B53CFC6ACC1DCB6AC858F6FCFB421330DFB12F" Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=13335 Expires: Sun, 27 Nov 2022 11:30:45 GMT Date: Sun, 27 Nov 2022 07:48:30 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 345 Md5: 3a1eb8e3d7b5e963c21e1905e849e570 Sha1: fff8193edc6218562c5612b0e02f73dbcca98c0c Sha256: 12db50941a08926a1f14146c52b53cfc6acc1dcb6ac858f6fcfb421330dfb12f
POST / HTTP/1.1 Host: e1.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: e1.o.lencr.org/ FQDN: e1.o.lencr.org IP: 23.36.76.226 HASH: 12db50941a08926a1f14146c52b53cfc6acc1dcb6ac858f6fcfb421330dfb12f 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 345 ETag: "12DB50941A08926A1F14146C52B53CFC6ACC1DCB6AC858F6FCFB421330DFB12F" Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=13335 Expires: Sun, 27 Nov 2022 11:30:45 GMT Date: Sun, 27 Nov 2022 07:48:30 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 345 Md5: 3a1eb8e3d7b5e963c21e1905e849e570 Sha1: fff8193edc6218562c5612b0e02f73dbcca98c0c Sha256: 12db50941a08926a1f14146c52b53cfc6acc1dcb6ac858f6fcfb421330dfb12f
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive	URL: fonts.googleapis.com/css?family=Roboto:300,400,700&disp (...) FQDN: fonts.googleapis.com IP: 142.250.74.10 HASH: 262b9e8c2eeba18bdc3dd53ac7bbacdbbec713a9443ff5dc34e359de56ea040d 142.250.74.10 HTTP/1.1 200 OK Content-Type: text/css; charset=utf-8 Access-Control-Allow-Origin: * Timing-Allow-Origin: * Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin Expires: Sun, 27 Nov 2022 07:48:30 GMT Date: Sun, 27 Nov 2022 07:48:30 GMT Cache-Control: private, max-age=86400 Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy: same-origin-allow-popups Content-Encoding: gzip Transfer-Encoding: chunked Server: ESF X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff --- Additional Info --- Magic: ASCII text Size: 660 Md5: 55130bf120bd75a4bba7d678be617cdf Sha1: 77b172c0cc1d15e60ab95edccf3ac1e640d16812 Sha256: 262b9e8c2eeba18bdc3dd53ac7bbacdbbec713a9443ff5dc34e359de56ea040d
GET /sb/notifications/games/nutaku/multi/4/images/close.svg HTTP/1.1 Host: cdn.creative-bars1.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: cdn.creative-bars1.com/sb/notifications/games/nutaku/mu (...) FQDN: cdn.creative-bars1.com IP: 172.64.108.13 HASH: ced11e5fd6f8cd8e582cdeb0a47fb28f6385cf369cd69bbd9e025af23814a00e 172.64.108.13 HTTP/2 200 OK content-type: image/svg+xml date: Sun, 27 Nov 2022 07:48:30 GMT last-modified: Fri, 19 Aug 2022 09:15:06 GMT etag: W/"62ff549a-4ff" expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: public, max-age=315360000 access-control-allow-origin: * access-control-expose-headers: Date cf-cache-status: HIT age: 1014909 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AFIbAi2r4vuShyui%2BToIr8VPPa9XAvN7Em1eAYg6iEWy3TpvaSEvAfsPJ6Q5HLDekm88BjnoyXdZLyBMtmtETPVyqAKi9O%2B%2B4kfsTIE7eeNV3YbMdoKoEuXPXlwz0GwbZazqabBl6lpC"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7709430bfc6e72e5-LHR content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text Size: 921 Md5: 74efcca5986691a84d35bd8c131b6211 Sha1: 47508c90e01a166627f9bca3ab7077559fefe955 Sha256: ced11e5fd6f8cd8e582cdeb0a47fb28f6385cf369cd69bbd9e025af23814a00e
GET /sb/notifications/games/nutaku/multi/4/index.html HTTP/1.1 Host: cdn.barscreative1.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: http://ouo.press Connection: keep-alive Referer: http://ouo.press/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: cdn.barscreative1.com/sb/notifications/games/nutaku/mul (...) FQDN: cdn.barscreative1.com IP: 45.133.44.3 HASH: edbd62eca4ec89adfd58e95f9d400df10fa65b63759ff78207a8efa66e67a327 45.133.44.3 HTTP/2 200 OK content-type: text/html; charset=utf-8 date: Sun, 27 Nov 2022 07:48:30 GMT server: nginx/1.17.6 last-modified: Fri, 19 Aug 2022 09:15:02 GMT etag: W/"62ff5496-63e" cache-control: max-age=3600 access-control-allow-origin: * access-control-expose-headers: Date content-encoding: gzip expires: Sun, 27 Nov 2022 08:48:30 GMT x-proxy-cache: HIT X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document, ASCII text Size: 540 Md5: 917b7d5ef7077a039e27db81bc7c2eb7 Sha1: a9d05eb9d2a48c9d87887d170fe1a4d188168311 Sha256: edbd62eca4ec89adfd58e95f9d400df10fa65b63759ff78207a8efa66e67a327 Alerts: Blocklists: - fortinet: Phishing
GET /sb/notifications/games/nutaku/multi/4/images/landing/booty-calls/13/bg-removebg-preview.png HTTP/1.1 Host: cdn.creative-bars1.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: cdn.creative-bars1.com/sb/notifications/games/nutaku/mu (...) FQDN: cdn.creative-bars1.com IP: 172.64.108.13 HASH: 16b688a8183ee40269af3fde1f59635b6c16bbc538d9dd6261d4f6dec42f8c65 172.64.108.13 HTTP/2 200 OK content-type: image/png date: Sun, 27 Nov 2022 07:48:30 GMT content-length: 1445587 last-modified: Fri, 19 Aug 2022 09:15:12 GMT etag: "62ff54a0-160ed3" expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: public, max-age=315360000 access-control-allow-origin: * access-control-expose-headers: Date cf-cache-status: HIT age: 1014909 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=82uf%2BOn7lRCWqJZIOfAoM6593lBxEB9nugJqfDDrNEGAhH63Jp4S0KhtafxDNJJVpxHBd4CtPbIIQrh2RqmGF503v1HSMo7TbTXIlZDx%2FeK3NXhVl2kmMHJEm37qqoRasIfrjIuk8bvV"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7709430bfc7272e5-LHR alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 1316 x 1848, 8-bit/color RGBA, non-interlaced\012- data Size: 1445587 Md5: 950cbc4a86f9305f9cab1899d35cee25 Sha1: 75a126fbee600ceee47a696bfe7cd76de1b6d1cc Sha256: 16b688a8183ee40269af3fde1f59635b6c16bbc538d9dd6261d4f6dec42f8c65
GET /sb/notifications/games/nutaku/multi/4/images/landing/css/styles.css HTTP/1.1 Host: cdn.creative-bars1.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: http://ouo.press Connection: keep-alive Referer: http://ouo.press/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: cdn.creative-bars1.com/sb/notifications/games/nutaku/mu (...) FQDN: cdn.creative-bars1.com IP: 172.64.108.13 HASH: 233c86c6865f5528ec391f7cfa860847f647fc618c57127155d96dd8cffc2a3a 172.64.108.13 HTTP/2 200 OK content-type: text/css date: Sun, 27 Nov 2022 07:48:30 GMT last-modified: Fri, 19 Aug 2022 09:15:08 GMT etag: W/"62ff549c-ed9" expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: public, max-age=315360000 access-control-allow-origin: * access-control-expose-headers: Date cf-cache-status: MISS report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dzha2MUBKp%2FuFBvu4A%2B0LWEIbz56MX04Xig%2BB6X97CgONdx9%2BYMWcdsXDq%2FUGy8AALfCjvHRa8Zcx%2B5g6r%2BKxv0S6byuelY9DF9KnSXvU111BRiw3NU25SxqO%2Fejip7ceVuHjB%2FXkHi6"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7709430bc9680091-LHR content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (3797) Size: 1251 Md5: 31a2db84c7b9fe257c5cf7333b1ec6be Sha1: 1874cb4b3119cfc7e69eadccb0a1c7cca9ee3829 Sha256: 233c86c6865f5528ec391f7cfa860847f647fc618c57127155d96dd8cffc2a3a
GET /sb/notifications/games/nutaku/multi/4/js/jquery.min.js HTTP/1.1 Host: cdn.creative-bars1.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: cdn.creative-bars1.com/sb/notifications/games/nutaku/mu (...) FQDN: cdn.creative-bars1.com IP: 172.64.108.13 HASH: 5f31b71259912c33425cd9b6d21d37b4cb2ac27df71f9b13843e9bebe713b854 172.64.108.13 HTTP/2 200 OK content-type: application/javascript date: Sun, 27 Nov 2022 07:48:30 GMT last-modified: Fri, 19 Aug 2022 09:15:15 GMT etag: W/"62ff54a3-149b8" expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: public, max-age=315360000 access-control-allow-origin: * access-control-expose-headers: Date cf-cache-status: HIT age: 1014909 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hrl0VHpMTv4iqDIbBioAD%2F9cWAApyAIpnfaxk4NCJr2ftRwDApRVDoz5F3Z1jRiE9YErCQk1%2F5zqc08XBWXcxfX45HG1cp3oh4Dyvc7Co2bO6LnDiFmUPIXsQTKSOJRtUPJ53OFoVGNq"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7709430bfc7572e5-LHR content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (32049) Size: 46398 Md5: c93c182c703cb29b51c76097c4b99f4a Sha1: 8542863b313dad097c17db07e93dfbc9d204e978 Sha256: 5f31b71259912c33425cd9b6d21d37b4cb2ac27df71f9b13843e9bebe713b854
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgames%2Fnutaku%2Fmulti%2F4%2Fjs%2Fscript.js&l=4076&fd=153 HTTP/1.1 Host: integrityprinciplesthorough.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://ouo.press/	URL: integrityprinciplesthorough.com/pixel/sbls?bv=22.33.503 (...) FQDN: integrityprinciplesthorough.com IP: 173.233.137.52 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 173.233.137.52 HTTP/1.1 200 OK Server: nginx/1.19.5 Date: Sun, 27 Nov 2022 07:48:31 GMT Content-Length: 0 Connection: keep-alive Expires: Thu, 01 Jan 1970 00:00:01 GMT Cache-Control: no-cache Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, POST, OPTIONS Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests Access-Control-Expose-Headers: Content-Length,Content-Range --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Alerts: Blocklists: - quad9: Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgames%2Fnutaku%2Fmulti%2F4%2Fcss%2Fstyle.css&l=8110&fd=367 HTTP/1.1 Host: integrityprinciplesthorough.