ouo.io/SDEj74
104.22.22.162301 Moved Permanently 0 B IP 104.22.22.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /SDEj74 HTTP/1.1
Host: ouo.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Wed, 04 Jan 2023 22:03:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 04 Jan 2023 23:03:36 GMT
Location: https://ouo.io/SDEj74
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 784743df7933b517-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 326898eb925368408f6f42ee173b9d89
b8b20ee34b7e7b139e7729b8e46a54ea25f54ac8
96c2c75f700ab55649882111713ca3cfb2eaf08e404c2bc245a641dc12ae168a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "96C2C75F700AB55649882111713CA3CFB2EAF08E404C2BC245A641DC12AE168A"
Last-Modified: Wed, 04 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11382
Expires: Thu, 05 Jan 2023 01:13:18 GMT
Date: Wed, 04 Jan 2023 22:03:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b5997a492d3d161c9009d95add566733
9db765ae549ebe4aa859ca27abe365cf7f62dc4d
1ec0de25b0afd3b402c728b9c6b47c4fcf25fb989052427886841a3f52510a0e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1EC0DE25B0AFD3B402C728B9C6B47C4FCF25FB989052427886841A3F52510A0E"
Last-Modified: Wed, 04 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10237
Expires: Thu, 05 Jan 2023 00:54:13 GMT
Date: Wed, 04 Jan 2023 22:03:36 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 04 Jan 2023 21:47:46 GMT
content-type: application/json
age: 950
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash da484f5e9c6805745e063b236fb81473
ae454bf4a7ae0e96935afc81ee0f89c049097b15
068d0da23acbe7f6b600c4e7dbe9c81d3ad78c8afd122255bbf3550e8a290686
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "068D0DA23ACBE7F6B600C4E7DBE9C81D3AD78C8AFD122255BBF3550E8A290686"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4837
Expires: Wed, 04 Jan 2023 23:24:13 GMT
Date: Wed, 04 Jan 2023 22:03:36 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: dEgFJxCoxTT9W7YGEh4zzUnFDNLAjxayo0aXcdZ7ZdHmMbuL1adSkNRZwo++M10C1GT0wgtLoQGyCNrdLpKtQA==
x-amz-request-id: B0NRENYXNE9MTGMR
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 04 Jan 2023 22:01:29 GMT
age: 127
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 31e0159e8d7827e11ba042323016ecf7
c64024b609ac18dce1315692fe1a46eeb3775090
071b9a599a048bd6a8b28953d081ddc1e6b48767f8d86a366a748d3fa1cb6470
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4065
Cache-Control: max-age=87759
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 22:03:36 GMT
Etag: "63b49ba6-118"
Expires: Thu, 05 Jan 2023 22:26:15 GMT
Last-Modified: Tue, 03 Jan 2023 21:18:30 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 280
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 04 Jan 2023 22:03:36 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 7b770b7eb6007c93db6d096411a72715
acae8d1bc38dd47504c4f95dac6d2db27508bf9c
3a41579ebb229f3b9bd44f6984572dc859d55f964c3c0f604e24a3600c672f06
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3887
Cache-Control: max-age=162463
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 22:03:36 GMT
Etag: "63b5c028-118"
Expires: Fri, 06 Jan 2023 19:11:19 GMT
Last-Modified: Wed, 04 Jan 2023 18:06:32 GMT
Server: ECS (amb/6BB6)
X-Cache: HIT
Content-Length: 280
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Expires, Pragma, Content-Type, Backoff, Last-Modified, Cache-Control, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 04 Jan 2023 21:08:11 GMT
age: 3326
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fe74c226e54f2f382d278b594df930ae
4e4ebc661443f56b74d7c924ddae50bcb107f0af
511f11fe968867447f6d7e5862d8003e3a5fc18bdb62496ea09d140e9a11f53b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5389
Cache-Control: max-age=131583
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 22:03:37 GMT
Etag: "63b541ab-1d7"
Expires: Fri, 06 Jan 2023 10:36:40 GMT
Last-Modified: Wed, 04 Jan 2023 09:06:51 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
ouo.press/images/world.png
104.22.58.251200 OK 5.7 kB URL HTTP/2 ouo.press/images/world.png
IP 104.22.58.251:0
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 4eea420a8830a6d695114427bf52b556
35579e7f1a656beb3a07a7093166ff37c634bade
70f03c74cc197cf154af36fa552a448d9ffebb55081c96e55ef4cf469123fe22
GET /images/world.png HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/SDEj74
Cookie: ouoio_session=eyJpdiI6IjZZUDJmR1FmWTlHa0tOOVZicVVGRmV6aEZJTThEUlFFS2xuQSt6SDZMU009IiwidmFsdWUiOiJUMTJXQzA0UGtZejM1bUxKaUlpWkhaanpyMERBSll2OFBQVGtRSkFIWndUUUFja1pEcktpWGg2WWtXU0NsNmIzWkJmUTNOM202TGtZNUJSQUxzb1lrdz09IiwibWFjIjoiMGFlYTI4ODcxM2JhOTM0MDI0MmJjNDk0YTBmNzM4YjE3NzMzYzYxM2FlOTViMTc5ZDBlMGI3Zjg1M2Q3M2ZhMSJ9; language=eyJpdiI6Ik13Z3YrQjlQUGhzNkdyTVdqTlJweWdXS3hoVjNtWjluWGk5QWFxTUZkNzg9IiwidmFsdWUiOiJJZ2t3MkM0QzB5ZmlDcVVmaWkzaTE1T2VXTTd5QWhwRFdGV21NU2tjYUx3PSIsIm1hYyI6ImVjODlmNzg2ZDlkODhmOTg3ZjEzMTM0ZGFkODM1OWRkNGMwZTg1YjNmNzkyMTZiMmZiZTRmYzUwOTZkOGExOGUifQ%3D%3D; 4c9d1dacf18bc9f1f61d04c112e2beb3688c6663=eyJpdiI6InRjSFFkT2d6ZnVvSE9GRkJ6bHVjMzNsSFF1ME9HT3RhdGNBSzdzNzVUaWM9IiwidmFsdWUiOiJjTkVVSG9MMTVzXC85M0FNaWxvUGFcLytyZnhaQnZORzZYdlYyalFKdHZrZWNaWUZcL1pha0FJV05aMnVjU3owd1JCNEVxak1YWmFrMlM4MEFtcEE3blk3VU5pZ0thV1JLN2hcL0dOQ09PXC85eG5zVGN0N1FtbUpxdkhUZUF0em1oU01kV2EzajlzUk5IWHRSak90M1wvTTBlempQdm1uU1VUaXJLdkRxekh6RlhvekNaVzlqdWNsenNyRGZKdlVlNW1rZVwvbW9QRFh5TTZScEdTTElyd0VGZDAwY2gxMlwvNW12b2ZBbEgycm5IMDk1K0NYMjFxYTF5bkRzcnpzblYxRjYxRnNyUUNlRkN4VTRXNDZyR1BrZnZTZGxaaGQzbWtGVTgzMU9UU2J3T3FiakNUekRcL1dQTlVta3B3ZmNKTkVZMUlDeTVUdEhERzdMdGZHZ2JNeXlqXC96WXg3WHNhOURqeFdNRlk0UVczOTNEbWRpQ0E3bUo4YXllY1ppckNOVEZrWWMwIiwibWFjIjoiMWVhNzE4OGQxNDY4OTEzMWVlN2Y4MGI2ZDEyMzRkMTNiOTYzZTRmMmFmYmQ3YTYxZWY5NzRhOWM1YTI0YzU1NCJ9; __cf_bm=3RddPTm_I.PvORkkp7Wdpt5u_jmZn_lwVZ7uDAhBu0M-1672869817-0-AYRsqtFReibbYV7SF7qCDYo8naCYfGN3UMNxSNX8BT5hFCT9HqiAWjzDOvUmHoBqbb/P6J40UhM/WEH9cHaqDc8=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 04 Jan 2023 22:03:37 GMT
content-type: image/png
content-length: 5692
cache-control: max-age=2592000
cf-bgj: imgq:85,h2pri
cf-polished: status=not_needed
etag: "5549a07c-163c"
expires: Wed, 01 Feb 2023 22:39:30 GMT
last-modified: Wed, 06 May 2015 05:02:52 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 170647
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 784743e69d31b4ee-OSL
X-Firefox-Spdy: h2
push.services.mozilla.com/
35.166.224.175101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.166.224.175:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: kXmLf4+RPtDAXRU44MFV3Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: UHGPdD4CrtYPYAScQaHP7s351n8=
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 267b6e07fe87225bf22bea7bd7f989fd
a8a69575f546b6e85c470e49bcfc3f13e17aaea6
edcb20b9dc04903b22b65536f2a1fc54c87446d58eef5207fb413efbbaa74f77
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1511
Cache-Control: max-age=101434
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 22:03:37 GMT
Etag: "63b4db0d-116"
Expires: Fri, 06 Jan 2023 02:14:11 GMT
Last-Modified: Wed, 04 Jan 2023 01:49:01 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 278
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash a6cdf191deb0e291350d9d91d9ab97a7
fb82c911866268a7d33d2743dbe0328199c7121a
414acc6f6d050d52d88f9706e71d6a0e3eceb4dc41edcce74ec63eb63d8fb1cb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 22:03:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 561e959ce9eff04b09da6f3def82f549
7866f989cdfb160709f4c93b767fd01e5553d75b
9076b4ae1a34ab02b362ffa44ecbf6d579f82042cfd7e7138977477ea5bd3e61
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 22:03:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 267b6e07fe87225bf22bea7bd7f989fd
a8a69575f546b6e85c470e49bcfc3f13e17aaea6
edcb20b9dc04903b22b65536f2a1fc54c87446d58eef5207fb413efbbaa74f77
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1511
Cache-Control: max-age=101434
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 22:03:37 GMT
Etag: "63b4db0d-116"
Expires: Fri, 06 Jan 2023 02:14:11 GMT
Last-Modified: Wed, 04 Jan 2023 01:49:01 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 278
www.google.com/recaptcha/api.js?render=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x
216.58.207.228200 OK 582 B URL HTTP/2 www.google.com/recaptcha/api.js?render=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x
IP 216.58.207.228:0
File type ASCII text, with very long lines (884), with no line terminators
Hash 67b623c8416af7b2ef4383c9c2c90de2
a2bd55b0febba2b7915fa4afcf8ec28cc6bbd5de
edbf05ad3713f72231f33499c2589c01c2d7e1ae409b92d1e45f100b29aac50a
GET /recaptcha/api.js?render=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Wed, 04 Jan 2023 22:03:37 GMT
date: Wed, 04 Jan 2023 22:03:37 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 582
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 561e959ce9eff04b09da6f3def82f549
7866f989cdfb160709f4c93b767fd01e5553d75b
9076b4ae1a34ab02b362ffa44ecbf6d579f82042cfd7e7138977477ea5bd3e61
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 22:03:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 7c8811382bcd40ec65e7a6e339e94904
38d741442c52bcdde863d1a2d593ce0c81c7efbd
ce5c1060c028784381224586783b9b0943fd14947bb15bb38e6d401a1a221c23
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 22:03:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 02ab60ca9b23e5450177fe5b2f4e7327
63d91a6eb945724f78db899f202c8ba2ac4d2e6a
d33850f5a3d09db8a469b403bfc1dda07dbfbe68679cceee231de5e6680117c7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D33850F5A3D09DB8A469B403BFC1DDA07DBFBE68679CCEEE231DE5E6680117C7"
Last-Modified: Wed, 04 Jan 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15834
Expires: Thu, 05 Jan 2023 02:27:31 GMT
Date: Wed, 04 Jan 2023 22:03:37 GMT
Connection: keep-alive
tv.gourdycortes.com/1clkn/16562
23.109.87.54200 OK 26 B URL HTTP/1.1 tv.gourdycortes.com/1clkn/16562
IP 23.109.87.54:0
File type ASCII text, with no line terminators
Hash 414a242a6fee8464282857e475d3ef61
f669890350347f53aa9bd19c1a355692e8d17d2f
d4914e81dd0b4c1d8ee8e789f6b369d107b93ac886f862930e1a98580e79aafa
GET /1clkn/16562 HTTP/1.1
Host: tv.gourdycortes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 04 Jan 2023 22:03:37 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Set-Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; expires=Thu, 05-Jan-2023 22:03:37 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJxNjM0KgkAYRW0qSwrjQg%2FQC2T%2Fi7bVMnThAwxmXzFg84kz%2FdjTpwbR5nI4cK7jOGLsQ6gcw%2B0i2M6D9TJYbNZoX4khwgjDlO%2FaFqXUyY3ghlw8kxJuQVfFGmK%2BwuDLMuUzoRtG0z%2FXRIPIZDzZ1z8lOqmqt1bwav52vaprXFuZHP4uU69JzNndVi8GniYrTU50hrdPThnNDvER%2Fs82H24LfWVkXvCrrHhk1Y3erEny5WLIVqr1cMUHDLFHVQ%3D%3D; expires=Thu, 05-Jan-2023 22:03:37 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7f78f44741eb2f65cbab833be3a5290b
2c71b045fcafb0b1326c2b6072fbaea8ce2481c0
6dbee07e2c6b2c077cf39e00c867f924e4232dbd2d0fc9d6a82152c318aa2ba7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6DBEE07E2C6B2C077CF39E00C867F924E4232DBD2D0FC9D6A82152C318AA2BA7"
Last-Modified: Wed, 04 Jan 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3937
Expires: Wed, 04 Jan 2023 23:09:15 GMT
Date: Wed, 04 Jan 2023 22:03:38 GMT
Connection: keep-alive
itineraryupper.com/ed/36/01/ed36014633829dc70a42dccaefdf3f11.js
192.243.61.227200 OK 13 kB URL HTTP/1.1 itineraryupper.com/ed/36/01/ed36014633829dc70a42dccaefdf3f11.js
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (37183), with no line terminators
Hash 9779e9d0b259fc4b352912780fc7f9b7
df76d56e4b908957083c92628502476a687387f6
c926aa8db0d624ddfcae2ec6179314ef983966f551995c52f86224afd88eab02
Analyzer Verdict Alert fortinet Malware
GET /ed/36/01/ed36014633829dc70a42dccaefdf3f11.js HTTP/1.1
Host: itineraryupper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 04 Jan 2023 22:03:38 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a0aa50fb1316fdcab7f8f8ade49955a6
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
cdn.adtrue.com/rtb/async.js
172.64.109.4200 OK 3.1 kB URL HTTP/2 cdn.adtrue.com/rtb/async.js
IP 172.64.109.4:0
File type HTML document, ASCII text, with very long lines (7327), with no line terminators
Hash a0f970b8a8c34afa23cb2f725aa59383
3d94798957c683603e76af9b7637f972b94c0e08
5cb51f7bce1149900d08b9f288486dea46f1da126beaf312557b7d5683fc843c
GET /rtb/async.js HTTP/1.1
Host: cdn.adtrue.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 04 Jan 2023 22:03:37 GMT
content-type: application/javascript
last-modified: Mon, 16 Nov 2020 01:20:45 GMT
etag: W/"5fb1d3ed-1c9f"
expires: Sun, 24 Sep 2023 03:43:39 GMT
cache-control: max-age=31104000
access-control-allow-origin: *
cf-cache-status: HIT
age: 8446798
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qsyud6EYYL8M4MdrS8pOvLZJwQwzFLMkrkmSPESrC%2BIqVLl4IseXITIT9vV1m7pBSSWbVt5mNfJPkRufjCz5L45er%2BXkAK8fNEYV5Wrvz5dAn26eJOCHnCwwumnZN9zK0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 784743e73e99730f-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2
