ouo.press/Y1Mh4my
403 Forbidden 3.8 kB IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (836)
Hash 4c6303de4573d267c96a3d9d49092b73
3cb43e181d50df496633805b463615d8f37468e9
4160e2c4a89acb5196a3894e18d24b13ca56b0ab92a7b5c64f99114a97765e90
GET /Y1Mh4my HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 403 Forbidden
Date: Thu, 17 Nov 2022 23:19:05 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
CF-Chl-Bypass: 1
Referrer-Policy: same-origin
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Frame-Options: SAMEORIGIN
Set-Cookie: __cf_bm=94pLlEaVhvvKSifFwmkpfDs8xFeXa_MrCADlQ.qLpFM-1668727145-0-AWgUxpS8OZAEI5365nYJvO3YIgQLh2m3/6Eqyi9s6SyI9rbHfQ1a4J46SSCExERwBSqO3ELWFtGqVg6tQl8goRk=; path=/; expires=Thu, 17-Nov-22 23:49:05 GMT; domain=.ouo.press; HttpOnly; SameSite=None
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76bc30762ab4fab8-OSL
Content-Encoding: gzip
ocsp.digicert.com/
200 OK 471 B IP
Hash be1be806b5dca7facbb45a6c3db44652
7ae9380a2f3eca959fe6ff6b3832a17cffd12cf4
1f3338058f8e9cae5c9fdd733c74564312726b01c6efdcd628d851d0c99876b0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5889
Cache-Control: max-age=132626
Content-Type: application/ocsp-response
Date: Thu, 17 Nov 2022 23:19:06 GMT
Etag: "63760d7b-1d7"
Expires: Sat, 19 Nov 2022 12:09:32 GMT
Last-Modified: Thu, 17 Nov 2022 10:31:23 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3a38b6dd8a4cc335c026aebf2ed348b6
8a386e0ccb0ca4dc502746c45b2ebc3aa3f83cf8
8b4040a645cec1841a00a22765eb3a74978559daf15c54bd4b41b6b48aab7f95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B4040A645CEC1841A00A22765EB3A74978559DAF15C54BD4B41B6B48AAB7F95"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4345
Expires: Fri, 18 Nov 2022 00:31:31 GMT
Date: Thu, 17 Nov 2022 23:19:06 GMT
Connection: keep-alive
ouo.press/cdn-cgi/styles/challenges.css
200 OK 2.6 kB URL HTTP/1.1 ouo.press/cdn-cgi/styles/challenges.css
IP
File type ASCII text, with very long lines (6294), with no line terminators
Hash ba2d8534d208d2a5b158507e004d7150
ab81307634698ea304a68783fa38937f562009a2
63b366fdbfea7cbec639f9a5f24714a831e171570625def9462d724b5c8fdc59
GET /cdn-cgi/styles/challenges.css HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ouo.press/Y1Mh4my
Connection: keep-alive
HTTP/1.1 200 OK
Date: Thu, 17 Nov 2022 23:19:06 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 15 Nov 2022 18:09:42 GMT
ETag: W/"6373d5e6-1896"
Server: cloudflare
CF-RAY: 76bc3077f956b518-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Expires: Fri, 18 Nov 2022 01:19:06 GMT
Cache-Control: max-age=7200, public
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 17 Nov 2022 22:44:45 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2061
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: gnAKPSp3kJoo/KNXVn6GLJvJobqzT4oKM6KoRcDipEA6AKISRiijjXwCOWNJcV6zaaMCmv4oCqE=
x-amz-request-id: QEPBHGRWBZ5EVYN0
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 17 Nov 2022 23:15:20 GMT
age: 226
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ouo.press/favicon.ico
200 OK 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ouo.press/Y1Mh4my
Connection: keep-alive
HTTP/1.1 200 OK
Date: Thu, 17 Nov 2022 23:19:06 GMT
Content-Type: image/x-icon
Content-Length: 0
Connection: keep-alive
Last-Modified: Sat, 14 Feb 2015 06:41:24 GMT
ETag: "54deee14-0"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=86400
CF-Cache-Status: HIT
Age: 1779
Accept-Ranges: bytes
Set-Cookie: __cf_bm=Nyg3jdhxcsUMlY8m5zRnmYO2fecpNd_ZBG1oJttUBcc-1668727146-0-Ad6pHTvZVJRsLYt2N7myb3+rOHrudVsByyG50lWfa+/0UhjGb6IrfJxTvFEmGiL3h4ztAo3iXZeIpuc48cQVYvA=; path=/; expires=Thu, 17-Nov-22 23:49:06 GMT; domain=.ouo.press; HttpOnly; SameSite=None
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76bc30780a3a0b61-OSL
ouo.press/cdn-cgi/images/trace/managed/js/transparent.gif?ray=76bc30762ab4fab8
200 OK 42 B URL HTTP/1.1 ouo.press/cdn-cgi/images/trace/managed/js/transparent.gif?ray=76bc30762ab4fab8
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /cdn-cgi/images/trace/managed/js/transparent.gif?ray=76bc30762ab4fab8 HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ouo.press/Y1Mh4my
Connection: keep-alive
HTTP/1.1 200 OK
Date: Thu, 17 Nov 2022 23:19:06 GMT
Content-Type: image/gif
Content-Length: 42
Connection: keep-alive
Last-Modified: Tue, 15 Nov 2022 18:09:42 GMT
ETag: "6373d5e6-2a"
Server: cloudflare
CF-RAY: 76bc307899ecb518-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Expires: Fri, 18 Nov 2022 01:19:06 GMT
Cache-Control: max-age=7200, public
Accept-Ranges: bytes
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d27590a1d3cbe1e9632b8ae92aaae3f4
202b34e8a0c3b88c8826fd56c6227b34f2cd6f46
6bcfa518476658128c1fb4ea2435c4e58531454cf97138dce7ece9def589aead
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6BCFA518476658128C1FB4EA2435C4E58531454CF97138DCE7ECE9DEF589AEAD"
Last-Modified: Wed, 16 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2828
Expires: Fri, 18 Nov 2022 00:06:14 GMT
Date: Thu, 17 Nov 2022 23:19:06 GMT
Connection: keep-alive
ouo.press/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=76bc30762ab4fab8
200 OK 24 kB URL HTTP/1.1 ouo.press/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=76bc30762ab4fab8
IP
File type ASCII text, with very long lines (55036), with no line terminators
Hash cd1942fd13a405c561040c58ba05fc51
14adfe21d15af8c48a8a0a0b5ef894f5ebb0ff8b
6fc4c665bf77644e92c646711d8ec4223ad99d4ce831f38e941bb35c75aa887f
GET /cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=76bc30762ab4fab8 HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ouo.press/Y1Mh4my?__cf_chl_rt_tk=PgtsN6bH4b1id0nsi44YYDcDenTFe1j3hp.9EFc6kwg-1668727145-0-gaNycGzNAv0
Connection: keep-alive
HTTP/1.1 200 OK
Date: Thu, 17 Nov 2022 23:19:06 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: max-age=0, must-revalidate
Set-Cookie: __cf_bm=gpHgU1.JwyDq0iFcsFS2Zd3ypci_ooHv0xxwgGU5ZvY-1668727146-0-AXBXdDlZv8WUEe4laJCPStv8bRl8V1wQVtTUkc+BtXgdvhWIf5MIjoe03sgOe/PcydJPk/SrkavmJvkS/IvyNVQ=; path=/; expires=Thu, 17-Nov-22 23:49:06 GMT; domain=.ouo.press; HttpOnly; SameSite=None
Server: cloudflare
CF-RAY: 76bc30789a970b61-OSL
Content-Encoding: gzip
ocsp.digicert.com/
200 OK 279 B IP
Hash 33566e4345d0815812806f6451daad61
74374f32195064e777a75fd6f3112b076e56eb6f
8bbdc2a8b27f773d6f883a40f043daa3530ac4a7d597471c4c73376496f8e5f7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3113
Cache-Control: max-age=130574
Content-Type: application/ocsp-response
Date: Thu, 17 Nov 2022 23:19:06 GMT
Etag: "6376104f-117"
Expires: Sat, 19 Nov 2022 11:35:20 GMT
Last-Modified: Thu, 17 Nov 2022 10:43:27 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 279
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 17 Nov 2022 23:19:06 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
cloudflare.hcaptcha.com/1/api.js?endpoint=https%3A%2F%2Fcloudflare.hcaptcha.com&assethost=https%3A%2F%2Fcf-assets.hcaptcha.com&imghost=https%3A%2F%2Fcf-imgs.hcaptcha.com&render=explicit&recaptchacompat=off&onload=_cf_chl_hload
200 OK 145 kB URL HTTP/2 cloudflare.hcaptcha.com/1/api.js?endpoint=https%3A%2F%2Fcloudflare.hcaptcha.com&assethost=https%3A%2F%2Fcf-assets.hcaptcha.com&imghost=https%3A%2F%2Fcf-imgs.hcaptcha.com&render=explicit&recaptchacompat=off&onload=_cf_chl_hload
IP
File type Unicode text, UTF-8 text, with very long lines (57362)
Size 145 kB (144830 bytes)
Hash 71f996c8568debde70f1aef45f65fe15
ef548a2bc68d8d68a0e9bffbae38fcd3c4c7439c
19fef4433b693faf5c1a169f0e372dd94578c79c30fa443283ed4deed59487f7
GET /1/api.js?endpoint=https%3A%2F%2Fcloudflare.hcaptcha.com&assethost=https%3A%2F%2Fcf-assets.hcaptcha.com&imghost=https%3A%2F%2Fcf-imgs.hcaptcha.com&render=explicit&recaptchacompat=off&onload=_cf_chl_hload HTTP/1.1
Host: cloudflare.hcaptcha.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 17 Nov 2022 23:19:06 GMT
content-type: application/javascript
cf-ray: 76bc30798f64b4f3-OSL
access-control-allow-origin: *
age: 0
cache-control: max-age=120
etag: W/"cba895d710939d3f383adf1461af832f"
last-modified: Wed, 09 Nov 2022 04:14:07 GMT
strict-transport-security: max-age=0
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-id: yADmpMRcJu2yASGV_gZ-qxqQqgO1sLRsGfYPN6mnohLS_b0Zg8KMPA==
x-amz-cf-pop: OSL50-P1
x-cache: Hit from cloudfront
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
content-encoding: gzip
X-Firefox-Spdy: h2
ouo.press/cdn-cgi/challenge-platform/h/g/img/76bc30762ab4fab8/1668727146541/cMywolLcvaiF3Jd
200 OK 61 B URL HTTP/1.1 ouo.press/cdn-cgi/challenge-platform/h/g/img/76bc30762ab4fab8/1668727146541/cMywolLcvaiF3Jd
IP
File type PNG image data, 30 x 25, 8-bit/color RGB, non-interlaced\012- data
Hash 7379b43f131cae8b5555ab465ccaa618
7491c865b262fd50d86fe15c49f5efe2c9ee1b0b
d11193b7e1aee4a69adaa3f1980e169d01f01f10e3aa2d4a645447c0c22438e8
GET /cdn-cgi/challenge-platform/h/g/img/76bc30762ab4fab8/1668727146541/cMywolLcvaiF3Jd HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ouo.press/Y1Mh4my
Connection: keep-alive
HTTP/1.1 200 OK
Date: Thu, 17 Nov 2022 23:19:06 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cf_bm=vdU3g9mlyqieokJmGb_msjlOoKPKXK8UjVMCiFAlfyk-1668727146-0-Abyj4kJwXRi7vbo7psqxR6MYdnL/BC7gYOTFxpm5kAWD4hGWox5oqM6Sj/JrdNzGihC9YCWjekHFsckAToCKyzU=; path=/; expires=Thu, 17-Nov-22 23:49:06 GMT; domain=.ouo.press; HttpOnly; SameSite=None
Server: cloudflare
CF-RAY: 76bc307c2d3c0b61-OSL
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 17 Nov 2022 22:44:49 GMT
cache-control: public,max-age=3600
age: 2057
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash c10055ce87434f700ff8b20e3be1f919
477b3c9f1da0c464282bb54572737e76b6e346da
4d78eb296876122e5ff40fcd7667adf1bf8a4b1ee4c8203c88a63ce8d7910a57
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5521
Cache-Control: max-age=127189
Content-Type: application/ocsp-response
Date: Thu, 17 Nov 2022 23:19:07 GMT
Etag: "6375f9af-1d7"
Expires: Sat, 19 Nov 2022 10:38:56 GMT
Last-Modified: Thu, 17 Nov 2022 09:06:55 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
ouo.press/cdn-cgi/challenge-platform/h/g/flow/ov1/0.29372659301073084:1668723537:ekk7QT0Z9FctPhA8XpP6UrDXjOekVcJaxoNGhk4Hzj0/76bc30762ab4fab8/57017fa86e4b41c
200 OK 3.8 kB URL HTTP/1.1 ouo.press/cdn-cgi/challenge-platform/h/g/flow/ov1/0.29372659301073084:1668723537:ekk7QT0Z9FctPhA8XpP6UrDXjOekVcJaxoNGhk4Hzj0/76bc30762ab4fab8/57017fa86e4b41c
IP
File type ASCII text, with very long lines (4972), with no line terminators
Hash 5eac42664bbba81235b74e0f55e5e085
1ef0f94541acf643956e36a183ac6e588f76e407
f6f13c2f91c35f4534c493e321f78419c62aa47fc1bc5fd0571a3cb5125cb10d
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/0.29372659301073084:1668723537:ekk7QT0Z9FctPhA8XpP6UrDXjOekVcJaxoNGhk4Hzj0/76bc30762ab4fab8/57017fa86e4b41c HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ouo.press/Y1Mh4my
Content-type: application/x-www-form-urlencoded
CF-Challenge: 57017fa86e4b41c