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://ouo.press/	URL: integrityprinciplesthorough.com/pixel/sbls?bv=22.33.503 (...) FQDN: integrityprinciplesthorough.com IP: 173.233.137.52 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 173.233.137.52 HTTP/1.1 200 OK Server: nginx/1.19.5 Date: Sun, 27 Nov 2022 07:48:31 GMT Content-Length: 0 Connection: keep-alive Expires: Thu, 01 Jan 1970 00:00:01 GMT Cache-Control: no-cache Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, POST, OPTIONS Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests Access-Control-Expose-Headers: Content-Length,Content-Range --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Alerts: Blocklists: - quad9: Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1SSz2skxRvGq%2FfH4fsVBBcRPCiDeFAwk%2B7pnl%2FuYTHuRoIxCbsrAfFgdVX1pEx1V1PVPT3JKRhY1oMwnvTY80yyYXURF8%2Byy8SLBoSM4hLE%2BAd4EYQ9y0wGgu%2Bh3vetz3t43qfqziA%2FJS5yerL2nt6WStH5etWtvLYuE64LW1m5XfHcqnu1si6TRnC10pscpvum59ar7uuVdwTb1PM113Ndz%2FUqi9KISPfmpxQyfdD2qm23GtSqXj1Az%2Fy3t7kDSx3w7im5AsnHlzd%2BfAjJRkjib68Lu5np9I0bca5opg26%2FOD9ZDPRRYL4vIyMgyg5mE1D2zEhX16ATg5mG0B39yYbIJRj4jzxECYHM5kIu%2FtnSkMFkSDkz6DojiDUCJKOwPQuJD8mAONYWUUS31vRpqBbZ5RO6JhcevoPZDEml%2F54Hkn8zYKSvcotrfJM6sSiF5WQvRFkZ4Q0P0S27UAWh2DZJ5D8ZzL%2FdBlJvLdqlYbkJ682Ar9JG8yboyLw5gK%2FweZCwRtzgRvVWY1Szhr%2B1CIpR5DRCEr0Qe1F5NZBLh3kkYM8dRDzkwqttyPXbUZh5PutgDHm%2B4zVWw1e537QilzkbLJDH1naB1N9MLOD1OxgU%2FZh8sewGyUsd2Azgi4vUQiCwhIUlKCQBEVGUHTLfa5szZb3uLJ56M1ybZb9cqizzoDu66wjEjJIT8lzU%2BP%2B%2BvA7bIqTiuB%2Bw%2FWChu%2B3am3Omi4NapwxKiIe%2BZHnwcoS0l4AtQ625fGzT5DK4%2F%2BVCOkhrDoEk6%2BA5i%2BBFsNmzQXdGAYtF9vJfZ3ramqEteC6RJpdRrblDNQpeXEqoP1rDsGOrv12Y%2FDT490rYKZEakp8LH8g6Ki7w5u6IHs3dWHJw9U0k7HcppNXvZXRTFz66l2xVWjDl67b%2Fv232ARMyge3hc2WacJl0rHk6wXJuTCL2jBBvl%2By6yJcy%2B3GQm6SPF1ee3txKZ4KlDoZgcrjjx6ByTH5f3xn%2Bl9f%2Fv1TSDOCyUvE%2BRGZBaQ%2BBEt3YNOja198tvrnVf4BrCYw6nwmTB0UeTk0tfD8UkkCJc57Gpaw4tyCUBw9%2BvuMDexddIwDmu0iiUt0TYmuKkFVHza%2FOMxSc3TtF38aCJUzDJVx9kJl1Odn1lp5Uql7gWiFrSbjPBSMe82a3%2FJdt8Z50GwLr43MjtnuCyv%2FAgAA%2F%2F8BAAD%2F%2F3kZIqCHBAAA HTTP/1.1 Host: integrityprinciplesthorough.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://ouo.press/ Cookie: u_pl=15424691; uid_id2=6437a6c1-ae41-436c-bed6-40f5c2aadc63:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleced36014633829dc70a42dccaefdf3f11=[3789941] Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: integrityprinciplesthorough.com/impr.gif?sid=H4sIAAAAAA (...) FQDN: integrityprinciplesthorough.com IP: 173.233.137.52 HASH: ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c 173.233.137.52 HTTP/1.1 200 OK Content-Type: image/gif Server: nginx/1.19.5 Date: Sun, 27 Nov 2022 07:48:31 GMT Content-Length: 7 Connection: keep-alive P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA Expires: Thu, 01 Jan 1970 00:00:01 GMT Cache-Control: no-cache X-Request-ID: fd09d7256ed141579a58757717d61b2f Strict-Transport-Security: max-age=0; includeSubdomains --- Additional Info --- Magic: ASCII text, with no line terminators Size: 7 Md5: 132d6af1b46048b45cf86cdee7991d31 Sha1: eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 Sha256: ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c Alerts: Blocklists: - fortinet: Malware - quad9: Sinkholed
GET /sb/notifications/games/nutaku/multi/4/js/script.js HTTP/1.1 Host: cdn.creative-bars1.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: http://ouo.press Connection: keep-alive Referer: http://ouo.press/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: cdn.creative-bars1.com/sb/notifications/games/nutaku/mu (...) FQDN: cdn.creative-bars1.com IP: 172.64.108.13 HASH: bc632c1869c51ce2ced86e98cf5dc5919fd566b633aab9f6f0c16e3667912282 172.64.108.13 HTTP/2 200 OK content-type: application/javascript date: Sun, 27 Nov 2022 07:48:30 GMT last-modified: Wed, 21 Sep 2022 07:42:11 GMT etag: W/"632ac053-1160" expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: public, max-age=315360000 access-control-allow-origin: * access-control-expose-headers: Date cf-cache-status: MISS report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aqRHhdsuykAjLiiVciDvd7k5TR5Gb12Qm4KYPE6fImLH5VHTCLUBH62brBZ%2Fq1DkTT73ZkKseBVDMQrWSrTM%2BP%2Breu9K04PF0%2BeCiNPI4%2B4bUjocnTCI9cZxMiijsR4MMEwtWpoFvL7c"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7709430c89af0091-LHR content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Unicode text, UTF-8 text Size: 110709 Md5: 92f96c386c0b9731e4c6a1fc6abc40ec Sha1: 8257ba4d478f9f777246f191a219da9acebb7a8d Sha256: bc632c1869c51ce2ced86e98cf5dc5919fd566b633aab9f6f0c16e3667912282
GET /sb/notifications/games/nutaku/multi/4/css/style.css HTTP/1.1 Host: cdn.creative-bars1.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: http://ouo.press Connection: keep-alive Referer: http://ouo.press/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: cdn.creative-bars1.com/sb/notifications/games/nutaku/mu (...) FQDN: cdn.creative-bars1.com IP: 172.64.108.13 HASH: 83ca92902e16185f38988bf0b48578be1f50435a5e9de3e0515ffeb4fdb01107 172.64.108.13 HTTP/2 200 OK content-type: text/css date: Sun, 27 Nov 2022 07:48:30 GMT last-modified: Wed, 21 Sep 2022 08:08:06 GMT etag: W/"632ac666-1fae" expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: public, max-age=315360000 access-control-allow-origin: * access-control-expose-headers: Date cf-cache-status: MISS report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A9L8Lt%2BYY9Rm3lsyB4l3ua6rBAvKM8hI9qfITHZ%2BSiPf5y08UcKgQkmQBPMVT0dLbS2jyVhHj%2F9gD9wGUAPsvQTn7mdQ%2FTINO8hj%2FN7WY54MzohSCjrybRbkj%2BSucqwKN%2FySEzRvp%2FBg"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7709430bc9690091-LHR content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: assembler source, ASCII text Size: 2055 Md5: b0f63b6314a613026e86eca13614f55d Sha1: 5084145cc784ca9e5fec9bdd9a75d6cdf74cf4ef Sha256: 83ca92902e16185f38988bf0b48578be1f50435a5e9de3e0515ffeb4fdb01107
GET /static/js/prebidamp.js HTTP/1.1 Host: ecdn.firstimpression.io User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: http://ouo.press Connection: keep-alive Referer: http://ouo.press/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: ecdn.firstimpression.io/static/js/prebidamp.js FQDN: ecdn.firstimpression.io IP: 54.230.111.99 54.230.111.99 HTTP/2 200 OK content-type: application/javascript server: nginx/1.20.0 last-modified: Tue, 14 Dec 2021 15:30:51 GMT access-control-allow-origin: * content-encoding: gzip date: Sun, 27 Nov 2022 07:46:07 GMT expires: Sun, 27 Nov 2022 08:10:31 GMT cache-control: max-age=3600 etag: W/"61b8b8ab-4e128" vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: DCpgnsbWJIrTJvelPo2LBGpkmS-GcLxkR8XiRMfOspeGm-6O62_hOw== age: 2278 X-Firefox-Spdy: h2 --- Additional Info ---
GET /sb/notifications/games/nutaku/multi/4/css/animate.css HTTP/1.1 Host: cdn.creative-bars1.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: cdn.creative-bars1.com/sb/notifications/games/nutaku/mu (...) FQDN: cdn.creative-bars1.com IP: 172.64.108.13 172.64.108.13 HTTP/2 200 OK content-type: text/css date: Sun, 27 Nov 2022 07:48:30 GMT last-modified: Fri, 19 Aug 2022 09:15:04 GMT etag: W/"62ff5498-ec8b" expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: public, max-age=315360000 access-control-allow-origin: * access-control-expose-headers: Date cf-cache-status: HIT age: 1014909 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ty3Jl0ZGaPUWUy93%2BFZJin3Ziv2RkyYQJpbP3f73%2Bl2rvzRlOVfJq3bPncLGaLL8ascRDnMdMWH4pZxDsCr6KNSp6lAhAmS%2BAEzhrvTenvivsTiJMeOplT%2Fr4ed%2FsobDmye6Fpxef8p2"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7709430bcc3a72e5-LHR content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
POST /delivery/lg.php?bannerid=65637%7C65638%7C65639%7C83411%7C93863%7C100721&campaignid=18%7C15%7C9%7C44%7C43%7C22&zoneid=110459%7C110459%7C110459%7C110459%7C110459%7C110459 HTTP/1.1 Host: cdn.firstimpression.io User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain;charset=UTF-8 Content-Length: 0 Origin: http://ouo.press Connection: keep-alive Referer: http://ouo.press/ Cookie: OAID=GDPR Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: cdn.firstimpression.io/delivery/lg.php?bannerid=65637%7 (...) FQDN: cdn.firstimpression.io IP: 54.230.111.99 54.230.111.99 HTTP/2 200 OK content-type: text/html; charset=UTF-8 date: Sun, 27 Nov 2022 07:48:29 GMT server: nginx/1.20.0 vary: Accept-Encoding x-powered-by: PHP/8.0.14 pragma: no-cache cache-control: no-cache, no-store, must-revalidate expires: 0 access-control-allow-origin: http://ouo.press p3p: CP="CUR ADM OUR NOR STA NID" content-encoding: gzip x-cache: Miss from cloudfront via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: _RvaDOfc6duyP8bzlx2hT_BgIYfYb2gECuqVYoSJ77_qwBpQTFspCQ== X-Firefox-Spdy: h2 --- Additional Info ---
GET /c.js HTTP/1.1 Host: hhklc.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: http://ouo.press/ Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: hhklc.com/c.js FQDN: hhklc.com IP: 104.21.70.122 104.21.70.122 HTTP/2 200 OK content-type: application/javascript date: Sun, 27 Nov 2022 07:48:28 GMT last-modified: Fri, 11 Nov 2022 16:10:23 GMT etag: W/"636e73ef-2218" server-asp-net: Asp Net expires: Sun, 27 Nov 2022 08:24:18 GMT cache-control: public, max-age=14400 cf-cache-status: HIT age: 550 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UMTG%2FGhIEu2HAfSNVhK8BYUH9NfIXJXOqrctjVyFKLeijpwGoqYDYobUWpeoCspxvHLBCgcwoNg86DXCD%2F3vxUBH%2FPORHJGV%2BQBnIQdzuZsVnLKStR%2BjM2CVF40%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 770942fb1fc9b512-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /delivery/spc_fi.php?id=7419&url=%2F1LISgCW&charset=UTF-8&ch=7&ref=ouo.press&viewerId=null&referer=http://ouo.press/1LISgCW?__cf_chl_tk=kBkES2K8GFl5ijWgLFExZKTGBLWhYEwIRLXVjvHgGkk-1669535304-0-gaNycGzNAv0&_firid=57707734 HTTP/1.1 Host: cdn.firstimpression.io User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json, text/javascript, /; q=0.01 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: http://ouo.press Connection: keep-alive Referer: http://ouo.press/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: cdn.firstimpression.io/delivery/spc_fi.php?id=7419&url= (...) FQDN: cdn.firstimpression.io IP: 54.230.111.99 54.230.111.99 HTTP/2 200 OK content-type: application/json; charset=UTF-8 date: Sun, 27 Nov 2022 07:48:28 GMT server: nginx/1.20.0 vary: Accept-Encoding x-powered-by: PHP/8.0.14 pragma: no-cache cache-control: no-cache, no-store, must-revalidate expires: 0 access-control-allow-origin: http://ouo.press access-control-allow-credentials: true p3p: CP="CUR ADM OUR NOR STA NID" set-cookie: OAID=GDPR; expires=Mon, 27-Nov-2023 07:48:28 GMT; Max-Age=31536000; path=/; secure; SameSite=none content-encoding: gzip x-cache: Miss from cloudfront via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: KboKgFfCbtt3NDQZqt5daeoin_kRUyMkjgWnS7WMHwmZJfy6rt2hrQ== X-Firefox-Spdy: h2 --- Additional Info ---