142.250.74.35200 OK 19 kB URL HTTP/2 fonts.gstatic.com/s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 19292, version 1.0\012- data
Hash 19007b17e56daa60133bce9e9b352a95
bac1384caeae5762e7a1d8c18037f69c8cd21bc4
fd88a03358ba14440b78c6329717bdf6ed1a9fe97c3ad4e0a0a39d31fb1ac546
GET /s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ouo.press
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19292
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 03 Jan 2023 15:44:47 GMT
expires: Wed, 03 Jan 2024 15:44:47 GMT
cache-control: public, max-age=31536000
age: 109131
last-modified: Wed, 27 Apr 2022 16:12:54 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 888c4572a7ed14252913e59e535a2bab
fd8e8cbda317610f7e13b8fc792c8546b3cc382d
5aa2d8301bf6b4faa72dbcce3dce7f2864518baafab75cce56d5874f7353a2c2
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "5AA2D8301BF6B4FAA72DBCCE3DCE7F2864518BAAFAB75CCE56D5874F7353A2C2"
Last-Modified: Tue, 03 Jan 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3055
Expires: Wed, 04 Jan 2023 22:54:33 GMT
Date: Wed, 04 Jan 2023 22:03:38 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 5dcd3e3f6440384500af24c809a3f175
3a5df7e2369c9d65865d73410b0cac87e1b5a54c
b7c5a41dbd443dcb04231372b9ac63a3853d57e43941af5b22073693291099df
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 22:03:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.firstimpression.io/delivery/spc_fi.php?id=7419&url=%2FSDEj74&charset=UTF-8&ch=22&ref=ouo.press&viewerId=null&referer=&_firid=61524405
54.230.111.99200 OK 5.7 kB URL HTTP/2 cdn.firstimpression.io/delivery/spc_fi.php?id=7419&url=%2FSDEj74&charset=UTF-8&ch=22&ref=ouo.press&viewerId=null&referer=&_firid=61524405
IP 54.230.111.99:0
File type JSON data\012- , ASCII text, with very long lines (25928), with no line terminators
Hash d26a08ad32fa9b08eb2df0c5bdd8e5dc
44db473a53c1f77e788fd3fe179e8cad4366d2a1
c1f98459272e8c0a1b6682563d9e3aebc4b949411f951c5a2eb5a875ea2c0de1
GET /delivery/spc_fi.php?id=7419&url=%2FSDEj74&charset=UTF-8&ch=22&ref=ouo.press&viewerId=null&referer=&_firid=61524405 HTTP/1.1
Host: cdn.firstimpression.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
content-length: 5688
date: Wed, 04 Jan 2023 22:03:38 GMT
server: Apache/2.4.38 (Debian)
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
expires: 0
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
p3p: CP="CUR ADM OUR NOR STA NID"
set-cookie: OAID=GDPR; expires=Thu, 04-Jan-2024 22:03:38 GMT; Max-Age=31536000; path=/; secure; SameSite=none
vary: Accept-Encoding
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: lDfciAWjM3DG_cA2qS_FF-zWh_1NgaRWtGDX-1xrlSsrc2lnrdLyow==
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 94a18fd837dd0f115b235a9129822ce7
271fbb9ea6e641837e758c4030db4f90b331c182
3c544601cf7cb0a9adf878e6b1d3733ae16bd857f9599105eb0a9a44909c5458
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=147824
Date: Wed, 04 Jan 2023 22:03:38 GMT
Etag: "63b57f96-1d7"
Expires: Fri, 06 Jan 2023 15:07:22 GMT
Last-Modified: Wed, 04 Jan 2023 13:31:02 GMT
Server: ECS (bsa/EB12)
X-Cache: Miss from cloudfront
Via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ntZrWX-It3rkuaH6FLIf6T1zam96LfqKM1_PjwDJfWJBRGe3E5m3dA==
Age: 5780
ouo.press/SDEj74
104.22.58.251200 OK 3.8 kB IP 104.22.58.251:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1938)
Hash 0c0aedac46647c885e4bc312e524f04a
758301a0d519067718c80581cd995a57e6dc9c11
de1eef00cd7303224cf8cc3846190df3c2c87aeda337c2901a4586c9f7c91a1b
GET /SDEj74 HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Wed, 04 Jan 2023 22:03:37 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
set-cookie: ouoio_session=eyJpdiI6IjZZUDJmR1FmWTlHa0tOOVZicVVGRmV6aEZJTThEUlFFS2xuQSt6SDZMU009IiwidmFsdWUiOiJUMTJXQzA0UGtZejM1bUxKaUlpWkhaanpyMERBSll2OFBQVGtRSkFIWndUUUFja1pEcktpWGg2WWtXU0NsNmIzWkJmUTNOM202TGtZNUJSQUxzb1lrdz09IiwibWFjIjoiMGFlYTI4ODcxM2JhOTM0MDI0MmJjNDk0YTBmNzM4YjE3NzMzYzYxM2FlOTViMTc5ZDBlMGI3Zjg1M2Q3M2ZhMSJ9; path=/; httponly
language=eyJpdiI6Ik13Z3YrQjlQUGhzNkdyTVdqTlJweWdXS3hoVjNtWjluWGk5QWFxTUZkNzg9IiwidmFsdWUiOiJJZ2t3MkM0QzB5ZmlDcVVmaWkzaTE1T2VXTTd5QWhwRFdGV21NU2tjYUx3PSIsIm1hYyI6ImVjODlmNzg2ZDlkODhmOTg3ZjEzMTM0ZGFkODM1OWRkNGMwZTg1YjNmNzkyMTZiMmZiZTRmYzUwOTZkOGExOGUifQ%3D%3D; expires=Mon, 03-Jan-2028 22:03:37 GMT; Max-Age=157680000; path=/; httponly
4c9d1dacf18bc9f1f61d04c112e2beb3688c6663=eyJpdiI6InRjSFFkT2d6ZnVvSE9GRkJ6bHVjMzNsSFF1ME9HT3RhdGNBSzdzNzVUaWM9IiwidmFsdWUiOiJjTkVVSG9MMTVzXC85M0FNaWxvUGFcLytyZnhaQnZORzZYdlYyalFKdHZrZWNaWUZcL1pha0FJV05aMnVjU3owd1JCNEVxak1YWmFrMlM4MEFtcEE3blk3VU5pZ0thV1JLN2hcL0dOQ09PXC85eG5zVGN0N1FtbUpxdkhUZUF0em1oU01kV2EzajlzUk5IWHRSak90M1wvTTBlempQdm1uU1VUaXJLdkRxekh6RlhvekNaVzlqdWNsenNyRGZKdlVlNW1rZVwvbW9QRFh5TTZScEdTTElyd0VGZDAwY2gxMlwvNW12b2ZBbEgycm5IMDk1K0NYMjFxYTF5bkRzcnpzblYxRjYxRnNyUUNlRkN4VTRXNDZyR1BrZnZTZGxaaGQzbWtGVTgzMU9UU2J3T3FiakNUekRcL1dQTlVta3B3ZmNKTkVZMUlDeTVUdEhERzdMdGZHZ2JNeXlqXC96WXg3WHNhOURqeFdNRlk0UVczOTNEbWRpQ0E3bUo4YXllY1ppckNOVEZrWWMwIiwibWFjIjoiMWVhNzE4OGQxNDY4OTEzMWVlN2Y4MGI2ZDEyMzRkMTNiOTYzZTRmMmFmYmQ3YTYxZWY5NzRhOWM1YTI0YzU1NCJ9; expires=Thu, 05-Jan-2023 00:03:37 GMT; Max-Age=7200; path=/; httponly
__cf_bm=3RddPTm_I.PvORkkp7Wdpt5u_jmZn_lwVZ7uDAhBu0M-1672869817-0-AYRsqtFReibbYV7SF7qCDYo8naCYfGN3UMNxSNX8BT5hFCT9HqiAWjzDOvUmHoBqbb/P6J40UhM/WEH9cHaqDc8=; path=/; expires=Wed, 04-Jan-23 22:33:37 GMT; domain=.ouo.press; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 784743e3791fb4ee-OSL
content-encoding: br
X-Firefox-Spdy: h2
ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
2.18.172.200200 OK 80 kB URL HTTP/2 ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
IP 2.18.172.200:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 6a4ce36b0d03543974d71b88fa37145d
a5c1750aab7489f287c98bae25f5afff0ed16ce8
30fb02ff951a4220268d02c95e2dbd16adfad28b179a89e9643d75ade8809aaf
GET /AdServer/js/pwt/155495/4202/pwt.js HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Wed, 27 Oct 2021 05:33:12 GMT
server: Apache
etag: "1241a12-3fca8-5cf4eee137dd8"
unused62: 8096267
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type: text/javascript
content-length: 80538
cache-control: max-age=36496
expires: Thu, 05 Jan 2023 08:11:54 GMT
date: Wed, 04 Jan 2023 22:03:38 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 100 kB IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7918fe8b42d13d2d3641661c582903e0
8f5ef515acf57181abeb69da462e7d322f42bca8
43a5d1d7f0805f3df660fb86ccf45d68a0fb0c93bfd72f9a52cfabcdf86428e3
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "5AA2D8301BF6B4FAA72DBCCE3DCE7F2864518BAAFAB75CCE56D5874F7353A2C2"
Last-Modified: Tue, 03 Jan 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3055
Expires: Wed, 04 Jan 2023 22:54:33 GMT
Date: Wed, 04 Jan 2023 22:03:38 GMT
Connection: keep-alive
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
151.101.65.229200 OK 9.2 kB URL HTTP/2 cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
IP 151.101.65.229:0
File type ASCII text, with very long lines (27677)
Hash be67ba0617660113c8b105b9318d8184
25c33a00dfefa7ba1823017dc3e9c63a17d53459
7a80c6ef8f369f3115b83e5f88aa88e730450fed06466c418a98a5fe2a9988f6
GET /npm/prebid-universal-creative@latest/dist/creative.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.14.2
x-jsd-version-type: version
etag: W/"6c5a-5kbBcMwAuv899TsKizV+K03Rtig"
content-encoding: gzip
accept-ranges: bytes
date: Wed, 04 Jan 2023 22:03:38 GMT
age: 13152
x-served-by: cache-fra-eddf8230118-FRA, cache-bma1622-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 9244
X-Firefox-Spdy: h2
ouo.press/favicon.ico
104.22.58.251200 OK 0 B IP 104.22.58.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/SDEj74
Cookie: ouoio_session=eyJpdiI6IjZZUDJmR1FmWTlHa0tOOVZicVVGRmV6aEZJTThEUlFFS2xuQSt6SDZMU009IiwidmFsdWUiOiJUMTJXQzA0UGtZejM1bUxKaUlpWkhaanpyMERBSll2OFBQVGtRSkFIWndUUUFja1pEcktpWGg2WWtXU0NsNmIzWkJmUTNOM202TGtZNUJSQUxzb1lrdz09IiwibWFjIjoiMGFlYTI4ODcxM2JhOTM0MDI0MmJjNDk0YTBmNzM4YjE3NzMzYzYxM2FlOTViMTc5ZDBlMGI3Zjg1M2Q3M2ZhMSJ9; language=eyJpdiI6Ik13Z3YrQjlQUGhzNkdyTVdqTlJweWdXS3hoVjNtWjluWGk5QWFxTUZkNzg9IiwidmFsdWUiOiJJZ2t3MkM0QzB5ZmlDcVVmaWkzaTE1T2VXTTd5QWhwRFdGV21NU2tjYUx3PSIsIm1hYyI6ImVjODlmNzg2ZDlkODhmOTg3ZjEzMTM0ZGFkODM1OWRkNGMwZTg1YjNmNzkyMTZiMmZiZTRmYzUwOTZkOGExOGUifQ%3D%3D; 4c9d1dacf18bc9f1f61d04c112e2beb3688c6663=eyJpdiI6InRjSFFkT2d6ZnVvSE9GRkJ6bHVjMzNsSFF1ME9HT3RhdGNBSzdzNzVUaWM9IiwidmFsdWUiOiJjTkVVSG9MMTVzXC85M0FNaWxvUGFcLytyZnhaQnZORzZYdlYyalFKdHZrZWNaWUZcL1pha0FJV05aMnVjU3owd1JCNEVxak1YWmFrMlM4MEFtcEE3blk3VU5pZ0thV1JLN2hcL0dOQ09PXC85eG5zVGN0N1FtbUpxdkhUZUF0em1oU01kV2EzajlzUk5IWHRSak90M1wvTTBlempQdm1uU1VUaXJLdkRxekh6RlhvekNaVzlqdWNsenNyRGZKdlVlNW1rZVwvbW9QRFh5TTZScEdTTElyd0VGZDAwY2gxMlwvNW12b2ZBbEgycm5IMDk1K0NYMjFxYTF5bkRzcnpzblYxRjYxRnNyUUNlRkN4VTRXNDZyR1BrZnZTZGxaaGQzbWtGVTgzMU9UU2J3T3FiakNUekRcL1dQTlVta3B3ZmNKTkVZMUlDeTVUdEhERzdMdGZHZ2JNeXlqXC96WXg3WHNhOURqeFdNRlk0UVczOTNEbWRpQ0E3bUo4YXllY1ppckNOVEZrWWMwIiwibWFjIjoiMWVhNzE4OGQxNDY4OTEzMWVlN2Y4MGI2ZDEyMzRkMTNiOTYzZTRmMmFmYmQ3YTYxZWY5NzRhOWM1YTI0YzU1NCJ9; __cf_bm=3RddPTm_I.PvORkkp7Wdpt5u_jmZn_lwVZ7uDAhBu0M-1672869817-0-AYRsqtFReibbYV7SF7qCDYo8naCYfGN3UMNxSNX8BT5hFCT9HqiAWjzDOvUmHoBqbb/P6J40UhM/WEH9cHaqDc8=; _pbjs_userid_consent_data=3524755945110770; pbjs-pubCommonId=25742405-714c-49ae-b4be-4b4433d74475
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 04 Jan 2023 22:03:38 GMT
content-type: image/x-icon
content-length: 0
last-modified: Sat, 14 Feb 2015 06:41:24 GMT
etag: "54deee14-0"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=86400
cf-cache-status: HIT
age: 2702
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 784743eee90cb4ee-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash a430d46fb27196c8b03f382c1bafbb23
0b31940d1067eb87c24c6d356689d7f9f90231a6
3e9cd331b1c2c1eca94ff12ec1b685e1c1c1909e30e8b3cf4493dc6eac786df8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 22:03:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ouo.press/css/link-safe.css
104.22.58.251200 OK 5.1 kB URL HTTP/2 ouo.press/css/link-safe.css
IP 104.22.58.251:0
Hash 7c75c1ed10e45daa9f4e15bd7176987d
4ce41ea42f2ae48b2a5573a57882772898c803ea
9cad7dcd48de2789d9954c924ed0b96ba706b81832407791a34fff2d2c0d4b9f
GET /css/link-safe.css HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/SDEj74
Cookie: ouoio_session=eyJpdiI6IjZZUDJmR1FmWTlHa0tOOVZicVVGRmV6aEZJTThEUlFFS2xuQSt6SDZMU009IiwidmFsdWUiOiJUMTJXQzA0UGtZejM1bUxKaUlpWkhaanpyMERBSll2OFBQVGtRSkFIWndUUUFja1pEcktpWGg2WWtXU0NsNmIzWkJmUTNOM202TGtZNUJSQUxzb1lrdz09IiwibWFjIjoiMGFlYTI4ODcxM2JhOTM0MDI0MmJjNDk0YTBmNzM4YjE3NzMzYzYxM2FlOTViMTc5ZDBlMGI3Zjg1M2Q3M2ZhMSJ9; language=eyJpdiI6Ik13Z3YrQjlQUGhzNkdyTVdqTlJweWdXS3hoVjNtWjluWGk5QWFxTUZkNzg9IiwidmFsdWUiOiJJZ2t3MkM0QzB5ZmlDcVVmaWkzaTE1T2VXTTd5QWhwRFdGV21NU2tjYUx3PSIsIm1hYyI6ImVjODlmNzg2ZDlkODhmOTg3ZjEzMTM0ZGFkODM1OWRkNGMwZTg1YjNmNzkyMTZiMmZiZTRmYzUwOTZkOGExOGUifQ%3D%3D; 4c9d1dacf18bc9f1f61d04c112e2beb3688c6663=eyJpdiI6InRjSFFkT2d6ZnVvSE9GRkJ6bHVjMzNsSFF1ME9HT3RhdGNBSzdzNzVUaWM9IiwidmFsdWUiOiJjTkVVSG9MMTVzXC85M0FNaWxvUGFcLytyZnhaQnZORzZYdlYyalFKdHZrZWNaWUZcL1pha0FJV05aMnVjU3owd1JCNEVxak1YWmFrMlM4MEFtcEE3blk3VU5pZ0thV1JLN2hcL0dOQ09PXC85eG5zVGN0N1FtbUpxdkhUZUF0em1oU01kV2EzajlzUk5IWHRSak90M1wvTTBlempQdm1uU1VUaXJLdkRxekh6RlhvekNaVzlqdWNsenNyRGZKdlVlNW1rZVwvbW9QRFh5TTZScEdTTElyd0VGZDAwY2gxMlwvNW12b2ZBbEgycm5IMDk1K0NYMjFxYTF5bkRzcnpzblYxRjYxRnNyUUNlRkN4VTRXNDZyR1BrZnZTZGxaaGQzbWtGVTgzMU9UU2J3T3FiakNUekRcL1dQTlVta3B3ZmNKTkVZMUlDeTVUdEhERzdMdGZHZ2JNeXlqXC96WXg3WHNhOURqeFdNRlk0UVczOTNEbWRpQ0E3bUo4YXllY1ppckNOVEZrWWMwIiwibWFjIjoiMWVhNzE4OGQxNDY4OTEzMWVlN2Y4MGI2ZDEyMzRkMTNiOTYzZTRmMmFmYmQ3YTYxZWY5NzRhOWM1YTI0YzU1NCJ9; __cf_bm=3RddPTm_I.PvORkkp7Wdpt5u_jmZn_lwVZ7uDAhBu0M-1672869817-0-AYRsqtFReibbYV7SF7qCDYo8naCYfGN3UMNxSNX8BT5hFCT9HqiAWjzDOvUmHoBqbb/P6J40UhM/WEH9cHaqDc8=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 04 Jan 2023 22:03:37 GMT
content-type: text/css
cache-control: max-age=86400
cf-bgj: minify
cf-polished: status=cannot_optimize
etag: W/"5d951ace-1830"
expires: Thu, 05 Jan 2023 10:03:37 GMT
last-modified: Wed, 02 Oct 2019 21:46:54 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: REVALIDATED
vary: Accept-Encoding
server: cloudflare
cf-ray: 784743e68d14b4ee-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__en.js
142.250.74.35200 OK 165 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__en.js
IP 142.250.74.35:0
File type ASCII text, with very long lines (658)
Size 165 kB (164706 bytes)
Hash 0b7fccb24ee065a01fdde10928c03c3f
9b198014f81844820588c202cc24bf5e03bf3dd7
68756de8f0d6742525ddaca56ab350e34d822777e86939fea27eb704ae013280
GET /recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 164706
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 31 Dec 2022 02:17:53 GMT
expires: Sun, 31 Dec 2023 02:17:53 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
content-type: text/javascript
age: 416745
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
widgets.outbrain.com/images/widgetIcons/achoice.svg
2.18.173.74200 OK 990 B URL HTTP/2 widgets.outbrain.com/images/widgetIcons/achoice.svg