Content-Length: 16388
Origin: http://ouo.press
Connection: keep-alive
HTTP/1.1 200 OK
Date: Thu, 17 Nov 2022 23:19:07 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf_chl_gen: WmSTknsMVnVk4lgJSSd8ri0dVJboQeSQBlhUle+2xyo=$nUmHCpWz7b4JE3wA3FfbDQ==
Set-Cookie: __cf_bm=FeWgnWsckV4YuoMCQ5tTfe8s4TboMbMd0v4L06FtNCg-1668727147-0-ARhi17zukotv5+xJQGCDK3BBoQyWF6Le2tfbAv/pSTiq6HNrQeLhnu6p22lgkK9YAe49Rp2vV2NcjDP78Qkz4Vg=; path=/; expires=Thu, 17-Nov-22 23:49:07 GMT; domain=.ouo.press; HttpOnly; SameSite=None
Server: cloudflare
CF-RAY: 76bc307ecec60b61-OSL
Content-Encoding: gzip
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ymW9m4tK21Rnm/fSunjs/w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 7vVvpG4ct81GiDPvFs2qqWj2SMo=
challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit
302 Found 0 B URL HTTP/2 challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 17 Nov 2022 23:19:07 GMT
content-length: 0
location: /turnstile/v0/75e640aa/api.js?onload=_cf_chl_turnstile_l&render=explicit
cache-control: max-age: 300
vary: Accept-Encoding
server: cloudflare
cf-ray: 76bc307f3a00b527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 17af07b019100dc8adb529ce85f827bd
602adaa722e9a3ee89600ebe40cea7033c435483
aec801578f867078e0a82d90e78290f0a3ef4f1f4936eb763801b869e0fae747
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AEC801578F867078E0A82D90E78290F0A3EF4F1F4936EB763801B869E0FAE747"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7092
Expires: Fri, 18 Nov 2022 01:17:20 GMT
Date: Thu, 17 Nov 2022 23:19:08 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 17af07b019100dc8adb529ce85f827bd
602adaa722e9a3ee89600ebe40cea7033c435483
aec801578f867078e0a82d90e78290f0a3ef4f1f4936eb763801b869e0fae747
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AEC801578F867078E0A82D90E78290F0A3EF4F1F4936EB763801B869E0FAE747"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7092
Expires: Fri, 18 Nov 2022 01:17:20 GMT
Date: Thu, 17 Nov 2022 23:19:08 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 17af07b019100dc8adb529ce85f827bd
602adaa722e9a3ee89600ebe40cea7033c435483
aec801578f867078e0a82d90e78290f0a3ef4f1f4936eb763801b869e0fae747
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AEC801578F867078E0A82D90E78290F0A3EF4F1F4936EB763801B869E0FAE747"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7092
Expires: Fri, 18 Nov 2022 01:17:20 GMT
Date: Thu, 17 Nov 2022 23:19:08 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 17af07b019100dc8adb529ce85f827bd
602adaa722e9a3ee89600ebe40cea7033c435483
aec801578f867078e0a82d90e78290f0a3ef4f1f4936eb763801b869e0fae747
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AEC801578F867078E0A82D90E78290F0A3EF4F1F4936EB763801B869E0FAE747"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7092
Expires: Fri, 18 Nov 2022 01:17:20 GMT
Date: Thu, 17 Nov 2022 23:19:08 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F484ffe7b-1073-4220-bf53-ccbfc7e9654e.webp
200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F484ffe7b-1073-4220-bf53-ccbfc7e9654e.webp
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 14649d486602810c1b218b96b27b2cc4
96c6cbfe31e7247c64dfa8c3759967627f8c6286
80f5d7573fd2bf4e6a6038ebf1335d159ad37c391ee539918455963d6ee88654
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F484ffe7b-1073-4220-bf53-ccbfc7e9654e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8884
x-amzn-requestid: 3739b8f5-bb0c-4798-a931-e955dd6df81d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-MiGFxoAMFlxA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376aa50-74c24a2f737634b655a5b47c;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:40:32 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: d_bLYyZzi1phYwQ2e5uvUmzO0GuvNu9Ubi2PQ0ChilQJegKr3uUiRw==
via: 1.1 79880188a81becf1687ba18c0e064230.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 21:55:53 GMT
etag: "96c6cbfe31e7247c64dfa8c3759967627f8c6286"
content-type: image/jpeg
age: 4995
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3007b4f3-f5db-4eb7-b71a-f9f854ae287e.jpeg
200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3007b4f3-f5db-4eb7-b71a-f9f854ae287e.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b2b393e36ee2c9649d90db136aa49542
e88c5832ff0c49bab181d948c3a510d88343bb6f
8b524701df43bff56ac52a021ff0fbd964e06f00e84b4861aa557ec6ae6b4ffd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3007b4f3-f5db-4eb7-b71a-f9f854ae287e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7631
x-amzn-requestid: b47e545d-1fb6-4a62-ab45-28cdb9d3f0b6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-vQE0XoAMFS3w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376ab2e-56365eed3d4c082c53b172b3;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:44:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: qpoQa1Lhe-h27dGooXDCtujesSTg7Tb0Ov-PNLnUP0288ZofwHxkhQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 21:52:40 GMT
age: 5188
etag: "e88c5832ff0c49bab181d948c3a510d88343bb6f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92501a28-163f-4c6e-aed7-d31c29354d1e.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92501a28-163f-4c6e-aed7-d31c29354d1e.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 032386e5c9dffff1ba1ee5e8a322d438
dd4fd6c803a9b333bace9a541c6bd183d0c56bb9
0e9f559a0aa7e114c5810a27ba243c0da7b44dc0bf7aec2b7ab32b8f0e2b536c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92501a28-163f-4c6e-aed7-d31c29354d1e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11667
x-amzn-requestid: ae092a0a-1709-4497-9f07-0348a28d2491
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bqZOIEN7oAMFlaA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637408c0-5ac595df302a8f1d3703ad8d;Sampled=0
x-amzn-remapped-date: Tue, 15 Nov 2022 21:46:40 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: c_SJMaV3uYSUysTSOFV--jQqDUxw-fBp8cXWWUZw9vUjt0d6PsOpxA==
via: 1.1 0bb842bd5868b86440983b936bb0adee.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 02:49:36 GMT
age: 73772
etag: "dd4fd6c803a9b333bace9a541c6bd183d0c56bb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb30d05c7-3d7a-4a88-a222-4412f1b83897.jpeg
200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb30d05c7-3d7a-4a88-a222-4412f1b83897.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3b0ef860a3b4eed3cf0fdca6e9a52b78
e0c4d9f0a3dd1fa6a9c4f43106b316e9154bebee
f478959aeb876f93f784194e56a9e3964cdb02465b203c4640a2bbb386689e1b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb30d05c7-3d7a-4a88-a222-4412f1b83897.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6972
x-amzn-requestid: a51fcd41-d047-4aa6-b917-e8d1c1f846ef
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw9VvEnHoAMF3rg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376a8f1-7cac67d1723387c40d1af743;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:34:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: zThnBpkUmGgiJR-VL7RoAXg5P42LaLa5URs-4Fpt_sRwGtun82VOxQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 22:06:38 GMT
age: 4350
etag: "e0c4d9f0a3dd1fa6a9c4f43106b316e9154bebee"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e93b023-2729-4761-a4ea-05612c0917fb.jpeg
200 OK 3.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e93b023-2729-4761-a4ea-05612c0917fb.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5d0b6106f00f9fd8b89c2d484a559a1a
399ac393209dcdac7d2188d7aa8d95f04570ef7c
5d8151c9eb558f4a2b8bd2952c6845606ddb0c27e36f6e49aca7e60908cd9fe4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e93b023-2729-4761-a4ea-05612c0917fb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3759
x-amzn-requestid: 8c91ac59-89dc-4218-b69f-0cebb29f301b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-wJHgxoAMF-hQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376ab33-4dac305614a92bc52c038222;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:44:19 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Mb2-PTjNmt06Wd5jOjQ5WoLY-0NgI80CKPXtwgzBt4n5km8Pu_WN0Q==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 21:50:49 GMT
age: 5299
etag: "399ac393209dcdac7d2188d7aa8d95f04570ef7c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9672fb80-baaa-4ab8-b080-dc8c1ce94400.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9672fb80-baaa-4ab8-b080-dc8c1ce94400.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 05289172c1455c4134e496c6f4606efd
ce1bb33256b0754f9acc01e7e9f3e5dc85f89244
a8b4411a0310cc376efe2aec7c0830b8d3b63b8827631b0ff43ec092f1f80f82
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9672fb80-baaa-4ab8-b080-dc8c1ce94400.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12065
x-amzn-requestid: 45c97153-71c7-4985-a1ad-fc21a509d153
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-K5FyVIAMFtDg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376aa45-0f9d22dd544a4580570f3089;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:40:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: dxT2WJB7m5tUhgBn2PwTIN4Zskzm3X7CW-29hl1nCyNPbKt5j6q5iA==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 21:55:27 GMT
age: 5021
etag: "ce1bb33256b0754f9acc01e7e9f3e5dc85f89244"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ouo.press/cdn-cgi/challenge-platform/h/g/flow/ov1/0.29372659301073084:1668723537:ekk7QT0Z9FctPhA8XpP6UrDXjOekVcJaxoNGhk4Hzj0/76bc30762ab4fab8/57017fa86e4b41c
200 OK 2.1 kB URL HTTP/1.1 ouo.press/cdn-cgi/challenge-platform/h/g/flow/ov1/0.29372659301073084:1668723537:ekk7QT0Z9FctPhA8XpP6UrDXjOekVcJaxoNGhk4Hzj0/76bc30762ab4fab8/57017fa86e4b41c
IP
File type ASCII text, with very long lines (2688), with no line terminators
Hash df5ae7cafc0b093d4176d3b80ffe9ea6
f949d2c37b082db4f1b3e1388870068626dfd87f
b9f9c2902f358cb1b75e4108bca346828a97dc5e1acb2b0def77813accacde9b
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/0.29372659301073084:1668723537:ekk7QT0Z9FctPhA8XpP6UrDXjOekVcJaxoNGhk4Hzj0/76bc30762ab4fab8/57017fa86e4b41c HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ouo.press/Y1Mh4my
Content-type: application/x-www-form-urlencoded
CF-Challenge: 57017fa86e4b41c
Content-Length: 17130
Origin: http://ouo.press
Connection: keep-alive
HTTP/1.1 200 OK
Date: Thu, 17 Nov 2022 23:19:09 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf_chl_out: Bh3RNBVPWqBHlUfDojlGHaK/erUKYMHdDHdg9ADLxtOwmJ2pAIcuwd68dciEkaA/8fSKZylkFerHbAXuvCXuOQ==$RojR84jRsjoBRfcYQjG5ug==
cf_chl_out_s: OvMB/YuU9QlyVoL3k5BNL07k9q1eR6vlGyijAj6hOrDRAhQNiEtx7CI55JJV048J7Xpeur2REd6GSJIuEtt8f0txakB0qDFYyaWPKBMBwtUfTsCDTFV7kbmC+zkUYXbcPxYre93ORhO22xrKDt3qjdZy8mKuuBuRIQuTnJ/Rh+FoACq87W35vU1jx+79PfCr$mFSo66sxBbp6sg5Uv32OWw==
set-cookie: cf_chl_rc_m=;Expires=Wed, 16 Nov 2022 23:19:09 GMT;SameSite=Strict
__cf_bm=VrnONPjDVzKIVUxaSv92S_wNqsZUzZPIiJoUWUy77jY-1668727149-0-AbuSR1zFUa9/diadjBxu1ewLaZzdXYsalmyRna5MRo2W6YLmYy0CL+Ap3ISrXgOm2zfiqdzZrX3MIpSF6ZQ24iM=; path=/; expires=Thu, 17-Nov-22 23:49:09 GMT; domain=.ouo.press; HttpOnly; SameSite=None
Server: cloudflare