                                        
                                            GET /1LISgCW HTTP/1.1 

                                        
                                            
Host: ouo.press

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Upgrade-Insecure-Requests: 1

                                         172.67.22.15

                                        
                                            HTTP/1.1 403 Forbidden 

                                        
                                            
Content-Type: text/html; charset=UTF-8

                                        

                                        
                                            
Date: Sun, 27 Nov 2022 07:48:24 GMT 

                                        
                                            
Transfer-Encoding: chunked 

                                        
                                            
Connection: close 

                                        
                                            
CF-Chl-Bypass: 1 

                                        
                                            
Referrer-Policy: same-origin 

                                        
                                            
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() 

                                        
                                            
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 

                                        
                                            
Expires: Thu, 01 Jan 1970 00:00:01 GMT 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
Set-Cookie: __cf_bm=ipQuqFlADhJKrZGEtQ.lAnBGTqXxuOqtSvbZ7zbov.k-1669535304-0-ARe0xDm11NQYj/0qVjmf93im3ssqqAOVVZXyPPEtvBWwk+JuH12PHPJLgtOj319T+ro+XS5YerXOzxS3vXzWyK0=; path=/; expires=Sun, 27-Nov-22 08:18:24 GMT; domain=.ouo.press; HttpOnly; SameSite=None 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
Server: cloudflare 

                                        
                                            
CF-RAY: 770942e76ae40b65-OSL 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (836)

                                                Size:   3825

                                                Md5:    2ee0ba565544ea3af0b6b9741d5e8dc1

                                                Sha1:   7f6eb17b9edd29a3a3e96a797660a3e129b339a6

                                                Sha256: f4780a0d2a255ca08683aa9d24d8fe3e834134ceabf3ec0e1845c309dc082181

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 2111 

                                        
                                            
Cache-Control: 'max-age=158059' 

                                        
                                            
Date: Sun, 27 Nov 2022 07:48:25 GMT 

                                        
                                            
Last-Modified: Sun, 27 Nov 2022 07:13:14 GMT 

                                        
                                            
Server: ECS (ska/F718) 

                                        
                                            
X-Cache: HIT 

                                        
                                            
Content-Length: 471 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    15b59d5e62caedb4bec3ba6724906c1e

                                                Sha1:   960f801e608a56fdd11449f4face29f62cad2b21

                                                Sha256: 8c72a45737c2eeddf328b0ed3236f3243551d904e94ec9dd7254972ebfb9229e

                                        
                                            GET /v1/ HTTP/1.1 

                                        
                                            
Host: firefox.settings.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.102.187.140

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json

                                        

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff 

                                        
                                            
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
content-length: 939 

                                        
                                            
via: 1.1 google 

                                        
                                            
date: Sun, 27 Nov 2022 07:17:37 GMT 

                                        
                                            
cache-control: public,max-age=3600 

                                        
                                            
age: 1848 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators

                                                Size:   939

                                                Md5:    567df7db606cf5d0871aa5bc9311b6da

                                                Sha1:   4263faac7cbab2fcaf6661911dcad5091c06be17

                                                Sha256: e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0

                                        
                                            GET /cdn-cgi/styles/challenges.css HTTP/1.1 

                                        
                                            
Host: ouo.press

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/css,*/*;q=0.1 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Referer: http://ouo.press/1LISgCW 

                                        
                                            
Connection: keep-alive

                                         172.67.22.15

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: text/css

                                        

                                        
                                            
Date: Sun, 27 Nov 2022 07:48:25 GMT 

                                        
                                            
Transfer-Encoding: chunked 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Last-Modified: Tue, 22 Nov 2022 13:34:50 GMT 

                                        
                                            
ETag: W/"637ccffa-1896" 

                                        
                                            
Server: cloudflare 

                                        
                                            
CF-RAY: 770942e9ad4fb527-OSL 

                                        
                                            
X-Frame-Options: DENY 

                                        
                                            
X-Content-Type-Options: nosniff 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
Expires: Sun, 27 Nov 2022 09:48:25 GMT 

                                        
                                            
Cache-Control: max-age=7200, public 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (6294), with no line terminators

                                                Size:   2604

                                                Md5:    ba2d8534d208d2a5b158507e004d7150

                                                Sha1:   ab81307634698ea304a68783fa38937f562009a2

                                                Sha256: 63b366fdbfea7cbec639f9a5f24714a831e171570625def9462d724b5c8fdc59

                                        
                                            GET /cdn-cgi/images/trace/managed/js/transparent.gif?ray=770942e76ae40b65 HTTP/1.1 

                                        
                                            
Host: ouo.press

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Referer: http://ouo.press/1LISgCW 

                                        
                                            
Connection: keep-alive

                                         172.67.22.15

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: image/gif

                                        

                                        
                                            
Date: Sun, 27 Nov 2022 07:48:25 GMT 

                                        
                                            
Content-Length: 42 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Last-Modified: Tue, 22 Nov 2022 13:34:50 GMT 

                                        
                                            
ETag: "637ccffa-2a" 

                                        
                                            
Server: cloudflare 

                                        
                                            
CF-RAY: 770942ea4e5eb527-OSL 

                                        
                                            
X-Frame-Options: DENY 

                                        
                                            
X-Content-Type-Options: nosniff 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
Expires: Sun, 27 Nov 2022 09:48:25 GMT 

                                        
                                            
Cache-Control: max-age=7200, public 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  GIF image data, version 89a, 1 x 1\012- data

                                                Size:   42

                                                Md5:    d89746888da2d9510b64a9f031eaecd5

                                                Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a

                                                Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

                                        
                                            GET /v1/tiles HTTP/1.1 

                                        
                                            
Host: contile.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.117.237.239

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Sun, 27 Nov 2022 07:48:25 GMT 

                                        
                                            
content-length: 12 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
via: 1.1 google 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with no line terminators

                                                Size:   12

                                                Md5:    23e88fb7b99543fb33315b29b1fad9d6

                                                Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce

                                                Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

                                        
                                            GET /1/api.js?endpoint=https%3A%2F%2Fcloudflare.hcaptcha.com&assethost=https%3A%2F%2Fcf-assets.hcaptcha.com&imghost=https%3A%2F%2Fcf-imgs.hcaptcha.com&render=explicit&recaptchacompat=off&onload=_cf_chl_hload HTTP/1.1 

                                        
                                            
Host: cloudflare.hcaptcha.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         104.18.19.132

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript

                                        

                                        
                                            
date: Sun, 27 Nov 2022 07:48:25 GMT 

                                        
                                            
cf-ray: 770942eb2cc4b50f-OSL 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
age: 0 

                                        
                                            
cache-control: max-age=120 

                                        
                                            
etag: W/"4a87133d7cfb9f9797187d43ffdd5417" 

                                        
                                            
last-modified: Fri, 25 Nov 2022 11:46:32 GMT 

                                        
                                            
strict-transport-security: max-age=0 

                                        
                                            
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront) 

                                        
                                            
cf-cache-status: MISS 

                                        
                                            
x-amz-cf-id: e-vtjjiTuJNWqympaO3s7V_aWlOK4yXOIyZWB7ZnvSo2w49xVfwmGQ== 

                                        
                                            
x-amz-cf-pop: OSL50-P1 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
server: cloudflare 

                                        
                                            
content-encoding: gzip 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  Unicode text, UTF-8 text, with very long lines (57362)

                                                Size:   132939

                                                Md5:    3bad08e6e9a3b0e2868eba6936dc3c6e

                                                Sha1:   93e1982581c277740e5c3e09bda59c082bbc8526

                                                Sha256: 600cd3d62863915de6d85c492c1ebc0cda58d31610ba4cd10c7bab8f3aa158a4

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 

                                        
                                            
Host: firefox.settings.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: application/json 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Content-Type: application/json 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.102.187.140

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json

                                        

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires 

                                        
                                            
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
content-length: 329 

                                        
                                            
via: 1.1 google 

                                        
                                            
date: Sun, 27 Nov 2022 07:11:12 GMT 

                                        
                                            
cache-control: public,max-age=3600 

                                        
                                            
age: 2233 

                                        
                                            
last-modified: Fri, 25 Mar 2022 17:45:46 GMT 

                                        
                                            
etag: "1648230346554" 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators

                                                Size:   329

                                                Md5:    0333b0655111aa68de771adfcc4db243

                                                Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb

                                                Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

                                        
                                            POST /cdn-cgi/challenge-platform/h/b/flow/ov1/0.22172344362372193:1669533856:4gPEQJsXUvO3why57MVI8ZTLg_zp8K4pyIdbYtzNXCI/770942e76ae40b65/612983ef4258149 HTTP/1.1 

                                        
                                            
Host: ouo.press

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Referer: http://ouo.press/1LISgCW 

                                        
                                            
Content-type: application/x-www-form-urlencoded 

                                        
                                            
CF-Challenge: 612983ef4258149 

                                        
                                            
Content-Length: 15081 

                                        
                                            
Origin: http://ouo.press 

                                        
                                            
Connection: keep-alive

                                         172.67.22.15

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: text/plain; charset=UTF-8

                                        

                                        
                                            
Date: Sun, 27 Nov 2022 07:48:26 GMT 

                                        
                                            
Transfer-Encoding: chunked 

                                        
                                            
Connection: keep-alive 

                                        
                                            
cf_chl_gen: ERrHXrKl2aseY38b7maJVnz1luucrunJjZvX2ek7fCo=$agwe5NLc7dvxhqNaG1/yRQ== 

                                        
                                            
Set-Cookie: __cf_bm=QLhTYGog55n6IXGOt1etOdDcBuoQRFDmjuAjv1i_QZE-1669535306-0-AVQeKdJrhos8OLeD21niFMO1vt8WN2Rx4OWBEPsk6dcq7u3lMilwujC29RVk0DiVr+ksXCt8izOYgQKvDplx0Z4=; path=/; expires=Sun, 27-Nov-22 08:18:26 GMT; domain=.ouo.press; HttpOnly; SameSite=None 

                                        
                                            
Server: cloudflare 

                                        
                                            
CF-RAY: 770942eeef6bb505-OSL 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (5036), with no line terminators

                                                Size:   3779

                                                Md5:    a0f021884627df85b9ee327338b7b493

                                                Sha1:   1204aa067633623200bbf8c9b662c16f5ef3d78b

                                                Sha256: 6ccd317abc6de0f4446b9ef078b2c1a0a78e01006770e6f5c8463323f66b49b7

                                        
                                            GET / HTTP/1.1 

                                        
                                            
Host: push.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Sec-WebSocket-Version: 13 

                                        
                                            
Origin: wss://push.services.mozilla.com/ 

                                        
                                            
Sec-WebSocket-Protocol: push-notification 

                                        
                                            