IP 2.18.173.74:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (990), with no line terminators
Hash 5ab8e16b5f46213840bcd403e349419c
f03f6dc8e2206a94119af76f9a3b3c835390cae7
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034
GET /images/widgetIcons/achoice.svg HTTP/1.1
Host: widgets.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/svg+xml
etag: "5ab8e16b5f46213840bcd403e349419c:1672826763.85842"
last-modified: Wed, 04 Jan 2023 07:24:28 GMT
server: AkamaiNetStorage
content-length: 990
cache-control: max-age=2592000
expires: Fri, 03 Feb 2023 22:03:38 GMT
date: Wed, 04 Jan 2023 22:03:38 GMT
timing-allow-origin: *, *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=GTM-NPLC9ST
172.217.21.168200 OK 47 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=GTM-NPLC9ST
IP 172.217.21.168:0
File type ASCII text, with very long lines (1921)
Hash 7487b0ecd186d3cd562141c806708564
eae00e24e3d051a1dcccf6fb7e59f34fd4008a0d
32a7b454e57c73ded32dbf3576e7b9e2674742ad0e908274d00172b406756077
GET /gtag/js?id=GTM-NPLC9ST HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.adtrue.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 04 Jan 2023 22:03:38 GMT
expires: Wed, 04 Jan 2023 22:03:38 GMT
cache-control: private, max-age=900
last-modified: Wed, 04 Jan 2023 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 46924
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 92357d63d172ddac3b4341e536885dba
bb5770adf7572e5f5fa345953c0607369e5c052a
9848eace86165d41d0c96e4317cc208d0b88d381de97caa0aee74398014408a6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4661
Cache-Control: max-age=140953
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 22:03:38 GMT
Etag: "63b5691e-13a"
Expires: Fri, 06 Jan 2023 13:12:51 GMT
Last-Modified: Wed, 04 Jan 2023 11:55:10 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 314
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 229b5d490cc831bc64606e58940d3c7e
28d120b40eeaca79d98bd619756b11c349b6f0bc
f2f2c2c36d50d54d6aed0bda750cd98711686333eaef793d16d0e7f354eba219
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 22:03:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 872ad13c3966689cbd481bebca0b21f8
2a052c414b68b9e71b00fa3903995e8bdd22a81c
bd2222d291deec7ba01875b7ddfd0d27de71e68fc600057fb3d1fa9394aa46fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD2222D291DEEC7BA01875B7DDFD0D27DE71E68FC600057FB3D1FA9394AA46FA"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10859
Expires: Thu, 05 Jan 2023 01:04:37 GMT
Date: Wed, 04 Jan 2023 22:03:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 872ad13c3966689cbd481bebca0b21f8
2a052c414b68b9e71b00fa3903995e8bdd22a81c
bd2222d291deec7ba01875b7ddfd0d27de71e68fc600057fb3d1fa9394aa46fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD2222D291DEEC7BA01875B7DDFD0D27DE71E68FC600057FB3D1FA9394AA46FA"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10859
Expires: Thu, 05 Jan 2023 01:04:37 GMT
Date: Wed, 04 Jan 2023 22:03:38 GMT
Connection: keep-alive
www.googletagmanager.com/gtag/js?id=G-0DTZ6LRDBJ&l=dataLayer&cx=c
172.217.21.168200 OK 76 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-0DTZ6LRDBJ&l=dataLayer&cx=c
IP 172.217.21.168:0
File type ASCII text, with very long lines (20080)
Hash 8a9955a8eea66bcf069edd52232b65b9
01bd28d08bac5dde092eb8c729b08381b6d64072
e23f03ecd78448a27a7e41ad35d7e9ad6fdbb8cb1e8c96aaad18882f5e28df3a
GET /gtag/js?id=G-0DTZ6LRDBJ&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.adtrue.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 04 Jan 2023 22:03:38 GMT
expires: Wed, 04 Jan 2023 22:03:38 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 76281
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 872ad13c3966689cbd481bebca0b21f8
2a052c414b68b9e71b00fa3903995e8bdd22a81c
bd2222d291deec7ba01875b7ddfd0d27de71e68fc600057fb3d1fa9394aa46fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD2222D291DEEC7BA01875B7DDFD0D27DE71E68FC600057FB3D1FA9394AA46FA"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10859
Expires: Thu, 05 Jan 2023 01:04:37 GMT
Date: Wed, 04 Jan 2023 22:03:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 872ad13c3966689cbd481bebca0b21f8
2a052c414b68b9e71b00fa3903995e8bdd22a81c
bd2222d291deec7ba01875b7ddfd0d27de71e68fc600057fb3d1fa9394aa46fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD2222D291DEEC7BA01875B7DDFD0D27DE71E68FC600057FB3D1FA9394AA46FA"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10859
Expires: Thu, 05 Jan 2023 01:04:37 GMT
Date: Wed, 04 Jan 2023 22:03:38 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash a430d46fb27196c8b03f382c1bafbb23
0b31940d1067eb87c24c6d356689d7f9f90231a6
3e9cd331b1c2c1eca94ff12ec1b685e1c1c1909e30e8b3cf4493dc6eac786df8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 22:03:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
216.58.207.230200 OK 104 B URL HTTP/2 ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
IP 216.58.207.230:0
File type MS Windows icon resource - 2 icons, 16x16, 16 colors, 32x32, 16 colors\012- data
Hash 32ac8a9b81788b981a3a7e13c14082d4
fbfd48a2bfe8d4247a975176f88d18c3c2ad1952
00cc7617e054596ff0aaabd8a93a9214dc5304bfe317316022dbf4fb3ea073d2
GET /favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250 HTTP/1.1
Host: ad.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 104
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Wed, 04 Jan 2023 07:57:02 GMT
expires: Thu, 05 Jan 2023 07:57:02 GMT
cache-control: public, max-age=86400
age: 50796
last-modified: Tue, 08 May 2012 13:08:06 GMT
content-type: image/x-icon
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8476606b-7383-49cb-8c93-76705bedbbb8.webp
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8476606b-7383-49cb-8c93-76705bedbbb8.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0f7ef195ef59caf6b47f13ceae04987f
dbff30aac035b502e27a3a538dbdfd475d3fc1d4
b31c198d6b76827201a870da6f9fe9b28c2cffe0d3f7f3d8e0530223ea8fc9d9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8476606b-7383-49cb-8c93-76705bedbbb8.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8148
x-amzn-requestid: 7712cf7e-ea08-47da-876a-ba70c723b68b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eL33cHXsIAMFhhw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b4a02f-3c965abb517a33ce31cbdf4c;Sampled=0
x-amzn-remapped-date: Tue, 03 Jan 2023 21:37:51 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: uewfbP4HGaxKGJvwzflOdcSEMBOoZGcED7HAVL1ohRso3plRPSJjjg==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Wed, 04 Jan 2023 21:50:18 GMT
age: 800
etag: "dbff30aac035b502e27a3a538dbdfd475d3fc1d4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b11930d-f72d-464d-8f7d-bbd0bb247c74.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b11930d-f72d-464d-8f7d-bbd0bb247c74.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 235b1a6e2b61b3068bf7a8e7a2607634
0df6f090574996e472064765c6f27b6b8e012414
6e6061581018dc0ec494631e7861cf2e44f82ac94d1b0056679555ff6dae5f8e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b11930d-f72d-464d-8f7d-bbd0bb247c74.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13546
x-amzn-requestid: 6758cca7-bc06-43dd-8545-3e05aa760218
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eL3p7GYjIAMFw7A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b49fd8-038317190f3df26f13c9d961;Sampled=0
x-amzn-remapped-date: Tue, 03 Jan 2023 21:36:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: bd9lXnkYfZ28KrtDdZfx0VFZtXhau4MXsyxh1gyirwjurN6NEQ7psQ==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Wed, 04 Jan 2023 21:54:34 GMT
age: 544
etag: "0df6f090574996e472064765c6f27b6b8e012414"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ff2360c-5204-4d20-b397-821a4c4421e7.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ff2360c-5204-4d20-b397-821a4c4421e7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 359f30e64bec00d0a01acd69a08b684d
ac965c8642c4d1e47713965060fa2fc8f19088b1
fff1b001462468cc953092a2312650c03f307e95c40e2c6bb7356e2a8b9b0283
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ff2360c-5204-4d20-b397-821a4c4421e7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11877
x-amzn-requestid: 884b9243-6a8a-4434-9b2a-e5eff84d4e99
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eL33bFnDoAMFpoQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b4a02f-3f7043ae29d21e010ddc1ff9;Sampled=0
x-amzn-remapped-date: Tue, 03 Jan 2023 21:37:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WcUVY1LHWCEWWyJZEhS8M5tlXhx5WDnIr9RmxLMvqIilnREfwORJew==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Tue, 03 Jan 2023 22:12:53 GMT
age: 85845
etag: "ac965c8642c4d1e47713965060fa2fc8f19088b1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b91127ebcfb9d242139f2861b8019767
b4200d0f2c2509ae8f50596d44e771a49176fdbf
f18956a7d3ac6e28f72fcab1bcfbd69e8faa7fbbe30896c0d334eed8af77f7e7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3362
Cache-Control: max-age=131334
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 22:03:38 GMT
Etag: "63b5489e-1d7"
Expires: Fri, 06 Jan 2023 10:32:32 GMT
Last-Modified: Wed, 04 Jan 2023 09:36:30 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F625ac435-5ac8-46ca-9178-7aa9cb621f60.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F625ac435-5ac8-46ca-9178-7aa9cb621f60.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c820340d5ed98c9573754e3a749bf40c
09d31b45d4cc16c4d321e616e5445d9ba921a1ba
2a69c58358ae763ddef6603f783d7d25c465ff4d3777e6bd540c1b673381813a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F625ac435-5ac8-46ca-9178-7aa9cb621f60.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8307
x-amzn-requestid: 37c27710-0d63-49f5-b929-87fa6fc9d654
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eKbG0GL1oAMFZCg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b40bc5-2a3a53235b7c4f9c21dcb51e;Sampled=0
x-amzn-remapped-date: Tue, 03 Jan 2023 11:04:37 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: SEpv7jTgKBOEfRLOfLuDOmiadNqYRsIFfVthmVndwcA55BGXLYTV5Q==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 04 Jan 2023 03:33:07 GMT
age: 66631
etag: "09d31b45d4cc16c4d321e616e5445d9ba921a1ba"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc03ececd-3935-4a1b-ae41-45a5aea9ebe3.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc03ececd-3935-4a1b-ae41-45a5aea9ebe3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash af78916e285d0f6c5c5a5ff33894e108
96df0d8c10c666811cfeb98187ca93e65480c2ff
7bcb20dc641e46d033dee76b3d92b701b31aecfbf88241a5a95dfdc1c5e95885
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc03ececd-3935-4a1b-ae41-45a5aea9ebe3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5018
x-amzn-requestid: 7a68cfb1-dedd-4f08-8d99-4678c1087422
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eL3HtFHkoAMFwYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b49efd-7880e5f93c99cc794f9a03bb;Sampled=0
x-amzn-remapped-date: Tue, 03 Jan 2023 21:32:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: MvV5dXthUr0Qo499_5eG6Z_yW0gmflen3kRBrse7ngQjUgOVA0OMvg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 04 Jan 2023 21:50:49 GMT
age: 769
etag: "96df0d8c10c666811cfeb98187ca93e65480c2ff"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7367913c-a0ac-494d-9929-dad9f308a082.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7367913c-a0ac-494d-9929-dad9f308a082.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 366b35900303af09c9dd28131a105a66
34b2acc4195a5e36f0acbd10669219c7ef14a5fa
5b7c3e9920d5058a2342a3e85e3046de75c3f8ff88bc55099f5cfc3ad5041b69
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7367913c-a0ac-494d-9929-dad9f308a082.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7126
x-amzn-requestid: 48f19ee3-5b35-438b-b088-91297ef2c816
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eMUhEG5wIAMFu5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b4ce06-08436eaf7f54288c4a258770;Sampled=0
x-amzn-remapped-date: Wed, 04 Jan 2023 00:53:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Z3YUeSR6ZBHfxf2lswIkBhlBSdSuwLkDx60bSkYA2MVUqnsvUHkfkg==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Wed, 04 Jan 2023 05:08:25 GMT
age: 60913
etag: "34b2acc4195a5e36f0acbd10669219c7ef14a5fa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 53b3a133b4690e68b6fa1e1d26a87947
63dc143f931d20402984e9d022db7afb23863f43
9ebe0f18724c57504af17e63de3867239ad9f61f242f73950489c80d97a2a325
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4112
Cache-Control: max-age=151180
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 22:03:38 GMT
Etag: "63b59336-1d7"
Expires: Fri, 06 Jan 2023 16:03:18 GMT
Last-Modified: Wed, 04 Jan 2023 14:54:46 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
bidder.criteo.com/cdb?profileId=207&av=34&wv=7.12.0-pre&cb=45158524351&lsavail=0
178.250.2.131204 No Content 0 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=7.12.0-pre&cb=45158524351&lsavail=0
IP 178.250.2.131:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdb?profileId=207&av=34&wv=7.12.0-pre&cb=45158524351&lsavail=0 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 406