CF-RAY: 76bc30894de30b61-OSL
Content-Encoding: gzip
ouo.press/Y1Mh4my
200 OK 3.5 kB IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1938)
Hash a43753758376ad3cf0da119511a51280
f7c8568472d3188f102d9d3a9b624684db96bee0
c06a95bff6d41d3ad0e03f66e0d46142302c8911c75adb65ce1c1c9b331d517d
POST /Y1Mh4my HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ouo.press/Y1Mh4my?__cf_chl_tk=PgtsN6bH4b1id0nsi44YYDcDenTFe1j3hp.9EFc6kwg-1668727145-0-gaNycGzNAv0
Content-Type: application/x-www-form-urlencoded
Content-Length: 1772
Origin: http://ouo.press
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 17 Nov 2022 23:19:09 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
CF-Cache-Status: DYNAMIC
Set-Cookie: cf_clearance=gg1cix0zRNn5LQSouRVhRWq8pSI5szeOHFSCt.FcZFU-1668727149-0-250; path=/; expires=Fri, 17-Nov-23 23:19:09 GMT; domain=.ouo.press; HttpOnly
ouoio_session=eyJpdiI6IlQ3Z1JIOGJOdGhtNzdwMHJsc2hDNjVzM3E0Vmc2bm9XWEZCVTA5ajRjMkU9IiwidmFsdWUiOiJJeGs4K1ZLT0FvbTZSa1ZxMWJSVkFESWc2VHNGVEpXbXRhQnMycHBxNkxVSU9kZzRNcXI4TGQxUlwvUWF3enUyTHhiU2huRFBPXC9PMzNEOU9XSGdZTDdRPT0iLCJtYWMiOiI4M2VhMjQ5MjA4N2QxMTkzOTdjMWM1MWU0NTc2ZGU3MjgyYTI1MjE2YTZjZDczODM4ZjZlODdiZTIwNDMxMjU2In0%3D; path=/; httponly
language=eyJpdiI6InFQQkVYVG1KRk1RcTE2TzFSSXpRcGRuc2tIbXNTK3YyWVkrbU51VGt2dnc9IiwidmFsdWUiOiJTTitCQVFrQ0hhdFN1aEQyWVRraWl6TUwyRHNvaTc4bjJJd2xKbXMzbEw4PSIsIm1hYyI6IjM2MGRkZWY3YWIyYzAyMDk0MDdjMDA5MWMxZWNmOGVkMDE3MTQ1NDE1Yjg2OTc0MDg3NmUwZmJlNjE2YjdjOTAifQ%3D%3D; expires=Tue, 16-Nov-2027 23:19:09 GMT; Max-Age=157680000; path=/; httponly
20b21536fa76a62fd958b882d520c62e8f0f12db=eyJpdiI6IlRvZGV5VDZXZFwvZks3UkFacW1VZ2NCUjNidTJrTkpjMVZlWXl3dlQ3Q3Y0PSIsInZhbHVlIjoiU3JTN0VYTHhcL1dKaEFzVkdPNjVWbnl4VCtTVmlYNmFyMWJESjdlZkgrR3hnMzgrelBiTHBqMXlsXC9id3hSanY4alhtbmtYZTM0M05wTjFGdlU2YXlxQVQxZU10ZXlxcmZkc3NOTlBLWCtKOTdiSkdUQ3MxR3NIVlh4YkNTazVJdmtlbXJ0RmF4QzV4WUZlUDZQZEthQWpNMHFNK3NRYWpFTjVHZWdKN3JVYlg3YVBZYkVUZ1hcLzNUN1ljQUw0Yk02UVc0XC95cjFmTmszd1UrSm1qOXhraWVsRE5jVkF2XC9DS0wwcERBOWFqUUJncVo1Q01FSDh1MGpTaHVFVHhSamp1b2NPb3pidHl5OCtxbTUzZ04wQkg2NGVYanRRSktsWVFIODR2UXFRZUc0Mmk3QThyZlNjT0xibm5ldXVZUFBJUGcwZ2JTU3FoQmREcUVCR0dLd3hnWVBPc24wRzAxVUFzWnBxNXZhSGx0V3BmMjBjOWJBWFFRZWt6VDc4VXpyQTAiLCJtYWMiOiI2NmU0NWVmMDcxMjE4NzcyYWM0YzJlMjBiYmU4ZTg1OWZiYzY1MjZhYjRhYWM1OGVkNmM4NWYzNzBhYmNhNWUyIn0%3D; expires=Fri, 18-Nov-2022 01:19:09 GMT; Max-Age=7200; path=/; httponly
__cf_bm=pl9TP0eCgl2zlzWKmF4PwjE5r888XFw._6EQ7e_25Ow-1668727149-0-AVth0mlLEu9FhFKvXp8k2S4YdVMNGNaQHg0EbwBt1hJeqvEl6giHewuVO32laZDUDTz0kmpIjXciE18JrWxaAvc=; path=/; expires=Thu, 17-Nov-22 23:49:09 GMT; domain=.ouo.press; HttpOnly; SameSite=None
Server: cloudflare
CF-RAY: 76bc308a7e890b61-OSL
Content-Encoding: gzip
ouo.press/css/link-safe.css
200 OK 1.8 kB URL HTTP/1.1 ouo.press/css/link-safe.css
IP
Hash d91a45478adaa488ef4f1733dfa3c44c
3686ea901ce8ca85bb82f42bf0a8d39095ebf73d
4bb66b15dd5791ec4c9867c3a89ee2ef9bdb5f0bbd0d442a1fbfe2c34e9bc86b
GET /css/link-safe.css HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/Y1Mh4my
Cookie: cf_clearance=gg1cix0zRNn5LQSouRVhRWq8pSI5szeOHFSCt.FcZFU-1668727149-0-250; ouoio_session=eyJpdiI6IlQ3Z1JIOGJOdGhtNzdwMHJsc2hDNjVzM3E0Vmc2bm9XWEZCVTA5ajRjMkU9IiwidmFsdWUiOiJJeGs4K1ZLT0FvbTZSa1ZxMWJSVkFESWc2VHNGVEpXbXRhQnMycHBxNkxVSU9kZzRNcXI4TGQxUlwvUWF3enUyTHhiU2huRFBPXC9PMzNEOU9XSGdZTDdRPT0iLCJtYWMiOiI4M2VhMjQ5MjA4N2QxMTkzOTdjMWM1MWU0NTc2ZGU3MjgyYTI1MjE2YTZjZDczODM4ZjZlODdiZTIwNDMxMjU2In0%3D; language=eyJpdiI6InFQQkVYVG1KRk1RcTE2TzFSSXpRcGRuc2tIbXNTK3YyWVkrbU51VGt2dnc9IiwidmFsdWUiOiJTTitCQVFrQ0hhdFN1aEQyWVRraWl6TUwyRHNvaTc4bjJJd2xKbXMzbEw4PSIsIm1hYyI6IjM2MGRkZWY3YWIyYzAyMDk0MDdjMDA5MWMxZWNmOGVkMDE3MTQ1NDE1Yjg2OTc0MDg3NmUwZmJlNjE2YjdjOTAifQ%3D%3D; 20b21536fa76a62fd958b882d520c62e8f0f12db=eyJpdiI6IlRvZGV5VDZXZFwvZks3UkFacW1VZ2NCUjNidTJrTkpjMVZlWXl3dlQ3Q3Y0PSIsInZhbHVlIjoiU3JTN0VYTHhcL1dKaEFzVkdPNjVWbnl4VCtTVmlYNmFyMWJESjdlZkgrR3hnMzgrelBiTHBqMXlsXC9id3hSanY4alhtbmtYZTM0M05wTjFGdlU2YXlxQVQxZU10ZXlxcmZkc3NOTlBLWCtKOTdiSkdUQ3MxR3NIVlh4YkNTazVJdmtlbXJ0RmF4QzV4WUZlUDZQZEthQWpNMHFNK3NRYWpFTjVHZWdKN3JVYlg3YVBZYkVUZ1hcLzNUN1ljQUw0Yk02UVc0XC95cjFmTmszd1UrSm1qOXhraWVsRE5jVkF2XC9DS0wwcERBOWFqUUJncVo1Q01FSDh1MGpTaHVFVHhSamp1b2NPb3pidHl5OCtxbTUzZ04wQkg2NGVYanRRSktsWVFIODR2UXFRZUc0Mmk3QThyZlNjT0xibm5ldXVZUFBJUGcwZ2JTU3FoQmREcUVCR0dLd3hnWVBPc24wRzAxVUFzWnBxNXZhSGx0V3BmMjBjOWJBWFFRZWt6VDc4VXpyQTAiLCJtYWMiOiI2NmU0NWVmMDcxMjE4NzcyYWM0YzJlMjBiYmU4ZTg1OWZiYzY1MjZhYjRhYWM1OGVkNmM4NWYzNzBhYmNhNWUyIn0%3D
HTTP/1.1 200 OK
Date: Thu, 17 Nov 2022 23:19:09 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=86400
Cf-Bgj: minify
Cf-Polished: status=cannot_optimize
ETag: W/"5d951ace-1830"
Expires: Thu, 17 Nov 2022 23:49:41 GMT
Last-Modified: Wed, 02 Oct 2019 21:46:54 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
CF-Cache-Status: HIT
Age: 41368
Set-Cookie: __cf_bm=M2copAujIoeefWVEfb8vVULrZVZ8BkIpbFGNkrpNKIk-1668727149-0-AXQn0cTkrMgMuvGZdJMHRiC0propxJfl47rmP8lf3CubrXT8mnfLPvAkNTWrdCm3U2A24RxXm/Ha+4OWapoxWgE=; path=/; expires=Thu, 17-Nov-22 23:49:09 GMT; domain=.ouo.press; HttpOnly; SameSite=None
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76bc308d1bf1b518-OSL
Content-Encoding: gzip
ouo.press/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
200 OK 655 B URL HTTP/1.1 ouo.press/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP
File type HTML document, ASCII text, with very long lines (1238)
Hash bc3ba461c8a309acf61b6d9c41cb6236
88482306ecc9258d5e9cbb9ba5314dab223a5db4
31331f1b1519882d2f2fb60367708fd56a7a1ec0bddd0554c635547179c7dc8f
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/Y1Mh4my
Cookie: cf_clearance=gg1cix0zRNn5LQSouRVhRWq8pSI5szeOHFSCt.FcZFU-1668727149-0-250; ouoio_session=eyJpdiI6IlQ3Z1JIOGJOdGhtNzdwMHJsc2hDNjVzM3E0Vmc2bm9XWEZCVTA5ajRjMkU9IiwidmFsdWUiOiJJeGs4K1ZLT0FvbTZSa1ZxMWJSVkFESWc2VHNGVEpXbXRhQnMycHBxNkxVSU9kZzRNcXI4TGQxUlwvUWF3enUyTHhiU2huRFBPXC9PMzNEOU9XSGdZTDdRPT0iLCJtYWMiOiI4M2VhMjQ5MjA4N2QxMTkzOTdjMWM1MWU0NTc2ZGU3MjgyYTI1MjE2YTZjZDczODM4ZjZlODdiZTIwNDMxMjU2In0%3D; language=eyJpdiI6InFQQkVYVG1KRk1RcTE2TzFSSXpRcGRuc2tIbXNTK3YyWVkrbU51VGt2dnc9IiwidmFsdWUiOiJTTitCQVFrQ0hhdFN1aEQyWVRraWl6TUwyRHNvaTc4bjJJd2xKbXMzbEw4PSIsIm1hYyI6IjM2MGRkZWY3YWIyYzAyMDk0MDdjMDA5MWMxZWNmOGVkMDE3MTQ1NDE1Yjg2OTc0MDg3NmUwZmJlNjE2YjdjOTAifQ%3D%3D; 20b21536fa76a62fd958b882d520c62e8f0f12db=eyJpdiI6IlRvZGV5VDZXZFwvZks3UkFacW1VZ2NCUjNidTJrTkpjMVZlWXl3dlQ3Q3Y0PSIsInZhbHVlIjoiU3JTN0VYTHhcL1dKaEFzVkdPNjVWbnl4VCtTVmlYNmFyMWJESjdlZkgrR3hnMzgrelBiTHBqMXlsXC9id3hSanY4alhtbmtYZTM0M05wTjFGdlU2YXlxQVQxZU10ZXlxcmZkc3NOTlBLWCtKOTdiSkdUQ3MxR3NIVlh4YkNTazVJdmtlbXJ0RmF4QzV4WUZlUDZQZEthQWpNMHFNK3NRYWpFTjVHZWdKN3JVYlg3YVBZYkVUZ1hcLzNUN1ljQUw0Yk02UVc0XC95cjFmTmszd1UrSm1qOXhraWVsRE5jVkF2XC9DS0wwcERBOWFqUUJncVo1Q01FSDh1MGpTaHVFVHhSamp1b2NPb3pidHl5OCtxbTUzZ04wQkg2NGVYanRRSktsWVFIODR2UXFRZUc0Mmk3QThyZlNjT0xibm5ldXVZUFBJUGcwZ2JTU3FoQmREcUVCR0dLd3hnWVBPc24wRzAxVUFzWnBxNXZhSGx0V3BmMjBjOWJBWFFRZWt6VDc4VXpyQTAiLCJtYWMiOiI2NmU0NWVmMDcxMjE4NzcyYWM0YzJlMjBiYmU4ZTg1OWZiYzY1MjZhYjRhYWM1OGVkNmM4NWYzNzBhYmNhNWUyIn0%3D
HTTP/1.1 200 OK
Date: Thu, 17 Nov 2022 23:19:09 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 15 Nov 2022 18:10:02 GMT
ETag: W/"6373d5fa-4d7"
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76bc308d2bfab518-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Expires: Sat, 19 Nov 2022 23:19:09 GMT
Cache-Control: max-age=172800, public
Content-Encoding: gzip
ouo.press/css/bootstrap.css
200 OK 18 kB URL HTTP/1.1 ouo.press/css/bootstrap.css
IP
File type ASCII text, with very long lines (65452)
Hash ecd7a3b8fdf856cece681f760bad623c
3c16d8b0523e3c6de3b20f7c7f9de2ae48a2949a
40f5215bfeb4c595389b7d02127c47c94e173dbca21022c9f67eca101d03ab92
GET /css/bootstrap.css HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/Y1Mh4my
Cookie: cf_clearance=gg1cix0zRNn5LQSouRVhRWq8pSI5szeOHFSCt.FcZFU-1668727149-0-250; ouoio_session=eyJpdiI6IlQ3Z1JIOGJOdGhtNzdwMHJsc2hDNjVzM3E0Vmc2bm9XWEZCVTA5ajRjMkU9IiwidmFsdWUiOiJJeGs4K1ZLT0FvbTZSa1ZxMWJSVkFESWc2VHNGVEpXbXRhQnMycHBxNkxVSU9kZzRNcXI4TGQxUlwvUWF3enUyTHhiU2huRFBPXC9PMzNEOU9XSGdZTDdRPT0iLCJtYWMiOiI4M2VhMjQ5MjA4N2QxMTkzOTdjMWM1MWU0NTc2ZGU3MjgyYTI1MjE2YTZjZDczODM4ZjZlODdiZTIwNDMxMjU2In0%3D; language=eyJpdiI6InFQQkVYVG1KRk1RcTE2TzFSSXpRcGRuc2tIbXNTK3YyWVkrbU51VGt2dnc9IiwidmFsdWUiOiJTTitCQVFrQ0hhdFN1aEQyWVRraWl6TUwyRHNvaTc4bjJJd2xKbXMzbEw4PSIsIm1hYyI6IjM2MGRkZWY3YWIyYzAyMDk0MDdjMDA5MWMxZWNmOGVkMDE3MTQ1NDE1Yjg2OTc0MDg3NmUwZmJlNjE2YjdjOTAifQ%3D%3D; 20b21536fa76a62fd958b882d520c62e8f0f12db=eyJpdiI6IlRvZGV5VDZXZFwvZks3UkFacW1VZ2NCUjNidTJrTkpjMVZlWXl3dlQ3Q3Y0PSIsInZhbHVlIjoiU3JTN0VYTHhcL1dKaEFzVkdPNjVWbnl4VCtTVmlYNmFyMWJESjdlZkgrR3hnMzgrelBiTHBqMXlsXC9id3hSanY4alhtbmtYZTM0M05wTjFGdlU2YXlxQVQxZU10ZXlxcmZkc3NOTlBLWCtKOTdiSkdUQ3MxR3NIVlh4YkNTazVJdmtlbXJ0RmF4QzV4WUZlUDZQZEthQWpNMHFNK3NRYWpFTjVHZWdKN3JVYlg3YVBZYkVUZ1hcLzNUN1ljQUw0Yk02UVc0XC95cjFmTmszd1UrSm1qOXhraWVsRE5jVkF2XC9DS0wwcERBOWFqUUJncVo1Q01FSDh1MGpTaHVFVHhSamp1b2NPb3pidHl5OCtxbTUzZ04wQkg2NGVYanRRSktsWVFIODR2UXFRZUc0Mmk3QThyZlNjT0xibm5ldXVZUFBJUGcwZ2JTU3FoQmREcUVCR0dLd3hnWVBPc24wRzAxVUFzWnBxNXZhSGx0V3BmMjBjOWJBWFFRZWt6VDc4VXpyQTAiLCJtYWMiOiI2NmU0NWVmMDcxMjE4NzcyYWM0YzJlMjBiYmU4ZTg1OWZiYzY1MjZhYjRhYWM1OGVkNmM4NWYzNzBhYmNhNWUyIn0%3D
HTTP/1.1 200 OK
Date: Thu, 17 Nov 2022 23:19:09 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=86400
Cf-Bgj: minify
Cf-Polished: origSize=109522
ETag: W/"54def1fc-1abd2"
Expires: Fri, 18 Nov 2022 09:21:10 GMT
Last-Modified: Sat, 14 Feb 2015 06:58:04 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
CF-Cache-Status: HIT
Age: 7079
Set-Cookie: __cf_bm=Vl5_2wIp2o4XUsH03akpFsODEcwBv_TacrYehOiDJ8I-1668727149-0-AZ9zKl3dAQWlzAcQWg+e+kKBvV2rcqp4y1Nk82zIY6x9cgcAqCZu/yElqqPQn31kiI+ap2gGgj6abCBIPlqzHJw=; path=/; expires=Thu, 17-Nov-22 23:49:09 GMT; domain=.ouo.press; HttpOnly; SameSite=None
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76bc308d18820b61-OSL
Content-Encoding: gzip
fonts.googleapis.com/css?family=Questrial
200 OK 387 B URL HTTP/1.1 fonts.googleapis.com/css?family=Questrial
IP
Hash 7b73b3eed6a43db40b0640388112329f
ad4bb62a66f1f95c0a252f83345b40d40dcd5bb4
1776d3903d4f6fb36773bac4ccb4b86c0658838f29674d1fb506859506a41bc3
GET /css?family=Questrial HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Thu, 17 Nov 2022 23:19:09 GMT
Date: Thu, 17 Nov 2022 23:19:09 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
hhklc.com/c.js
301 Moved Permanently 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.js HTTP/1.1
Host: hhklc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 301 Moved Permanently
Date: Thu, 17 Nov 2022 23:19:09 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 18 Nov 2022 00:19:09 GMT
Location: https://hhklc.com/c.js
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Co5vhyiFgTfMbZ3wms51fmO%2Fe4P9DWABv4KTl2IFax9wbgEMCWdNYU9m1spv1IFWh9i2RZhGL68NN6zKrIUooxHNxfJ3JyYFTp%2FozfOR97DLeMEJ%2FU7Fm9g%2FxLM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76bc308d3d91b4eb-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 05bf67082a248863ee104c4f16e7ae7a