Sec-WebSocket-Extensions: permessage-deflate 

                                        
                                            
Sec-WebSocket-Key: n9YTY1x3BiIEcPRTT/zcTw== 

                                        
                                            
Connection: keep-alive, Upgrade 

                                        
                                            
Sec-Fetch-Dest: websocket 

                                        
                                            
Sec-Fetch-Mode: websocket 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache 

                                        
                                            
Upgrade: websocket

                                         52.36.24.174

                                        
                                            HTTP/1.1 101 Switching Protocols

                                        

                                        
                                            
Connection: Upgrade 

                                        
                                            
Upgrade: websocket 

                                        
                                            
Sec-WebSocket-Accept: PiwhF2e2odieAXwacjuZLD8csMM= 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB" 

                                        
                                            
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=11818 

                                        
                                            
Expires: Sun, 27 Nov 2022 11:05:25 GMT 

                                        
                                            
Date: Sun, 27 Nov 2022 07:48:27 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    aebda342a81ad83f60d2523f54ccda67

                                                Sha1:   e590d9326e4a283e0929a8ffccb13cc4308af0e6

                                                Sha256: bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB" 

                                        
                                            
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=11818 

                                        
                                            
Expires: Sun, 27 Nov 2022 11:05:25 GMT 

                                        
                                            
Date: Sun, 27 Nov 2022 07:48:27 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    aebda342a81ad83f60d2523f54ccda67

                                                Sha1:   e590d9326e4a283e0929a8ffccb13cc4308af0e6

                                                Sha256: bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 10199 

                                        
                                            
x-amzn-requestid: baee3bbe-7ded-425a-ae39-fccfc8169217 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: cOo4iF1VIAMF09g= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-63828836-5522727b2f09b27e63b23270;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT 

                                        
                                            
x-amz-cf-pop: HIO50-C1, SEA19-C2 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: CXOqm7bjsSV0aJBTkTI7LsMovjgPeISPt3sZotEc7CjZnUL_y4_OoQ== 

                                        
                                            
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Sat, 26 Nov 2022 21:51:41 GMT 

                                        
                                            
age: 35806 

                                        
                                            
etag: "ae8aa4ce6ddaccba771fe65446926b60fc5628da" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   10199

                                                Md5:    2cd887044e91d7ed0f1a8d7119ff7dd0

                                                Sha1:   ae8aa4ce6ddaccba771fe65446926b60fc5628da

                                                Sha256: bad283c15531000b7a8c126d442154b64a880cc26196a46cbd2e6266a526db67

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15290721-a62e-49b8-80c6-967680cff24f.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 6883 

                                        
                                            
x-amzn-requestid: 9e3878c9-1817-427e-b121-969a8cbc7ad8 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: cL1ySF0tIAMFY4Q= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-638169a8-5143ffea77b70cf67ef60ad7;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Sat, 26 Nov 2022 01:19:36 GMT 

                                        
                                            
x-amz-cf-pop: SEA19-C2 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: GT3Futv4Ztnl2Og2TQFk5311m92Mv_jfvkIZYJXpjJMdkxSB6MI06g== 

                                        
                                            
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Sun, 27 Nov 2022 06:42:16 GMT 

                                        
                                            
age: 3971 

                                        
                                            
etag: "590c34be54c9889eec4ff7993e070fda836f711f" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   6883

                                                Md5:    f7f16c0f8a8e710210ce77c0e4c1c2a2

                                                Sha1:   590c34be54c9889eec4ff7993e070fda836f711f

                                                Sha256: 4224287ba765da59c877ac4f1dec65accc5bec934b7598d9cbbee669ba4ab12e

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0b2959f-9d1d-41c7-a7c1-b9f52a7766ac.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 7380 

                                        
                                            
x-amzn-requestid: 18589644-299c-4a39-9376-db1bd1472009 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: cOo4iEegIAMFeuQ= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-63828836-23990acc0fdc599a75a534e3;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT 

                                        
                                            
x-amz-cf-pop: HIO50-C1, SEA19-C2 

                                        
                                            
x-cache: Miss from cloudfront 

                                        
                                            
x-amz-cf-id: RqsZxAtbOkWBGbXJ3sZHxcS-ZvWOw7Yg2Qd4zj0QLhrp3wAXC8w6jA== 

                                        
                                            
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Sat, 26 Nov 2022 21:50:08 GMT 

                                        
                                            
age: 35899 

                                        
                                            
etag: "97a135335f5b1b042adeb385718f8808cb78528b" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   7380

                                                Md5:    76c00eceed956377d7469ef58b0815cb

                                                Sha1:   97a135335f5b1b042adeb385718f8808cb78528b

                                                Sha256: 81fb72ab752b2eb39ab6ee015055304490b3b6c3259968703fd07c2a2eed1e61

                                        
                                            POST /cdn-cgi/challenge-platform/h/b/flow/ov1/0.22172344362372193:1669533856:4gPEQJsXUvO3why57MVI8ZTLg_zp8K4pyIdbYtzNXCI/770942e76ae40b65/612983ef4258149 HTTP/1.1 

                                        
                                            
Host: ouo.press

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Referer: http://ouo.press/1LISgCW 

                                        
                                            
Content-type: application/x-www-form-urlencoded 

                                        
                                            
CF-Challenge: 612983ef4258149 

                                        
                                            
Content-Length: 15771 

                                        
                                            
Origin: http://ouo.press 

                                        
                                            
Connection: keep-alive

                                         172.67.22.15

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: text/html; charset=UTF-8

                                        

                                        
                                            
Date: Sun, 27 Nov 2022 07:48:27 GMT 

                                        
                                            
Transfer-Encoding: chunked 

                                        
                                            
Connection: keep-alive 

                                        
                                            
cf_chl_out: Cs0EpC4U4oeNRi4tqvcVSe8CdakORjIPlAq/EvHqTIsJ/h7ncYSf+mFGCIx2vMvxJZxHfkCcYmdg+485q/TInQ==$QaRzFxeaA8kr/kACPSpTFA== 

                                        
                                            
cf_chl_out_s: ucGrDEmE8boJWXRtLQ1CAAphAloV59RFKNm/N7chAw7N8g2aSDBOPG8THPXyg2MykOuQaHH8R94Om0eBBNpgBtwmOH+Fj3z0JXp8IzbPBGYBWGHr+ADSSGqBWx7SvMsH4iST1f54BdihDP4biCPc0xzUlm9FqM6s5k0yO4AqvP0YaBBY6QgZiB+1K/Cob0um$+9kksIVlmqfFt/FgeouI+w== 

                                        
                                            
set-cookie: cf_chl_rc_m=;Expires=Sat, 26 Nov 2022 07:48:27 GMT;SameSite=Strict
__cf_bm=WOHG5E2kQd7rmxdWEn7fqxbA5g_Cmb3zig4by04R2Sg-1669535307-0-AQbQStEIs0xZswaUKHwh9+nvgyijrwU10kvdabxVQ/d6iT80Jtj+pYC0PS/PfvhKBfAFzx4NXZzBLwP9/f2Mboc=; path=/; expires=Sun, 27-Nov-22 08:18:27 GMT; domain=.ouo.press; HttpOnly; SameSite=None 

                                        
                                            
Server: cloudflare 

                                        
                                            
CF-RAY: 770942f73e4cb505-OSL 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (2660), with no line terminators

                                                Size:   2050

                                                Md5:    49681f6078bcbebe167f55a650c1da70

                                                Sha1:   d1977a268eecbe757729698b0076a0291dfa9648

                                                Sha256: aa5db1c3d0b342f52867e92dcc7ca5d21dc4f2182075710f8b8605cd273c3321

                                        
                                            GET /css/link-safe.css HTTP/1.1 

                                        
                                            
Host: ouo.press

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/css,*/*;q=0.1 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://ouo.press/1LISgCW 

                                        
                                            
Cookie: cf_clearance=QFhLAfTn_z54OWxbYYx3ovZ54ftA8ymemmxjXGmkbLI-1669535307-0-250; ouoio_session=eyJpdiI6IkhVQlJEcXc3c1BvbkV4eEszZGV4NmZcLzZtVXB2eTFHWHVWTE9zTHBaZlVNPSIsInZhbHVlIjoieFBBYkJIc3ZYRGoxMkxJejBLb2Jkanp2NUx0dWlic09RTlwvY2tycFwveG5XZGFVOHhnZGsxSDlnOE1Ld0hCU2JQV0loT01FYWxXektQZWgzOEpBd0g3QT09IiwibWFjIjoiYzFhNTM3Y2Q4NDQ2ODBjNWMyMGU4MTczZGQ0MjZkN2IzYWQ2ZmZhZTc3ZjY3ZWIwZGJjZWZjNWJlNTc3MTJmMiJ9; language=eyJpdiI6IjFNVHcwc2QzWnBGUnJzXC9mXC9tK2grKzNFOWRocUpvaGZ6Um02OXFSS1R0UT0iLCJ2YWx1ZSI6ImZORlV3N1wvaHU1bWdhdzRDVXNhSEFWbUtDVGJkdVBhak5LZXRQWjNzR2c4PSIsIm1hYyI6ImVhMWVlNzZkYTViMWQ2YmJhZDQzMWNjYTJiNGYzMzY4MDcwYmM2ZGVmMzFiMDg2NTliM2I4MzdjYzNlNjZkMjUifQ%3D%3D; 23442255a367e504b1df799cd8f2425604727aa7=eyJpdiI6ImdsSjhxNHhDQVp3QUZoMEdYWjhhUU9LM21kaXJxVHR0ZEx2NXdoc2d4OHc9IiwidmFsdWUiOiJoWDRcL09sYld2cjBDQ2d5bTh2UUNOUmlETjdUa01tTVJmRGVMS0hWdE1UQlhnR1R0NXdUbFdFYUNyMU8rT3FtZ3dVWXRYTmxTYlNtSUc4bkVveHZqQ0F6VXJvNGF1T1I4WHorY1lzcnk5RHp0a1Y1SGxOekJ0NDhIUjVOVjBGalR6XC9aUzNNYkcrc2ROKzR3ZGpxTit1dStOWktHYUpScEFURGJDSytKMTZvR0xCR3JxTHlIVGlxcnZGVnp6SGZad0kxWFFKRWk1a1d4Q2c0NXJBYytaXC8zQjY2R3BLazdmSk1sS1FnQm9rYSthbzdaUlwvZjAwSW1uTzEzK1B0U3VHblkxTVdEbFN4SGNwSG1HM09DdEpZeFVYNDFWWFZNWFQ4TGZwb2swek94czhzeXRVSjAyKzM5bGp0cDFwTk9kR2wwYXJWbHNKeGFIZTBXQW9YT2YzenZ6Y3JTdWY4UlpKK2lrYnVCUnB5UFVoYUg2NUZFamtzZU9SUlwvTWNQTytQQiIsIm1hYyI6IjRlYjg2Yjc1MmYyMjg3Njc5YjcyNWEzMjg0YjlmNjJlNmRiNWM4YjM2NmI2MDEyMGI5YmZlOTI2YTk5MmE2MDgifQ%3D%3D

                                         172.67.22.15

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: text/css

                                        

                                        
                                            
Date: Sun, 27 Nov 2022 07:48:27 GMT 

                                        
                                            
Transfer-Encoding: chunked 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Cache-Control: max-age=86400 

                                        
                                            
Cf-Bgj: minify 

                                        
                                            
Cf-Polished: status=cannot_optimize 

                                        
                                            
ETag: W/"5d951ace-1830" 

                                        
                                            
Expires: Sun, 27 Nov 2022 13:22:51 GMT 

                                        
                                            
Last-Modified: Wed, 02 Oct 2019 21:46:54 GMT 

                                        
                                            