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Wed, 04 Jan 2023 22:03:38 GMT
vary: Origin
server: Finatra
timing-allow-origin: *
access-control-allow-origin: https://ouo.press
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.14200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.14:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.adtrue.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Wed, 04 Jan 2023 21:34:02 GMT
expires: Wed, 04 Jan 2023 23:34:02 GMT
cache-control: public, max-age=7200
age: 1776
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 229b5d490cc831bc64606e58940d3c7e
28d120b40eeaca79d98bd619756b11c349b6f0bc
f2f2c2c36d50d54d6aed0bda750cd98711686333eaef793d16d0e7f354eba219
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 22:03:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fptadtrue-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fouo.press%2FSDEj74&ch=UTF-8&res=1280x1024x24&ifr=true&tz=0&tws=1280x939&be=1&bc=hb_pb_3.0.3&dddid=ed66c479-f9ca-4c59-b47c-e829afc00371&nocache=1672869808942&aus=300x250&divids=adtrue_ads_12953_fxxo2llsfzcdp8fr163&aucs=adtrue_ads_12953_fxxo2llsfzcdp8fr163&auid=558223497&aumfs=100
34.98.64.218200 OK 79 B URL HTTP/2 fptadtrue-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fouo.press%2FSDEj74&ch=UTF-8&res=1280x1024x24&ifr=true&tz=0&tws=1280x939&be=1&bc=hb_pb_3.0.3&dddid=ed66c479-f9ca-4c59-b47c-e829afc00371&nocache=1672869808942&aus=300x250&divids=adtrue_ads_12953_fxxo2llsfzcdp8fr163&aucs=adtrue_ads_12953_fxxo2llsfzcdp8fr163&auid=558223497&aumfs=100
IP 34.98.64.218:0
File type JSON data\012- , ASCII text
Hash 77b2aae867bf80e98ce3cf94349ce769
71f358c6a05a1d67537f5d11a1502d6c8bb9fbbd
9553539c39c897dc86a24a7ac72e6204ad47cff5953fda914719f9a2e14d5367
GET /w/1.0/arj?ju=https%3A%2F%2Fouo.press%2FSDEj74&ch=UTF-8&res=1280x1024x24&ifr=true&tz=0&tws=1280x939&be=1&bc=hb_pb_3.0.3&dddid=ed66c479-f9ca-4c59-b47c-e829afc00371&nocache=1672869808942&aus=300x250&divids=adtrue_ads_12953_fxxo2llsfzcdp8fr163&aucs=adtrue_ads_12953_fxxo2llsfzcdp8fr163&auid=558223497&aumfs=100 HTTP/1.1
Host: fptadtrue-d.openx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept, Accept-Encoding
server: OXGW/0.0.0
pragma: no-cache
p3p: CP="CUR ADM OUR NOR STA NID"
expires: Mon, 26 Jul 1997 05:00:00 GMT
date: Wed, 04 Jan 2023 22:03:38 GMT
content-type: application/json
content-length: 79
content-encoding: gzip
cache-control: private, max-age=0, no-cache
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
bidder.criteo.com/cdb?profileId=207&av=34&wv=6.2.0&cb=34583183595
178.250.2.131200 OK 44 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=6.2.0&cb=34583183595
IP 178.250.2.131:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5f1dcf53824ce88cdb7941d34db3f19d
4164a13e3f53e1f002606a807d64a92620720fb0
3a803b7520764b5266cfac90aa9f9b2ff931109f489d9a1deb24aa686c239a74
POST /cdb?profileId=207&av=34&wv=6.2.0&cb=34583183595 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 487
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 04 Jan 2023 22:03:38 GMT
vary: Origin
server: Finatra
content-type: application/json; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: https://ouo.press
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-encoding: gzip
content-length: 44
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 53b3a133b4690e68b6fa1e1d26a87947
63dc143f931d20402984e9d022db7afb23863f43
9ebe0f18724c57504af17e63de3867239ad9f61f242f73950489c80d97a2a325
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5012
Cache-Control: max-age=152079
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 22:03:39 GMT
Etag: "63b59336-1d7"
Expires: Fri, 06 Jan 2023 16:18:18 GMT
Last-Modified: Wed, 04 Jan 2023 14:54:46 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
hbopenbid.pubmatic.com/translator?source=prebid-client
185.64.189.112204 No Content 0 B URL HTTP/2 hbopenbid.pubmatic.com/translator?source=prebid-client
IP 185.64.189.112:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /translator?source=prebid-client HTTP/1.1
Host: hbopenbid.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 868
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://ouo.press
cache-control: no-cache, no-store, must-revalidate
date: Wed, 04 Jan 2023 22:03:38 GMT
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
185.83.142.19200 OK 139 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 185.83.142.19:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 4a23794881ceff4395835c48b5689cb0
3a1b855f1e34712dcd9a650d445dd34285b3641f
18628649ae04a4024ac2724f6fba665c8a475adcef8c865232ffb73f393612ac
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 682
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 04 Jan 2023 22:03:39 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 139
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://ouo.press
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 943c7cc3-79a2-4193-a027-96df665f483c
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f912ee4165d3a5120f9125d0c3d48513
39734d038a7990b35b5699d2a6754f3d9550c743
a35579c6f204715c3f05cd1e4e2e13f8f77e74fe88a1f0d175b722be5bbb7409
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3863
Cache-Control: max-age=101259
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 22:03:39 GMT
Etag: "63b4d12f-1d7"
Expires: Fri, 06 Jan 2023 02:11:18 GMT
Last-Modified: Wed, 04 Jan 2023 01:06:55 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
cdn.firstimpression.io/delivery/lg.php?bannerid=65637%7C65638%7C65639%7C83411%7C93863%7C100721&campaignid=18%7C15%7C9%7C44%7C43%7C22&zoneid=110459%7C110459%7C110459%7C110459%7C110459%7C110459
54.230.111.99200 OK 24 kB URL HTTP/2 cdn.firstimpression.io/delivery/lg.php?bannerid=65637%7C65638%7C65639%7C83411%7C93863%7C100721&campaignid=18%7C15%7C9%7C44%7C43%7C22&zoneid=110459%7C110459%7C110459%7C110459%7C110459%7C110459
IP 54.230.111.99:0
File type ASCII text, with very long lines (52914), with no line terminators
Hash 98d677fc63b04593149ff9909ffe6492
713dbe2ac439f66a3d0429707894c5ce63effb5a
949d45ddf888ac1364cd91cbb212728a064f240bdcec91618bfc6a18f7e38012
POST /delivery/lg.php?bannerid=65637%7C65638%7C65639%7C83411%7C93863%7C100721&campaignid=18%7C15%7C9%7C44%7C43%7C22&zoneid=110459%7C110459%7C110459%7C110459%7C110459%7C110459 HTTP/1.1
Host: cdn.firstimpression.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Cookie: OAID=GDPR
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
date: Wed, 04 Jan 2023 22:03:39 GMT
server: Apache/2.4.38 (Debian)
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
expires: 0
access-control-allow-origin: https://ouo.press
p3p: CP="CUR ADM OUR NOR STA NID"
vary: Accept-Encoding
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: dTkU3GBblIfPwWgqnVXLjtWWOe6fNvifKV5WQjA59xvCCrDd3XspiQ==
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
185.83.142.19200 OK 144 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 185.83.142.19:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 1c302a3f0569387b38ac6de9aabb7a92
e591a97b219e7eb3ca8564299e7461c1c976b4a7
ce86cdb9c2d53d5c70c3fd041906b0929d3b907a67afed306e68ec6918904c76
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 534
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 04 Jan 2023 22:03:39 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 144
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://ouo.press
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: dd2c658d-be10-4d37-b5a7-55417943bae9
Set-Cookie: icu=ChkItZqGARAKGAEgASgBMLvv150GOAFAAUgBELvv150GGAA.; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 04-Apr-2023 22:03:39 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=3270600684367208179; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 04-Apr-2023 22:03:39 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash ddaf22ee64c21b84ac23a414dcbbd95c
3ddd55e64ad3df0e60ed5f0d34aa3b46c23f4bf1
3c17a8689d6568bca44dbe5d22470b162e57c9a911f19fc85b677431b141f252
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 04 Jan 2023 22:03:39 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 04 Jan 2023 01:57:09 GMT
Expires: Wed, 11 Jan 2023 01:57:08 GMT
Etag: "3ddd55e64ad3df0e60ed5f0d34aa3b46c23f4bf1"
Cache-Control: max-age=531808,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 784743f13a1ab521-OSL
fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18438&site_id=202928&zone_id=1317174&size_id=2&rp_schain=1.0,1!firstimpression.io,7419,1,,,&rf=https%3A%2F%2Fouo.press%2FSDEj74&kw=ouo.press%2Cshortlinks%2Clinkshortener%2CfreeURLshortener&tg_i.ref=https%3A%2F%2Fouo.press%2FSDEj74&tg_i.page=https%3A%2F%2Fouo.press%2FSDEj74&tg_i.domain=ouo.press&tg_i.figroup=a9&tk_flint=pbjs_lite_v6.2.0&x_source.tid=0d67e1a3-525d-4f89-b2b3-cdfa9e81f77d&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8766527585061088
213.19.162.31200 OK 348 B URL HTTP/2 fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18438&site_id=202928&zone_id=1317174&size_id=2&rp_schain=1.0,1!firstimpression.io,7419,1,,,&rf=https%3A%2F%2Fouo.press%2FSDEj74&kw=ouo.press%2Cshortlinks%2Clinkshortener%2CfreeURLshortener&tg_i.ref=https%3A%2F%2Fouo.press%2FSDEj74&tg_i.page=https%3A%2F%2Fouo.press%2FSDEj74&tg_i.domain=ouo.press&tg_i.figroup=a9&tk_flint=pbjs_lite_v6.2.0&x_source.tid=0d67e1a3-525d-4f89-b2b3-cdfa9e81f77d&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8766527585061088
IP 213.19.162.31:0
File type JSON data\012- , ASCII text, with very long lines (348), with no line terminators
Hash 9ab8c0a663fa5826ccc40a149a58efdd
e36c5c044da30ba4c8badcd2e1fd28b0c4297774
3beba2cb287196ba8918225be2e8a70549a5b70cae94201c25a0c77c5fb6a8c1
GET /a/api/fastlane.json?account_id=18438&site_id=202928&zone_id=1317174&size_id=2&rp_schain=1.0,1!firstimpression.io,7419,1,,,&rf=https%3A%2F%2Fouo.press%2FSDEj74&kw=ouo.press%2Cshortlinks%2Clinkshortener%2CfreeURLshortener&tg_i.ref=https%3A%2F%2Fouo.press%2FSDEj74&tg_i.page=https%3A%2F%2Fouo.press%2FSDEj74&tg_i.domain=ouo.press&tg_i.figroup=a9&tk_flint=pbjs_lite_v6.2.0&x_source.tid=0d67e1a3-525d-4f89-b2b3-cdfa9e81f77d&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8766527585061088 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.21.4
date: Wed, 04 Jan 2023 22:03:39 GMT
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://ouo.press
pragma: no-cache
vary: Accept-Encoding
set-cookie: khaos=LCI7HXI0-Z-DP1G; Domain=.rubiconproject.com; Path=/; Expires=Thu, 04-Jan-2024 22:03:39 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|naVuGyos1qqsrAgRctYVR+9DtVM30fCgZvcVxxp7UINSRkhbEtopr5ZjSCqH74hcJhsHlJbldDdJwe9iGXKQTKZr5ZVxLWDe; Domain=.rubiconproject.com; Path=/; Expires=Thu, 04-Jan-2024 22:03:39 GMT; Max-Age=31536000; SameSite=None; Secure
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 348
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
185.83.142.19200 OK 144 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 185.83.142.19:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 65f4721a516a8bbb01cb4f589f2fd2ec
416229c0b02df3dd9c31656bbb218a3d73b510d0
f5b1139fe07680adb531c24df9e019eb1f9a06c47afff0383596b3a759fe7ab2
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 561
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 04 Jan 2023 22:03:39 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 144
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://ouo.press
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 43fb7b1d-48f7-4a90-88c3-2453a3e4c260
Set-Cookie: icu=ChgIw6tREAoYASABKAEwu-_XnQY4AUABSAEQu-_XnQYYAA..; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 04-Apr-2023 22:03:39 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=6097446274064533505; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 04-Apr-2023 22:03:39 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
tag.1rx.io/rmp/212927/0/mvo?z=1r&hbv=6.2,2.1
213.19.147.43204 No Content 0 B URL HTTP/2 tag.1rx.io/rmp/212927/0/mvo?z=1r&hbv=6.2,2.1
IP 213.19.147.43:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /rmp/212927/0/mvo?z=1r&hbv=6.2,2.1 HTTP/1.1
Host: tag.1rx.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 617
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Wed, 04 Jan 2023 22:03:39 GMT
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
pragma: no-cache
cache-control: private, max-age=0, no-cache, no-store
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 479 B IP 93.184.220.29:0
Hash 80b878ada3fd67d5c1ab256ddad43f3e
9aaf3092b0e598dfb63e29f5b004daeb99af6155
4bd5e2bbd45a275f597f8cb9fdb2e82e4fde564ad27326208e942d9ed468cff2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4497
Cache-Control: max-age=115553
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 22:03:39 GMT
Etag: "63b5068b-117"
Expires: Fri, 06 Jan 2023 06:09:32 GMT
Last-Modified: Wed, 04 Jan 2023 04:54:35 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 279
c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fouo.press&pubid=4cd01fd0-0780-4b33-a4da-c39467660185