51bc71674f0e51788118bd4826dec7896d6bd03e
3664a7f4bc06fcb7bab2f6b270e74570536d947f8d3fa2fe586dd0de713844e8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 17 Nov 2022 23:19:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.adtrue.com/rtb/async.js
301 Moved Permanently 0 B URL HTTP/1.1 cdn.adtrue.com/rtb/async.js
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rtb/async.js HTTP/1.1
Host: cdn.adtrue.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 301 Moved Permanently
Date: Thu, 17 Nov 2022 23:19:09 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 18 Nov 2022 00:19:09 GMT
Location: https://cdn.adtrue.com/rtb/async.js
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7ShbopN4JWclyU3biRznAw6p9saRzebiLjIrnS8gpeTzM05O2rinQYEdXwGXC82lUmLF4FmXYfEuP5RYKCk4ElKEV2wlrNSt4SKdM9SM%2BcfWpddQEiH5m8Xi4%2F%2Bp8VytKA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76bc308d8c0f886b-LHR
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
200 OK 278 B IP
Hash 5b69a9f8e5b48e7bf0a05840546e4be2
e6df9dc72bd5f593bc71748df5df2e6866d94f3d
cfdf9b5a53be9d5e68492368276a5b2b298158481e0148ad4dd305db7e6b5915
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4992
Cache-Control: max-age=100381
Content-Type: application/ocsp-response
Date: Thu, 17 Nov 2022 23:19:09 GMT
Etag: "6375930a-116"
Expires: Sat, 19 Nov 2022 03:12:10 GMT
Last-Modified: Thu, 17 Nov 2022 01:48:58 GMT
Server: ECS (amb/6B9D)
X-Cache: HIT
Content-Length: 278
www.google.com/recaptcha/api.js?render=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x
200 OK 585 B URL HTTP/2 www.google.com/recaptcha/api.js?render=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x
IP
File type ASCII text, with very long lines (884), with no line terminators
Hash d36fbadc19583158e0e17f2600407814
e99295beaa7c52e0b1f42759c67b40aebe4bab10
dbf530370a0136951085663be32f33ad5e3a01e1a2883eebbd518fbee9816f50
GET /recaptcha/api.js?render=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Thu, 17 Nov 2022 23:19:09 GMT
date: Thu, 17 Nov 2022 23:19:09 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 585
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ouo.press/images/world.png
200 OK 5.7 kB URL HTTP/1.1 ouo.press/images/world.png
IP
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 4eea420a8830a6d695114427bf52b556
35579e7f1a656beb3a07a7093166ff37c634bade
70f03c74cc197cf154af36fa552a448d9ffebb55081c96e55ef4cf469123fe22
GET /images/world.png HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/Y1Mh4my
Cookie: cf_clearance=gg1cix0zRNn5LQSouRVhRWq8pSI5szeOHFSCt.FcZFU-1668727149-0-250; ouoio_session=eyJpdiI6IlQ3Z1JIOGJOdGhtNzdwMHJsc2hDNjVzM3E0Vmc2bm9XWEZCVTA5ajRjMkU9IiwidmFsdWUiOiJJeGs4K1ZLT0FvbTZSa1ZxMWJSVkFESWc2VHNGVEpXbXRhQnMycHBxNkxVSU9kZzRNcXI4TGQxUlwvUWF3enUyTHhiU2huRFBPXC9PMzNEOU9XSGdZTDdRPT0iLCJtYWMiOiI4M2VhMjQ5MjA4N2QxMTkzOTdjMWM1MWU0NTc2ZGU3MjgyYTI1MjE2YTZjZDczODM4ZjZlODdiZTIwNDMxMjU2In0%3D; language=eyJpdiI6InFQQkVYVG1KRk1RcTE2TzFSSXpRcGRuc2tIbXNTK3YyWVkrbU51VGt2dnc9IiwidmFsdWUiOiJTTitCQVFrQ0hhdFN1aEQyWVRraWl6TUwyRHNvaTc4bjJJd2xKbXMzbEw4PSIsIm1hYyI6IjM2MGRkZWY3YWIyYzAyMDk0MDdjMDA5MWMxZWNmOGVkMDE3MTQ1NDE1Yjg2OTc0MDg3NmUwZmJlNjE2YjdjOTAifQ%3D%3D; 20b21536fa76a62fd958b882d520c62e8f0f12db=eyJpdiI6IlRvZGV5VDZXZFwvZks3UkFacW1VZ2NCUjNidTJrTkpjMVZlWXl3dlQ3Q3Y0PSIsInZhbHVlIjoiU3JTN0VYTHhcL1dKaEFzVkdPNjVWbnl4VCtTVmlYNmFyMWJESjdlZkgrR3hnMzgrelBiTHBqMXlsXC9id3hSanY4alhtbmtYZTM0M05wTjFGdlU2YXlxQVQxZU10ZXlxcmZkc3NOTlBLWCtKOTdiSkdUQ3MxR3NIVlh4YkNTazVJdmtlbXJ0RmF4QzV4WUZlUDZQZEthQWpNMHFNK3NRYWpFTjVHZWdKN3JVYlg3YVBZYkVUZ1hcLzNUN1ljQUw0Yk02UVc0XC95cjFmTmszd1UrSm1qOXhraWVsRE5jVkF2XC9DS0wwcERBOWFqUUJncVo1Q01FSDh1MGpTaHVFVHhSamp1b2NPb3pidHl5OCtxbTUzZ04wQkg2NGVYanRRSktsWVFIODR2UXFRZUc0Mmk3QThyZlNjT0xibm5ldXVZUFBJUGcwZ2JTU3FoQmREcUVCR0dLd3hnWVBPc24wRzAxVUFzWnBxNXZhSGx0V3BmMjBjOWJBWFFRZWt6VDc4VXpyQTAiLCJtYWMiOiI2NmU0NWVmMDcxMjE4NzcyYWM0YzJlMjBiYmU4ZTg1OWZiYzY1MjZhYjRhYWM1OGVkNmM4NWYzNzBhYmNhNWUyIn0%3D
HTTP/1.1 200 OK
Date: Thu, 17 Nov 2022 23:19:09 GMT
Content-Type: image/png
Content-Length: 5692
Connection: keep-alive
Cache-Control: max-age=2592000
Cf-Bgj: imgq:85,h2pri
Cf-Polished: status=not_needed
ETag: "5549a07c-163c"
Expires: Sat, 03 Dec 2022 22:33:44 GMT
Last-Modified: Wed, 06 May 2015 05:02:52 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
CF-Cache-Status: HIT
Age: 1212325
Accept-Ranges: bytes
Set-Cookie: __cf_bm=FdkgAzDN__iP9ras6P.MNnwd.Y_eDcBYsrIQjHPsrqU-1668727149-0-AecrKZK2iYdeSiGeFPlWVlEF+XrWyEWTfF/CxxdkGeI/42Isw8puBxfjmHiPIc7BoGN99KzWAgjrP+mG7NTAR8Y=; path=/; expires=Thu, 17-Nov-22 23:49:09 GMT; domain=.ouo.press; HttpOnly; SameSite=None
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76bc308db8ea0b61-OSL
ecdn.analysis.fi/static/js/fab.js
200 OK 4.2 kB URL HTTP/1.1 ecdn.analysis.fi/static/js/fab.js
IP
File type ASCII text, with very long lines (574)
Hash 28a0bef1ecb63168106f97b637ab3414
e577575dd115f6a95aea8c2ae87d2c30c8464728
d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6
GET /static/js/fab.js HTTP/1.1
Host: ecdn.analysis.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 4240
Connection: keep-alive
Server: nginx/1.20.0
Last-Modified: Tue, 14 Dec 2021 15:30:51 GMT
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Date: Thu, 17 Nov 2022 23:03:25 GMT
Expires: Fri, 18 Nov 2022 00:03:25 GMT
Cache-Control: max-age=3600
ETag: "61b8b8ab-1090"
X-Cache: Hit from cloudfront
Via: 1.1 180346a9751051e3a71bd41ea7db0e00.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR61-C2
X-Amz-Cf-Id: H5mvmqTFrCeh3gi5q4I03utcSo9hUE5Lxeem3j6E9RVfkK3PSqRr2g==
Age: 944
ecdn.firstimpression.io/fi_client.js
200 OK 100 kB URL HTTP/1.1 ecdn.firstimpression.io/fi_client.js
IP
File type ASCII text, with very long lines (618)
Size 100 kB (100257 bytes)
Hash da0e9f7508682e1c4802b7546ed2afc5
4bead08478e133257d96b8675040b8764db55a04
478bd9d0b606662577c1e91638f25b5a6667e2c9a458039b87d27440e66b4d64
GET /fi_client.js HTTP/1.1
Host: ecdn.firstimpression.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Date: Thu, 17 Nov 2022 22:59:24 GMT
Server: nginx/1.20.0
X-Powered-By: PHP/8.0.14
X-XSS-Protection: 0
Last-Modified: Thu, 17 Nov 2022 22:59:24 UTC
ETag: W/"5683a32504cd5268873a76ebef2e8cdc"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 bf3fb7c983566b28d7a18cf15d0b6bca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR61-P7
X-Amz-Cf-Id: cg7wBS7LUcS-13dYac2xeCKkm-SymB5BHj7jO3jWvrTHo5nyCj2w2w==
Age: 1185
ocsp.digicert.com/
200 OK 278 B IP
Hash 5b69a9f8e5b48e7bf0a05840546e4be2
e6df9dc72bd5f593bc71748df5df2e6866d94f3d
cfdf9b5a53be9d5e68492368276a5b2b298158481e0148ad4dd305db7e6b5915
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4992
Cache-Control: max-age=100381
Content-Type: application/ocsp-response
Date: Thu, 17 Nov 2022 23:19:09 GMT
Etag: "6375930a-116"
Expires: Sat, 19 Nov 2022 03:12:10 GMT
Last-Modified: Thu, 17 Nov 2022 01:48:58 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 278
tv.gourdycortes.com/1clkn/48786
200 OK 26 B URL HTTP/1.1 tv.gourdycortes.com/1clkn/48786
IP
File type ASCII text, with no line terminators
Hash 414a242a6fee8464282857e475d3ef61
f669890350347f53aa9bd19c1a355692e8d17d2f
d4914e81dd0b4c1d8ee8e789f6b369d107b93ac886f862930e1a98580e79aafa
GET /1clkn/48786 HTTP/1.1
Host: tv.gourdycortes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 17 Nov 2022 23:19:09 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Set-Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; expires=Fri, 18-Nov-2022 23:19:09 GMT; Max-Age=86400; path=/
GL_GI10=eJxNjM0KgkAYRW0qSwrjQg%2FQC2T%2Fi7bVMnThAwxmXzFg84kz%2FdjTpwbR5nI4cK7jOGLsQ6gcw%2B0i2M6D9TJYbNZoX4khwgjDlO%2FaFqXUyY3ghlw8kxJuQVfFGmK%2BwuDLMuUzoRtG0z%2FXRIPIZDzZ1z8lOqmqt1bwav52vaprXFuZHP4uU69JzNndVi8GniYrTU50hrdPThnNDvER%2Fs82H24LfWVkXvCrrHhk1Y3erEny5WLIVqr1cMUHDLFHVQ%3D%3D; expires=Fri, 18-Nov-2022 23:19:09 GMT; Max-Age=86400; path=/
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
itineraryupper.com/ed/36/01/ed36014633829dc70a42dccaefdf3f11.js
403 Forbidden 0 B URL HTTP/1.1 itineraryupper.com/ed/36/01/ed36014633829dc70a42dccaefdf3f11.js
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /ed/36/01/ed36014633829dc70a42dccaefdf3f11.js HTTP/1.1
Host: itineraryupper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 403 Forbidden
Server: nginx/1.19.5
Date: Thu, 17 Nov 2022 23:19:10 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
fonts.gstatic.com/s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2
200 OK 19 kB URL HTTP/1.1 fonts.gstatic.com/s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 19292, version 1.0\012- data
Hash 19007b17e56daa60133bce9e9b352a95
bac1384caeae5762e7a1d8c18037f69c8cd21bc4
fd88a03358ba14440b78c6329717bdf6ed1a9fe97c3ad4e0a0a39d31fb1ac546
GET /s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://ouo.press
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 19292
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 17 Nov 2022 15:32:26 GMT
Expires: Fri, 17 Nov 2023 15:32:26 GMT
Cache-Control: public, max-age=31536000
Age: 28004
Last-Modified: Wed, 27 Apr 2022 16:12:54 GMT
Content-Type: font/woff2
widgets.outbrain.com/images/widgetIcons/achoice.svg
200 OK 2.7 kB URL HTTP/2 widgets.outbrain.com/images/widgetIcons/achoice.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2290)
Hash 9d26fa4e7238ed94f1d0d92afb453b3e
ae18efe7d09337bf2f580b3f5bc912284aad7821
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
GET /images/widgetIcons/achoice.svg HTTP/1.1
Host: widgets.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/svg+xml
etag: "9d26fa4e7238ed94f1d0d92afb453b3e:1662969032.874716"
last-modified: Mon, 12 Sep 2022 07:37:47 GMT
server: AkamaiNetStorage
content-length: 2735
cache-control: max-age=2592000
expires: Sat, 17 Dec 2022 23:19:10 GMT
date: Thu, 17 Nov 2022 23:19:10 GMT
timing-allow-origin: *, *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
exchange.adtrue.com/delivery/impress?pzoneid=12953&ref=http%3A%2F%2Fouo.press%2FY1Mh4my&cb=1798541458&timeZone=0&adWidth=300&adHeight=250&loc=http://ouo.press/Y1Mh4my
301 Moved Permanently 0 B URL HTTP/1.1 exchange.adtrue.com/delivery/impress?pzoneid=12953&ref=http%3A%2F%2Fouo.press%2FY1Mh4my&cb=1798541458&timeZone=0&adWidth=300&adHeight=250&loc=http://ouo.press/Y1Mh4my
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /delivery/impress?pzoneid=12953&ref=http%3A%2F%2Fouo.press%2FY1Mh4my&cb=1798541458&timeZone=0&adWidth=300&adHeight=250&loc=http://ouo.press/Y1Mh4my HTTP/1.1
Host: exchange.adtrue.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 301 Moved Permanently
Date: Thu, 17 Nov 2022 23:19:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 18 Nov 2022 00:19:10 GMT
Location: https://exchange.adtrue.com/delivery/impress?pzoneid=12953&ref=http%3A%2F%2Fouo.press%2FY1Mh4my&cb=1798541458&timeZone=0&adWidth=300&adHeight=250&loc=http://ouo.press/Y1Mh4my