X-Content-Type-Options: nosniff 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
X-XSS-Protection: 1; mode=block 

                                        
                                            
CF-Cache-Status: HIT 

                                        
                                            
Age: 23136 

                                        
                                            
Set-Cookie: __cf_bm=RTGOooKGWC0kGJkzA7t_DqSsa5GxbwaNIXBIBySXvC8-1669535307-0-AQzeivu7sx7iymxfjNcOwxm5cq7I4JyskdK8pfZiMhRi89dfeHBVNyjY/CfeYlGrU/8uG6d34C/Pjvw76ZdJI/8=; path=/; expires=Sun, 27-Nov-22 08:18:27 GMT; domain=.ouo.press; HttpOnly; SameSite=None 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
Server: cloudflare 

                                        
                                            
CF-RAY: 770942fac909b527-OSL 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text

                                                Size:   1750

                                                Md5:    d91a45478adaa488ef4f1733dfa3c44c

                                                Sha1:   3686ea901ce8ca85bb82f42bf0a8d39095ebf73d

                                                Sha256: 4bb66b15dd5791ec4c9867c3a89ee2ef9bdb5f0bbd0d442a1fbfe2c34e9bc86b

                                        
                                            GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1 

                                        
                                            
Host: ouo.press

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://ouo.press/1LISgCW 

                                        
                                            
Cookie: cf_clearance=QFhLAfTn_z54OWxbYYx3ovZ54ftA8ymemmxjXGmkbLI-1669535307-0-250; ouoio_session=eyJpdiI6IkhVQlJEcXc3c1BvbkV4eEszZGV4NmZcLzZtVXB2eTFHWHVWTE9zTHBaZlVNPSIsInZhbHVlIjoieFBBYkJIc3ZYRGoxMkxJejBLb2Jkanp2NUx0dWlic09RTlwvY2tycFwveG5XZGFVOHhnZGsxSDlnOE1Ld0hCU2JQV0loT01FYWxXektQZWgzOEpBd0g3QT09IiwibWFjIjoiYzFhNTM3Y2Q4NDQ2ODBjNWMyMGU4MTczZGQ0MjZkN2IzYWQ2ZmZhZTc3ZjY3ZWIwZGJjZWZjNWJlNTc3MTJmMiJ9; language=eyJpdiI6IjFNVHcwc2QzWnBGUnJzXC9mXC9tK2grKzNFOWRocUpvaGZ6Um02OXFSS1R0UT0iLCJ2YWx1ZSI6ImZORlV3N1wvaHU1bWdhdzRDVXNhSEFWbUtDVGJkdVBhak5LZXRQWjNzR2c4PSIsIm1hYyI6ImVhMWVlNzZkYTViMWQ2YmJhZDQzMWNjYTJiNGYzMzY4MDcwYmM2ZGVmMzFiMDg2NTliM2I4MzdjYzNlNjZkMjUifQ%3D%3D; 23442255a367e504b1df799cd8f2425604727aa7=eyJpdiI6ImdsSjhxNHhDQVp3QUZoMEdYWjhhUU9LM21kaXJxVHR0ZEx2NXdoc2d4OHc9IiwidmFsdWUiOiJoWDRcL09sYld2cjBDQ2d5bTh2UUNOUmlETjdUa01tTVJmRGVMS0hWdE1UQlhnR1R0NXdUbFdFYUNyMU8rT3FtZ3dVWXRYTmxTYlNtSUc4bkVveHZqQ0F6VXJvNGF1T1I4WHorY1lzcnk5RHp0a1Y1SGxOekJ0NDhIUjVOVjBGalR6XC9aUzNNYkcrc2ROKzR3ZGpxTit1dStOWktHYUpScEFURGJDSytKMTZvR0xCR3JxTHlIVGlxcnZGVnp6SGZad0kxWFFKRWk1a1d4Q2c0NXJBYytaXC8zQjY2R3BLazdmSk1sS1FnQm9rYSthbzdaUlwvZjAwSW1uTzEzK1B0U3VHblkxTVdEbFN4SGNwSG1HM09DdEpZeFVYNDFWWFZNWFQ4TGZwb2swek94czhzeXRVSjAyKzM5bGp0cDFwTk9kR2wwYXJWbHNKeGFIZTBXQW9YT2YzenZ6Y3JTdWY4UlpKK2lrYnVCUnB5UFVoYUg2NUZFamtzZU9SUlwvTWNQTytQQiIsIm1hYyI6IjRlYjg2Yjc1MmYyMjg3Njc5YjcyNWEzMjg0YjlmNjJlNmRiNWM4YjM2NmI2MDEyMGI5YmZlOTI2YTk5MmE2MDgifQ%3D%3D

                                         172.67.22.15

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/javascript

                                        

                                        
                                            
Date: Sun, 27 Nov 2022 07:48:27 GMT 

                                        
                                            
Transfer-Encoding: chunked 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Last-Modified: Tue, 22 Nov 2022 13:35:09 GMT 

                                        
                                            
ETag: W/"637cd00d-4d7" 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
Server: cloudflare 

                                        
                                            
CF-RAY: 770942fad925b527-OSL 

                                        
                                            
X-Frame-Options: DENY 

                                        
                                            
X-Content-Type-Options: nosniff 

                                        
                                            
Expires: Tue, 29 Nov 2022 07:48:27 GMT 

                                        
                                            
Cache-Control: max-age=172800, public 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document, ASCII text, with very long lines (1238)

                                                Size:   655

                                                Md5:    bc3ba461c8a309acf61b6d9c41cb6236

                                                Sha1:   88482306ecc9258d5e9cbb9ba5314dab223a5db4

                                                Sha256: 31331f1b1519882d2f2fb60367708fd56a7a1ec0bddd0554c635547179c7dc8f

                                        
                                            GET /c.js HTTP/1.1 

                                        
                                            
Host: hhklc.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://ouo.press/

                                         104.21.70.122

                                        
                                            HTTP/1.1 301 Moved Permanently

                                        

                                        
                                            
Date: Sun, 27 Nov 2022 07:48:27 GMT 

                                        
                                            
Transfer-Encoding: chunked 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Cache-Control: max-age=3600 

                                        
                                            
Expires: Sun, 27 Nov 2022 08:48:27 GMT 

                                        
                                            
Location: https://hhklc.com/c.js 

                                        
                                            
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4XAfmOqLnrMpQ6K%2FzOQIp5yjSKuCEAtc4GlJFkK0lbO5rIdUDH72B6QKRS%2Bh0C2nZSTTuR2pSGjY%2BWex%2Br11i8ztaOu8TQFilGvyvmkOPdZgduAsjO66Fp3wpFk%3D"}],"group":"cf-nel","max_age":604800} 

                                        
                                            
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
Server: cloudflare 

                                        
                                            
CF-RAY: 770942fadeafb523-OSL 

                                        
                                            
alt-svc: h2=":443"; ma=60 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            GET /fi_client.js HTTP/1.1 

                                        
                                            
Host: ecdn.firstimpression.io

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://ouo.press/

                                         54.230.111.99

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/javascript

                                        

                                        
                                            
Transfer-Encoding: chunked 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Date: Sun, 27 Nov 2022 07:11:48 GMT 

                                        
                                            
Server: nginx/1.20.0 

                                        
                                            
X-Powered-By: PHP/8.0.14 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
Last-Modified: Sun, 27 Nov 2022 07:11:48 UTC 

                                        
                                            
ETag: W/"de80dbf84a6c7dd017a05f9f421c8761" 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
X-Cache: Hit from cloudfront 

                                        
                                            
Via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront) 

                                        
                                            
X-Amz-Cf-Pop: OSL50-P1 

                                        
                                            
X-Amz-Cf-Id: GoJE3bFZ1nLL1qCgb-c9q1V7iBgZUTENOrLh0FVvG7GLRkq2IIbjIg== 

                                        
                                            
Age: 2200 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (618)

                                                Size:   100155

                                                Md5:    dc28b507a7da98c64d824f5ec27806de

                                                Sha1:   c64c026e3be0827b8bedbd0bb5c48352cec99e08

                                                Sha256: da0a5c895621b1205cddda7ad3849a2cf8ac4b3f566bb62df8d7c788d9bc479d

                                        
                                            GET /sdk/v1/n.js HTTP/1.1 

                                        
                                            
Host: cdn.runative-syndicate.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://ouo.press/

                                         8.247.219.121

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/javascript

                                        

                                        
                                            
Date: Fri, 12 Aug 2022 08:59:19 GMT 

                                        
                                            
Content-Length: 5220 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Last-Modified: Wed, 23 Mar 2022 15:25:35 GMT 

                                        
                                            
Server: nginx 

                                        
                                            
X-Robots-Tag: noindex, nofollow 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
ETag: W/"623b3bef-3202" 

                                        
                                            
Age: 9240549 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (591)

                                                Size:   5220

                                                Md5:    e6b953ae4edfbe129269f196fe87eee9

                                                Sha1:   eb99511c1d23000bc72b2c640bbcd5792eb431f2

                                                Sha256: eb6d42f0cdeddc023b69947db248be42bc66aa2da8c59178b7f22b528c4dd60f

                                        
                                            GET /recaptcha/api.js?render=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x HTTP/1.1 

                                        
                                            
Host: www.google.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://ouo.press/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         142.250.74.164

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/javascript; charset=UTF-8

                                        

                                        
                                            
expires: Sun, 27 Nov 2022 07:48:28 GMT 

                                        
                                            
date: Sun, 27 Nov 2022 07:48:28 GMT 

                                        
                                            
cache-control: private, max-age=300 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
content-encoding: gzip 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-frame-options: SAMEORIGIN 

                                        
                                            
content-security-policy: frame-ancestors 'self' 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
content-length: 582 

                                        
                                            
server: GSE 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (884), with no line terminators

                                                Size:   582

                                                Md5:    729acee2a72aedc9406dba71bf4c1d00

                                                Sha1:   e7f1dea037aaa2df1c1e5b884dc5d73b7bc35e82

                                                Sha256: 7e9b8e953f317a7a47db6df1d1ac8be5c78e9a9524a0a07755c748c2198f816a

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.3

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Sun, 27 Nov 2022 07:48:28 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    88e42375d2172305f819b892225cf877

                                                Sha1:   674324641f82700172e72fe259ee2241361e2ea1

                                                Sha256: 6dce3754a67df878b536c368657a492a1f908d408fe7fe5ba43c5d24c44434b3

                                        
                                            GET /sdk/v1/n.css HTTP/1.1 

                                        
                                            
Host: cdn.run-syndicate.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/css,*/*;q=0.1 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://ouo.press/

                                         8.247.219.121

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: text/css

                                        

                                        
                                            
Date: Thu, 03 Mar 2022 22:40:12 GMT 

                                        
                                            
Content-Length: 8277 

                                        
                                            
Connection: keep-alive 

                                        
                                            
ETag: "6114dd75-2055" 

                                        
                                            
Last-Modified: Thu, 12 Aug 2021 08:36:05 GMT 

                                        
                                            
Server: nginx 

                                        
                                            
X-Robots-Tag: noindex, nofollow 

                                        
                                            
Age: 23188096 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (8277), with no line terminators

                                                Size:   8277

                                                Md5:    37ebbc4b85fb5383d08547f5fe9d8d9f

                                                Sha1:   99dac34980b1fd00028f76e782444bdf948724c5

                                                Sha256: 24b59f4e4fbf1d4a988ffa478952ceb54e0b2f0774da926bcd2cc0376200dbfe

                                        
                                            GET /sfp.js HTTP/1.1 

                                        
                                            
Host: friendshipmale.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://ouo.press/

                                         172.64.203.23

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/javascript; charset=utf-8

                                        

                                        
                                            