18.172.255.23204 No Content 0 B URL HTTP/2 c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fouo.press&pubid=4cd01fd0-0780-4b33-a4da-c39467660185
IP 18.172.255.23:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cdn/prod/config?src=600&u=https%3A%2F%2Fouo.press&pubid=4cd01fd0-0780-4b33-a4da-c39467660185 HTTP/1.1
Host: c.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
cache-control: max-age=21550, s-maxage=21600
date: Wed, 04 Jan 2023 19:46:59 GMT
server: Server
x-cache: Hit from cloudfront
via: 1.1 74b9d3168ead0de51d41113665a53160.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-P1
x-amz-cf-id: F2MlB-XEPwbN2qsKDhKDSKUKBUc98qGmH4hpBUG9R8ftifAR_B0FZA==
age: 8199
X-Firefox-Spdy: h2
aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fouo.press%2FSDEj74&pid=U102RAgzLxEdJ&cb=0&ws=728x90&v=22.1213.2134&t=2000&slots=%5B%7B%22sd%22%3A%2293863%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%5D&schain=1.0%2C1!firstimpression.io%2C7419%2C1%2C%2C%2C&pubid=4cd01fd0-0780-4b33-a4da-c39467660185&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
143.204.52.189200 OK 154 B URL HTTP/2 aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fouo.press%2FSDEj74&pid=U102RAgzLxEdJ&cb=0&ws=728x90&v=22.1213.2134&t=2000&slots=%5B%7B%22sd%22%3A%2293863%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%5D&schain=1.0%2C1!firstimpression.io%2C7419%2C1%2C%2C%2C&pubid=4cd01fd0-0780-4b33-a4da-c39467660185&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
IP 143.204.52.189:0
File type ASCII text, with no line terminators
Hash bb7b4ee21d41485b3c8d171a7bf8b853
04fdbd451ad2cf3aceb697a99ea093fa4c7b4522
5b74ca7f2f7320a7821eedeecfc6bc9cf4c5b0364ae656e62b66657c227aae7e
GET /e/dtb/bid?src=600&u=https%3A%2F%2Fouo.press%2FSDEj74&pid=U102RAgzLxEdJ&cb=0&ws=728x90&v=22.1213.2134&t=2000&slots=%5B%7B%22sd%22%3A%2293863%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%5D&schain=1.0%2C1!firstimpression.io%2C7419%2C1%2C%2C%2C&pubid=4cd01fd0-0780-4b33-a4da-c39467660185&gdprl=%7B%22status%22%3A%22no-cmp%22%7D HTTP/1.1
Host: aax-dtb-cf.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
content-length: 154
server: Server
date: Wed, 04 Jan 2023 22:03:39 GMT
x-amz-rid: AKA9JESCCWJA1YH5YVM1
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
timing-allow-origin: *
strict-transport-security: max-age=47474747; includeSubDomains; preload
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: c9jd-hYuM-J4OgFNAIJ1pUNqYxGHf-Ij4Kp-3OFwz5IVj6hNXQeYBA==
X-Firefox-Spdy: h2
jsc.adskeeper.com/a/d/adtrue.ouo.press.991771.js
172.64.151.192200 OK 921 B URL HTTP/2 jsc.adskeeper.com/a/d/adtrue.ouo.press.991771.js
IP 172.64.151.192:0
File type ASCII text, with very long lines (2361)
Hash dc406d72b5d7cb505ff0f720a76f333c
e848a1e516384718b9319acc891ff2f7d5d707b6
e92fc567697445a7896a332abf07536107c7b96112d287748ef9234292c80c58
GET /a/d/adtrue.ouo.press.991771.js HTTP/1.1
Host: jsc.adskeeper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 04 Jan 2023 22:03:39 GMT
content-type: text/javascript
content-length: 921
x-amz-id-2: feXPNfpFaacSm8lt6RhzCbec1+gHhzZ+DriZQVNyKgZogPAFPtddKynKrrt3LGH5NtYxJR+TKjM=
x-amz-request-id: BSY1ZH442MF2G462
last-modified: Wed, 23 Nov 2022 08:34:07 GMT
etag: "dc406d72b5d7cb505ff0f720a76f333c"
content-encoding: gzip
x-amz-version-id: Nv3tnKsQJJFloLFD8ccmmePhVOX9ZV_J
cf-cache-status: HIT
expires: Thu, 05 Jan 2023 02:03:39 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 784743f2dc16b506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 5362edc4e62fb960e376a733fbec1195
0ba15d287679c63b3369e531d4fe9ffc538233ef
f770e44b705c081d79a4b28dfd8eead9626e36b930e13f0f5f4096cbbeffd97b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4497
Cache-Control: max-age=115553
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 22:03:39 GMT
Etag: "63b5068b-117"
Expires: Fri, 06 Jan 2023 06:09:32 GMT
Last-Modified: Wed, 04 Jan 2023 04:54:35 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash 7274192cb93af161af4b2329089f72ae
e9140482ac11d4a7532105fccec983fc6f82384a
8ade2b6f2eb2f14e151442671af69434465c09fed5aa4d56731ec9d11ada7fb4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3680
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 22:03:39 GMT
Last-Modified: Wed, 04 Jan 2023 21:02:19 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 312
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5c5ed52572d3b9fe172fd2f8d0874cd4
dccb2470f5a98f377b3c383eb478dc1cc4b20fa6
71a7d1fa34ca82c4b4c704c23b6f330595787f1081c2fd9d86bc17a6fc3099d9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "71A7D1FA34CA82C4B4C704C23B6F330595787F1081C2FD9D86BC17A6FC3099D9"
Last-Modified: Wed, 04 Jan 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2543
Expires: Wed, 04 Jan 2023 22:46:03 GMT
Date: Wed, 04 Jan 2023 22:03:40 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash e0867186ad963eac121e889062106ad5
c87daf95ffc0d81a9e40be2b000dd1519163252b
01580e78b606c7637e1e30b809296801f918a23e9b013467559aa35259edbcca
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3167
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 22:03:40 GMT
Last-Modified: Wed, 04 Jan 2023 21:10:54 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 312
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 4e1bfa4fc9adaacc3d29967ddeccef70
85019396fff9cb8a1d8e01063a3a15f12c1592ad
5a7d2f6d30e3bcaaa5b73d657f94049e4476cfaeafbad6c99d153b84fd0dc52d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4005
Cache-Control: max-age=146373
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 22:03:40 GMT
Etag: "63b580dc-139"
Expires: Fri, 06 Jan 2023 14:43:13 GMT
Last-Modified: Wed, 04 Jan 2023 13:36:28 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 313
dnacdn.net/dna
178.250.0.157200 OK 0 B IP 178.250.0.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 04 Jan 2023 22:03:40 GMT
server: Kestrel
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=iDOC_V80M0RITmhlJTJCZkMwOUJGQlhaMUN2czdyWGN5dGREN0ZHcVd4NGhMQ3hRSnk0TFJHY25xaUNCekpUajJvaEJIc3M; expires=Mon, 29 Jan 2024 22:03:40 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 492849
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
unseenreport.com/pxf.gif?uuid=65bd1af1-b6e5-4625-9614-65e6eaf5fba6&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=ed36014633829dc70a42dccaefdf3f11&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=22
192.243.59.13200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=65bd1af1-b6e5-4625-9614-65e6eaf5fba6&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=ed36014633829dc70a42dccaefdf3f11&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=22
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=65bd1af1-b6e5-4625-9614-65e6eaf5fba6&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=ed36014633829dc70a42dccaefdf3f11&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=22 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 04 Jan 2023 22:03:40 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7d45c22f82dad83ae4907e042db666b8
Strict-Transport-Security: max-age=0; includeSubdomains
dnacdn.net/dna
178.250.0.157200 OK 629 B IP 178.250.0.157:0
Hash cf0c8fb989c4590f56161330686df45c
d480b4fd9fc142bb278ab0cd68b77c1d55cfb833
399a607a2b5cc5d787670ea837b8c4c57c707c8091243608e916134117c18d50
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=iDOC_V80M0RITmhlJTJCZkMwOUJGQlhaMUN2czdyWGN5dGREN0ZHcVd4NGhMQ3hRSnk0TFJHY25xaUNCekpUajJvaEJIc3M
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 04 Jan 2023 22:03:39 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=Q26eYl80M0RITmhlJTJCZkMwOUJGQlhaMUN2czdyWGN5dGREN0ZHcVd4NGhMQ3hRSnhtZDFkcFM0UDhISDE0ZjhYMFo0alY; expires=Mon, 29 Jan 2024 22:03:40 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 282148
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
unpredictablehateagent.com/sbar.json?key=ed36014633829dc70a42dccaefdf3f11&uuid=65bd1af1-b6e5-4625-9614-65e6eaf5fba6%3A1%3A1
173.233.139.164200 OK 4.2 kB URL HTTP/1.1 unpredictablehateagent.com/sbar.json?key=ed36014633829dc70a42dccaefdf3f11&uuid=65bd1af1-b6e5-4625-9614-65e6eaf5fba6%3A1%3A1
IP 173.233.139.164:0
File type JSON data\012- , ASCII text, with very long lines (6101), with no line terminators
Hash 9ce7cd95cc8cc518c2c6664ee78aa7fe
9cdaa03ecdaca724b22afc32e08ba4167e23268f
39844c5acf9e6553614136d5812cb091d531a0354b4fe6763f3a0365fe80e1eb
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=ed36014633829dc70a42dccaefdf3f11&uuid=65bd1af1-b6e5-4625-9614-65e6eaf5fba6%3A1%3A1 HTTP/1.1
Host: unpredictablehateagent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 04 Jan 2023 22:03:40 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://ouo.press
Access-Control-Allow-Origin: https://ouo.press
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=15424691; expires=Thu, 05 Jan 2023 22:03:40 GMT; secure; SameSite=None
uid_id2=65bd1af1-b6e5-4625-9614-65e6eaf5fba6:1:1; expires=Wed, 11 Jan 2023 22:03:40 GMT; secure; SameSite=None
pdhtkv=true; expires=Thu, 05 Jan 2023 22:03:40 GMT; secure; SameSite=None
uncs=1; expires=Thu, 05 Jan 2023 22:03:40 GMT; secure; SameSite=None
pdhtkv29=true; expires=Thu, 05 Jan 2023 22:03:40 GMT; secure; SameSite=None
uncs29=1; expires=Thu, 05 Jan 2023 22:03:40 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d1d84ecfe517d7d252023e8b47aa514e
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
c.amazon-adsystem.com/aax2/apstag.js
18.172.255.23200 OK 104 kB URL HTTP/2 c.amazon-adsystem.com/aax2/apstag.js
IP 18.172.255.23:0
Size 104 kB (104427 bytes)
Hash e91fb7777740e609ec8110315d7b5886
b96b5610dd7cd0a99e527786630cfb8f92762b8d
47facdc92f533be8fa72f27797d0d726ee5cae2dad9f2557aded42292483262c
GET /aax2/apstag.js HTTP/1.1
Host: c.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Wed, 04 Jan 2023 21:05:35 GMT
last-modified: Thu, 22 Dec 2022 18:13:57 GMT
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600
server: AmazonS3
content-encoding: gzip
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront), 1.1 74b9d3168ead0de51d41113665a53160.cloudfront.net (CloudFront)
etag: W/"b2496fcafcf1daf6223aefe99a0cf048"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA6-C1, CPH50-P1
x-amz-cf-id: srpUXG2JTxwdMe5ZKaVGVWYBT39INXd5kG_htkhFJYOGlhhgv_3LhQ==
age: 3483
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 4f3ee704a5cd7a6e69c7fb5fbd7283a2
be50ef0da7999d632fc3d2218dfe612faa29dddc
8208ba6850f11d559d8616492481eafd0f05c39ebb4eb4379d2932ea27e49d43
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 04 Jan 2023 22:03:40 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 04 Jan 2023 13:42:55 GMT
Expires: Wed, 11 Jan 2023 13:42:54 GMT
Etag: "be50ef0da7999d632fc3d2218dfe612faa29dddc"
Cache-Control: max-age=574153,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 784743fbae3cb521-OSL
gem.gbc.criteo.com/newidsd
178.250.6.13200 OK 1.5 kB URL HTTP/2 gem.gbc.criteo.com/newidsd
IP 178.250.6.13:0
Hash ce20ddeb322de5b5272c097fad38f7bd
2066616a7f6c0ca4285f238f2af659d678451191
31faecf9ff768504460c46625c9a54610b0f0a6095c2adcb2413f73b841b11a6
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Wed, 04 Jan 2023 22:03:40 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 80782
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
id5-sync.com/g/v2/806.json
162.19.138.82200 216 B URL HTTP/1.1 id5-sync.com/g/v2/806.json
IP 162.19.138.82:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 7117ebb4538326d938e468f3e6f51b37
d001676fb9c9d6739fc3959ef1c6a686717e3091
7e1533743299e5770616036e5f1a2dc3a2cd915d6e2db4e50ed71d820ace6d4f
POST /g/v2/806.json HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 193
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Wed, 04 Jan 2023 22:03:40 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
api.rlcdn.com/api/identity/envelope?pid=1258
34.120.133.55401 Unauthorized 19 B URL HTTP/2 api.rlcdn.com/api/identity/envelope?pid=1258
IP 34.120.133.55:0
Hash 63dfbd2b39fe4f536a04e7b32ada47b4
207298c4a215ad5d97d888522927910ae772ba48
26e51290d12b4fea0bb98da3ed118837b744555ba723061771ab3df30000b6b7
GET /api/identity/envelope?pid=1258 HTTP/1.1
Host: api.rlcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 401 Unauthorized
content-type: text/plain; charset=utf-8
x-content-type-options: nosniff
date: Wed, 04 Jan 2023 22:03:40 GMT
content-length: 19
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