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KknMewbPb548eb2VApwYV0%2Ff8taREk4nYW%2FGfUyEx1qkI8uMZzCQGP9iaVlCy%2F60JV8c%2BXw9pzA8gqk9fVE5l7122HRB1DA4nQF7vSRo%2FujQqvLlAkQQGk2vS341tHVtVFn3ZvNk"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76bc3090ab7f75d8-LHR
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 759d55a9f00851e8653847413a8a3db5
2424e3d7aae0972c57bee3a60a50b3b8a82bba23
5d07bc72f8be0bc42f91b8cb202f4cdc83fb4e5f5f360998066dad08a7fef6ab
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 17 Nov 2022 23:19:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.adtrue.com/rtb/async.js
200 OK 3.1 kB URL HTTP/2 cdn.adtrue.com/rtb/async.js
IP
File type HTML document, ASCII text, with very long lines (7327), with no line terminators
Hash 66dd4051a561ae65030a7d5867add3d1
e388c67fcb6540a315410e5a3e3c1fc8cfffa567
ebc6fc86bf5ac49c4334deeb41342b163f28526ba8c421fe05c2acb23449a02c
GET /rtb/async.js HTTP/1.1
Host: cdn.adtrue.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ouo.press/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 17 Nov 2022 23:19:09 GMT
content-type: application/javascript
last-modified: Mon, 16 Nov 2020 01:20:45 GMT
etag: W/"5fb1d3ed-1c9f"
expires: Sun, 24 Sep 2023 03:43:46 GMT
cache-control: max-age=31104000
access-control-allow-origin: *
cf-cache-status: HIT
age: 4304123
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=25%2BlvsC85BRWphi7gz%2B09pwt%2FmjD8OIBlFNUMV4r%2FiTVkzfZz6MFd8yiUcXxyq2OTpHbrTv6%2FiRCbVTRuN8GppBmufav7yKEs4%2FULkCw%2FkeH0AMEVzfWhlGyjlSyTfMN9g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76bc308e6eae407d-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
200 OK 104 B URL HTTP/2 ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
IP
File type MS Windows icon resource - 2 icons, 16x16, 16 colors, 32x32, 16 colors\012- data
Hash 32ac8a9b81788b981a3a7e13c14082d4
fbfd48a2bfe8d4247a975176f88d18c3c2ad1952
00cc7617e054596ff0aaabd8a93a9214dc5304bfe317316022dbf4fb3ea073d2
GET /favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250 HTTP/1.1
Host: ad.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 104
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Thu, 17 Nov 2022 12:36:02 GMT
expires: Fri, 18 Nov 2022 12:36:02 GMT
cache-control: public, max-age=86400
age: 38588
last-modified: Tue, 08 May 2012 13:08:06 GMT
content-type: image/x-icon
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/recaptcha__en.js
200 OK 163 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/recaptcha__en.js
IP
File type ASCII text, with very long lines (668)
Size 163 kB (162590 bytes)
Hash 70dc760a0efad09d703883a39f7683b2
2bc70f2a100ff27d27a89d563dfe279590c8336b
2bc59eab94309c59fba62afa40dfd841fb83760714e9ec7248ce3e10ae05fd19
GET /recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162590
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Nov 2022 09:47:08 GMT
expires: Fri, 17 Nov 2023 09:47:08 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 07 Nov 2022 23:32:29 GMT
content-type: text/javascript
age: 48722
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 71821131fa0825a241bb6f95ad63a26a
4c676dbf861c2fca225bd1b9620237246ddfc724
f2dbe2a5c73657c35a660931a44cda1c1641c5b277ceea3d8fd7b4bfcacaf5ce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 17 Nov 2022 23:19:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash cc5d2427cc4ab8fb53bfe81024ac6dfe
7cf63e47ce6934eb4d1b6b6b737e2d0ea92b7694
3d0e364bcb1696e1ee536a16ef491002c05129be72018a9a13a4de5fe4c0b9d9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 17 Nov 2022 23:19:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.adtrue.com/pb/prebid.js
301 Moved Permanently 0 B URL HTTP/1.1 cdn.adtrue.com/pb/prebid.js
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pb/prebid.js HTTP/1.1
Host: cdn.adtrue.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 301 Moved Permanently
Date: Thu, 17 Nov 2022 23:19:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 18 Nov 2022 00:19:10 GMT
Location: https://cdn.adtrue.com/pb/prebid.js
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1C9PT4%2BuC0ZJzeCPUoVlJ9l2UVizQRPAmc24lmkqcSX45ggJKIzwNUEWhtprlpAaCHW6ZLzKJ46laklIX%2FRxBCGZaqxkoiYTrJdI8u3rped0mhVovdQk8%2B2cT97%2BnFGWLA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76bc30918a1e886b-LHR
alt-svc: h2=":443"; ma=60
track.adtrue.com/track/request?pzoneid=12953&domain=ouo.press&ref=http%3A%2F%2Fouo.press%2FY1Mh4my&loc=http%3A%2F%2Fouo.press%2FY1Mh4my
301 Moved Permanently 0 B URL HTTP/1.1 track.adtrue.com/track/request?pzoneid=12953&domain=ouo.press&ref=http%3A%2F%2Fouo.press%2FY1Mh4my&loc=http%3A%2F%2Fouo.press%2FY1Mh4my
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /track/request?pzoneid=12953&domain=ouo.press&ref=http%3A%2F%2Fouo.press%2FY1Mh4my&loc=http%3A%2F%2Fouo.press%2FY1Mh4my HTTP/1.1
Host: track.adtrue.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 17 Nov 2022 23:19:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 18 Nov 2022 00:19:10 GMT
Location: https://track.adtrue.com/track/request?pzoneid=12953&domain=ouo.press&ref=http%3A%2F%2Fouo.press%2FY1Mh4my&loc=http%3A%2F%2Fouo.press%2FY1Mh4my
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IA7qO4vJOrW5pR9OQTDNwKfybopwJeYNXyzKCYVm8nTYZbQUEQX4nmD4R1UTJ%2F3tpWsQf7QlKUsP%2FgIX1EonrLWVvX3tar%2BPaADKzB9%2BDbSiPi9jTIASmnzrZ6IqoLegO45O"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76bc3091b8d371ba-LHR
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash d6ec8dee2a1996c177b49398a45a4267
24de47e193eeba292a97cec6bca644c8188083b5
d371e3106f15dc34c50c96383c339653902a797faeeb4685c51eaaa506d59003
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 17 Nov 2022 23:19:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=GTM-NPLC9ST
200 OK 47 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=GTM-NPLC9ST
IP
File type ASCII text, with very long lines (1921)
Hash d1be2c75d04f455fe840d2b9b7498030
c500690e79240c6acdd4f616c4c2c3e002759ca3
3c78dce5d0129ea4cf828174ffe2746177383b2c945bd88ce9597505fc92787c
GET /gtag/js?id=GTM-NPLC9ST HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.adtrue.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 17 Nov 2022 23:19:10 GMT
expires: Thu, 17 Nov 2022 23:19:10 GMT
cache-control: private, max-age=900
last-modified: Thu, 17 Nov 2022 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 47045
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash d6ec8dee2a1996c177b49398a45a4267
24de47e193eeba292a97cec6bca644c8188083b5
d371e3106f15dc34c50c96383c339653902a797faeeb4685c51eaaa506d59003
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 17 Nov 2022 23:19:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 313 B IP
Hash d771f0fdad3a963309d13f1dd5fb83cd
e1a11ee086e4f71f207f521dfa967c67fd1a8142
4a197a371d8d1e225c275801e2fe4e392f44d9d367c1e3e20a5b8c5b770048a8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5042
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 17 Nov 2022 23:19:10 GMT
Last-Modified: Thu, 17 Nov 2022 21:55:08 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
200 OK 313 B IP
Hash d771f0fdad3a963309d13f1dd5fb83cd
e1a11ee086e4f71f207f521dfa967c67fd1a8142
4a197a371d8d1e225c275801e2fe4e392f44d9d367c1e3e20a5b8c5b770048a8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5042
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 17 Nov 2022 23:19:10 GMT
Last-Modified: Thu, 17 Nov 2022 21:55:08 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 313
status.geotrust.com/
200 OK 471 B IP
Hash 9b3e4759737154bfe77d32c7946192cb
0ac5f6fbe18a1e9bb1259c5d4d05128b25254510
e709c032dd036dccf38f9391d69094eaefe1b9ec24769cd26a5a8b2b8f6fefbc
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1426
Cache-Control: max-age=143974
Content-Type: application/ocsp-response
Date: Thu, 17 Nov 2022 23:19:10 GMT
Etag: "63764b42-1d7"
Expires: Sat, 19 Nov 2022 15:18:44 GMT
Last-Modified: Thu, 17 Nov 2022 14:54:58 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 471 B IP
Hash a63a6def343244b745071b0ecf42d5be
2822e3ae98095e434b0cf6560a2ec2f0c0d8068f
4503e37612c49ad45139a2013bb4820593600b7cd610630819ed748a78ce51d8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1816
Cache-Control: max-age=125259
Content-Type: application/ocsp-response
Date: Thu, 17 Nov 2022 23:19:10 GMT
Etag: "637600a1-1d7"
Expires: Sat, 19 Nov 2022 10:06:49 GMT
Last-Modified: Thu, 17 Nov 2022 09:36:33 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
bidder.criteo.com/cdb?profileId=207&av=34&wv=7.12.0-pre&cb=16241629653&lsavail=0
204 No Content 0 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=7.12.0-pre&cb=16241629653&lsavail=0
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdb?profileId=207&av=34&wv=7.12.0-pre&cb=16241629653&lsavail=0 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 406
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 17 Nov 2022 23:19:10 GMT
vary: Origin
server: Finatra
timing-allow-origin: *
access-control-allow-origin: http://ouo.press
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
200 OK 78 B URL HTTP/1.1 ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
IP
File type JSON data\012- , ASCII text
Hash 5b0c27070006f26e96424524eeea04ba
3638898a111accaab5ae3d80c02f2aacb1fb63f4
07e52816baa7a6661f629c84a8548e512c494e8968535658aabdaaeb2f4db1a6
GET /AdServer/js/pwt/155495/4202/pwt.js HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 200 OK
Last-Modified: Wed, 27 Oct 2021 05:33:12 GMT
ETag: "1241a12-3fca8-5cf4eee137dd8"
Server: Apache
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Type: text/javascript
Content-Length: 80538
Cache-Control: max-age=68609
Expires: Fri, 18 Nov 2022 18:22:39 GMT
Date: Thu, 17 Nov 2022 23:19:10 GMT
Connection: keep-alive
Vary: Accept-Encoding
gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1
200 OK 76 kB URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1
IP
Hash ae7e711b6ffdc18d8838ca9d34ed26e2
baf6903df42459c9c89e527c27bf127d1d37a3ff
a2c4306c9354cf9e61d73814dd673c194a29d0974526258c4e3f580cb187ff47
OPTIONS /sid/json?origin=prebid&topUrl=http%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: http://ouo.press/
Origin: http://ouo.press
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 17 Nov 2022 23:19:09 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: http://ouo.press
server-processing-duration-in-ticks: 437127
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
hhklc.com/c.js
200 OK 2.4 kB IP
File type ASCII text, with very long lines (8728), with no line terminators
Hash 481eefb00300e5d54aee0fb888437b81
474474f522c701e04737fbe59da8bdb398f08a8a
38e65c0ca6f82e2a3ba5556089a8fb247cd2ded7f3bd616cd6dc38a8449b0d7d
GET /c.js HTTP/1.1
Host: hhklc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ouo.press/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 17 Nov 2022 23:19:09 GMT