Date: Sun, 27 Nov 2022 07:48:28 GMT 

                                        
                                            
Transfer-Encoding: chunked 

                                        
                                            
Connection: keep-alive 

                                        
                                            
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" 

                                        
                                            
Access-Control-Allow-Origin: * 

                                        
                                            
Expires: Thu, 01 Jan 1970 00:00:01 GMT 

                                        
                                            
Cache-Control: max-age=14400 

                                        
                                            
X-Request-ID: 48b259962c7e6b4898847b232e802bb3 

                                        
                                            
Strict-Transport-Security: max-age=0; includeSubdomains 

                                        
                                            
CF-Cache-Status: EXPIRED 

                                        
                                            
Last-Modified: Sun, 27 Nov 2022 07:48:28 GMT 

                                        
                                            
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q53zClaf2ZU3rDccFrcbZfy%2FiYNGIfvDAzqx%2F3NDfshXeQwnVT%2FFRqa2%2FYP%2B%2FrBWNmpE6VVKVwevSy0Euu4JbC%2BZqh9IYyyxoxZ00l%2FrI6be9oJ8mVV8BUUtHThHR7muAKaZOQ4%3D"}],"group":"cf-nel","max_age":604800} 

                                        
                                            
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
Server: cloudflare 

                                        
                                            
CF-RAY: 770942fe7f3e718a-LHR 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
alt-svc: h2=":443"; ma=60 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  Unicode text, UTF-8 text, with very long lines (65529), with no line terminators

                                                Size:   27574

                                                Md5:    b1fa950e77a7db5425f9a5257af02e9c

                                                Sha1:   2d5580451f34ad96218f8b97edf9708f9ee1be87

                                                Sha256: d999c4320df27dc4a1d3de5aec22bb3ef201560b47a7eff3f28f4133c1997a14

                                        
                                            GET /stats HTTP/1.1 

                                        
                                            
Host: simplewebanalysis.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: http://ouo.press 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://ouo.press/ 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         52.28.211.11

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/html; charset=UTF-8

                                        

                                        
                                            
date: Sun, 27 Nov 2022 07:48:28 GMT 

                                        
                                            
content-length: 40 

                                        
                                            
server: fasthttp 

                                        
                                            
access-control-allow-origin: http://ouo.press 

                                        
                                            
access-control-allow-credentials: true 

                                        
                                            
set-cookie: uid_id2=6437a6c1-ae41-436c-bed6-40f5c2aadc63:3:1; expires=Wed, 24 Nov 2032 07:48:28 GMT; secure; SameSite=None 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with no line terminators

                                                Size:   40

                                                Md5:    495bbb7732095eb1b1d3c9ecd1f24b41

                                                Sha1:   1be28b5c0ec5fbe2050b01903e7404a6a97681b7

                                                Sha256: 3e8fbe6d716d7d0cea6789bce164eff75078357f4e71e1caba7164ee46fd2bd0

                                        
                                            GET /images/widgetIcons/achoice.svg HTTP/1.1 

                                        
                                            
Host: widgets.outbrain.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://ouo.press/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         23.38.201.81

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/svg+xml

                                        

                                        
                                            
accept-ranges: bytes 

                                        
                                            
etag: "9d26fa4e7238ed94f1d0d92afb453b3e:1662969032.874716" 

                                        
                                            
last-modified: Mon, 12 Sep 2022 07:37:47 GMT 

                                        
                                            
server: AkamaiNetStorage 

                                        
                                            
content-length: 2735 

                                        
                                            
cache-control: max-age=2592000 

                                        
                                            
expires: Tue, 27 Dec 2022 07:48:28 GMT 

                                        
                                            
date: Sun, 27 Nov 2022 07:48:28 GMT 

                                        
                                            
timing-allow-origin: *, * 

                                        
                                            
access-control-allow-credentials: false 

                                        
                                            
access-control-allow-methods: GET,POST 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2290)

                                                Size:   2735

                                                Md5:    9d26fa4e7238ed94f1d0d92afb453b3e

                                                Sha1:   ae18efe7d09337bf2f580b3f5bc912284aad7821

                                                Sha256: 2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.3

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Sun, 27 Nov 2022 07:48:28 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    e9895464b828d538dc654c678c82b181

                                                Sha1:   af5791cd48761cb3f3f979b481c23e1508692823

                                                Sha256: c93a71d276aa3f386bef66ed2b4d69e041cccc9a4df5024b14d54ce2569948f0

                                        
                                            GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1 

                                        
                                            
Host: www.gstatic.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: http://ouo.press 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://ouo.press/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         142.250.74.163

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/javascript

                                        

                                        
                                            
accept-ranges: bytes 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
content-encoding: gzip 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha" 

                                        
                                            
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} 

                                        
                                            
content-length: 162976 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
server: sffe 

                                        
                                            
x-xss-protection: 0 

                                        
                                            
date: Sat, 26 Nov 2022 21:26:04 GMT 

                                        
                                            
expires: Sun, 26 Nov 2023 21:26:04 GMT 

                                        
                                            
cache-control: public, max-age=31536000 

                                        
                                            
last-modified: Mon, 14 Nov 2022 03:01:59 GMT 

                                        
                                            
age: 37344 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (730)

                                                Size:   162976

                                                Md5:    79d18cf4265108d7cecca1bf4ada6109

                                                Sha1:   e51d0285a545381d4c39e9e0292a650ffeeecbb9

                                                Sha256: 59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.sectigo.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         172.64.155.188

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Sun, 27 Nov 2022 07:48:29 GMT 

                                        
                                            
Content-Length: 472 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Last-Modified: Sat, 26 Nov 2022 15:56:29 GMT 

                                        
                                            
Expires: Sat, 03 Dec 2022 15:56:28 GMT 

                                        
                                            
Etag: "306a448867377ee652726a0ca8f45112ed46f3d2" 

                                        
                                            
Cache-Control: max-age=547079,s-maxage=1800,public,no-transform,must-revalidate 

                                        
                                            
X-CCACDN-Proxy-ID: mcdpinlb2 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
CF-Cache-Status: DYNAMIC 

                                        
                                            
Server: cloudflare 

                                        
                                            
CF-RAY: 770943011aeb0b65-OSL 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    bbb0f4db8cf5afadcf6aff6e3efd84f5

                                                Sha1:   306a448867377ee652726a0ca8f45112ed46f3d2

                                                Sha256: f3793d646b320f22c02cde1bee7423484fba1abc89cce4667754107416ab640f

                                        
                                            GET /static/js/fiamp.js HTTP/1.1 

                                        
                                            
Host: ecdn.firstimpression.io

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://ouo.press/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         54.230.111.99

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript

                                        

                                        
                                            
server: nginx/1.20.0 

                                        
                                            
last-modified: Fri, 08 Apr 2022 08:48:22 GMT 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
content-encoding: gzip 

                                        
                                            
date: Sun, 27 Nov 2022 07:29:59 GMT 

                                        
                                            
expires: Sun, 27 Nov 2022 08:29:57 GMT 

                                        
                                            
cache-control: max-age=3600 

                                        
                                            
etag: W/"624ff6d6-1b8e9" 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront) 

                                        
                                            
x-amz-cf-pop: OSL50-P1 

                                        
                                            
x-amz-cf-id: LbQOO9QlgIgN95Wwwk2xBXvUOKsycfVuye9WRjWTk_hPMplsX1Fk8w== 

                                        
                                            
age: 1112 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (65536), with no line terminators

                                                Size:   60294

                                                Md5:    ba7b84587eb3e7425bf1ff2641250d56

                                                Sha1:   041549a105862eac93c8ce3d388a0df597dee104

                                                Sha256: b04b1746bc8a48137457f383c31cc9039fb562a853e8c093db1c15a58ab9e7c1

                                        
                                            GET /turnstile/v0/75e640aa/api.js?onload=_cf_chl_turnstile_l&render=explicit HTTP/1.1 

                                        
                                            
Host: challenges.cloudflare.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         104.18.7.185

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript; charset=UTF-8

                                        

                                        
                                            
date: Sun, 27 Nov 2022 07:48:26 GMT 

                                        
                                            
cache-control: max-age=31536000 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 770942ef8fe80b31-OSL 

                                        
                                            
content-encoding: br 

                                        
                                            
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (9399)

                                                Size:   12730

                                                Md5:    fa8d1d0a9d1411008f741658f242867c

                                                Sha1:   43a0933b7ae6b8ab27e0d5ee8df24ba2cbebb1d5

                                                Sha256: 58af77f0968d4fe01e850c3a923498ce7aa685711dfe0c65d269fa7d5a9587a1

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.sectigo.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         172.64.155.188

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Sun, 27 Nov 2022 07:48:29 GMT 

                                        
                                            
Content-Length: 472 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Last-Modified: Sat, 26 Nov 2022 15:56:29 GMT 

                                        
                                            
Expires: Sat, 03 Dec 2022 15:56:28 GMT 

                                        
                                            
Etag: "306a448867377ee652726a0ca8f45112ed46f3d2" 

                                        
                                            
Cache-Control: max-age=547078,s-maxage=1800,public,no-transform,must-revalidate 

                                        
                                            
X-CCACDN-Proxy-ID: mcdpinlb2 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
CF-Cache-Status: DYNAMIC 

                                        
                                            
Server: cloudflare 

                                        
                                            
CF-RAY: 7709430119810b61-OSL 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    bbb0f4db8cf5afadcf6aff6e3efd84f5

                                                Sha1:   306a448867377ee652726a0ca8f45112ed46f3d2

                                                Sha256: f3793d646b320f22c02cde1bee7423484fba1abc89cce4667754107416ab640f

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 5962 

                                        
                                            
Cache-Control: 'max-age=158059' 

                                        
                                            
Date: Sun, 27 Nov 2022 07:48:29 GMT 

                                        
                                            
Last-Modified: Sun, 27 Nov 2022 06:09:08 GMT 

                                        
                                            
Server: ECS (ska/F718) 

                                        
                                            
X-Cache: HIT 

                                        
                                            
Content-Length: 471 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    f39102a6340bb2fd8c961680d4058687

                                                Sha1:   ddb18aa541e869773f4b396894bcaa17a302c1b7

                                                Sha256: e7b8f4a2903c81045b0795ce1aea1298807b394ea85548f7f97e635e9cf65a2b

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.sectigo.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         172.64.155.188

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Sun, 27 Nov 2022 07:48:29 GMT 

                                        
                                            
Content-Length: 472 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Last-Modified: Sat, 26 Nov 2022 13:55:55 GMT 

                                        
                                            
Expires: Sat, 03 Dec 2022 13:55:54 GMT 

                                        
                                            
Etag: "5be1c6a23b5e6059f4d882148c84eb941c7068ec" 

                                        
                                            
Cache-Control: max-age=539844,s-maxage=1800,public,no-transform,must-revalidate 

                                        
                                            
X-CCACDN-Proxy-ID: mcdpinlb1 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
CF-Cache-Status: DYNAMIC 

                                        
                                            
Server: cloudflare 

                                        
                                            
CF-RAY: 77094303bcc50b65-OSL 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    ea101f7e711eb66ba76f9e395ce3b919

                                                Sha1:   5be1c6a23b5e6059f4d882148c84eb941c7068ec

                                                Sha256: 0f874cf2a25b7f913badd906ae5deb8429f8eb135973275ed5314162b37c7b31

                                        
                                            POST /cdb?profileId=207&av=34&wv=6.2.0&cb=77382117440 HTTP/1.1 

                                        
                                            
Host: bidder.criteo.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Content-Type: text/plain 

                                        
                                            
Content-Length: 486 

                                        
                                            
Origin: http://ouo.press 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://ouo.press/ 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         178.250.0.165

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json; charset=utf-8

                                        