unpredictablehateagent.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSzWskVRfGb83H4n0HBMWNC7ERFwqmU9XdVUlPFoNxjATHJMyMBkSQ%2B1Wda27XLe6t6uqEWQQHZDZCu9Jl5elkwuggDuJOQSpuJKu0iyEL4x%2FgUtCtdKeh9cC955z7nMXvnHs%2B3c%2FPiY%2Bcnm28a3aV1nQ%2BrPu1VzdVIkzhamt3a4Ff95dqmyqJWku1%2FviyveuBH9b912pvS75t5ht%2B4PuBH9RWlJWx6c9PVKj0cTuot%2F16q1EPwhb69r%2B5yz046kH0zslzUGJ0deuXJ1C8QtL99qZ025lJX3%2Brm2uaGYueOHov2U5MkaA7C2PrIU6OptUwbkTIl5dgkqNpBzC9g3EHYGpEvKcBWHI0xQTrHV6QMg2ZgIlrKHoVpK6gaAVu7kOJUwJwgbV1JN2Ha8YWdOdCpWN1RK789SdUMSJXfnseSfebZa36tTtG55kyiUM%2FLqH6FVSnQpofI9v1oIpj8OwTKEGQdEsocfZKFDIR0DiYY5EM51pRI5xrR0FrLgplJGkcxoxGk9EoVUHFFbQcgDoP%2BfgoD3nsIU89dMVZjYbt2PcXYhY3m4stznmzyXm4GIlQNFuLsY%2Bcj9kHyNIBuB6A2z2kdg%2FbagCb%2FwS3VcIJDy4j6IkShSQoHEFBCQpFUGQERa88FNo1XPlQaJezYOobU98shybr7NNDk3VkQvbTc%2FLsZGB%2FfPgdtuVZTYpm5AetqNlcbLQFX%2FBpqyE4pzIWcTMOAjhVQrlLkzZ31ekzT5Gq0%2F%2BVYPQYTh%2BDq5dB8xdBi%2BFCwwfdGrYWfewmj0xu6qmVzkGYEml2FdmOt6%2FPyQsTgOvX6pD85MYXn63%2FviQ%2BALclUlviY%2FUzQUc%2FGN42BTm4bQpHnqynmeqqXTr%2BzTsZzeTlr96RO4WxYvWmGzx6g4%2BFcfj4rnTZLZoIlXQc%2BXpZCSHtirFckh9X3aZkG7nbWs5tkqe3Nt5cWe1OAJVJKlB1%2Bv49cDUi%2F7%2F30WRPX%2FIOoWwFm5fo5idkalCmAk%2F34NIZvTMEVs9qWOqhyMuhbbDZo1YEWs5yykq4f%2BVsFu%2B7B%2BhYDzS7P9nOni3R0yWoHsDll4dZak9u%2FNqcGJj2hkxb74Bpqz%2B%2FGK1TZzUZxn4s%2FYZkcZvFC9QX7bjVZrQdyAUW0gCZG%2FHv%2F%2F7hHwAAAP%2F%2FAQAA%2F%2F%2B2Rkl7fwQAAA%3D%3D
173.233.139.164200 OK 7 B URL HTTP/1.1 unpredictablehateagent.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSzWskVRfGb83H4n0HBMWNC7ERFwqmU9XdVUlPFoNxjATHJMyMBkSQ%2B1Wda27XLe6t6uqEWQQHZDZCu9Jl5elkwuggDuJOQSpuJKu0iyEL4x%2FgUtCtdKeh9cC955z7nMXvnHs%2B3c%2FPiY%2Bcnm28a3aV1nQ%2BrPu1VzdVIkzhamt3a4Ff95dqmyqJWku1%2FviyveuBH9b912pvS75t5ht%2B4PuBH9RWlJWx6c9PVKj0cTuot%2F16q1EPwhb69r%2B5yz046kH0zslzUGJ0deuXJ1C8QtL99qZ025lJX3%2Brm2uaGYueOHov2U5MkaA7C2PrIU6OptUwbkTIl5dgkqNpBzC9g3EHYGpEvKcBWHI0xQTrHV6QMg2ZgIlrKHoVpK6gaAVu7kOJUwJwgbV1JN2Ha8YWdOdCpWN1RK789SdUMSJXfnseSfebZa36tTtG55kyiUM%2FLqH6FVSnQpofI9v1oIpj8OwTKEGQdEsocfZKFDIR0DiYY5EM51pRI5xrR0FrLgplJGkcxoxGk9EoVUHFFbQcgDoP%2BfgoD3nsIU89dMVZjYbt2PcXYhY3m4stznmzyXm4GIlQNFuLsY%2Bcj9kHyNIBuB6A2z2kdg%2FbagCb%2FwS3VcIJDy4j6IkShSQoHEFBCQpFUGQERa88FNo1XPlQaJezYOobU98shybr7NNDk3VkQvbTc%2FLsZGB%2FfPgdtuVZTYpm5AetqNlcbLQFX%2FBpqyE4pzIWcTMOAjhVQrlLkzZ31ekzT5Gq0%2F%2BVYPQYTh%2BDq5dB8xdBi%2BFCwwfdGrYWfewmj0xu6qmVzkGYEml2FdmOt6%2FPyQsTgOvX6pD85MYXn63%2FviQ%2BALclUlviY%2FUzQUc%2FGN42BTm4bQpHnqynmeqqXTr%2BzTsZzeTlr96RO4WxYvWmGzx6g4%2BFcfj4rnTZLZoIlXQc%2BXpZCSHtirFckh9X3aZkG7nbWs5tkqe3Nt5cWe1OAJVJKlB1%2Bv49cDUi%2F7%2F30WRPX%2FIOoWwFm5fo5idkalCmAk%2F34NIZvTMEVs9qWOqhyMuhbbDZo1YEWs5yykq4f%2BVsFu%2B7B%2BhYDzS7P9nOni3R0yWoHsDll4dZak9u%2FNqcGJj2hkxb74Bpqz%2B%2FGK1TZzUZxn4s%2FYZkcZvFC9QX7bjVZrQdyAUW0gCZG%2FHv%2F%2F7hHwAAAP%2F%2FAQAA%2F%2F%2B2Rkl7fwQAAA%3D%3D
IP 173.233.139.164:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1SSzWskVRfGb83H4n0HBMWNC7ERFwqmU9XdVUlPFoNxjATHJMyMBkSQ%2B1Wda27XLe6t6uqEWQQHZDZCu9Jl5elkwuggDuJOQSpuJKu0iyEL4x%2FgUtCtdKeh9cC955z7nMXvnHs%2B3c%2FPiY%2Bcnm28a3aV1nQ%2BrPu1VzdVIkzhamt3a4Ff95dqmyqJWku1%2FviyveuBH9b912pvS75t5ht%2B4PuBH9RWlJWx6c9PVKj0cTuot%2F16q1EPwhb69r%2B5yz046kH0zslzUGJ0deuXJ1C8QtL99qZ025lJX3%2Brm2uaGYueOHov2U5MkaA7C2PrIU6OptUwbkTIl5dgkqNpBzC9g3EHYGpEvKcBWHI0xQTrHV6QMg2ZgIlrKHoVpK6gaAVu7kOJUwJwgbV1JN2Ha8YWdOdCpWN1RK789SdUMSJXfnseSfebZa36tTtG55kyiUM%2FLqH6FVSnQpofI9v1oIpj8OwTKEGQdEsocfZKFDIR0DiYY5EM51pRI5xrR0FrLgplJGkcxoxGk9EoVUHFFbQcgDoP%2BfgoD3nsIU89dMVZjYbt2PcXYhY3m4stznmzyXm4GIlQNFuLsY%2Bcj9kHyNIBuB6A2z2kdg%2FbagCb%2FwS3VcIJDy4j6IkShSQoHEFBCQpFUGQERa88FNo1XPlQaJezYOobU98shybr7NNDk3VkQvbTc%2FLsZGB%2FfPgdtuVZTYpm5AetqNlcbLQFX%2FBpqyE4pzIWcTMOAjhVQrlLkzZ31ekzT5Gq0%2F%2BVYPQYTh%2BDq5dB8xdBi%2BFCwwfdGrYWfewmj0xu6qmVzkGYEml2FdmOt6%2FPyQsTgOvX6pD85MYXn63%2FviQ%2BALclUlviY%2FUzQUc%2FGN42BTm4bQpHnqynmeqqXTr%2BzTsZzeTlr96RO4WxYvWmGzx6g4%2BFcfj4rnTZLZoIlXQc%2BXpZCSHtirFckh9X3aZkG7nbWs5tkqe3Nt5cWe1OAJVJKlB1%2Bv49cDUi%2F7%2F30WRPX%2FIOoWwFm5fo5idkalCmAk%2F34NIZvTMEVs9qWOqhyMuhbbDZo1YEWs5yykq4f%2BVsFu%2B7B%2BhYDzS7P9nOni3R0yWoHsDll4dZak9u%2FNqcGJj2hkxb74Bpqz%2B%2FGK1TZzUZxn4s%2FYZkcZvFC9QX7bjVZrQdyAUW0gCZG%2FHv%2F%2F7hHwAAAP%2F%2FAQAA%2F%2F%2B2Rkl7fwQAAA%3D%3D HTTP/1.1
Host: unpredictablehateagent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Cookie: u_pl=15424691; uid_id2=65bd1af1-b6e5-4625-9614-65e6eaf5fba6:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 04 Jan 2023 22:03:40 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 55370d09928705bf6d2d0a573bd7ce07
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8d9a880223cbd9a43452b02047d1c3e2
3b8a6d8fe73e0c186765caa8ea2c2240482d55a9
1aafca4a5c48193374494f44cceeccd709615611d31b26588c929e66fcba9722
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1AAFCA4A5C48193374494F44CCEECCD709615611D31B26588C929E66FCBA9722"
Last-Modified: Wed, 04 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3999
Expires: Wed, 04 Jan 2023 23:10:19 GMT
Date: Wed, 04 Jan 2023 22:03:40 GMT
Connection: keep-alive
gum.criteo.com/sid/json?origin=publishertag&domain=ouo.press&sn=FirefoxSyncframe&so=3&topUrl=ouo.press&bundle=0juz6V8zZTllN1B2VWNGT1AzaW9jJTJGenIlMkJxb1BiOSUyQmZnblpwS2VOY1hQNWtsVkhPUkE0aDBrMUxJbTdTaldnWGFKY2Q0aDRsRktrbTM4WFVITmNkSnk4ckJvZ08lMkY5M28lMkJaclphJTJCc1BVR1NFYTNIUjROZWthUHVqS3h4SWVXWE0lMkYzTGNu&info=Q26eYl80M0RITmhlJTJCZkMwOUJGQlhaMUN2czdyWGN5dGREN0ZHcVd4NGhMQ3hRSnhtZDFkcFM0UDhISDE0ZjhYMFo0alY&idsd=-1714458373,-1171201340&cw=1&lsw=1
178.250.0.157200 OK 385 B URL HTTP/2 gum.criteo.com/sid/json?origin=publishertag&domain=ouo.press&sn=FirefoxSyncframe&so=3&topUrl=ouo.press&bundle=0juz6V8zZTllN1B2VWNGT1AzaW9jJTJGenIlMkJxb1BiOSUyQmZnblpwS2VOY1hQNWtsVkhPUkE0aDBrMUxJbTdTaldnWGFKY2Q0aDRsRktrbTM4WFVITmNkSnk4ckJvZ08lMkY5M28lMkJaclphJTJCc1BVR1NFYTNIUjROZWthUHVqS3h4SWVXWE0lMkYzTGNu&info=Q26eYl80M0RITmhlJTJCZkMwOUJGQlhaMUN2czdyWGN5dGREN0ZHcVd4NGhMQ3hRSnhtZDFkcFM0UDhISDE0ZjhYMFo0alY&idsd=-1714458373,-1171201340&cw=1&lsw=1
IP 178.250.0.157:0
Hash b9e1ccdf5a4657b91e84f4d3bbeade89
1476a664fd1046c0eab815d90c9d2148f50a1d37
3e01d4bff3fecce247a27168322840fcb369934b41fd0ad42849f5cd1e816aa8
GET /sid/json?origin=publishertag&domain=ouo.press&sn=FirefoxSyncframe&so=3&topUrl=ouo.press&bundle=0juz6V8zZTllN1B2VWNGT1AzaW9jJTJGenIlMkJxb1BiOSUyQmZnblpwS2VOY1hQNWtsVkhPUkE0aDBrMUxJbTdTaldnWGFKY2Q0aDRsRktrbTM4WFVITmNkSnk4ckJvZ08lMkY5M28lMkJaclphJTJCc1BVR1NFYTNIUjROZWthUHVqS3h4SWVXWE0lMkYzTGNu&info=Q26eYl80M0RITmhlJTJCZkMwOUJGQlhaMUN2czdyWGN5dGREN0ZHcVd4NGhMQ3hRSnhtZDFkcFM0UDhISDE0ZjhYMFo0alY&idsd=-1714458373,-1171201340&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ouo.press
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 04 Jan 2023 22:03:39 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 906385
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ouo.press/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
104.22.58.251200 OK 2.4 kB URL HTTP/2 ouo.press/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP 104.22.58.251:0
Hash 8569ec1fb5a99c72b90f303d4ac612b8
66ea702ffe86f1a0e4c3bb30b06a6990c8a6b0bd
0051a6341671a3b494761efc30066b720c960a5592de5928a53405a0842272e9
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/SDEj74
Cookie: ouoio_session=eyJpdiI6IjZZUDJmR1FmWTlHa0tOOVZicVVGRmV6aEZJTThEUlFFS2xuQSt6SDZMU009IiwidmFsdWUiOiJUMTJXQzA0UGtZejM1bUxKaUlpWkhaanpyMERBSll2OFBQVGtRSkFIWndUUUFja1pEcktpWGg2WWtXU0NsNmIzWkJmUTNOM202TGtZNUJSQUxzb1lrdz09IiwibWFjIjoiMGFlYTI4ODcxM2JhOTM0MDI0MmJjNDk0YTBmNzM4YjE3NzMzYzYxM2FlOTViMTc5ZDBlMGI3Zjg1M2Q3M2ZhMSJ9; language=eyJpdiI6Ik13Z3YrQjlQUGhzNkdyTVdqTlJweWdXS3hoVjNtWjluWGk5QWFxTUZkNzg9IiwidmFsdWUiOiJJZ2t3MkM0QzB5ZmlDcVVmaWkzaTE1T2VXTTd5QWhwRFdGV21NU2tjYUx3PSIsIm1hYyI6ImVjODlmNzg2ZDlkODhmOTg3ZjEzMTM0ZGFkODM1OWRkNGMwZTg1YjNmNzkyMTZiMmZiZTRmYzUwOTZkOGExOGUifQ%3D%3D; 4c9d1dacf18bc9f1f61d04c112e2beb3688c6663=eyJpdiI6InRjSFFkT2d6ZnVvSE9GRkJ6bHVjMzNsSFF1ME9HT3RhdGNBSzdzNzVUaWM9IiwidmFsdWUiOiJjTkVVSG9MMTVzXC85M0FNaWxvUGFcLytyZnhaQnZORzZYdlYyalFKdHZrZWNaWUZcL1pha0FJV05aMnVjU3owd1JCNEVxak1YWmFrMlM4MEFtcEE3blk3VU5pZ0thV1JLN2hcL0dOQ09PXC85eG5zVGN0N1FtbUpxdkhUZUF0em1oU01kV2EzajlzUk5IWHRSak90M1wvTTBlempQdm1uU1VUaXJLdkRxekh6RlhvekNaVzlqdWNsenNyRGZKdlVlNW1rZVwvbW9QRFh5TTZScEdTTElyd0VGZDAwY2gxMlwvNW12b2ZBbEgycm5IMDk1K0NYMjFxYTF5bkRzcnpzblYxRjYxRnNyUUNlRkN4VTRXNDZyR1BrZnZTZGxaaGQzbWtGVTgzMU9UU2J3T3FiakNUekRcL1dQTlVta3B3ZmNKTkVZMUlDeTVUdEhERzdMdGZHZ2JNeXlqXC96WXg3WHNhOURqeFdNRlk0UVczOTNEbWRpQ0E3bUo4YXllY1ppckNOVEZrWWMwIiwibWFjIjoiMWVhNzE4OGQxNDY4OTEzMWVlN2Y4MGI2ZDEyMzRkMTNiOTYzZTRmMmFmYmQ3YTYxZWY5NzRhOWM1YTI0YzU1NCJ9; __cf_bm=3RddPTm_I.PvORkkp7Wdpt5u_jmZn_lwVZ7uDAhBu0M-1672869817-0-AYRsqtFReibbYV7SF7qCDYo8naCYfGN3UMNxSNX8BT5hFCT9HqiAWjzDOvUmHoBqbb/P6J40UhM/WEH9cHaqDc8=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 04 Jan 2023 22:03:37 GMT
content-type: application/javascript
last-modified: Tue, 20 Dec 2022 16:36:20 GMT
etag: W/"63a1e484-4d7"
vary: Accept-Encoding
server: cloudflare
cf-ray: 784743e69d45b4ee-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Fri, 06 Jan 2023 22:03:37 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 4f3ee704a5cd7a6e69c7fb5fbd7283a2
be50ef0da7999d632fc3d2218dfe612faa29dddc
8208ba6850f11d559d8616492481eafd0f05c39ebb4eb4379d2932ea27e49d43
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 04 Jan 2023 22:03:40 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 04 Jan 2023 13:42:55 GMT
Expires: Wed, 11 Jan 2023 13:42:54 GMT
Etag: "be50ef0da7999d632fc3d2218dfe612faa29dddc"
Cache-Control: max-age=574153,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 784743fc6f2fb521-OSL
id.crwdcntrl.net/id
63.35.129.113200 OK 43 B IP 63.35.129.113:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 90eeff5111bbbdce769d4130cc3cca3c
d62886c1a85d51814cb7f124761c5e6aca6d8933
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
GET /id HTTP/1.1
Host: id.crwdcntrl.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 04 Jan 2023 22:03:40 GMT
content-type: application/json;charset=utf-8
content-length: 43
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.27.203
access-control-allow-credentials: true
access-control-allow-origin: https://ouo.press
server: Jetty(9.4.38.v20210224)
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7d5fcd1866d41bb4529d7f0fbe6d9c2e
aaef830f6c51f4deb8d7036ecf3eae34d884e08b
7ff14da1872af6d440b267c4b2caa024ace627dbb7754c026ca62f211d77bc2f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "7FF14DA1872AF6D440B267C4B2CAA024ACE627DBB7754C026CA62F211D77BC2F"
Last-Modified: Wed, 04 Jan 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8898
Expires: Thu, 05 Jan 2023 00:31:58 GMT
Date: Wed, 04 Jan 2023 22:03:40 GMT
Connection: keep-alive
unpredictablehateagent.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2Fd3%2F55%2Ffb%2Fd355fb06fa4f4907609b7d285fa07f7a%2F1664530003.html&l=1175&fd=151
173.233.139.164200 OK 0 B URL HTTP/1.1 unpredictablehateagent.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2Fd3%2F55%2Ffb%2Fd355fb06fa4f4907609b7d285fa07f7a%2F1664530003.html&l=1175&fd=151
IP 173.233.139.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2Fd3%2F55%2Ffb%2Fd355fb06fa4f4907609b7d285fa07f7a%2F1664530003.html&l=1175&fd=151 HTTP/1.1
Host: unpredictablehateagent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Cookie: u_pl=15424691; uid_id2=65bd1af1-b6e5-4625-9614-65e6eaf5fba6:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 04 Jan 2023 22:03:40 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
e1.o.lencr.org/
23.36.77.32200 OK 1.0 kB IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
File type gzip compressed data, max compression\012- data
Hash 004999310561c5a6f026fc41b356eb6a
08b4ec6b998dea461d49b020c158c529184254ae
8f13da5534e2d85213fbfe0b9c55faa4f8f3ec7eb7329abca79f24b89fbd494f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "7FF14DA1872AF6D440B267C4B2CAA024ACE627DBB7754C026CA62F211D77BC2F"
Last-Modified: Wed, 04 Jan 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8897
Expires: Thu, 05 Jan 2023 00:31:58 GMT
Date: Wed, 04 Jan 2023 22:03:41 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1782561be2399c34cbc8ffb4b1974b35
9c2c71d9e99eebc50a5b182d3caeff03082ca42b
8424587be1de32390061ee4ee6c44f8c920e02818a0528020eb9bd7f32f06a5a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8424587BE1DE32390061EE4EE6C44F8C920E02818A0528020EB9BD7F32F06A5A"
Last-Modified: Wed, 04 Jan 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4222
Expires: Wed, 04 Jan 2023 23:14:03 GMT
Date: Wed, 04 Jan 2023 22:03:41 GMT
Connection: keep-alive
cdn.creative-bars1.com/sb/ssp/utility/social-media/instagram/new/4/css/animate.css
172.64.166.9200 OK 4.8 kB URL HTTP/2 cdn.creative-bars1.com/sb/ssp/utility/social-media/instagram/new/4/css/animate.css
IP 172.64.166.9:0
Hash 21eb7a65c17a2c22ba104a7ecbf1dc0f
ea8c53be54889c7489aed04e30e3eb83af64dec9
090bd9ceb9a58da038e5ed4a39dfbb63ece49ed4f4f0656ce35f7faa41a3b237
GET /sb/ssp/utility/social-media/instagram/new/4/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 04 Jan 2023 22:03:41 GMT
content-type: text/css
last-modified: Mon, 26 Sep 2022 10:05:22 GMT
etag: W/"63317962-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 2073079
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rRWNX5bI8RWXyDz%2BNDC9hR9pQYnUWymc1KKYnQX96%2BwiZslW4vH790FNc33THwZUXsBKAA3QZ4XHDgCyP5HMtg4rgRDWldmFKJGP3oSP7JPJc5T1XRSnNnR3WYTzZDPDEGdL4fvEjcdb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 784743fd5a2476e4-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.barscreative1.com/sb/au/d3/55/fb/d355fb06fa4f4907609b7d285fa07f7a/1664530003.html
45.133.44.3200 OK 33 kB URL HTTP/2 cdn.barscreative1.com/sb/au/d3/55/fb/d355fb06fa4f4907609b7d285fa07f7a/1664530003.html
IP 45.133.44.3:0
ASN #39572 DataWeb Global Group B.V.