content-type: application/javascript
last-modified: Fri, 11 Nov 2022 16:10:23 GMT
etag: W/"636e73ef-2218"
server-asp-net: Asp Net
expires: Thu, 17 Nov 2022 23:47:15 GMT
cache-control: public, max-age=14400
cf-cache-status: HIT
age: 1014
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zdY6z90WeeJkHZcnNNRIe0BDN7k63VAGd0RCfw8OxYySWfBTzJmqdyfjhZ8uhlvilUWLcO%2BNQ5KYcf0v3FnbPXmDpgsw9t50qf4xE5HSghJGk%2BxS3lR4I7C7ghU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76bc308dbe73fac4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
status.geotrust.com/
200 OK 471 B IP
Hash 9b3e4759737154bfe77d32c7946192cb
0ac5f6fbe18a1e9bb1259c5d4d05128b25254510
e709c032dd036dccf38f9391d69094eaefe1b9ec24769cd26a5a8b2b8f6fefbc
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2259
Cache-Control: max-age=144807
Content-Type: application/ocsp-response
Date: Thu, 17 Nov 2022 23:19:10 GMT
Etag: "63764b42-1d7"
Expires: Sat, 19 Nov 2022 15:32:37 GMT
Last-Modified: Thu, 17 Nov 2022 14:54:58 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.adtrue.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Thu, 17 Nov 2022 22:41:09 GMT
expires: Fri, 18 Nov 2022 00:41:09 GMT
cache-control: public, max-age=7200
age: 2281
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
200 OK 11 kB URL HTTP/2 cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
IP
Hash 2a6b8323154eb17198dfcf72b3c936a0
d7f3b17a1513c65a567de314d2b58426062824da
ede4d60b5feaa5b2a9ed9ba3695d7fcfa2d1e6247b3c7f0be3d5a487008b46fa
GET /npm/prebid-universal-creative@latest/dist/creative.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.14.1
x-jsd-version-type: version
etag: W/"6c5a-y+sK0xXzH8ASLq957N20gljeHO8"
content-encoding: gzip
accept-ranges: bytes
date: Thu, 17 Nov 2022 23:19:10 GMT
age: 17726
x-served-by: cache-fra-eddf8230118-FRA, cache-bma1633-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 9244
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP
Hash 1094006ae9f852fbd8c2cdc91a443ab9
634f4839095db76bdc36a9a31a88b0c56334989d
97a44e971f1a322c99387d29bb180c34e403b7998ffa0066db925d1a0fcee202
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 17 Nov 2022 23:19:10 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "56E71D4FCA09341F40D4635E9532380879AF1B2D"
Expires: Fri, 18 Nov 2022 09:00:00 GMT
Last-Modified: Thu, 17 Nov 2022 21:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2834
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76bc3095aa28b4f9-OSL
c.amazon-adsystem.com/aax2/apstag.js
301 Moved Permanently 167 B URL HTTP/2 c.amazon-adsystem.com/aax2/apstag.js
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /aax2/apstag.js HTTP/1.1
Host: c.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
content-type: text/html
content-length: 167
location: https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
server: CloudFront
date: Thu, 17 Nov 2022 00:40:38 GMT
via: 1.1 93cfeed105500c4613cee2ee99f5f9a6.cloudfront.net (CloudFront), 1.1 6b08baae6d8fdc124eeea9f6d807fa9a.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-pop: LHR52-C1, LHR61-C2
x-amz-cf-id: LeM7WjSs5xSlrkYrGj843-9KwvG2tfgZBWYkn7XuMFOFWZHuuY2Ddw==
age: 81512
X-Firefox-Spdy: h2
cdn.firstimpression.io/delivery/spc_fi.php?id=7419&url=%2FY1Mh4my&charset=UTF-8&ch=23&ref=ouo.press&viewerId=null&referer=http://ouo.press/Y1Mh4my?__cf_chl_tk=PgtsN6bH4b1id0nsi44YYDcDenTFe1j3hp.9EFc6kwg-1668727145-0-gaNycGzNAv0&_firid=35611388
200 OK 5.8 kB URL HTTP/2 cdn.firstimpression.io/delivery/spc_fi.php?id=7419&url=%2FY1Mh4my&charset=UTF-8&ch=23&ref=ouo.press&viewerId=null&referer=http://ouo.press/Y1Mh4my?__cf_chl_tk=PgtsN6bH4b1id0nsi44YYDcDenTFe1j3hp.9EFc6kwg-1668727145-0-gaNycGzNAv0&_firid=35611388
IP
Hash bae576a47658e366f143f4c780e801e4
e9cc6819f90e47a55a6827f8ae7f2f8fcf5fb864
e50a9cc92911ab897833c79c2971c067a8f2f2f3a9faf57e0fbf96681c62f580
GET /delivery/spc_fi.php?id=7419&url=%2FY1Mh4my&charset=UTF-8&ch=23&ref=ouo.press&viewerId=null&referer=http://ouo.press/Y1Mh4my?__cf_chl_tk=PgtsN6bH4b1id0nsi44YYDcDenTFe1j3hp.9EFc6kwg-1668727145-0-gaNycGzNAv0&_firid=35611388 HTTP/1.1
Host: cdn.firstimpression.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
date: Thu, 17 Nov 2022 23:19:10 GMT
server: nginx/1.20.0
vary: Accept-Encoding
x-powered-by: PHP/8.0.14
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
expires: 0
access-control-allow-origin: http://ouo.press
access-control-allow-credentials: true
p3p: CP="CUR ADM OUR NOR STA NID"
set-cookie: OAID=GDPR; expires=Fri, 17-Nov-2023 23:19:10 GMT; Max-Age=31536000; path=/; secure; SameSite=none
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 744309b4af5d5f47fc919d02631e0bd0.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P7
x-amz-cf-id: zDeJn7sWkhKHge_mFSDOIGhaC2Gsys_GYDRFW3ZTnttYSpszYBFOgw==
X-Firefox-Spdy: h2
cdn.adtrue.com/rtb/passback.js
301 Moved Permanently 0 B URL HTTP/1.1 cdn.adtrue.com/rtb/passback.js
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rtb/passback.js HTTP/1.1
Host: cdn.adtrue.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 301 Moved Permanently
Date: Thu, 17 Nov 2022 23:19:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 18 Nov 2022 00:19:11 GMT
Location: https://cdn.adtrue.com/rtb/passback.js
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EAljUFm9Vx73if8tv6aO4yYy1Ly4fF1Dt%2BtfX%2FLK1J2NiMFuFj5qFb1DQkIgj07cVSA%2F%2BI3AJQxB9JFXea0o1UiPUn%2BenoVHZvwdIdbutcUPzbus551kmPw%2FmBUjs8asIw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76bc30968a33886b-LHR
alt-svc: h2=":443"; ma=60
bidder.criteo.com/cdb?profileId=207&av=34&wv=6.2.0&cb=23008201976
200 OK 259 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=6.2.0&cb=23008201976
IP
Hash d9d33df38e25593d43259d175016922c
1e1d2e39344c77c1ab6fbe7eeca66bb76fff455e
a18e4206a86115d5bdcd97da852c92acf50b953297c18489934cd2eefe2ed5e3
POST /cdb?profileId=207&av=34&wv=6.2.0&cb=23008201976 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 487
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 17 Nov 2022 23:19:10 GMT
vary: Origin
server: Finatra
content-type: application/json; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: http://ouo.press
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-encoding: gzip
content-length: 44
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
cdn.firstimpression.io/delivery/lg.php?bannerid=65637%7C65638%7C65639%7C83411%7C93863%7C100721&campaignid=18%7C15%7C9%7C44%7C43%7C22&zoneid=110459%7C110459%7C110459%7C110459%7C110459%7C110459
200 OK 21 B URL HTTP/2 cdn.firstimpression.io/delivery/lg.php?bannerid=65637%7C65638%7C65639%7C83411%7C93863%7C100721&campaignid=18%7C15%7C9%7C44%7C43%7C22&zoneid=110459%7C110459%7C110459%7C110459%7C110459%7C110459
IP
File type very short file (no magic)
Hash 2793f659087fed6a6c71efe62625fdab
6b40887d8b55314b057c3ea28e84a899a5e998cc
49835d7ac4b53fab922d54f8e59f6f53fda7becdcfb3e8887855bd6f7e8704fb
POST /delivery/lg.php?bannerid=65637%7C65638%7C65639%7C83411%7C93863%7C100721&campaignid=18%7C15%7C9%7C44%7C43%7C22&zoneid=110459%7C110459%7C110459%7C110459%7C110459%7C110459 HTTP/1.1
Host: cdn.firstimpression.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Cookie: OAID=GDPR
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
date: Thu, 17 Nov 2022 23:19:11 GMT
server: nginx/1.20.0
vary: Accept-Encoding
x-powered-by: PHP/8.0.14
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
expires: 0
access-control-allow-origin: http://ouo.press
p3p: CP="CUR ADM OUR NOR STA NID"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 744309b4af5d5f47fc919d02631e0bd0.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P7
x-amz-cf-id: 2DHGKZ8t2YaOCNE6igdvH60TwyP9ZevqwLAQfbeOLrFNQ17sqrcRnw==
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 0168b58613aa87ebea06f19beaa63b28
fa552715805d365a9243a7bf7e2e7a59e3fe8668
5e779b05e30fbde852b2c5a1c43370f71db2de5210718cac143c1b2981116bc1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3750
Cache-Control: max-age=96621
Content-Type: application/ocsp-response
Date: Thu, 17 Nov 2022 23:19:11 GMT
Etag: "63758936-1d7"
Expires: Sat, 19 Nov 2022 02:09:32 GMT
Last-Modified: Thu, 17 Nov 2022 01:07:02 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
ib.adnxs.com/ut/v3/prebid
200 OK 553 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP
Hash 346a02849e6f0e436ad5afa1e4f850de
3800c995674322402683a2fc4f10cf07d6d451ec
4a208ffddf24f31d777cd18a1248f7c6a4607c7c04cac92c6bf9b5d51dbc49d2
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 562
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Thu, 17 Nov 2022 23:19:11 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 145
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://ouo.press
AN-X-Request-Uuid: afe52b4c-488c-4af0-8366-bfb92d0307f8
Set-Cookie: icu=ChgIw6tREAoYASABKAEw74LbmwY4AUABSAEQ74LbmwYYAA..; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 15-Feb-2023 23:19:11 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=6639129069792839063; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 15-Feb-2023 23:19:11 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ocsp.digicert.com/
200 OK 279 B IP
Hash bffc3eb7661cb4b05ee5aff1fa618c1a
edf71e26cf8d956aafadcc82b3f296cb875c79b8
d27bdc90f877efda6c04f9134a84d319ada0e820999f7171014793355ee80cf9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 733
Cache-Control: max-age=107257
Content-Type: application/ocsp-response
Date: Thu, 17 Nov 2022 23:19:11 GMT
Etag: "6375be8b-117"
Expires: Sat, 19 Nov 2022 05:06:48 GMT
Last-Modified: Thu, 17 Nov 2022 04:54:35 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 279
jsc.adskeeper.com/a/d/adtrue.ouo.press.991771.js
200 OK 931 B URL HTTP/2 jsc.adskeeper.com/a/d/adtrue.ouo.press.991771.js
IP
File type ASCII text, with very long lines (2388)
Hash 8e8d7a0a62663d5f7c415376384593c2
f7cd825a352266b8c5b4b0dfea749c967d26b22d
222d7503ac4a040176b2029a74c3fda84012d21742a4b7deca73243d521fc3de
GET /a/d/adtrue.ouo.press.991771.js HTTP/1.1
Host: jsc.adskeeper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 17 Nov 2022 23:19:11 GMT
content-type: text/javascript
content-length: 931
x-amz-id-2: DpAKct+ZZ8szDYgVNbB8CXlKoVt69Zzm6eUVI25PqgSFU4H5qOaoZOc2FaKbUe1Lt6Kn8tZGGlY=
x-amz-request-id: C76KDVMKZRK8NR4W
last-modified: Thu, 03 Nov 2022 11:38:04 GMT
etag: "8e8d7a0a62663d5f7c415376384593c2"
content-encoding: gzip
x-amz-version-id: SBZDoO6KUGsi9aXrwr03p7YsWy_YVSlV
cf-cache-status: HIT
age: 2001
expires: Fri, 18 Nov 2022 03:19:11 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76bc30985cbcb505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
jsc.adskeeper.com/a/d/adtrue.ouo.press.991771.es6.js
200 OK 77 kB URL HTTP/2 jsc.adskeeper.com/a/d/adtrue.ouo.press.991771.es6.js
IP
File type HTML document text\012- HTML document, ASCII text, with very long lines (33588)
Hash 230cc82ca6b0866e990314cbc9027a3a
82d5affc0fcc38fc96045c481adf1da072ac1d3f