                                        
                                            
date: Sun, 27 Nov 2022 07:48:29 GMT 

                                        
                                            
vary: Origin 

                                        
                                            
server: Finatra 

                                        
                                            
timing-allow-origin: * 

                                        
                                            
access-control-allow-origin: http://ouo.press 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
access-control-allow-credentials: true 

                                        
                                            
content-encoding: gzip 

                                        
                                            
content-length: 44 

                                        
                                            
strict-transport-security: max-age=31536000; preload; 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with no line terminators

                                                Size:   44

                                                Md5:    5f1dcf53824ce88cdb7941d34db3f19d

                                                Sha1:   4164a13e3f53e1f002606a807d64a92620720fb0

                                                Sha256: 3a803b7520764b5266cfac90aa9f9b2ff931109f489d9a1deb24aa686c239a74

                                        
                                            GET /a/api/fastlane.json?account_id=18438&site_id=202928&zone_id=1317174&size_id=2&rp_schain=1.0,1!firstimpression.io,7419,1,,,&rf=http%3A%2F%2Fouo.press%2F1LISgCW&kw=ouo.press%2Cshortlinks%2Clinkshortener%2CfreeURLshortener&tg_i.ref=http%3A%2F%2Fouo.press%2F1LISgCW&tg_i.page=http%3A%2F%2Fouo.press%2F1LISgCW&tg_i.domain=ouo.press&tg_i.figroup=a9&tk_flint=pbjs_lite_v6.2.0&x_source.tid=ab04e3e1-bf86-431d-bfa5-3b2a54487672&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.49436689376994436 HTTP/1.1 

                                        
                                            
Host: fastlane.rubiconproject.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Content-Type: text/plain 

                                        
                                            
Origin: http://ouo.press 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://ouo.press/ 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         213.19.162.21

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json

                                        

                                        
                                            
server: nginx/1.21.4 

                                        
                                            
date: Sun, 27 Nov 2022 07:48:29 GMT 

                                        
                                            
cache-control: no-cache, no-store, max-age=0, must-revalidate 

                                        
                                            
expires: Wed, 17 Sep 1975 21:32:10 GMT 

                                        
                                            
access-control-allow-credentials: true 

                                        
                                            
access-control-allow-origin: http://ouo.press 

                                        
                                            
pragma: no-cache 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
set-cookie: khaos=LAZ27TD7-12-AOJJ; Domain=.rubiconproject.com; Path=/; Expires=Mon, 27-Nov-2023 07:48:29 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|naVuGyos1qrRjk2f3YtE/u9DtVM30fCgsc7/zDE2e/j99sLIrJxTV5ZjSCqH74hcJhsHlJbldDdJwe9iGXKQTKZr5ZVxLWDe; Domain=.rubiconproject.com; Path=/; Expires=Mon, 27-Nov-2023 07:48:29 GMT; Max-Age=31536000; SameSite=None; Secure 

                                        
                                            
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" 

                                        
                                            
content-length: 348 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with very long lines (348), with no line terminators

                                                Size:   348

                                                Md5:    b4341a4c7af04da6efd4c9159db78cf1

                                                Sha1:   de10b8a0b144a253295d6e4bbaca4de98d86b04c

                                                Sha256: 1bc832921d46967b3fb86a39b6e7db090dc5a290af7fc32d9509c77cc06bbba3

                                        
                                            GET /api/v1/p/p.gif?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0XckEGmBo4ZOci0sAHDYwsaNmiEaREmhpkcLcbImBHjRsQaZGzkyCHiYZg6YzKWyTHGzAwcNmS0uFEGh5iTMWaYaSGGzNEWMcbMsCGGRgwcMMLIiNETIhk7C2XAgDGDxkM4dcQsnDG2hkOIcOCkrWGD7sM5cCbqAEkyqY2HY9ro1UEDx40cOn2SMbMw6UMxbtzMhXGjsWURbdxg1CGDxk4cb0OPjpGD7WERdeSwmTtjKwwcFWHLyIiGDh04c3S8eIEHD5syalyckROGThozediIJtO8zBwXY960efGjDp02X-a8iT2mTI8cRmHQ4GxjDGStTWlwqbNWho05MXrM4Px4fv37MvTQUGkxeOUfDPbNMYN-kMFg2IEJ1tBDY4_pBGF7bKQxxhpfpEFGD1YgIcUaa9SBhhFwnLHGE3a04cQMVMTwRRZXHCGEEVaQcYYVQVyhxBJxmPFFDmugkQUeUGQxBhRLrAEHEkq0UcMROCARRRxGfMXGEC3YkYUdbMSBhx5aBKEEFnW0QUMUWuTwxo41ECHGGWrkcYYTWSRZRxptDPGFGlfoEQYTeTARxRdnVJEEEVJUkcaFauQXA6Q5CFgWGdplNN4bLsAhh3UKIdbcQlt41cVbcgQ1WBktOHgZZTrA4AIMuY0BB3ieqiprfW6JIIcdi6n1UBm2trHQrmw9VMeeGeEWBl1ilKHUGGSAddJ-Y7SAVFNY4SCDGDjkcANJNciAQ1lpLCZCDjG40JoLNMjgQkM0lCVHh-qy666s8c5bQ73KhpFRE2_okQYbbITxQg2zgoDCFWm4gekdc4DgBBUgxLDrDiBA7EZKHOMBMgi_MlTSrCmAcASxa7zxgloa00orCEak8akZb-DxgsYMw1DWGKqK4MQTZb1xL9AZDV0WG0EX4cSlZdjxxaezMVTDDTd8ZANYMDwkxxmakebRDQ8dJLUYciyEA2oimP1FG2-QkRZSuZEhxxtzPfSGQoyhmnMeC_V6M2--wSHcC5t2-ukcc7xQ1h0ZxWCuzw-hETmCAIswx68Z3U1Hc0a3UIcbadAxkg0ukDGG5JcGfdAXqrNukbEM2aBTDTPgftvsu9V-e-77OSaDDJJNbR0cX4zqew6468521MkfJwcdfG_R1qkQiSFY22WY8RMbE73FNEWI3So1c87hHSu8MdT02hirydCHAgEB&r=1&s=394d19cab3e82e391a22a154c7282dd586c8d616ff744cb0e2ad38c6c53be2481669535308&w=t&ir=245x208 HTTP/1.1 

                                        
                                            
Host: pxl.tsyndicate.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://ouo.press/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         94.130.141.49

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/plain; charset=utf-8

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Sun, 27 Nov 2022 07:48:29 GMT 

                                        
                                            
content-length: 35 

                                        
                                            
x-robots-tag: noindex, nofollow 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  GIF image data, version 89a, 1 x 1\012- data

                                                Size:   35

                                                Md5:    c2196de8ba412c60c22ab491af7b1409

                                                Sha1:   5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b

                                                Sha256: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

                                        
                                            GET /bao-csm/aps-comm/aps_csm.js HTTP/1.1 

                                        
                                            
Host: c.amazon-adsystem.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Origin: http://ouo.press 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://ouo.press/

                                         143.204.46.73

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/javascript

                                        

                                        
                                            
Transfer-Encoding: chunked 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Access-Control-Allow-Origin: * 

                                        
                                            
Access-Control-Allow-Methods: GET 

                                        
                                            
Access-Control-Max-Age: 3000 

                                        
                                            
Last-Modified: Fri, 18 Nov 2022 03:05:15 GMT 

                                        
                                            
x-amz-version-id: vkCJAv2LVCiDvkjoOZrS5s9fefeFFUOq 

                                        
                                            
Server: AmazonS3 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
Date: Sun, 27 Nov 2022 07:48:29 GMT 

                                        
                                            
Cache-Control: public, max-age=86400 

                                        
                                            
ETag: W/"a4d296427fc806b21335359e398c025c" 

                                        
                                            
Vary: Accept-Encoding,Origin 

                                        
                                            
X-Cache: Hit from cloudfront 

                                        
                                            
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront) 

                                        
                                            
X-Amz-Cf-Pop: OSL50-C1 

                                        
                                            
X-Amz-Cf-Id: WYCv90BuVHu3a4Y0sfIKA5DLjdppxh5tjB93W9IJlsu7RZMFZY6pxQ== 

                                        
                                            
Age: 1292 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (6482), with no line terminators

                                                Size:   2631

                                                Md5:    7c02d92c228e02f2ddfec1a48bdb044d

                                                Sha1:   e4cc88b704d6cf3af8cd4949f5c5eee606a573a3

                                                Sha256: 07f71d82eeb36040c2c3fe12bdc73cb8fe3e7e4890f05981842feb491f24020c

                                        
                                            GET /e/dtb/bid?src=600&u=http%3A%2F%2Fouo.press%2F1LISgCW&pr=http%3A%2F%2Fouo.press%2F1LISgCW%3F__cf_chl_tk%3DkBkES2K8GFl5ijWgLFExZKTGBLWhYEwIRLXVjvHgGkk-1669535304-0-gaNycGzNAv0&pid=mW5EvpboxIIlR&cb=0&ws=728x90&v=22.1107.1609&t=2000&slots=%5B%7B%22sd%22%3A%2293863%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%5D&schain=1.0%2C1!firstimpression.io%2C7419%2C1%2C%2C%2C&pubid=4cd01fd0-0780-4b33-a4da-c39467660185&gdprl=%7B%22status%22%3A%22no-cmp%22%7D HTTP/1.1 

                                        
                                            
Host: aax-dtb-cf.amazon-adsystem.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: http://ouo.press 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://ouo.press/ 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         54.230.241.131

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/javascript;charset=UTF-8

                                        

                                        
                                            
content-length: 165 

                                        
                                            
server: Server 

                                        
                                            
date: Sun, 27 Nov 2022 07:48:29 GMT 

                                        
                                            
x-amz-rid: QVX7WBQG8DTWVPF3CD20 

                                        
                                            
access-control-allow-origin: http://ouo.press 

                                        
                                            
access-control-allow-credentials: true 

                                        
                                            
timing-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=47474747; includeSubDomains; preload 

                                        
                                            
vary: Accept-Encoding,User-Agent 

                                        
                                            
x-cache: Miss from cloudfront 

                                        
                                            
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront) 

                                        
                                            
x-amz-cf-pop: OSL50-P1 

                                        
                                            
x-amz-cf-id: 9F-B5Y-ZVcCsOCsw9z9NT22Atpk8Hmf9yYImuycrpnrLH5qqPU3GRw== 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with no line terminators

                                                Size:   165

                                                Md5:    524702d9c4ac8c61e27c3d850412f10f

                                                Sha1:   199d4d5b602799e1a01577115d249b9707dbf37a

                                                Sha256: 7e4302335da0ce23c817a82d8d34836aef6ef7fb136f731d4ba29a7e4d762a7b

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "CE33EBBD5115FFAAC9721EACC50F458D369B30DBC875379C5602FE846D078207" 

                                        
                                            
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=4093 

                                        
                                            
Expires: Sun, 27 Nov 2022 08:56:43 GMT 

                                        
                                            
Date: Sun, 27 Nov 2022 07:48:30 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    c7afa63a2e765a5889feedb036228204

                                                Sha1:   546d048429118d6ff49049b948a6d39c3706b4e1

                                                Sha256: ce33ebbd5115ffaac9721eacc50f458d369b30dbc875379c5602fe846d078207

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: e1.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 345 

                                        
                                            
ETag: "12DB50941A08926A1F14146C52B53CFC6ACC1DCB6AC858F6FCFB421330DFB12F" 

                                        
                                            
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=13335 

                                        
                                            
Expires: Sun, 27 Nov 2022 11:30:45 GMT 

                                        
                                            
Date: Sun, 27 Nov 2022 07:48:30 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   345