Hash ab90dd573d0fa67fa3c3d740cae5ed20
ab20b294d856f5cccea7dd0ad9017b2bcd61ce23
83a8a6803479441d62d09b978f184e86c41fde3c8f7079c63f0f0653fbb2c225
Analyzer Verdict Alert fortinet Phishing
GET /sb/au/d3/55/fb/d355fb06fa4f4907609b7d285fa07f7a/1664530003.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 04 Jan 2023 22:03:40 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Fri, 30 Sep 2022 09:26:48 GMT
etag: W/"6336b658-497"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Wed, 04 Jan 2023 23:03:40 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/ssp/utility/social-media/instagram/new/4/css/style.css
172.64.166.9200 OK 1.9 kB URL HTTP/2 cdn.creative-bars1.com/sb/ssp/utility/social-media/instagram/new/4/css/style.css
IP 172.64.166.9:0
Hash 8757789e669712d957bb673c5006bcb4
501673f1a097aeab8f07573072d5a30fbec73bf9
9e438dcebf902b4ade6e4785c0021e5460e2b6d2a915830308a5d3d7f3c49bc9
GET /sb/ssp/utility/social-media/instagram/new/4/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 04 Jan 2023 22:03:41 GMT
content-type: text/css
last-modified: Fri, 30 Sep 2022 09:41:34 GMT
etag: W/"6336b9ce-1dda"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 2073079
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N8jnYAFTQKAq7mpUBDq2jjfr2AZ%2BaLiWwsgUNAR%2FrlFYVLhH8mhJ%2FezHW9s1%2FDiyAt0UEufw37no6exGj%2BgM6za2ePljp09bDLgq3m3lrzLduFBHLmnVUvwNb4GDuKpHDkGg3FPXISvK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 784743fd5a2d76e4-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/ssp/utility/social-media/instagram/new/4/js/script.js
172.64.166.9200 OK 210 B URL HTTP/2 cdn.creative-bars1.com/sb/ssp/utility/social-media/instagram/new/4/js/script.js
IP 172.64.166.9:0
Hash 14c6a15c2c7729c885b33c990f37d2a5
865d9621a3a4c2b446ec535471412bf491a1e60e
bd7b0405bc197d2564e68c4366fdbfc06c0711a10231877d33c8c6cdd05fe7f0
GET /sb/ssp/utility/social-media/instagram/new/4/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 04 Jan 2023 22:03:41 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 10:05:24 GMT
etag: W/"63317964-1bc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 2073079
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GrQbT%2BdnECYrf8o0IGvlnRDq6tTOtNw3FY9QHmreQavb4oS6cfko6xZsF8zdgjxGyMSXMSreqoy08TNsusxfPuDOpWTYf%2BcIbhuxpEVUYBvmQzTDUC7lH8uyPCa678vnzkxRPn40Vxgu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 784743fd5a2a76e4-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
unpredictablehateagent.com/impr.gif?sid=H4sIAAAAAAAC%2F1SSzWskxRvHq%2Ffl8PstCIoXD%2BIgHhTMpHu6e142h8W4RoJrEnZXAyJIdVX1pExNV1PVPT0JewguyF6E8aTHzneSDauLuIg3Bel4kZwyHpYcjH%2BAR0GvMpOB0Qeqnuep73P4PE89n%2B7n58RFTs823tW7Uim6GNbd2qubMuG6sLW1uzXPrbtLtU2ZNIOl2mBymf51zw3r7mu1twXb1osN13Ndz%2FVqK9KIWA8Wpypk%2Brjj1TtuPWjUvTDAwPw3t7kDSx3w%2Fjl5DpKPr2798gSSVUh6394UdjvT6etv9XJFM23Q50fvJduJLhL05mFsHMTJ0awa2o4J%2BfISdHI06wC6fzDpAJEcE%2Bephyg5mmEi6h9ekEYKIkHEr6HoVxCqgqQVmL4PyU8JwDjW1pH0Hq5pU9CdC5VO1DG58tefkMWYXPnteSS9b5aVHNTuaJVnUicWg7iEHFSQ3Qppfoxs14EsjsGyTyA5QdIrIfnZK80w4h6NvYWoKcKFoNkIFzpNL1hohqIpaBzGEW1ORyNlBRlXUGIIah3kkyMd5LGDPHXQ42c1GnZi123FUez77YAx5vuMhe0mD7kftGMXOZuwD5GlQzA1BDN7SM0etuUQJv8JdquE5Q5sRtDnJQpBUFiCghIUkqDICIp%2BeciVbdjyIVc2j7yZb8y8X4501t2nhzrrioTsp%2Bfk2enA%2FvjwO2yLs5rgftP1gqbvtxsdzlouDRqcMSpiHvux58HKEtJemra5K0%2BfeYpUnv6vRESPYdUxmHwZNH8RtBi1Gi7o1ihou9hNHulc11MjrAXXJdLsKrIdZ1%2BdkxemANev1SHYyY0vPlv%2FfYl%2FAGZKpKbEx%2FJngq56MLqtC3JwWxeWPFlPM9mTu3Tym3cymonLX70jdgpt%2BOpNO3z0BpsIk%2FDxXWGzWzThMula8vWy5FyYFW2YID%2Bu2k0RbeR2azk3SZ7e2nhzZbU3BZQ6qUDl6fv3wOSY%2FP%2FeR9M9fck5hDQVTF6il5%2BQmUHqCizdg03n9FYTGDWviVIHRV6OTCOaPypJoMQ8p1EJ%2B688msf79gG6xgHN7k%2B3s29K9FUJqoaw%2BeVRlpqTG7%2F6U0OknFGkjHMQKaM%2BvxitlWe10AtEO2q3GOeRYNxrNfy277oNzoNWR3gdZHbMvv%2F7h38AAAD%2F%2FwEAAP%2F%2Fok7HnX8EAAA%3D
173.233.139.164200 OK 7 B URL HTTP/1.1 unpredictablehateagent.com/impr.gif?sid=H4sIAAAAAAAC%2F1SSzWskxRvHq%2Ffl8PstCIoXD%2BIgHhTMpHu6e142h8W4RoJrEnZXAyJIdVX1pExNV1PVPT0JewguyF6E8aTHzneSDauLuIg3Bel4kZwyHpYcjH%2BAR0GvMpOB0Qeqnuep73P4PE89n%2B7n58RFTs823tW7Uim6GNbd2qubMuG6sLW1uzXPrbtLtU2ZNIOl2mBymf51zw3r7mu1twXb1osN13Ndz%2FVqK9KIWA8Wpypk%2Brjj1TtuPWjUvTDAwPw3t7kDSx3w%2Fjl5DpKPr2798gSSVUh6394UdjvT6etv9XJFM23Q50fvJduJLhL05mFsHMTJ0awa2o4J%2BfISdHI06wC6fzDpAJEcE%2Bephyg5mmEi6h9ekEYKIkHEr6HoVxCqgqQVmL4PyU8JwDjW1pH0Hq5pU9CdC5VO1DG58tefkMWYXPnteSS9b5aVHNTuaJVnUicWg7iEHFSQ3Qppfoxs14EsjsGyTyA5QdIrIfnZK80w4h6NvYWoKcKFoNkIFzpNL1hohqIpaBzGEW1ORyNlBRlXUGIIah3kkyMd5LGDPHXQ42c1GnZi123FUez77YAx5vuMhe0mD7kftGMXOZuwD5GlQzA1BDN7SM0etuUQJv8JdquE5Q5sRtDnJQpBUFiCghIUkqDICIp%2BeciVbdjyIVc2j7yZb8y8X4501t2nhzrrioTsp%2Bfk2enA%2FvjwO2yLs5rgftP1gqbvtxsdzlouDRqcMSpiHvux58HKEtJemra5K0%2BfeYpUnv6vRESPYdUxmHwZNH8RtBi1Gi7o1ihou9hNHulc11MjrAXXJdLsKrIdZ1%2BdkxemANev1SHYyY0vPlv%2FfYl%2FAGZKpKbEx%2FJngq56MLqtC3JwWxeWPFlPM9mTu3Tym3cymonLX70jdgpt%2BOpNO3z0BpsIk%2FDxXWGzWzThMula8vWy5FyYFW2YID%2Bu2k0RbeR2azk3SZ7e2nhzZbU3BZQ6qUDl6fv3wOSY%2FP%2FeR9M9fck5hDQVTF6il5%2BQmUHqCizdg03n9FYTGDWviVIHRV6OTCOaPypJoMQ8p1EJ%2B688msf79gG6xgHN7k%2B3s29K9FUJqoaw%2BeVRlpqTG7%2F6U0OknFGkjHMQKaM%2BvxitlWe10AtEO2q3GOeRYNxrNfy277oNzoNWR3gdZHbMvv%2F7h38AAAD%2F%2FwEAAP%2F%2Fok7HnX8EAAA%3D
IP 173.233.139.164:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1SSzWskxRvHq%2Ffl8PstCIoXD%2BIgHhTMpHu6e142h8W4RoJrEnZXAyJIdVX1pExNV1PVPT0JewguyF6E8aTHzneSDauLuIg3Bel4kZwyHpYcjH%2BAR0GvMpOB0Qeqnuep73P4PE89n%2B7n58RFTs823tW7Uim6GNbd2qubMuG6sLW1uzXPrbtLtU2ZNIOl2mBymf51zw3r7mu1twXb1osN13Ndz%2FVqK9KIWA8Wpypk%2Brjj1TtuPWjUvTDAwPw3t7kDSx3w%2Fjl5DpKPr2798gSSVUh6394UdjvT6etv9XJFM23Q50fvJduJLhL05mFsHMTJ0awa2o4J%2BfISdHI06wC6fzDpAJEcE%2Bephyg5mmEi6h9ekEYKIkHEr6HoVxCqgqQVmL4PyU8JwDjW1pH0Hq5pU9CdC5VO1DG58tefkMWYXPnteSS9b5aVHNTuaJVnUicWg7iEHFSQ3Qppfoxs14EsjsGyTyA5QdIrIfnZK80w4h6NvYWoKcKFoNkIFzpNL1hohqIpaBzGEW1ORyNlBRlXUGIIah3kkyMd5LGDPHXQ42c1GnZi123FUez77YAx5vuMhe0mD7kftGMXOZuwD5GlQzA1BDN7SM0etuUQJv8JdquE5Q5sRtDnJQpBUFiCghIUkqDICIp%2BeciVbdjyIVc2j7yZb8y8X4501t2nhzrrioTsp%2Bfk2enA%2FvjwO2yLs5rgftP1gqbvtxsdzlouDRqcMSpiHvux58HKEtJemra5K0%2BfeYpUnv6vRESPYdUxmHwZNH8RtBi1Gi7o1ihou9hNHulc11MjrAXXJdLsKrIdZ1%2BdkxemANev1SHYyY0vPlv%2FfYl%2FAGZKpKbEx%2FJngq56MLqtC3JwWxeWPFlPM9mTu3Tym3cymonLX70jdgpt%2BOpNO3z0BpsIk%2FDxXWGzWzThMula8vWy5FyYFW2YID%2Bu2k0RbeR2azk3SZ7e2nhzZbU3BZQ6qUDl6fv3wOSY%2FP%2FeR9M9fck5hDQVTF6il5%2BQmUHqCizdg03n9FYTGDWviVIHRV6OTCOaPypJoMQ8p1EJ%2B688msf79gG6xgHN7k%2B3s29K9FUJqoaw%2BeVRlpqTG7%2F6U0OknFGkjHMQKaM%2BvxitlWe10AtEO2q3GOeRYNxrNfy277oNzoNWR3gdZHbMvv%2F7h38AAAD%2F%2FwEAAP%2F%2Fok7HnX8EAAA%3D HTTP/1.1
Host: unpredictablehateagent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Cookie: u_pl=15424691; uid_id2=65bd1af1-b6e5-4625-9614-65e6eaf5fba6:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 04 Jan 2023 22:03:41 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5d922fa2367b71e6b392ceb6ed055700
Strict-Transport-Security: max-age=0; includeSubdomains
unpredictablehateagent.com/pixel/sbs?c=1
173.233.139.164200 OK 0 B URL HTTP/1.1 unpredictablehateagent.com/pixel/sbs?c=1
IP 173.233.139.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: unpredictablehateagent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Cookie: u_pl=15424691; uid_id2=65bd1af1-b6e5-4625-9614-65e6eaf5fba6:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 04 Jan 2023 22:03:41 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155495
2.18.172.200200 OK 5.6 kB URL HTTP/2 ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155495
IP 2.18.172.200:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (15889), with no line terminators
Hash 18a6bc0e051c0767f814f63ff07e65f9
8fbe4eb399d8501b90276723d38c9ffb4ab483fa
26341482a8d6c8384b2cb91aba95833ac2002bd284ff690adbd2009bf76cb95b
GET /AdServer/js/user_sync.html?kdntuid=1&p=155495 HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
server: Apache
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5554
content-type: text/html
cache-control: max-age=31845
expires: Thu, 05 Jan 2023 06:54:27 GMT
date: Wed, 04 Jan 2023 22:03:42 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&pbt=1&lsw=1
178.250.0.157200 OK 82 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&pbt=1&lsw=1
IP 178.250.0.157:0
Hash ec713de82b7a17a53d072c7533f99d32
7b04b0c186de460774c4b3658829379992986e50
f223095ed502b639a035d63d1f03fd37f01a8d5d55bb29734e00a929cc227e86
OPTIONS /sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&pbt=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://ouo.press/
Origin: https://ouo.press
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 04 Jan 2023 22:03:42 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://ouo.press
server-processing-duration-in-ticks: 447057
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ads.pubmatic.com/AdServer/js/cl_partner.html?pid=2&gdpr=0&gdpr_consent=&rdu=https%3A%2F%2Fsimage4.pubmatic.com%2FAdServer%2FSPug%3Fo%3D3%26u%3D1F5E3326-D568-42F4-BC9D-944670C88E41%26vcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%23%23P_UID
2.18.172.200200 OK 953 B URL HTTP/2 ads.pubmatic.com/AdServer/js/cl_partner.html?pid=2&gdpr=0&gdpr_consent=&rdu=https%3A%2F%2Fsimage4.pubmatic.com%2FAdServer%2FSPug%3Fo%3D3%26u%3D1F5E3326-D568-42F4-BC9D-944670C88E41%26vcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%23%23P_UID
IP 2.18.172.200:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (1720), with no line terminators
Hash 499546dec064c08e4c7c354bab138f7f
f155d071d071e4e7c1d45e22943915df9d9f2b75
1a9219bc3962479cfa6ff0ca64e2f810aab8b816ae4f937b252d0ca044d693b4
GET /AdServer/js/cl_partner.html?pid=2&gdpr=0&gdpr_consent=&rdu=https%3A%2F%2Fsimage4.pubmatic.com%2FAdServer%2FSPug%3Fo%3D3%26u%3D1F5E3326-D568-42F4-BC9D-944670C88E41%26vcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%23%23P_UID HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simage4.pubmatic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 17 Aug 2016 09:36:32 GMT
etag: "fa18f0-6b8-53a413358bd01"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 953
content-type: text/html; charset=UTF-8
cache-control: max-age=114359
expires: Fri, 06 Jan 2023 05:49:41 GMT
date: Wed, 04 Jan 2023 22:03:42 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ecdn.firstimpression.io/static/js/fiamp.js
54.230.111.99200 OK 0 B URL HTTP/2 ecdn.firstimpression.io/static/js/fiamp.js
IP 54.230.111.99:0
GET /static/js/fiamp.js HTTP/1.1
Host: ecdn.firstimpression.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
server: nginx/1.20.0
last-modified: Fri, 08 Apr 2022 08:48:22 GMT
access-control-allow-origin: *
content-encoding: gzip
date: Wed, 04 Jan 2023 21:22:35 GMT
expires: Wed, 04 Jan 2023 22:22:33 GMT
cache-control: max-age=3600
etag: W/"624ff6d6-1b8e9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: c5j5AHys08dwNQAVn_G7ibvPRwggdPl5x9U7sjiIgF5N1ty8jfJoLQ==
age: 2465
X-Firefox-Spdy: h2
ouo.press/css/bootstrap.css
104.22.58.251200 OK 0 B URL HTTP/2 ouo.press/css/bootstrap.css
IP 104.22.58.251:0
GET /css/bootstrap.css HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/SDEj74
