ouo.io/xNNZFxn
104.22.22.162301 Moved Permanently 0 B IP 104.22.22.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /xNNZFxn HTTP/1.1
Host: ouo.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 22 Sep 2022 12:50:53 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 22 Sep 2022 13:50:53 GMT
Location: https://ouo.io/xNNZFxn
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74eb2b396fb00b55-OSL
firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 22 Sep 2022 12:13:58 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: pOE_EN-CgssVKrXUvCnGgc9EInQguibSUoJI0pNewNsNRuYXvd3E3w==
Age: 2215
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a26d0784548ecab22f417f3d689daf23
8893b79366bbadeb5c8d587b8f023e310694df1c
35baaae7b3ce3110ebb2b075881cfab55ecf3eab57d834283fd18ac691b41fa2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35BAAAE7B3CE3110EBB2B075881CFAB55ECF3EAB57D834283FD18AC691B41FA2"
Last-Modified: Tue, 20 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3227
Expires: Thu, 22 Sep 2022 13:44:40 GMT
Date: Thu, 22 Sep 2022 12:50:53 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 22 Sep 2022 04:35:15 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: uycdaMm3axSO5H6YsKNTu8nFcoRQflNYZSvF_Vm7VupB48jlAjhDjw==
age: 29739
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 12:50:53 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Thu, 22 Sep 2022 12:03:22 GMT
Expires: Thu, 22 Sep 2022 12:11:58 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: BxTxLkujtU0BmbEMtOrPjzYDqt-55wugWebg0sBFN47Lq1GXcVR9yg==
Age: 2851
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 86624f45fb3b7126dbe002f69c94dd86
30bcf274db5037122f989fb25dbf1e72c9ec417b
2cc9600578cf057dc499835773fb495caa60ac154c4945f0fc1f2b31d43f5502
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5576
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 12:50:53 GMT
Last-Modified: Thu, 22 Sep 2022 11:17:57 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
ouo.press/images/world.png
104.22.58.251200 OK 5.7 kB URL HTTP/2 ouo.press/images/world.png
IP 104.22.58.251:0
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 4eea420a8830a6d695114427bf52b556
35579e7f1a656beb3a07a7093166ff37c634bade
70f03c74cc197cf154af36fa552a448d9ffebb55081c96e55ef4cf469123fe22
GET /images/world.png HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/xNNZFxn
Cookie: ouoio_session=eyJpdiI6ImFEUEFBSzJDcGN1cmpZcjBDOGN6d25GZkN6QWNSdHdlXC9cL2w0V2JNaUZ4ST0iLCJ2YWx1ZSI6IkpKOEw0a3dwMG9ISGVpVTIwRGpiZ1N4b0FiVU9HcVNKSkE4R1lcL1hiQVBadlVNeWdcL2tZVXVaald2T01ZWitSZEhQVHh5ZnlpbTJDOStpZHpoeSs1b2c9PSIsIm1hYyI6ImUwNGYzNDk2MzE1M2EwZWUzZjFmZWViNjhlMDcyOGUxMDY4OGZlNzFhYzc3MmMxNGJiY2U4NmZmNDNlOWZmYjIifQ%3D%3D; language=eyJpdiI6IkxYRHZFWGx5dlk0YVpJMWJBZEtVdEM5eGFrVE93eGZ6Z1wvRTducWtIcUJJPSIsInZhbHVlIjoiUjJ2WEZZQ0NLOWJHNFhaNXVobVZEeWVIUnlmcmh1cTlsdVAydlR5XC80MHM9IiwibWFjIjoiM2U1N2ZhNTJlNDI0NWZkZmZmZGFlYTU0NmE4YWRkODRiZDUyMzlmMTg1MTdiOWE5ZmIzNmFjZGM5MDEwYzRjZCJ9; 5a55e5a19ab03ba43e98979e14e085800a98e9fa=eyJpdiI6IjJPbGkxNVd1enNIQUsrenppTEMyaG00REtBN1p3S3RuVGpuVndVSGVYclE9IiwidmFsdWUiOiJoMmRuZkV3VjZaeUdmNloxTk9KODRXUmtUSmRnbTltVEpadU9lOVFORHR4aWxOUmt0c1E2OEtOeUNpTkt6TTYyRWNDa3VcL08zODZNNUNDWmZYUmo3RlZFaEJvR1FTMUJEeHVvZEZqTEw0TTJBYnFQdVlFQ3JPcnk0dVJPOUk1bDFaQ01xUFBPRUZMTmlmZThXeUswdUNGUTI3VjIrdDA1KzErNGxOSlhHN2JyaFpJQlhUZlVRU3hIZURZUHhTaFNZQ1B3VjlJNGVhRGExUFFJS2ZjMHk2b0tHaHphZEEzS3lDcSs1UDVLa0dRUVFxb0pHSXhuTUlEZXV5aTJic1owdXVMZFE2ZXJLZjM4Slpka3orNThtZXBxXC9TeGRVd1MxbFlDQ1FBVGUra3BIKzU4RFdEWVdNbElKaW5ab2swTE5pZVZsMzhnNVl5WkUwXC9WK2lWM3E2Z2Ezbk43MmxTVVZlaFlNcjdudGxJRHI3aTMzODV3YVwvSHFqVXRxbG5oZkd2IiwibWFjIjoiYzBjZjBhMjYzZjVkZDEyZmJiNDQ3OTJhNTc3ZWMyZjhmYzI4NGNlOWJhYWFiYjQ4YzNmMmI5ZGEyMWQ5MzhlMiJ9; __cf_bm=SiDWwpvNAKwfLbQCktmEKrxInP9wzU5iHB1k8nt31g4-1663851054-0-AaCbihslSQQGJh7IR4RYs7FwdQT2AfnYBk2DFmfF5L1i/ygUxcHbIUDslNaJZYga/NVwtuMEj3moLfLTMPCZxP4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 12:50:54 GMT
content-type: image/png
content-length: 5692
cache-control: max-age=2592000
cf-bgj: imgq:85,h2pri
cf-polished: status=not_needed
etag: "5549a07c-163c"
expires: Tue, 04 Oct 2022 22:31:44 GMT
last-modified: Wed, 06 May 2015 05:02:52 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 1520350
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74eb2b404cfc0b39-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 9ca0f6ae496b3092786fe4ea63ffebb9
6389820fd89048d91cf3ffe839d6e35f9e9e283e
4322b7c1d65ae4cb108231b66ab233f1d6f5842a4da4cf440322f0367f7ce1d9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3300
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 12:50:54 GMT
Last-Modified: Thu, 22 Sep 2022 11:55:54 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c8ac2005f83e8a3a9da1a9837b6c2ff3
7c05f49683e49232c1e11b91253e684d2f96ab83
b0b42743b4c7e4b528fd78aadc5429ef34c2e127f3d5147330d428a47203dc0a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 12:50:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 41630fb2c7ef9e435a8762b0943e0980
04b6c8bfe97bc5408e1450b5921331c6ae6de682
e9e83895eef14a5a26e91c9574fc9f60eb2f47959406eabe87b4618412519476
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 12:50:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 9ca0f6ae496b3092786fe4ea63ffebb9
6389820fd89048d91cf3ffe839d6e35f9e9e283e
4322b7c1d65ae4cb108231b66ab233f1d6f5842a4da4cf440322f0367f7ce1d9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3300
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 12:50:54 GMT
Last-Modified: Thu, 22 Sep 2022 11:55:54 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 279
www.google.com/recaptcha/api.js?render=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x
142.250.74.164200 OK 585 B URL HTTP/2 www.google.com/recaptcha/api.js?render=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x
IP 142.250.74.164:0
File type ASCII text, with very long lines (884), with no line terminators