7d10f7267c9a69a121fd36026a7b5f25e9e94b310a9ea25e7b554507d02ba5a3
GET /a/d/adtrue.ouo.press.991771.es6.js HTTP/1.1
Host: jsc.adskeeper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 17 Nov 2022 23:19:11 GMT
content-type: text/javascript
content-length: 77407
x-amz-id-2: WWd9x0Gq6FvGsNtCKDMctOFIq+uCBEfh9T/M/AdM6C8Q45tvN/NL0hn3dvzjvhsTm8Q8n1X6W6CfG6NVPxWmcg==
x-amz-request-id: ZQANRS00VQFHFH7W
last-modified: Thu, 03 Nov 2022 14:15:36 GMT
etag: "230cc82ca6b0866e990314cbc9027a3a"
content-encoding: gzip
x-amz-version-id: lLRYvMywT8mphRmbRVyHVkxgXiOMWoKg
cf-cache-status: HIT
age: 2000
expires: Fri, 18 Nov 2022 03:19:11 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76bc30987cd6b505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash bffc3eb7661cb4b05ee5aff1fa618c1a
edf71e26cf8d956aafadcc82b3f296cb875c79b8
d27bdc90f877efda6c04f9134a84d319ada0e820999f7171014793355ee80cf9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 733
Cache-Control: max-age=107257
Content-Type: application/ocsp-response
Date: Thu, 17 Nov 2022 23:19:11 GMT
Etag: "6375be8b-117"
Expires: Sat, 19 Nov 2022 05:06:48 GMT
Last-Modified: Thu, 17 Nov 2022 04:54:35 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 279
fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18438&site_id=202928&zone_id=1317174&size_id=2&rp_schain=1.0,1!firstimpression.io,7419,1,,,&rf=http%3A%2F%2Fouo.press%2FY1Mh4my&kw=ouo.press%2Cshortlinks%2Clinkshortener%2CfreeURLshortener&tg_i.ref=http%3A%2F%2Fouo.press%2FY1Mh4my&tg_i.page=http%3A%2F%2Fouo.press%2FY1Mh4my&tg_i.domain=ouo.press&tg_i.figroup=a9&tk_flint=pbjs_lite_v6.2.0&x_source.tid=841b6d33-db39-4efe-b0e2-9bf44c97291f&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9717373733668245
200 OK 348 B URL HTTP/2 fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18438&site_id=202928&zone_id=1317174&size_id=2&rp_schain=1.0,1!firstimpression.io,7419,1,,,&rf=http%3A%2F%2Fouo.press%2FY1Mh4my&kw=ouo.press%2Cshortlinks%2Clinkshortener%2CfreeURLshortener&tg_i.ref=http%3A%2F%2Fouo.press%2FY1Mh4my&tg_i.page=http%3A%2F%2Fouo.press%2FY1Mh4my&tg_i.domain=ouo.press&tg_i.figroup=a9&tk_flint=pbjs_lite_v6.2.0&x_source.tid=841b6d33-db39-4efe-b0e2-9bf44c97291f&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9717373733668245
IP
File type JSON data\012- , ASCII text, with very long lines (348), with no line terminators
Hash 418072fa64f0b9ee2f71b92d86c04154
1b05d0d9946da4a6e2178abfd1a2cf8d30c999b3
b54a8832a1cda34c6fa4cb1e074c02ea583ab17d5e884d11e96c4cbb11948239
GET /a/api/fastlane.json?account_id=18438&site_id=202928&zone_id=1317174&size_id=2&rp_schain=1.0,1!firstimpression.io,7419,1,,,&rf=http%3A%2F%2Fouo.press%2FY1Mh4my&kw=ouo.press%2Cshortlinks%2Clinkshortener%2CfreeURLshortener&tg_i.ref=http%3A%2F%2Fouo.press%2FY1Mh4my&tg_i.page=http%3A%2F%2Fouo.press%2FY1Mh4my&tg_i.domain=ouo.press&tg_i.figroup=a9&tk_flint=pbjs_lite_v6.2.0&x_source.tid=841b6d33-db39-4efe-b0e2-9bf44c97291f&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9717373733668245 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.21.4
date: Thu, 17 Nov 2022 23:19:11 GMT
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-credentials: true
access-control-allow-origin: http://ouo.press
pragma: no-cache
vary: Accept-Encoding
set-cookie: khaos=LALP26N5-23-COCY; Domain=.rubiconproject.com; Path=/; Expires=Fri, 17-Nov-2023 23:19:11 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|naVuGyos1qrHUULHD76oTu9DtVM30fCgyAxZlNGFrOjnfg2tUeaJt5ZjSCqH74hcJhsHlJbldDdJwe9iGXKQTKZr5ZVxLWDe; Domain=.rubiconproject.com; Path=/; Expires=Fri, 17-Nov-2023 23:19:11 GMT; Max-Age=31536000; SameSite=None; Secure
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 348
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
200 OK 145 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash a7da0ac1f166a6121be1ed4e03746bbd
e37a490006b7230fc1ec88750b0e3de8e953964d
e5d076b777ff00eef4e565999bfbcd9d2fe484861b26e0fa228ae84945a5ab74
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 682
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Thu, 17 Nov 2022 23:19:11 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 145
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://ouo.press
AN-X-Request-Uuid: d1f81e5b-d33e-4cde-951d-ded6d2a482b4
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
tag.1rx.io/rmp/212927/0/mvo?z=1r&hbv=6.2,2.1
204 No Content 90 kB URL HTTP/2 tag.1rx.io/rmp/212927/0/mvo?z=1r&hbv=6.2,2.1
IP
Hash b2dc4e5d488f52b72a321930a00970ac
a66e0b7277b4aa8aacc2e7275e4e249223c0f79e
276703e2d819ccd1e54d29ef977428076f708ee9a302c72cf09e8d9bafdb0dc6
POST /rmp/212927/0/mvo?z=1r&hbv=6.2,2.1 HTTP/1.1
Host: tag.1rx.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 617
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 17 Nov 2022 23:19:11 GMT
access-control-allow-origin: http://ouo.press
access-control-allow-credentials: true
pragma: no-cache
cache-control: private, max-age=0, no-cache, no-store
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 314 B IP
Hash 077d34b9decf907aad6a16b6e83ca632
1e1a18d55f38b7203ca0d75a5206df4cc1881542
fe601ebd50952972d8f08a9f4aabdeb798c0aa4508998bfe012cc317a23031f7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 350
Cache-Control: max-age=167403
Content-Type: application/ocsp-response
Date: Thu, 17 Nov 2022 23:19:11 GMT
Etag: "6376aafc-13a"
Expires: Sat, 19 Nov 2022 21:49:14 GMT
Last-Modified: Thu, 17 Nov 2022 21:43:24 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 314
c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
200 OK 2.6 kB URL HTTP/1.1 c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
IP
File type ASCII text, with very long lines (6482), with no line terminators
Hash 7c02d92c228e02f2ddfec1a48bdb044d
e4cc88b704d6cf3af8cd4949f5c5eee606a573a3
07f71d82eeb36040c2c3fe12bdc73cb8fe3e7e4890f05981842feb491f24020c
GET /bao-csm/aps-comm/aps_csm.js HTTP/1.1
Host: c.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Max-Age: 3000
Last-Modified: Tue, 08 Nov 2022 20:12:15 GMT
x-amz-version-id: 73Lfxs6DHpOgTaZAZUymb39ifEt2PRR2
Server: AmazonS3
Content-Encoding: gzip
Date: Thu, 17 Nov 2022 16:59:11 GMT
Cache-Control: public, max-age=86400
ETag: W/"a4d296427fc806b21335359e398c025c"
Vary: Accept-Encoding,Origin
X-Cache: Hit from cloudfront
Via: 1.1 9d050fbf11362165fc47c03a14392c36.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR61-C2
X-Amz-Cf-Id: BeYvTJKf2g0BmjBJa86IbuvuYgQQW3ZGOJvjz0EQLGdy6fW-Nc65BQ==
Age: 22801
c.amazon-adsystem.com/cdn/prod/config?src=600&u=http%3A%2F%2Fouo.press&pubid=4cd01fd0-0780-4b33-a4da-c39467660185
204 No Content 0 B URL HTTP/2 c.amazon-adsystem.com/cdn/prod/config?src=600&u=http%3A%2F%2Fouo.press&pubid=4cd01fd0-0780-4b33-a4da-c39467660185
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cdn/prod/config?src=600&u=http%3A%2F%2Fouo.press&pubid=4cd01fd0-0780-4b33-a4da-c39467660185 HTTP/1.1
Host: c.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
access-control-allow-origin: http://ouo.press
access-control-allow-credentials: true
cache-control: max-age=21550, s-maxage=21600
date: Thu, 17 Nov 2022 23:19:11 GMT
server: Server
x-cache: Miss from cloudfront
via: 1.1 6b08baae6d8fdc124eeea9f6d807fa9a.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
x-amz-cf-id: -qnnuqjfaHDBoM0MgQkIxF1pUjOX75fNmdb04yLfvDki5ueY3sgxvA==
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 313 B IP
Hash e0e62391672f062eaeb99842f6a3895e
9eb182fc3f6761627b022e9aad7d98674132ef1e
d0e4462153aca82e596b79fd8e03f58e544046c04042489e023cef4edc3db0c4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5130
Cache-Control: max-age=157779
Content-Type: application/ocsp-response
Date: Thu, 17 Nov 2022 23:19:11 GMT
Etag: "637672b8-139"
Expires: Sat, 19 Nov 2022 19:08:50 GMT
Last-Modified: Thu, 17 Nov 2022 17:43:20 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 313
d3div1mtym39ic.cloudfront.net/aax2/apstag.js
200 OK 40 kB URL HTTP/2 d3div1mtym39ic.cloudfront.net/aax2/apstag.js
IP
File type ASCII text, with very long lines (65456)
Hash 25cfa92153a2a0f5ca8828b826a0be29
59e2f14c179869ee3ad9b3947c90fc1862c8b436
7b6a0143ba01efefadc9d854654b163206be7131f0e36f60108debf795ae6cc4
GET /aax2/apstag.js HTTP/1.1
Host: d3div1mtym39ic.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ouo.press/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 09 Nov 2022 20:51:50 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
date: Thu, 17 Nov 2022 22:26:46 GMT
cache-control: public, max-age=3600
etag: W/"fa24fe2b94a2fc864b1ec67f32e8db32"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 23f61cf92a98db6b426338b85a31b05e.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C4
x-amz-cf-id: Fpe0x0VacHeeqQ5F6g9HunUvz6KyP5GrdDCkeyB08npjQ4cpjRGlrg==
age: 3146
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 313 B IP
Hash 3aa1b8cdcf0411d27a28534ef6fb8692
9352252199c8c6b63fcecc3e43bc19489162ff5d
d4668168068e7334c8433858372ffafde7c487af6b82f216ecf1642169ad7db1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 242
Cache-Control: max-age=125157
Content-Type: application/ocsp-response
Date: Thu, 17 Nov 2022 23:19:12 GMT
Etag: "63760663-139"
Expires: Sat, 19 Nov 2022 10:05:09 GMT
Last-Modified: Thu, 17 Nov 2022 10:01:07 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 313
dnacdn.net/dna
200 OK 446 B IP
Hash d94cf50ef200591f5cd1e730432bfa18
b55be31c193322ef9d838a1170761aaaa5c32ed1
829c5d486a5c4a01322b892fa28d1f2cbc4e78c3c659c15edbc0dc6d7a10bd9d
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=JCyv0F80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3prV0k0a3N0MkV2emZ0Wms4cUIlMkZjUU12MER3RlZpQVUyYk1VV2pDTk1MMQ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 17 Nov 2022 23:19:11 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=-LJS0l80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3prV0k0a3N0MkV2emZ0Wms4cUIlMkZjVFI3YkJadGhyJTJGMSUyQjZLa1FRMFg5WFc; expires=Tue, 12 Dec 2023 23:19:11 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 346677
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=http%3A%2F%2Fouo.press%2FY1Mh4my&pr=http%3A%2F%2Fouo.press%2FY1Mh4my%3F__cf_chl_tk%3DPgtsN6bH4b1id0nsi44YYDcDenTFe1j3hp.9EFc6kwg-1668727145-0-gaNycGzNAv0&pid=1uOmJ1z94nsI4&cb=0&ws=728x90&v=22.1107.1609&t=2000&slots=%5B%7B%22sd%22%3A%2293863%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%5D&schain=1.0%2C1!firstimpression.io%2C7419%2C1%2C%2C%2C&pubid=4cd01fd0-0780-4b33-a4da-c39467660185&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
200 OK 145 B URL HTTP/2 aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=http%3A%2F%2Fouo.press%2FY1Mh4my&pr=http%3A%2F%2Fouo.press%2FY1Mh4my%3F__cf_chl_tk%3DPgtsN6bH4b1id0nsi44YYDcDenTFe1j3hp.9EFc6kwg-1668727145-0-gaNycGzNAv0&pid=1uOmJ1z94nsI4&cb=0&ws=728x90&v=22.1107.1609&t=2000&slots=%5B%7B%22sd%22%3A%2293863%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%5D&schain=1.0%2C1!firstimpression.io%2C7419%2C1%2C%2C%2C&pubid=4cd01fd0-0780-4b33-a4da-c39467660185&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