Cookie: ouoio_session=eyJpdiI6IjZZUDJmR1FmWTlHa0tOOVZicVVGRmV6aEZJTThEUlFFS2xuQSt6SDZMU009IiwidmFsdWUiOiJUMTJXQzA0UGtZejM1bUxKaUlpWkhaanpyMERBSll2OFBQVGtRSkFIWndUUUFja1pEcktpWGg2WWtXU0NsNmIzWkJmUTNOM202TGtZNUJSQUxzb1lrdz09IiwibWFjIjoiMGFlYTI4ODcxM2JhOTM0MDI0MmJjNDk0YTBmNzM4YjE3NzMzYzYxM2FlOTViMTc5ZDBlMGI3Zjg1M2Q3M2ZhMSJ9; language=eyJpdiI6Ik13Z3YrQjlQUGhzNkdyTVdqTlJweWdXS3hoVjNtWjluWGk5QWFxTUZkNzg9IiwidmFsdWUiOiJJZ2t3MkM0QzB5ZmlDcVVmaWkzaTE1T2VXTTd5QWhwRFdGV21NU2tjYUx3PSIsIm1hYyI6ImVjODlmNzg2ZDlkODhmOTg3ZjEzMTM0ZGFkODM1OWRkNGMwZTg1YjNmNzkyMTZiMmZiZTRmYzUwOTZkOGExOGUifQ%3D%3D; 4c9d1dacf18bc9f1f61d04c112e2beb3688c6663=eyJpdiI6InRjSFFkT2d6ZnVvSE9GRkJ6bHVjMzNsSFF1ME9HT3RhdGNBSzdzNzVUaWM9IiwidmFsdWUiOiJjTkVVSG9MMTVzXC85M0FNaWxvUGFcLytyZnhaQnZORzZYdlYyalFKdHZrZWNaWUZcL1pha0FJV05aMnVjU3owd1JCNEVxak1YWmFrMlM4MEFtcEE3blk3VU5pZ0thV1JLN2hcL0dOQ09PXC85eG5zVGN0N1FtbUpxdkhUZUF0em1oU01kV2EzajlzUk5IWHRSak90M1wvTTBlempQdm1uU1VUaXJLdkRxekh6RlhvekNaVzlqdWNsenNyRGZKdlVlNW1rZVwvbW9QRFh5TTZScEdTTElyd0VGZDAwY2gxMlwvNW12b2ZBbEgycm5IMDk1K0NYMjFxYTF5bkRzcnpzblYxRjYxRnNyUUNlRkN4VTRXNDZyR1BrZnZTZGxaaGQzbWtGVTgzMU9UU2J3T3FiakNUekRcL1dQTlVta3B3ZmNKTkVZMUlDeTVUdEhERzdMdGZHZ2JNeXlqXC96WXg3WHNhOURqeFdNRlk0UVczOTNEbWRpQ0E3bUo4YXllY1ppckNOVEZrWWMwIiwibWFjIjoiMWVhNzE4OGQxNDY4OTEzMWVlN2Y4MGI2ZDEyMzRkMTNiOTYzZTRmMmFmYmQ3YTYxZWY5NzRhOWM1YTI0YzU1NCJ9; __cf_bm=3RddPTm_I.PvORkkp7Wdpt5u_jmZn_lwVZ7uDAhBu0M-1672869817-0-AYRsqtFReibbYV7SF7qCDYo8naCYfGN3UMNxSNX8BT5hFCT9HqiAWjzDOvUmHoBqbb/P6J40UhM/WEH9cHaqDc8=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 04 Jan 2023 22:03:37 GMT
content-type: text/css
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=109522
etag: W/"54def1fc-1abd2"
expires: Thu, 05 Jan 2023 05:58:45 GMT
last-modified: Sat, 14 Feb 2015 06:58:04 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 14692
vary: Accept-Encoding
server: cloudflare
cf-ray: 784743e68d13b4ee-OSL
content-encoding: br
X-Firefox-Spdy: h2
ecdn.analysis.fi/static/js/fab.js
54.230.111.8200 OK 0 B URL HTTP/2 ecdn.analysis.fi/static/js/fab.js
IP 54.230.111.8:0
GET /static/js/fab.js HTTP/1.1
Host: ecdn.analysis.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
server: nginx/1.20.0
last-modified: Tue, 14 Dec 2021 15:30:51 GMT
access-control-allow-origin: *
content-encoding: gzip
date: Wed, 04 Jan 2023 21:22:32 GMT
expires: Wed, 04 Jan 2023 22:22:31 GMT
cache-control: max-age=3600
etag: W/"61b8b8ab-1090"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: cqTO0nd6xpHDlX769WHo-L9-PP9PHtXHPweT_qA9tVxipKBZ4c4g-A==
age: 2466
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/ssp/utility/social-media/instagram/new/4/img/close.svg
172.64.166.9200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/ssp/utility/social-media/instagram/new/4/img/close.svg
IP 172.64.166.9:0
GET /sb/ssp/utility/social-media/instagram/new/4/img/close.svg HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 04 Jan 2023 22:03:41 GMT
content-type: image/svg+xml
last-modified: Wed, 28 Sep 2022 21:49:43 GMT
etag: W/"6334c177-52a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4349554
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YvsoO5SsFd4bTnXv6c93H%2FqVvXDv94asXNBjP7vQLWYhgrw19UK7gJiHfStABAdxRfpzhr2VVb8usjXekxJ1BQXngsSeRQBlaWhuQb6wk9W7RAmrLzFezllxrztCTm0XTBEadBrscRqa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 784743fd5a3076e4-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&pbt=1&lsw=1
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&pbt=1&lsw=1
IP 178.250.0.157:0
GET /sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&pbt=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 04 Jan 2023 22:03:41 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://ouo.press
server-processing-duration-in-ticks: 1031894
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ecdn.firstimpression.io/static/js/prebidamp.js
54.230.111.99200 OK 0 B URL HTTP/2 ecdn.firstimpression.io/static/js/prebidamp.js
IP 54.230.111.99:0
GET /static/js/prebidamp.js HTTP/1.1
Host: ecdn.firstimpression.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
server: nginx/1.20.0
last-modified: Tue, 14 Dec 2021 15:30:51 GMT
access-control-allow-origin: *
content-encoding: gzip
date: Wed, 04 Jan 2023 21:22:34 GMT
expires: Wed, 04 Jan 2023 22:22:33 GMT
cache-control: max-age=3600
etag: W/"61b8b8ab-4e128"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: UyXk9vjBHFgU0OuJs7hBCj9sdz16ZpAkKAfpH42CzrO4V7zmwiH1pQ==
age: 2465
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1
IP 178.250.0.157:0
OPTIONS /sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://ouo.press/
Origin: https://ouo.press
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 04 Jan 2023 22:03:38 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://ouo.press
server-processing-duration-in-ticks: 482468
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
18.172.255.23200 OK 0 B URL HTTP/2 c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
IP 18.172.255.23:0
GET /bao-csm/aps-comm/aps_csm.js HTTP/1.1
Host: c.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Fri, 23 Dec 2022 01:05:48 GMT
x-amz-version-id: 1R3b4YI9dI20q9Y7Gq1DHxVUnq3Fp2gn
server: AmazonS3
content-encoding: gzip
date: Wed, 04 Jan 2023 01:06:21 GMT
cache-control: public, max-age=86400
etag: W/"a4d296427fc806b21335359e398c025c"
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
via: 1.1 74b9d3168ead0de51d41113665a53160.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-P1
x-amz-cf-id: jPiLL_OegU2WVBVnpgq2siJEVQqHiJ5f9ST4XGAuFculbhTwTrcjmw==
age: 75439
X-Firefox-Spdy: h2
gum.criteo.com/syncframe?origin=publishertag&topUrl=ouo.press
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/syncframe?origin=publishertag&topUrl=ouo.press
IP 178.250.0.157:0
GET /syncframe?origin=publishertag&topUrl=ouo.press HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 04 Jan 2023 22:03:39 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=e513d0f1-1802-4ba1-b448-bf8b721f73f8; expires=Mon, 29 Jan 2024 22:03:39 GMT; domain=.criteo.com; path=/; secure; samesite=none
optout=0; expires=Thu, 01 Jan 1970 00:00:00 GMT; domain=.criteo.com; path=/
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 656827
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ouo.io/SDEj74
104.22.23.162302 Found 0 B IP 104.22.23.162:0
GET /SDEj74 HTTP/1.1
Host: ouo.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Wed, 04 Jan 2023 22:03:36 GMT
content-type: text/html; charset=UTF-8
location: https://ouo.press/SDEj74
cache-control: no-cache
set-cookie: ouoio_session=eyJpdiI6IjRBcENPMnBTTGt4TFhvZUFMOFwvaWYyVWNIREYxMkljTUFKbDRBQVRVRWI4PSIsInZhbHVlIjoidEFsZHAwNzhTOFd4V2hFXC8wOUFRMTFKQnZOTGliSTJtRk9SN3Z5VklNSTBNbGVJaHluM0x3K0UxcURZa2Vldm8waGJDNFY0alB2UFJYRkVjaFZuOUhRPT0iLCJtYWMiOiJmYzU4ZjQ0YjZiYzQ1YjQzNDlhNjI3MzAxMjNiN2FlZDE1MzY4NzVkYzg2MDgyNWM2M2I5Yjc4NTJmYjkwYzc4In0%3D; path=/; httponly
language=eyJpdiI6IlNDcHgrRTU2MUZLT0pkRm11WkM0dlAxNU9wc0FZcENHMTBQQnA0SE5cLzY0PSIsInZhbHVlIjoiSXBEZVFIMGM4RWVvalBCdFZFaU9VbzI5emRmZ1BwaDAxQ0JLY0hLMHp1bz0iLCJtYWMiOiJjMTRmNzZkNTVjMmIzNmJjNDM5OTU5ODgxMTZkMTk0NmVjNDI1OTQ5ODUxZDBjZjFkYTkwMWVmMmQwNWRlYzFjIn0%3D; expires=Mon, 03-Jan-2028 22:03:36 GMT; Max-Age=157680000; path=/; httponly
1dcca362d53045a42f75f0ab65a5bfa6fd0228c1=eyJpdiI6IkZRR0Q4ZkdRNXRkYktrWldVZXQydFwvNmtES00yQ3krZDlEdmpNNkxaWlNrPSIsInZhbHVlIjoiZjRTSG1ud0lQUVJwR01ZS3BmWDlCc1wvV1J6cjVDWWpydWJFWnBSUFREaDZ0eCtpNjUrcHQ3TDUrNFBlNGFSdFJVV202emdIb2x2Vmg3dHlkSTR1T1JlUGlKQjVnMmR0elBiMUxnMSt0a1wvdzhzREY1Z3lNSCtHeTIzWjFqdUNtcVJHUFJKdEdtWWpwRnVUQnpRczlyRGV3c3Q4S056WVNrU3pzejZsNkZ2eWQ1YmN3bVFHeUZVMFo4MlU1WU9qYVJSdmJYSEJNVExlQzFtcnM3Qlp2V3Q4OVRVWGNcL1FiV0pYOG1ScUVZYmUrU0ZZYzhBVWFWSmxjN1R2MDBENEExYXRGQTJCY0VYZWRpOEh0bjFRWUtaM3g0UkZvTzRxSldUa1hpdEppMFZiNkZZVXJCeFBVK0xYSHBxTjY4UTYybWdSV0R1UjY5ZnErcE5OZzFHcFhuOTRnPT0iLCJtYWMiOiJjMjdmNmI4MDU4MTUyNWE2NzM2MDQ4ZDRiY2Q3MzkwMjUwODEyZGVhOGI0M2YwMjg1OGZjMTM0Y2Y2NjRmZjIyIn0%3D; expires=Thu, 05-Jan-2023 00:03:36 GMT; Max-Age=7200; path=/; httponly
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 784743e19adcb4e8-OSL
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.0.157200 OK 0 B IP 178.250.0.157:0
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Cookie: browser_data=Q26eYl80M0RITmhlJTJCZkMwOUJGQlhaMUN2czdyWGN5dGREN0ZHcVd4NGhMQ3hRSnhtZDFkcFM0UDhISDE0ZjhYMFo0alY
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 04 Jan 2023 22:03:41 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=WaFOOF80M0RITmhlJTJCZkMwOUJGQlhaMUN2czdyWGN5dGREN0ZHcVd4NGhMQ3hRSnhFVE1zaDZEQ3pMWFBEMjFTaHltd20; expires=Mon, 29 Jan 2024 22:03:42 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://ouo.press
server-processing-duration-in-ticks: 522903
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
hhklc.com/c.js
104.21.70.122200 OK 0 B IP 104.21.70.122:0
GET /c.js HTTP/1.1
Host: hhklc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 04 Jan 2023 22:03:37 GMT
content-type: application/javascript
last-modified: Tue, 27 Dec 2022 13:04:38 GMT
etag: W/"63aaed66-2eef"
server-asp-net: Asp Net
expires: Wed, 04 Jan 2023 22:45:54 GMT
cache-control: public, max-age=14400
cf-cache-status: HIT
age: 163
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oDXuXGFI1YvqZ5qXmlrc9t3H1KU5soz1mAJkK8QEg1yE3sGvbD%2B8WV8Ejr3w5U3JYeAox5mXNxFkm5WV4LHjHUo1F6LJiwQqJPEaF74S89y49X%2B8irAe9EbGDIg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 784743e6e80e0b39-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
friendshipmale.com/sfp.js
172.64.166.29200 OK 0 B URL HTTP/2 friendshipmale.com/sfp.js
IP 172.64.166.29:0
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 04 Jan 2023 22:03:38 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: ff37e37aa8cb499044b738f01cc24297
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Wed, 04 Jan 2023 22:03:38 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bXfSKnDxsiv0FPvggGlCbdY9EH6LeaGj3fuXUCcXuzyTjKinz8f2nJuVrIhozFlGkuRwTnrU317j4RaJQIx3T4lOPwtZCG0W7uREe6fd9udPFDyENDV20%2BUQu%2Fr6vInt1voohh4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 784743ed4af406bd-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ecdn.firstimpression.io/fi_client.js
54.230.111.99200 OK 0 B URL HTTP/2 ecdn.firstimpression.io/fi_client.js
IP 54.230.111.99:0
GET /fi_client.js HTTP/1.1
Host: ecdn.firstimpression.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Wed, 04 Jan 2023 21:22:33 GMT
server: nginx/1.20.0
x-powered-by: PHP/8.0.14
x-xss-protection: 0
last-modified: Wed, 04 Jan 2023 21:22:33 UTC
etag: W/"6022fe5d2e36a6b6d1de6b801cbdb0c4"
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Zj5dNpO_TmHxAhQiUIDdBg18k_4AjyO-B-1_pQ0XLY016e74-plpYA==
age: 2464
X-Firefox-Spdy: h2
simage4.pubmatic.com/AdServer/SPug?o=1&p=155495&sc=1&u=1F5E3326-D568-42F4-BC9D-944670C88E41&rs=3&gdpr=0&gdpr_consent=&us_privacy=
185.64.190.81200 OK 0 B URL HTTP/2 simage4.pubmatic.com/AdServer/SPug?o=1&p=155495&sc=1&u=1F5E3326-D568-42F4-BC9D-944670C88E41&rs=3&gdpr=0&gdpr_consent=&us_privacy=
IP 185.64.190.81:0
GET /AdServer/SPug?o=1&p=155495&sc=1&u=1F5E3326-D568-42F4-BC9D-944670C88E41&rs=3&gdpr=0&gdpr_consent=&us_privacy= HTTP/1.1
Host: simage4.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
date: Wed, 04 Jan 2023 22:03:41 GMT
content-type: text/html; charset=utf-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
content-encoding: gzip
X-Firefox-Spdy: h2