Hash ffc0e5974b36df4fbf86044645f56feb
582d8833edc2dab0f78d8f3a368dd36479481348
51fe629ea38f998cc3139171392cbae2a1348d03c75074cd60ae1fc03be69997
GET /recaptcha/api.js?render=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Thu, 22 Sep 2022 12:50:54 GMT
date: Thu, 22 Sep 2022 12:50:54 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 585
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ecdn.analysis.fi/static/js/fab.js
54.230.111.87200 OK 4.2 kB URL HTTP/2 ecdn.analysis.fi/static/js/fab.js
IP 54.230.111.87:0
File type ASCII text, with very long lines (574)
Hash 28a0bef1ecb63168106f97b637ab3414
e577575dd115f6a95aea8c2ae87d2c30c8464728
d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6
GET /static/js/fab.js HTTP/1.1
Host: ecdn.analysis.fi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 4240
server: nginx/1.20.0
last-modified: Tue, 14 Dec 2021 15:30:51 GMT
access-control-allow-origin: *
accept-ranges: bytes
date: Thu, 22 Sep 2022 12:38:44 GMT
expires: Thu, 22 Sep 2022 13:38:44 GMT
cache-control: max-age=3600
etag: "61b8b8ab-1090"
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 0knTOU-DbHhHSGr2EBJpjZUYOKeztWijhSfbyVF8i9izZNW4iV-JYg==
age: 730
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f7ec02c2a261ae3f42ac0d2a9418cc66
48033b4f0815035d57241e679092de0353150911
475136691e2a6e077466f53f7b3aafd674415150f0fe5ff7cdca953e56ca405a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "475136691E2A6E077466F53F7B3AAFD674415150F0FE5FF7CDCA953E56CA405A"
Last-Modified: Wed, 21 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2921
Expires: Thu, 22 Sep 2022 13:39:35 GMT
Date: Thu, 22 Sep 2022 12:50:54 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c8ac2005f83e8a3a9da1a9837b6c2ff3
7c05f49683e49232c1e11b91253e684d2f96ab83
b0b42743b4c7e4b528fd78aadc5429ef34c2e127f3d5147330d428a47203dc0a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 12:50:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tv.gourdycortes.com/1clkn/16562
23.109.82.237200 OK 26 B URL HTTP/1.1 tv.gourdycortes.com/1clkn/16562
IP 23.109.82.237:0
File type ASCII text, with no line terminators
Hash 414a242a6fee8464282857e475d3ef61
f669890350347f53aa9bd19c1a355692e8d17d2f
d4914e81dd0b4c1d8ee8e789f6b369d107b93ac886f862930e1a98580e79aafa
GET /1clkn/16562 HTTP/1.1
Host: tv.gourdycortes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 22 Sep 2022 12:50:54 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Set-Cookie: GL_UI4=eJw9jUtOwzAYhPMOVUnESDkAR2gi0rRLNqy4Q%2BTYf4Jp4r9y3Ae3xyDBbh6fZoIgiKoS4TWLEV9Ei%2BejGru9pJrkoW6a%2BuXQyLEdRDfWqunqdoeNXnsnhplcgseJDFkte8mKCjz56i85Gb6ZBOlghVEF0sUTc4F8sHxbyVYxEiMWQv6mLY1894T4ZIvouPdSGy%2FDHSJeq7jcIH3X5nIvt1lQFlmA7XkWbmS79Fp5m05WKEL4igcpHE1sv5ArWk%2BOzwDPqv%2Fnfz%2FT%2BWcNmaKrlt6y%2ByD7DTb9Sx8%3D; expires=Fri, 23-Sep-2022 12:50:54 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJxNjMFqg0AURXXSTCOK5UI%2FID9Qk7R2kW3TZdGFHzBY8xIGzDxxJm0mX181ULK5HA6cGwSBeE4hdIdku8m26yx%2FzTbvOWZHYoiiRNLw2bjeK1OfCLLg%2Frf2kD0dNRuI9RviG6uG94R5Ub7cuSmKS9vycjf%2BeDw0etxRIRr51j0O3eRm2nZIP1p9WVbcnt3wYhEZcsp2RHtEu%2Fq7pdVn9YX0304fMsRCW9X1fPEDPzl9oisbUnw4WHJSIPyR4g8Mt0dW; expires=Fri, 23-Sep-2022 12:50:54 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1b33d59cf038a3fe7273f78fda2cce3a
0b367731ef6df8e1f6c1b8774198daa9959d7cf5
b02b1756112479f92786994de8e884986b0a7eb3d5885300bfd8a64f597f7cc4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 12:50:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
100.20.30.105101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 100.20.30.105:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 0gnMBAF+EGhx1++DvO9L/Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: VlTuqU4329kkFkmQoOegK1o7SSc=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash da0c49e71cb94c29072ef6fd36efa52e
bd58fc1dcf3061065e87493d7dfe46fb232b8851
a0fc507f1e014a458ca44dd7bea70b5d2d36b11da2ae73398cad416a9465657a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A0FC507F1E014A458CA44DD7BEA70B5D2D36B11DA2AE73398CAD416A9465657A"
Last-Modified: Wed, 21 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15440
Expires: Thu, 22 Sep 2022 17:08:14 GMT
Date: Thu, 22 Sep 2022 12:50:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 748f3b28db935832207086a2e4890b61
c402ad55fb49efa636b89e8b272f50123b4e673c
e666e5f16efab20876f06451b40fa8f1e596218dbb174f1b09289b0a8ade06ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E666E5F16EFAB20876F06451B40FA8F1E596218DBB174F1B09289B0A8ADE06BA"
Last-Modified: Tue, 20 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9363
Expires: Thu, 22 Sep 2022 15:26:57 GMT
Date: Thu, 22 Sep 2022 12:50:54 GMT
Connection: keep-alive
prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D26%26uid%3D
147.75.85.234302 Found 0 B URL HTTP/2 prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D26%26uid%3D
IP 147.75.85.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D26%26uid%3D HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: max-age=0, private, must-revalidate
content-length: 0
date: Thu, 22 Sep 2022 12:50:54 GMT
location: https://sync.viavideo.digital/tools/sync?dsp=26&uid=bc6d8440-d0d3-40c4-b960-bf1fe579214a&gdpr=0&gdpr_consent=&us_privacy=
server: envoy
x-envoy-upstream-service-time: 1
X-Firefox-Spdy: h2
hhkld.com/logs/req/site?sid=105641&uid=&event=playerLoaded&v=206231&cb=1663851053957
141.94.202.176200 OK 43 B URL HTTP/2 hhkld.com/logs/req/site?sid=105641&uid=&event=playerLoaded&v=206231&cb=1663851053957
IP 141.94.202.176:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /logs/req/site?sid=105641&uid=&event=playerLoaded&v=206231&cb=1663851053957 HTTP/1.1
Host: hhkld.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 12:50:54 GMT
content-type: image/gif
content-length: 43
last-modified: Tue, 28 Jun 2022 15:48:44 GMT
etag: "62bb22dc-2b"