IP
File type ASCII text, with no line terminators
Hash 08277625ee7f1ccb496871fdd28bfe02
755393c8081d54bae010f945ef0ea0fe804bd3f6
431d0fedfe2e291689de246b405f4b16c29650f03bee9c28ddb09a70b347e040
GET /e/dtb/bid?src=600&u=http%3A%2F%2Fouo.press%2FY1Mh4my&pr=http%3A%2F%2Fouo.press%2FY1Mh4my%3F__cf_chl_tk%3DPgtsN6bH4b1id0nsi44YYDcDenTFe1j3hp.9EFc6kwg-1668727145-0-gaNycGzNAv0&pid=1uOmJ1z94nsI4&cb=0&ws=728x90&v=22.1107.1609&t=2000&slots=%5B%7B%22sd%22%3A%2293863%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%5D&schain=1.0%2C1!firstimpression.io%2C7419%2C1%2C%2C%2C&pubid=4cd01fd0-0780-4b33-a4da-c39467660185&gdprl=%7B%22status%22%3A%22no-cmp%22%7D HTTP/1.1
Host: aax-dtb-cf.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
content-length: 145
access-control-allow-origin: http://ouo.press
access-control-allow-credentials: true
timing-allow-origin: *
date: Thu, 17 Nov 2022 23:19:11 GMT
server: Server
x-cache: Miss from cloudfront
via: 1.1 f758c2c588bf48b72686b6d10cca72ca.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P5
x-amz-cf-id: HrYdEb_RB3q2EwHKucT17ogd7TnNAuQEQxJYqrLcD9mrIdVSrNNf1Q==
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 4654d423a2877ed395abec022b6db280
f9942f5624ca26b02c724983a71028e47d49ad9a
acf7116b67c597ab79dc74660fc6fe72b65edab3a32b752b7168063c1a236962
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ACF7116B67C597AB79DC74660FC6FE72B65EDAB3A32B752B7168063C1A236962"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3602
Expires: Fri, 18 Nov 2022 00:19:14 GMT
Date: Thu, 17 Nov 2022 23:19:12 GMT
Connection: keep-alive
ocsp.sectigo.com/
200 OK 471 B IP
Hash 4b85ce7a65c53ca698df2ce09f935ced
3f2a31d95da4de1d20fb90bb99662f0993880b6a
e379364f421cf1a312fee0f6addcfb80e8674f918dc48037655fdc1510cafeca
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 17 Nov 2022 23:19:12 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 16 Nov 2022 13:42:54 GMT
Expires: Wed, 23 Nov 2022 13:42:53 GMT
Etag: "3f2a31d95da4de1d20fb90bb99662f0993880b6a"
Cache-Control: max-age=483220,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76bc309fed53b515-OSL
match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
301 Moved Permanently 134 B URL HTTP/1.1 match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4aa7a432bb447f094408f1bd6229c605
1965c4952cc8c082a6307ed67061a57aab6632fa
34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a
GET /track/rid?ttd_pid=pubmatic&fmt=json HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: text/plain
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 301 Moved Permanently
Server: awselb/2.0
Date: Thu, 17 Nov 2022 23:19:12 GMT
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Location: https://match.adsrvr.org:443/track/rid?ttd_pid=pubmatic&fmt=json
static.criteo.net/js/ld/publishertag.prebid.123.js
200 OK 34 kB URL HTTP/2 static.criteo.net/js/ld/publishertag.prebid.123.js
IP
Hash 33a7dbb4c7b3792ea49dbd440be57972
8cf57c6f5529e924f348eb03bb2195de720d84ae
3a0b5cf214d2514923fca684490e64b3bfe6d9c3e43d7cfe31b0ef9b8e5a1e8a
GET /js/ld/publishertag.prebid.123.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 17 Nov 2022 23:19:11 GMT
content-type: text/javascript
last-modified: Tue, 03 May 2022 11:21:03 GMT
etag: W/"6271101f-15b58"
expires: Fri, 18 Nov 2022 23:19:11 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1
200 OK 19 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1
IP
Hash 63dfbd2b39fe4f536a04e7b32ada47b4
207298c4a215ad5d97d888522927910ae772ba48
26e51290d12b4fea0bb98da3ed118837b744555ba723061771ab3df30000b6b7
GET /sid/json?origin=prebid&topUrl=http%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 17 Nov 2022 23:19:09 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: http://ouo.press
server-processing-duration-in-ticks: 917470
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash 4228d80f72688c0386640fd92c2bd3d1
7d2f8969fff09766ee184701c433744c808d85cc
3cead07c1d49808a76f29c99d362732ca692e496d82c922143c9bb8c78b018dc
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Thu, 17 Nov 2022 23:19:13 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 17 Nov 2022 21:25:59 GMT
Expires: Fri, 18 Nov 2022 21:25:59 GMT
ETag: "7d2f8969fff09766ee184701c433744c808d85cc"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
id.crwdcntrl.net/id
200 OK 43 B IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 90eeff5111bbbdce769d4130cc3cca3c
d62886c1a85d51814cb7f124761c5e6aca6d8933
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
GET /id HTTP/1.1
Host: id.crwdcntrl.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 17 Nov 2022 23:19:12 GMT
content-type: application/json;charset=utf-8
content-length: 43
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.3.79
access-control-allow-credentials: true
access-control-allow-origin: http://ouo.press
server: Jetty(9.4.38.v20210224)
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash 4b85ce7a65c53ca698df2ce09f935ced
3f2a31d95da4de1d20fb90bb99662f0993880b6a
e379364f421cf1a312fee0f6addcfb80e8674f918dc48037655fdc1510cafeca
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 17 Nov 2022 23:19:12 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 16 Nov 2022 13:42:54 GMT
Expires: Wed, 23 Nov 2022 13:42:53 GMT
Etag: "3f2a31d95da4de1d20fb90bb99662f0993880b6a"
Cache-Control: max-age=483220,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76bc30a09dcdb515-OSL
gem.gbc.criteo.com/newidsd
200 OK 5.6 kB URL HTTP/2 gem.gbc.criteo.com/newidsd
IP
File type JSON data\012- HTML document text\012- HTML document, ASCII text, with very long lines (15863), with no line terminators
Hash dcd3940de8a1f07ac866f09031ecda38
1db4e00eb923f428ce928d75b833a74941715e27
0f3719559e3da6697fe0266727042165cd626b9db344e500a5abfaba37d7caf5
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Thu, 17 Nov 2022 23:19:11 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 101490
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&pbt=1&lsw=1
200 OK 82 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&pbt=1&lsw=1
IP
Hash 9c58388669be579d75839b8f7250a77f
cef17cc5cb8f411fc025fcbda929bf8cc4e2734d
569a40105c40e468ce76dabcf983f5e0c40a8989939141f72bf2304e59b14117
OPTIONS /sid/json?origin=prebid&topUrl=http%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&pbt=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: http://ouo.press/
Origin: http://ouo.press
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 17 Nov 2022 23:19:14 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: http://ouo.press
server-processing-duration-in-ticks: 400732
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
simage4.pubmatic.com/AdServer/SPug?o=1&p=155495&sc=1&u=CF7267A9-E6DA-4571-8161-8D57A66DFA14&rs=3&gdpr=0&gdpr_consent=&us_privacy=
200 OK 1.3 kB URL HTTP/2 simage4.pubmatic.com/AdServer/SPug?o=1&p=155495&sc=1&u=CF7267A9-E6DA-4571-8161-8D57A66DFA14&rs=3&gdpr=0&gdpr_consent=&us_privacy=
IP
File type HTML document text\012- HTML document, ASCII text, with very long lines (1720)
Hash e5dd36e3bf27b0b3040e7fda793cad90
106f7792c69f913e5b3cc8ebfa56fdc1a8b97951
2bb10f11e32f539db2e8f562ef1d5da9fc2ddd887d37ca9cc11e9859e835ec02
GET /AdServer/SPug?o=1&p=155495&sc=1&u=CF7267A9-E6DA-4571-8161-8D57A66DFA14&rs=3&gdpr=0&gdpr_consent=&us_privacy= HTTP/1.1
Host: simage4.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
date: Thu, 17 Nov 2022 23:19:14 GMT
content-type: text/html; charset=utf-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
content-encoding: gzip
X-Firefox-Spdy: h2
static.criteo.net/js/ld/publishertag.prebid.js
200 OK 0 B URL HTTP/2 static.criteo.net/js/ld/publishertag.prebid.js
IP
GET /js/ld/publishertag.prebid.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 17 Nov 2022 23:19:11 GMT
content-type: text/javascript
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
etag: W/"6356752f-16294"
expires: Fri, 18 Nov 2022 23:19:11 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ag.gbc.criteo.com/newidsd
200 OK 0 B URL HTTP/2 ag.gbc.criteo.com/newidsd
IP
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Thu, 17 Nov 2022 23:19:11 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 115596
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
challenges.cloudflare.com/turnstile/v0/75e640aa/api.js?onload=_cf_chl_turnstile_l&render=explicit
200 OK 0 B URL HTTP/2 challenges.cloudflare.com/turnstile/v0/75e640aa/api.js?onload=_cf_chl_turnstile_l&render=explicit
IP
GET /turnstile/v0/75e640aa/api.js?onload=_cf_chl_turnstile_l&render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 17 Nov 2022 23:19:07 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000
vary: Accept-Encoding
server: cloudflare
cf-ray: 76bc307f6a24b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ecdn.firstimpression.io/static/js/fiamp.js
200 OK 0 B URL HTTP/2 ecdn.firstimpression.io/static/js/fiamp.js
IP
GET /static/js/fiamp.js HTTP/1.1
Host: ecdn.firstimpression.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
server: nginx/1.20.0
last-modified: Fri, 08 Apr 2022 08:48:22 GMT
access-control-allow-origin: *
content-encoding: gzip
date: Thu, 17 Nov 2022 22:21:54 GMT
expires: Thu, 17 Nov 2022 23:21:54 GMT
cache-control: max-age=3600
etag: W/"624ff6d6-1b8e9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 744309b4af5d5f47fc919d02631e0bd0.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P7
x-amz-cf-id: eDp-JZCLCol7rNP8bvyf7EZCjdvAFbFenXiRV99IQOAB9PVgq-VoWA==
age: 3436
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&pbt=1&lsw=1
200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&pbt=1&lsw=1
IP
GET /sid/json?origin=prebid&topUrl=http%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&pbt=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 17 Nov 2022 23:19:14 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: http://ouo.press
server-processing-duration-in-ticks: 530155
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
dnacdn.net/dna
200 OK 0 B IP
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Cookie: browser_data=-LJS0l80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3prV0k0a3N0MkV2emZ0Wms4cUIlMkZjVFI3YkJadGhyJTJGMSUyQjZLa1FRMFg5WFc
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 17 Nov 2022 23:19:14 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=3gUPMV80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3prV0k0a3N0MkV2emZ0Wms4cUIlMkZjUURITU5YMFlSZDNsTUg0dEJuUUZETg; expires=Tue, 12 Dec 2023 23:19:14 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: http://ouo.press
server-processing-duration-in-ticks: 293165
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
104.22.59.251
34.102.187.140
151.101.85.229
23.38.201.81
104.18.21.226
213.19.147.43
178.250.2.146
52.19.187.82
172.255.6.48
37.252.171.21