                                                Md5:    3a1eb8e3d7b5e963c21e1905e849e570

                                                Sha1:   fff8193edc6218562c5612b0e02f73dbcca98c0c

                                                Sha256: 12db50941a08926a1f14146c52b53cfc6acc1dcb6ac858f6fcfb421330dfb12f

                                        
                                            GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1 

                                        
                                            
Host: fonts.googleapis.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/css,*/*;q=0.1 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive

                                         142.250.74.10

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: text/css; charset=utf-8

                                        

                                        
                                            
Access-Control-Allow-Origin: * 

                                        
                                            
Timing-Allow-Origin: * 

                                        
                                            
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin 

                                        
                                            
Expires: Sun, 27 Nov 2022 07:48:30 GMT 

                                        
                                            
Date: Sun, 27 Nov 2022 07:48:30 GMT 

                                        
                                            
Cache-Control: private, max-age=86400 

                                        
                                            
Cross-Origin-Resource-Policy: cross-origin 

                                        
                                            
Cross-Origin-Opener-Policy: same-origin-allow-popups 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
Transfer-Encoding: chunked 

                                        
                                            
Server: ESF 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
X-Content-Type-Options: nosniff 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text

                                                Size:   660

                                                Md5:    55130bf120bd75a4bba7d678be617cdf

                                                Sha1:   77b172c0cc1d15e60ab95edccf3ac1e640d16812

                                                Sha256: 262b9e8c2eeba18bdc3dd53ac7bbacdbbec713a9443ff5dc34e359de56ea040d

                                        
                                            GET /sb/notifications/games/nutaku/multi/4/images/landing/css/styles.css HTTP/1.1 

                                        
                                            
Host: cdn.creative-bars1.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: http://ouo.press 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://ouo.press/ 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         172.64.108.13

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/css

                                        

                                        
                                            
date: Sun, 27 Nov 2022 07:48:30 GMT 

                                        
                                            
last-modified: Fri, 19 Aug 2022 09:15:08 GMT 

                                        
                                            
etag: W/"62ff549c-ed9" 

                                        
                                            
expires: Thu, 31 Dec 2037 23:55:55 GMT 

                                        
                                            
cache-control: public, max-age=315360000 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
access-control-expose-headers: Date 

                                        
                                            
cf-cache-status: MISS 

                                        
                                            
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dzha2MUBKp%2FuFBvu4A%2B0LWEIbz56MX04Xig%2BB6X97CgONdx9%2BYMWcdsXDq%2FUGy8AALfCjvHRa8Zcx%2B5g6r%2BKxv0S6byuelY9DF9KnSXvU111BRiw3NU25SxqO%2Fejip7ceVuHjB%2FXkHi6"}],"group":"cf-nel","max_age":604800} 

                                        
                                            
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 7709430bc9680091-LHR 

                                        
                                            
content-encoding: br 

                                        
                                            
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (3797)

                                                Size:   1251

                                                Md5:    31a2db84c7b9fe257c5cf7333b1ec6be

                                                Sha1:   1874cb4b3119cfc7e69eadccb0a1c7cca9ee3829

                                                Sha256: 233c86c6865f5528ec391f7cfa860847f647fc618c57127155d96dd8cffc2a3a

                                        
                                            GET /sb/notifications/games/nutaku/multi/4/css/style.css HTTP/1.1 

                                        
                                            
Host: cdn.creative-bars1.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: http://ouo.press 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://ouo.press/ 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         172.64.108.13

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/css

                                        

                                        
                                            
date: Sun, 27 Nov 2022 07:48:30 GMT 

                                        
                                            
last-modified: Wed, 21 Sep 2022 08:08:06 GMT 

                                        
                                            
etag: W/"632ac666-1fae" 

                                        
                                            
expires: Thu, 31 Dec 2037 23:55:55 GMT 

                                        
                                            
cache-control: public, max-age=315360000 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
access-control-expose-headers: Date 

                                        
                                            
cf-cache-status: MISS 

                                        
                                            
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A9L8Lt%2BYY9Rm3lsyB4l3ua6rBAvKM8hI9qfITHZ%2BSiPf5y08UcKgQkmQBPMVT0dLbS2jyVhHj%2F9gD9wGUAPsvQTn7mdQ%2FTINO8hj%2FN7WY54MzohSCjrybRbkj%2BSucqwKN%2FySEzRvp%2FBg"}],"group":"cf-nel","max_age":604800} 

                                        
                                            
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 7709430bc9690091-LHR 

                                        
                                            
content-encoding: br 

                                        
                                            
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  assembler source, ASCII text

                                                Size:   2055

                                                Md5:    b0f63b6314a613026e86eca13614f55d

                                                Sha1:   5084145cc784ca9e5fec9bdd9a75d6cdf74cf4ef

                                                Sha256: 83ca92902e16185f38988bf0b48578be1f50435a5e9de3e0515ffeb4fdb01107

                                        
                                            GET /sb/notifications/games/nutaku/multi/4/css/animate.css HTTP/1.1 

                                        
                                            
Host: cdn.creative-bars1.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/css,*/*;q=0.1 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: style 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         172.64.108.13

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/css

                                        

                                        
                                            
date: Sun, 27 Nov 2022 07:48:30 GMT 

                                        
                                            
last-modified: Fri, 19 Aug 2022 09:15:04 GMT 

                                        
                                            
etag: W/"62ff5498-ec8b" 

                                        
                                            
expires: Thu, 31 Dec 2037 23:55:55 GMT 

                                        
                                            
cache-control: public, max-age=315360000 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
access-control-expose-headers: Date 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 1014909 

                                        
                                            
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ty3Jl0ZGaPUWUy93%2BFZJin3Ziv2RkyYQJpbP3f73%2Bl2rvzRlOVfJq3bPncLGaLL8ascRDnMdMWH4pZxDsCr6KNSp6lAhAmS%2BAEzhrvTenvivsTiJMeOplT%2Fr4ed%2FsobDmye6Fpxef8p2"}],"group":"cf-nel","max_age":604800} 

                                        
                                            
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 7709430bcc3a72e5-LHR 

                                        
                                            
content-encoding: br 

                                        
                                            
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                        
                                            GET /c.js HTTP/1.1 

                                        
                                            
Host: hhklc.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Referer: http://ouo.press/ 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         104.21.70.122

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript

                                        

                                        
                                            
date: Sun, 27 Nov 2022 07:48:28 GMT 

                                        
                                            
last-modified: Fri, 11 Nov 2022 16:10:23 GMT 

                                        
                                            
etag: W/"636e73ef-2218" 

                                        
                                            
server-asp-net: Asp Net 

                                        
                                            
expires: Sun, 27 Nov 2022 08:24:18 GMT 

                                        
                                            
cache-control: public, max-age=14400 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 550 

                                        
                                            
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UMTG%2FGhIEu2HAfSNVhK8BYUH9NfIXJXOqrctjVyFKLeijpwGoqYDYobUWpeoCspxvHLBCgcwoNg86DXCD%2F3vxUBH%2FPORHJGV%2BQBnIQdzuZsVnLKStR%2BjM2CVF40%3D"}],"group":"cf-nel","max_age":604800} 

                                        
                                            
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 770942fb1fc9b512-OSL 

                                        
                                            
content-encoding: br 

                                        
                                            
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

URL	ouo.press/1LISgCW
IP	104.22.58.251 ()
ASN	#13335 CLOUDFLARENET
UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed	2022-11-27 07:48:36 UTC
Status	Loading report..
IDS alerts	0
Blocklist alert	10
urlquery alerts	No alerts detected
Tags	None

Overview

Domain Summary (44)

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 104.22.58.251

Last 5 reports on ASN: CLOUDFLARENET

Last 5 reports on domain: ouo.press

No other reports with similar screenshot

JavaScript

Executed Scripts (27)

Executed Evals (9)

#1 JavaScript::Eval (size: 586) - SHA256: fea359d7b2b27a7fcd5c4be07826545e34598b5245e1c3e70ea8584bfa9ea8f3

#2 JavaScript::Eval (size: 556) - SHA256: bd9c374bd9e64ec2bdb8276e47d06e29d4f4f2eeb2cd3a023dbba435136ce4c9

#3 JavaScript::Eval (size: 22) - SHA256: 2ed176c7f9d5b3c8ca6ccdb0e994b6ddc34944c41fc4db7451fd7a3d27fed6f1

#4 JavaScript::Eval (size: 22) - SHA256: 9bb0c662c12831d4a6a9d504b2534e28f08b91591da1303a05ad2b3e12a6e49e

#5 JavaScript::Eval (size: 64) - SHA256: cc158dc49db31ac40a09769c14f1e96ce12d8ee44ddb54a5321c32cd0536ef78

#6 JavaScript::Eval (size: 6482) - SHA256: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

#7 JavaScript::Eval (size: 16346) - SHA256: a9295cc54992bd1c2b7b21beaf36d661345db3b2570cf349c8666ed77567b2ba

#8 JavaScript::Eval (size: 165) - SHA256: 7e4302335da0ce23c817a82d8d34836aef6ef7fb136f731d4ba29a7e4d762a7b

#9 JavaScript::Eval (size: 15588) - SHA256: 0d4559ba47020dfb3d3229a79fae241152a0337f86a9c8a01bd5add41c1753b7

Executed Writes (2)

#1 JavaScript::Write (size: 173) - SHA256: 642f9705ec7d8c7b0f907d5fecc582d31d93a78c244f05c938e36bf016fe9d3c

#2 JavaScript::Write (size: 3575) - SHA256: 36d48aeb87174dbf8b0ea333d2042d9e198797bd33c3f849597981eacd619515

HTTP Transactions (102)

Overview

Domain Summary (44)

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 104.22.58.251

Last 5 reports on ASN: CLOUDFLARENET

Last 5 reports on domain: ouo.press

No other reports with similar screenshot

JavaScript

Executed Scripts (27)

Executed Evals (9)

#1 JavaScript::Eval (size: 586) - SHA256: fea359d7b2b27a7fcd5c4be07826545e34598b5245e1c3e70ea8584bfa9ea8f3

#2 JavaScript::Eval (size: 556) - SHA256: bd9c374bd9e64ec2bdb8276e47d06e29d4f4f2eeb2cd3a023dbba435136ce4c9

#3 JavaScript::Eval (size: 22) - SHA256: 2ed176c7f9d5b3c8ca6ccdb0e994b6ddc34944c41fc4db7451fd7a3d27fed6f1

#4 JavaScript::Eval (size: 22) - SHA256: 9bb0c662c12831d4a6a9d504b2534e28f08b91591da1303a05ad2b3e12a6e49e

#5 JavaScript::Eval (size: 64) - SHA256: cc158dc49db31ac40a09769c14f1e96ce12d8ee44ddb54a5321c32cd0536ef78

#6 JavaScript::Eval (size: 6482) - SHA256: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

#7 JavaScript::Eval (size: 16346) - SHA256: a9295cc54992bd1c2b7b21beaf36d661345db3b2570cf349c8666ed77567b2ba

#8 JavaScript::Eval (size: 165) - SHA256: 7e4302335da0ce23c817a82d8d34836aef6ef7fb136f731d4ba29a7e4d762a7b

#9 JavaScript::Eval (size: 15588) - SHA256: 0d4559ba47020dfb3d3229a79fae241152a0337f86a9c8a01bd5add41c1753b7

Executed Writes (2)

#1 JavaScript::Write (size: 173) - SHA256: 642f9705ec7d8c7b0f907d5fecc582d31d93a78c244f05c938e36bf016fe9d3c

#2 JavaScript::Write (size: 3575) - SHA256: 36d48aeb87174dbf8b0ea333d2042d9e198797bd33c3f849597981eacd619515

HTTP Transactions (102)

Network Intrusion Detection Systems