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
hhkld.com/rucdn/js/player/220623_d44559ff.js
141.94.202.176200 OK 71 kB URL HTTP/2 hhkld.com/rucdn/js/player/220623_d44559ff.js
IP 141.94.202.176:0
Hash 5c77b71314875f8e56e1e0897c9c79fa
741d89a66ecc7214bcdee67b67e144476c59b891
1600b584221bc6e54c6cd8fd313b4d3e12d9cfdf7c17bd37d82a3c4756d305b8
GET /rucdn/js/player/220623_d44559ff.js HTTP/1.1
Host: hhkld.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 12:50:54 GMT
content-type: application/javascript
last-modified: Tue, 13 Sep 2022 10:33:35 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public, no-transform
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
content-encoding: gzip
X-Firefox-Spdy: h2
hhkld.com/rucdn/static/report.svg
141.94.202.176200 OK 3.0 kB URL HTTP/2 hhkld.com/rucdn/static/report.svg
IP 141.94.202.176:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2042)
Hash c12dad0e0d31548287471223d9118b54
d40516c15ebc64ab96d309a7c0e2e49443d04bb2
8f03524fcc1c423e5375ee91780af2493c8f24426b5b85b058d0a3fbf76fcb34
GET /rucdn/static/report.svg HTTP/1.1
Host: hhkld.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 12:50:54 GMT
content-type: image/svg+xml
content-length: 3025
last-modified: Wed, 22 Jun 2022 05:10:01 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public, no-transform
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
itineraryupper.com/ed/36/01/ed36014633829dc70a42dccaefdf3f11.js
192.243.61.225200 OK 13 kB URL HTTP/1.1 itineraryupper.com/ed/36/01/ed36014633829dc70a42dccaefdf3f11.js
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (37140), with no line terminators
Hash 91313eedfc64cdf2dd665fc3146a4a5e
11e698f32e233c6391387ab6359a7d2928b0ed50
f3560585d079a4608ddb50f4ec0dad0fb814dc8f60286b0f70a91bf6271e4104
Analyzer Verdict Alert fortinet Malware
GET /ed/36/01/ed36014633829dc70a42dccaefdf3f11.js HTTP/1.1
Host: itineraryupper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 22 Sep 2022 12:50:54 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: fa624fd763602c224eb00079266d6a0c
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ouo.press/css/bootstrap.css
104.22.58.251200 OK 19 kB URL HTTP/2 ouo.press/css/bootstrap.css
IP 104.22.58.251:0
File type ASCII text, with very long lines (65452)
Hash 204b8fad382c6b10b7de215af088bcc1
518fe7d0bc06c6186c3cdcd9534c3096c981db2c
a13ac45c043360f9de2c2e0bd5cd73d2c79f5dd087754c95b0995a52e33b3824
GET /css/bootstrap.css HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/xNNZFxn
Cookie: ouoio_session=eyJpdiI6ImFEUEFBSzJDcGN1cmpZcjBDOGN6d25GZkN6QWNSdHdlXC9cL2w0V2JNaUZ4ST0iLCJ2YWx1ZSI6IkpKOEw0a3dwMG9ISGVpVTIwRGpiZ1N4b0FiVU9HcVNKSkE4R1lcL1hiQVBadlVNeWdcL2tZVXVaald2T01ZWitSZEhQVHh5ZnlpbTJDOStpZHpoeSs1b2c9PSIsIm1hYyI6ImUwNGYzNDk2MzE1M2EwZWUzZjFmZWViNjhlMDcyOGUxMDY4OGZlNzFhYzc3MmMxNGJiY2U4NmZmNDNlOWZmYjIifQ%3D%3D; language=eyJpdiI6IkxYRHZFWGx5dlk0YVpJMWJBZEtVdEM5eGFrVE93eGZ6Z1wvRTducWtIcUJJPSIsInZhbHVlIjoiUjJ2WEZZQ0NLOWJHNFhaNXVobVZEeWVIUnlmcmh1cTlsdVAydlR5XC80MHM9IiwibWFjIjoiM2U1N2ZhNTJlNDI0NWZkZmZmZGFlYTU0NmE4YWRkODRiZDUyMzlmMTg1MTdiOWE5ZmIzNmFjZGM5MDEwYzRjZCJ9; 5a55e5a19ab03ba43e98979e14e085800a98e9fa=eyJpdiI6IjJPbGkxNVd1enNIQUsrenppTEMyaG00REtBN1p3S3RuVGpuVndVSGVYclE9IiwidmFsdWUiOiJoMmRuZkV3VjZaeUdmNloxTk9KODRXUmtUSmRnbTltVEpadU9lOVFORHR4aWxOUmt0c1E2OEtOeUNpTkt6TTYyRWNDa3VcL08zODZNNUNDWmZYUmo3RlZFaEJvR1FTMUJEeHVvZEZqTEw0TTJBYnFQdVlFQ3JPcnk0dVJPOUk1bDFaQ01xUFBPRUZMTmlmZThXeUswdUNGUTI3VjIrdDA1KzErNGxOSlhHN2JyaFpJQlhUZlVRU3hIZURZUHhTaFNZQ1B3VjlJNGVhRGExUFFJS2ZjMHk2b0tHaHphZEEzS3lDcSs1UDVLa0dRUVFxb0pHSXhuTUlEZXV5aTJic1owdXVMZFE2ZXJLZjM4Slpka3orNThtZXBxXC9TeGRVd1MxbFlDQ1FBVGUra3BIKzU4RFdEWVdNbElKaW5ab2swTE5pZVZsMzhnNVl5WkUwXC9WK2lWM3E2Z2Ezbk43MmxTVVZlaFlNcjdudGxJRHI3aTMzODV3YVwvSHFqVXRxbG5oZkd2IiwibWFjIjoiYzBjZjBhMjYzZjVkZDEyZmJiNDQ3OTJhNTc3ZWMyZjhmYzI4NGNlOWJhYWFiYjQ4YzNmMmI5ZGEyMWQ5MzhlMiJ9; __cf_bm=SiDWwpvNAKwfLbQCktmEKrxInP9wzU5iHB1k8nt31g4-1663851054-0-AaCbihslSQQGJh7IR4RYs7FwdQT2AfnYBk2DFmfF5L1i/ygUxcHbIUDslNaJZYga/NVwtuMEj3moLfLTMPCZxP4=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 12:50:54 GMT
content-type: text/css
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=109522
etag: W/"54def1fc-1abd2"
expires: Thu, 22 Sep 2022 20:48:57 GMT
last-modified: Sat, 14 Feb 2015 06:58:04 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 14517
vary: Accept-Encoding
server: cloudflare
cf-ray: 74eb2b403cef0b39-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
151.101.85.229200 OK 8.9 kB URL HTTP/2 cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
IP 151.101.85.229:0
File type ASCII text, with very long lines (26606)
Hash 77019dfea792351eb58beb264f808970
106d35ea53f5a6e4024ba9bfafe6b0bd0551771f
ca2b0e50ed967336aea35965d7a99b4986429c5c5984f8de96d92b2c573b7bef
GET /npm/prebid-universal-creative@latest/dist/creative.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.13.0
x-jsd-version-type: version
etag: W/"682b-2ihEYwqesMldd0dS8BiHEV2ELiA"
content-encoding: gzip
accept-ranges: bytes
date: Thu, 22 Sep 2022 12:50:55 GMT
age: 13245
x-served-by: cache-fra19130-FRA, cache-bma1621-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 8874
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5149084af9bb01e5471e0be93a009ab0
1aaae44973461346130015cba0c36e9d1b5b77f2
db8a390c5bb50072d57429a45c470496139deb98e04b175f45600e5e4b2ac884
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 12:50:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.firstimpression.io/delivery/spc_fi.php?id=7419&url=%2FxNNZFxn&charset=UTF-8&ch=12&ref=ouo.press&viewerId=null&referer=&_firid=39620820
54.230.111.73200 OK 167 kB URL HTTP/2 cdn.firstimpression.io/delivery/spc_fi.php?id=7419&url=%2FxNNZFxn&charset=UTF-8&ch=12&ref=ouo.press&viewerId=null&referer=&_firid=39620820
IP 54.230.111.73:0
Size 167 kB (167348 bytes)
Hash 2caf97ee1e0b22e6b6c93f7508cc70e0
575c9961ff48000603733220c89ebae97ec473d3
ceef2f06062c4b5615cb8b046462db4b117b70e35253d5ebd63f22097d7d2821
GET /delivery/spc_fi.php?id=7419&url=%2FxNNZFxn&charset=UTF-8&ch=12&ref=ouo.press&viewerId=null&referer=&_firid=39620820 HTTP/1.1
Host: cdn.firstimpression.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
date: Thu, 22 Sep 2022 12:50:54 GMT
server: nginx/1.20.0
vary: Accept-Encoding
x-powered-by: PHP/8.0.14
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
expires: 0
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
p3p: CP="CUR ADM OUR NOR STA NID"
set-cookie: OAID=GDPR; expires=Fri, 22-Sep-2023 12:50:54 GMT; Max-Age=31536000; path=/; secure; SameSite=none
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Ct8ay8K8ds0m0wOjsH2FI1kN6JG-9LeoUpW416yr0M37dB_T_65LIg==
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.21.226:0
Hash 6501fa2085ae7bb0073da239c5cee7f2
0d07f968fc697c72b1e8921629f69b9f27aa6eac
5d06eaed59a2519466513e3d8a96bcc896cdf970fd518b15b50e51452c874667
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 12:50:55 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "3DF5DAF610235708B406B34E000B4C840ED4306D"
Expires: Fri, 23 Sep 2022 00:00:00 GMT
Last-Modified: Thu, 22 Sep 2022 12:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 179
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74eb2b460ba8b524-OSL
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5149084af9bb01e5471e0be93a009ab0
1aaae44973461346130015cba0c36e9d1b5b77f2
db8a390c5bb50072d57429a45c470496139deb98e04b175f45600e5e4b2ac884
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 12:50:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash c767348aba50f30dd4d55b0289ab5d85
13869c6315f9cdae425826677371047d72297330
da8b028216a09f3d8197f55dc4a5727187fa81f63dcffaabdc948302f7bd6d0d
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 22 Sep 2022 12:50:55 GMT
Last-Modified: Thu, 22 Sep 2022 11:31:35 GMT
Server: ECS (nyb/1D2D)
X-Cache: Miss from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: fKhFxfXwGOk33TSG0KFFGzpr_83IEiO46EtTchl_2XVs8C0SAPF0vg==
Age: 4760
ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
23.38.200.201200 OK 80 kB URL HTTP/2 ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
IP 23.38.200.201:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 6a4ce36b0d03543974d71b88fa37145d
a5c1750aab7489f287c98bae25f5afff0ed16ce8
30fb02ff951a4220268d02c95e2dbd16adfad28b179a89e9643d75ade8809aaf
GET /AdServer/js/pwt/155495/4202/pwt.js HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Wed, 27 Oct 2021 05:33:12 GMT
server: Apache
etag: "1241a12-3fca8-5cf4eee137dd8"
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: https://ci-va2qa-mgmt.pubmatic.com
x-xss-protection: 1; mode=block
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type: application/javascript
content-length: 80538
cache-control: max-age=19298
expires: Thu, 22 Sep 2022 18:12:33 GMT
date: Thu, 22 Sep 2022 12:50:55 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
35.158.153.212200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 35.158.153.212:0
File type ASCII text, with no line terminators
Hash 22b256c1d1f33740d611383f6ed0d90a
55f4f23147b1d18811c8da6bc9c46ce21b8813df
0a2198d94f52069338592ecca44a3751db6129ac2ed22c75bb721addbb571129
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 12:50:55 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
set-cookie: uid_id2=cbb1543f-c39b-4ec3-9232-3be379210602:1:1; expires=Sun, 19 Sep 2032 12:50:55 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b1d8d534a614ce4982334f15a21b8529
85f2f73fcbf7d6aa037a3c4ed98be481752f88bb
938d4dd7e4c2419f567dd2ba64c6527bf8f7a4253e24aaba675f9ac029eaa112
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1851
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 12:50:55 GMT
Last-Modified: Thu, 22 Sep 2022 12:20:04 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 5be5f96cdc159a82d25fd190b830cb49
9d801b69b3806fc114246cef063df0d1bfed05a2
7ed655f34f2ae711e0f7e980edf5cc0d51873782cd9dd84b8097b3f5dc04992f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3089
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 12:50:55 GMT
Last-Modified: Thu, 22 Sep 2022 11:59:26 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 35343b6981ed4c9eb2cd90bc8c2146cd
4e49432e50195a2bc528fb1745a2899306c79db8
cf55f53534e3e8b62513618cda90832a7b9bcd0d15b1a8f6bb51db6eb60daefd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 12:50:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ib.adnxs.com/ut/v3/prebid
185.89.211.84200 OK 42 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 185.89.211.84:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 821c8141b8f7c192072ca7730d09e6ec
85f9a621087ac2a6c7ecad3f3c245d89003b987c
dedd81f9590e4534677ed3e1801c27f37f3837af1843524d8923087ef6f20997
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 655
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Thu, 22 Sep 2022 12:50:55 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 42
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://ouo.press
AN-X-Request-Uuid: 44cd08f5-8ed1-4b6b-accf-0b1a5864fb7e
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/ut/v3/prebid
185.89.211.84200 OK 138 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 185.89.211.84:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 4770f5135b7bb5f350eb1f23a2a61675
9e6d77c12cb4852c32793fac90eb2bebc17ed284
ea0439f58f0801c4f131423bdd55ce1b23946de77964dfad5e8874c7df379343
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 623
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Thu, 22 Sep 2022 12:50:55 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 138
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://ouo.press
AN-X-Request-Uuid: f371c59e-79f4-47f2-b33a-5b495bb27736
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2c6972891cc70d66a9aa944c4b96f013
23804eac528c9258f1378c6df331fbb3b43906fd
3bc9d2ab21519087c6f744d8d85e84ec64cad9f69325d061b177fab1c629838b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5987
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 12:50:55 GMT
Last-Modified: Thu, 22 Sep 2022 11:11:08 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
fptadtrue-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fouo.press%2FxNNZFxn&ch=UTF-8&res=1280x1024x24&ifr=true&tz=0&tws=1280x939&be=1&bc=hb_pb_3.0.3&dddid=16549cb9-18cc-4504-931c-58006bb708c4&nocache=1663851054768&aus=300x250&divids=adtrue_ads_12953_n85pr03ua6lr7zk920i&aucs=adtrue_ads_12953_n85pr03ua6lr7zk920i&auid=557936314&aumfs=100
34.98.64.218200 OK 78 B URL HTTP/2 fptadtrue-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fouo.press%2FxNNZFxn&ch=UTF-8&res=1280x1024x24&ifr=true&tz=0&tws=1280x939&be=1&bc=hb_pb_3.0.3&dddid=16549cb9-18cc-4504-931c-58006bb708c4&nocache=1663851054768&aus=300x250&divids=adtrue_ads_12953_n85pr03ua6lr7zk920i&aucs=adtrue_ads_12953_n85pr03ua6lr7zk920i&auid=557936314&aumfs=100
IP 34.98.64.218:0
File type JSON data\012- , ASCII text
Hash 9256ab8abb49802e0a3d14195dd76128
e48b8f6d6df9a77e57b4b206d5d3fcc3841affaa
c0fd95b7c385fdcaebf3a2e1b1ad309d0d71ac8d13557b3fb55ea056b5a9198c
GET /w/1.0/arj?ju=https%3A%2F%2Fouo.press%2FxNNZFxn&ch=UTF-8&res=1280x1024x24&ifr=true&tz=0&tws=1280x939&be=1&bc=hb_pb_3.0.3&dddid=16549cb9-18cc-4504-931c-58006bb708c4&nocache=1663851054768&aus=300x250&divids=adtrue_ads_12953_n85pr03ua6lr7zk920i&aucs=adtrue_ads_12953_n85pr03ua6lr7zk920i&auid=557936314&aumfs=100 HTTP/1.1
Host: fptadtrue-d.openx.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept, Accept-Encoding
server: OXGW/0.0.0
pragma: no-cache
p3p: CP="CUR ADM OUR NOR STA NID"
expires: Mon, 26 Jul 1997 05:00:00 GMT
date: Thu, 22 Sep 2022 12:50:55 GMT
content-type: application/json
content-length: 78
content-encoding: gzip
cache-control: private, max-age=0, no-cache
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=GTM-NPLC9ST
142.250.74.72200 OK 45 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=GTM-NPLC9ST
IP 142.250.74.72:0
File type ASCII text, with very long lines (1720)
Hash e61628af45ff6aca9457044c38498083
eddf29537ca4a7e11e9152c183b04956f7befd6a
bd9344908c0eac96890f5ed8709c47703adf1ef8e15a614207fa18557b7999f5
GET /gtag/js?id=GTM-NPLC9ST HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.adtrue.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 22 Sep 2022 12:50:55 GMT
expires: Thu, 22 Sep 2022 12:50:55 GMT
cache-control: private, max-age=900
last-modified: Thu, 22 Sep 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 45384
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b1d8d534a614ce4982334f15a21b8529
85f2f73fcbf7d6aa037a3c4ed98be481752f88bb
938d4dd7e4c2419f567dd2ba64c6527bf8f7a4253e24aaba675f9ac029eaa112
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4251
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 12:50:55 GMT
Last-Modified: Thu, 22 Sep 2022 11:40:04 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
hbopenbid.pubmatic.com/translator?source=prebid-client
198.47.127.22204 No Content 0 B URL HTTP/2 hbopenbid.pubmatic.com/translator?source=prebid-client
IP 198.47.127.22:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /translator?source=prebid-client HTTP/1.1
Host: hbopenbid.pubmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 888
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://ouo.press
cache-control: no-cache, no-store, must-revalidate
date: Thu, 22 Sep 2022 12:50:54 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash 3f2f748122a715c256e37c1460922869
9032c3d10c7ca79de8d2aed5469af3302c091f95
f155c9bf2c776fc64927e9ff6a3f7928adb5fce82d1456dc3a8f8ac8a445e304
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5162
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 12:50:55 GMT
Last-Modified: Thu, 22 Sep 2022 11:24:53 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 312
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 686 B IP 142.250.74.3:0
Hash ebca3461f9988339d4ee0373f8ec34cb
ae6c1da94b17d29eb8775d60bc916ec07b574387
60cf3df7deb5364fedc19be5b46c550b40d03664bfadb83b1947205059df97d4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 12:50:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 72e546d497b488e3707b96267bca890c
0d78d443080378b8bc208943daf3613bb16aec8a
56bfbb3cda6b33ca95d71cdb728685b3958906bed119d3b4dfccb276cea0b89b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "56BFBB3CDA6B33CA95D71CDB728685B3958906BED119D3B4DFCCB276CEA0B89B"
Last-Modified: Wed, 21 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3883
Expires: Thu, 22 Sep 2022 13:55:38 GMT
Date: Thu, 22 Sep 2022 12:50:55 GMT
Connection: keep-alive
bidder.criteo.com/cdb?profileId=207&av=34&wv=7.16.0&cb=77867998384&lsavail=0
178.250.2.131204 No Content 0 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=7.16.0&cb=77867998384&lsavail=0
IP 178.250.2.131:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdb?profileId=207&av=34&wv=7.16.0&cb=77867998384&lsavail=0 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 407
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 22 Sep 2022 12:50:54 GMT
vary: Origin
server: Finatra
timing-allow-origin: *
access-control-allow-origin: https://ouo.press
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5771
Expires: Thu, 22 Sep 2022 14:27:06 GMT
Date: Thu, 22 Sep 2022 12:50:55 GMT
Connection: keep-alive
sync.viavideo.digital/tools/sync?dsp=26&uid=bc6d8440-d0d3-40c4-b960-bf1fe579214a&gdpr=0&gdpr_consent=&us_privacy=
141.94.202.176301 Moved Permanently 0 B URL HTTP/2 sync.viavideo.digital/tools/sync?dsp=26&uid=bc6d8440-d0d3-40c4-b960-bf1fe579214a&gdpr=0&gdpr_consent=&us_privacy=
IP 141.94.202.176:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tools/sync?dsp=26&uid=bc6d8440-d0d3-40c4-b960-bf1fe579214a&gdpr=0&gdpr_consent=&us_privacy= HTTP/1.1
Host: sync.viavideo.digital
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ouo.press/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Thu, 22 Sep 2022 12:50:55 GMT
content-length: 0
location: https://sync.hhkld.com/tools/sync?dsp=26&uid=bc6d8440-d0d3-40c4-b960-bf1fe579214a&gdpr=0&gdpr_consent=&us_privacy=&viads_uid=ccm5kbv2talfj1ocp8m0Xx
set-cookie: uid=ccm5kbv2talfj1ocp8m0Xx; expires=Fri, 22 Sep 2023 12:50:55 GMT; domain=.viavideo.digital; path=/
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5771
Expires: Thu, 22 Sep 2022 14:27:06 GMT
Date: Thu, 22 Sep 2022 12:50:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5771
Expires: Thu, 22 Sep 2022 14:27:06 GMT
Date: Thu, 22 Sep 2022 12:50:55 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0788498f-41db-4d62-b749-e01caddb7f8d.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0788498f-41db-4d62-b749-e01caddb7f8d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash af5773255351157d72c28a670a355c60
c803e5866edbe6c9baec14e93677f610bdf09bff
3229b4aa1c698647ad96d114174782549ad240f1b2c4ba8c268165a16afc84f0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0788498f-41db-4d62-b749-e01caddb7f8d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10754
x-amzn-requestid: 2d03531d-6055-477f-9cb6-9ea9fa27eeb9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1F0vHJ4IAMF42Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b8351-692620e80d5b2efe1d0e3a82;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:34:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: -3bQG5Av1EDxj7_3i8MktwjlPSEU8WDdxt5M6TsrWaodLWgSf3vdEA==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 21:34:22 GMT
age: 54993
etag: "c803e5866edbe6c9baec14e93677f610bdf09bff"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
bidder.criteo.com/cdb?profileId=207&av=34&wv=6.2.0&cb=14175948920
178.250.2.131200 OK 44 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=6.2.0&cb=14175948920
IP 178.250.2.131:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5f1dcf53824ce88cdb7941d34db3f19d
4164a13e3f53e1f002606a807d64a92620720fb0
3a803b7520764b5266cfac90aa9f9b2ff931109f489d9a1deb24aa686c239a74
POST /cdb?profileId=207&av=34&wv=6.2.0&cb=14175948920 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 490
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 12:50:55 GMT
vary: Origin
server: Finatra
content-type: application/json; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: https://ouo.press
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-encoding: gzip
content-length: 44
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5771
Expires: Thu, 22 Sep 2022 14:27:06 GMT
Date: Thu, 22 Sep 2022 12:50:55 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2a425d5-4fbd-4af0-a85b-75f0878759cb.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2a425d5-4fbd-4af0-a85b-75f0878759cb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4d98acc059a69d51165fb5e0c7430ea3
09bd3300d710c3212483159f8398b84cde09da26
6e38bbb5c79c4f714973e10961d7bad9e7ae8711cf24d68b13a77206f474d2a6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2a425d5-4fbd-4af0-a85b-75f0878759cb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7507
x-amzn-requestid: 2a40c792-8b1b-4476-92de-1fce3df48fc1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YcCmaHefoAMF4Ow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63217e28-6b05350006b7f3fb73d1e37a;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 07:09:28 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: PaGFfXo_LFFP5oVfQ8yj4zGeGlg5Rrik1yWgi7YGxaP5IIWXnN9v0w==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 22:35:34 GMT
age: 51321
etag: "09bd3300d710c3212483159f8398b84cde09da26"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5453bf0-e297-4ace-a174-b28be2bb7e8d.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5453bf0-e297-4ace-a174-b28be2bb7e8d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 298be26294efc965abc5707a84df8a0a
5ee6c32afd92810ae61a791c059928e33148bb0c
d9b5fe88c8e03f6a6a64e360015080bca00f7fb147515a137447832bacc2e6e7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5453bf0-e297-4ace-a174-b28be2bb7e8d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11645
x-amzn-requestid: 0ae5c056-6d78-4c37-8e18-b9abfe1e1f47
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YzG34FKIIAMF6Ug=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632ab832-59fbd91527ea400d333ddc41;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 07:07:30 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Q7rg9YqHScSwWXfS96bSI5Mb0mSYQ-jbShb7wddPcG51nhn0_8DIJA==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 07:14:13 GMT
age: 20202
etag: "5ee6c32afd92810ae61a791c059928e33148bb0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b308c1c-61ac-4185-bb59-ab0cf1f2b8fc.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b308c1c-61ac-4185-bb59-ab0cf1f2b8fc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ce3e9d330cc9b9c84fb7846bf0d8c7a0
134720f07ffdbef5ff551bdb3c3743c806d1512d
0724f7ca2de62c8086e80b527aec78de6b63996107b32c7e9990bd472e64a347
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b308c1c-61ac-4185-bb59-ab0cf1f2b8fc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9233
x-amzn-requestid: f90a9ed8-b4e7-4786-887a-90f24cc4f432
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1HZSG1IoAMFwxw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b85d4-7a75336f316aa6450e3369b4;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:44:52 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: PEhEMNxyamS4_x8DPhIeX2bEkaVWzS4foO7vPQX8KgWpm1KjsSvRxQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 22:14:27 GMT
age: 52588
etag: "134720f07ffdbef5ff551bdb3c3743c806d1512d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2f739db-1c27-4929-8aff-997c0f66b2ed.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2f739db-1c27-4929-8aff-997c0f66b2ed.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a5edcd9aee78a6cacc9241b47cbce598
f95b843029e84dbb188427a8c2ff8c9f32740465
6a56c3d0eb1d641e565d3d7d31b42be03bdad30beb20b994ffc9a6f2aaceee1e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2f739db-1c27-4929-8aff-997c0f66b2ed.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5650
x-amzn-requestid: 41ceb886-c038-4ba0-9e3a-a27879cf48ce
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1GwjFVjoAMFWNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b84d0-3f4f6a367c893c7a0669dffe;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:40:32 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: d8Kelwi2OY0jt17q80szh8-ErN3ZQM1hhl3HZeNQvlKijygQIJtNww==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 22:16:00 GMT
etag: "f95b843029e84dbb188427a8c2ff8c9f32740465"
content-type: image/jpeg
age: 52495
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
185.89.211.84200 OK 138 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 185.89.211.84:0
File type JSON data\012- , ASCII text, with no line terminators
Hash ff0ec90500fda0c975908c6d8b20e153
99e132cc52318fc647ec276c2a47770a3daf62a5
623c27f269866f838e1828e381becb67a7c26be6409e3fd1a29d6d259769f033
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 685
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Thu, 22 Sep 2022 12:50:55 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 138
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://ouo.press
AN-X-Request-Uuid: 03ec10eb-9f60-43e2-afac-0fbb4c629d7a
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf89a4b3-f586-4870-ab26-efb054f637fd.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf89a4b3-f586-4870-ab26-efb054f637fd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 91c56f0b9810bfdd84e10a626b89e389
15d83e44d568938b6c9c87201e898cedb3edec0a
942de9764e1c408f7512759774aab0479db201e6fae15ccc39e653adae4cb86f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf89a4b3-f586-4870-ab26-efb054f637fd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8678
x-amzn-requestid: c671a9ab-c5d0-4743-b13e-cc9a47e3d2fe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1F0vEThIAMFSwQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b8351-17ed13811d3833ea00a34423;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:34:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: hp-WIGb9M8tEmNGOVjx6UQKx9E4-1oJmka0a6seG7inahqYByPmRAg==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 21:34:22 GMT
age: 54993
etag: "15d83e44d568938b6c9c87201e898cedb3edec0a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
sync.hhkld.com/tools/sync?dsp=26&uid=bc6d8440-d0d3-40c4-b960-bf1fe579214a&gdpr=0&gdpr_consent=&us_privacy=&viads_uid=ccm5kbv2talfj1ocp8m0Xx
141.94.202.176301 Moved Permanently 0 B URL HTTP/2 sync.hhkld.com/tools/sync?dsp=26&uid=bc6d8440-d0d3-40c4-b960-bf1fe579214a&gdpr=0&gdpr_consent=&us_privacy=&viads_uid=ccm5kbv2talfj1ocp8m0Xx
IP 141.94.202.176:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tools/sync?dsp=26&uid=bc6d8440-d0d3-40c4-b960-bf1fe579214a&gdpr=0&gdpr_consent=&us_privacy=&viads_uid=ccm5kbv2talfj1ocp8m0Xx HTTP/1.1
Host: sync.hhkld.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ouo.press/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
server: nginx
date: Thu, 22 Sep 2022 12:50:55 GMT
content-length: 0
location: https://sync.vicodes.com/tools/sync?dsp=26&uid=bc6d8440-d0d3-40c4-b960-bf1fe579214a&gdpr=0&gdpr_consent=&us_privacy=&viads_uid=ccm5kbv2talfj1ocp8m0Xx
set-cookie: uid=ccm5kbv2talfj1ocp8m0Xx; expires=Fri, 22 Sep 2023 12:50:55 GMT; domain=.hhkld.com; path=/
X-Firefox-Spdy: h2
cdn.firstimpression.io/delivery/lg.php?bannerid=65637%7C65638%7C65639%7C83411%7C93863%7C100721&campaignid=18%7C15%7C9%7C44%7C43%7C22&zoneid=110459%7C110459%7C110459%7C110459%7C110459%7C110459
54.230.111.73200 OK 20 kB URL HTTP/2 cdn.firstimpression.io/delivery/lg.php?bannerid=65637%7C65638%7C65639%7C83411%7C93863%7C100721&campaignid=18%7C15%7C9%7C44%7C43%7C22&zoneid=110459%7C110459%7C110459%7C110459%7C110459%7C110459
IP 54.230.111.73:0
File type ASCII text, with very long lines (1325)
Hash 0a36b15419feba3241876921de465b0a
89baa5688d7a02eea55038c00ecf23adf214b758
02bd6036ccdb1b7688add3d42456547ff06a9f7495e55901416ad15f9dd5e9e9
POST /delivery/lg.php?bannerid=65637%7C65638%7C65639%7C83411%7C93863%7C100721&campaignid=18%7C15%7C9%7C44%7C43%7C22&zoneid=110459%7C110459%7C110459%7C110459%7C110459%7C110459 HTTP/1.1
Host: cdn.firstimpression.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Cookie: OAID=GDPR
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
date: Thu, 22 Sep 2022 12:50:55 GMT
server: nginx/1.20.0
vary: Accept-Encoding
x-powered-by: PHP/8.0.14
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
expires: 0
access-control-allow-origin: https://ouo.press
p3p: CP="CUR ADM OUR NOR STA NID"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: X8pAgIiOVph4RuIPSiR4bQZJmiPhk8qzgPp10HYhy4BK6pdjPn2fzA==
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
185.89.211.84200 OK 145 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 185.89.211.84:0
File type JSON data\012- , ASCII text, with no line terminators
Hash c0c21903885e64ebe0b7462cde44a5dc
b3e3ae8caf0434ca60ff8a7ae69940ce906114ab
0b716bb3d18e2d011873fff94501c070c5a8b488d9300cd088dd89902466597c
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 565
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Thu, 22 Sep 2022 12:50:55 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 145
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://ouo.press
AN-X-Request-Uuid: 3f52810e-f3da-4eac-9fcb-b6bddfbe90b7
Set-Cookie: icu=ChgIw6tREAoYASABKAEwr7SxmQY4AUABSAEQr7SxmQYYAA..; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 21-Dec-2022 12:50:55 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=4450776061862146843; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 21-Dec-2022 12:50:55 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 36311d68e0a146bffd716bc0964c490c
0abcd5577e335878a388f392e8947e91a91e010f
dfcd4e6cf1e12366a3caee32cac9b75d419faca0c5f4de690e19fe085d9bd848
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 12:50:55 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 01:55:54 GMT
Expires: Wed, 28 Sep 2022 01:55:53 GMT
Etag: "0abcd5577e335878a388f392e8947e91a91e010f"
Cache-Control: max-age=478497,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74eb2b490ea1b4ff-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d0e2fb1302cc1d76620f2470a45c9076
9141c1018db6615cbe4ffff2900f857db189a61f
c0beff48c86d93f96417085b8117cd9f40de7c27779f9a6063462eaf00ae23fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C0BEFF48C86D93F96417085B8117CD9F40DE7C27779F9A6063462EAF00AE23FA"
Last-Modified: Wed, 21 Sep 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8007
Expires: Thu, 22 Sep 2022 15:04:22 GMT
Date: Thu, 22 Sep 2022 12:50:55 GMT
Connection: keep-alive
tag.1rx.io/rmp/212927/0/mvo?z=1r&hbv=6.2,2.1
213.19.147.43204 No Content 0 B URL HTTP/2 tag.1rx.io/rmp/212927/0/mvo?z=1r&hbv=6.2,2.1
IP 213.19.147.43:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /rmp/212927/0/mvo?z=1r&hbv=6.2,2.1 HTTP/1.1
Host: tag.1rx.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 607
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 22 Sep 2022 12:50:55 GMT
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
pragma: no-cache
cache-control: private, max-age=0, no-cache, no-store
X-Firefox-Spdy: h2
sync.vicodes.com/tools/sync?dsp=26&uid=bc6d8440-d0d3-40c4-b960-bf1fe579214a&gdpr=0&gdpr_consent=&us_privacy=&viads_uid=ccm5kbv2talfj1ocp8m0Xx
141.94.202.176200 OK 43 B URL HTTP/2 sync.vicodes.com/tools/sync?dsp=26&uid=bc6d8440-d0d3-40c4-b960-bf1fe579214a&gdpr=0&gdpr_consent=&us_privacy=&viads_uid=ccm5kbv2talfj1ocp8m0Xx
IP 141.94.202.176:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /tools/sync?dsp=26&uid=bc6d8440-d0d3-40c4-b960-bf1fe579214a&gdpr=0&gdpr_consent=&us_privacy=&viads_uid=ccm5kbv2talfj1ocp8m0Xx HTTP/1.1
Host: sync.vicodes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ouo.press/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 12:50:55 GMT
content-type: image/gif
content-length: 43
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Accept
access-control-allow-methods: GET, POST
access-control-allow-origin: *
last-modified: Thu, 22 Sep 2022 12:50:55 GMT
expires: Wed, 11 Nov 1998 11:11:11 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
set-cookie: uid=ccm5kbv2talfj1ocp8m0Xx; expires=Fri, 22 Sep 2023 12:50:55 GMT; domain=.vicodes.com; path=/
X-Firefox-Spdy: h2
viavideo.digital/vi/19_ENG.m3u8
141.94.202.176200 OK 566 B URL HTTP/2 viavideo.digital/vi/19_ENG.m3u8
IP 141.94.202.176:0
Hash 6206be586663d48cbeea794ded0a4d8f
6629445fe1752f95308253ba5d78c965a0867a1a
6c78ecbeb616994fe99378f6f1399a53b5e439090176e6bc4dc7623f3566f5b9
GET /vi/19_ENG.m3u8 HTTP/1.1
Host: viavideo.digital
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 12:50:55 GMT
content-type: application/vnd.apple.mpegurl
content-length: 566
last-modified: Sun, 26 Jun 2022 07:47:47 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public, no-transform
access-control-allow-origin: https://ouo.press
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fouo.press&pubid=4cd01fd0-0780-4b33-a4da-c39467660185
143.204.46.73204 No Content 0 B URL HTTP/2 c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fouo.press&pubid=4cd01fd0-0780-4b33-a4da-c39467660185
IP 143.204.46.73:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cdn/prod/config?src=600&u=https%3A%2F%2Fouo.press&pubid=4cd01fd0-0780-4b33-a4da-c39467660185 HTTP/1.1
Host: c.amazon-adsystem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
cache-control: max-age=21550, s-maxage=21600
date: Thu, 22 Sep 2022 12:09:20 GMT
server: Server
x-cache: Hit from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: rD8sP1MD8BI-OAyLCFo92d4DXb-isC7i2Y6AfJHxAFSP_VdN9bOjrQ==
age: 2494
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash fdbf96ac149d047f87e37e7340a3fd38
a088ce2443a2d41e8c3975c2e291a6d755c45f58
8fa935820201d509e12eca69095a255a0abe586c7de816bccfadbe701c0a6bf6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5089
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 12:50:55 GMT
Last-Modified: Thu, 22 Sep 2022 11:26:06 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 279
viavideo.digital/logs/event/dsp?event=rtb&event2=request&sid=105641&tids=17504%2C17503&v=206231&cb=1663851055315
141.94.202.176200 OK 451 B URL HTTP/2 viavideo.digital/logs/event/dsp?event=rtb&event2=request&sid=105641&tids=17504%2C17503&v=206231&cb=1663851055315
IP 141.94.202.176:0
Hash 839b2eec53f8b71e3666bb7e34b7c8fc
81a21e9770d234e150e22f933d65f53f53eb7c4e
1a1b8d95710f0e2df382fdeab4a2b2597be3fb73a927960694c4fa92e508a101
GET /logs/event/dsp?event=rtb&event2=request&sid=105641&tids=17504%2C17503&v=206231&cb=1663851055315 HTTP/1.1
Host: viavideo.digital
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 12:50:55 GMT
content-type: image/gif
content-length: 43
last-modified: Tue, 28 Jun 2022 15:48:44 GMT
etag: "62bb22dc-2b"
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
jsc.adskeeper.com/a/d/adtrue.ouo.press.991771.js
104.18.4.42200 OK 908 B URL HTTP/2 jsc.adskeeper.com/a/d/adtrue.ouo.press.991771.js
IP 104.18.4.42:0
File type ASCII text, with very long lines (2337)
Hash 4f8f059fbf3b6b0e3a37926f648a3993
83b61eb9d45cdf8f7c708bf4e148d7cab569c596
69190d6c2b78d7b0de0a44dbdde96bb7cf6c793f52481633b4f26ca2cfefcd4e
GET /a/d/adtrue.ouo.press.991771.js HTTP/1.1
Host: jsc.adskeeper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 12:50:55 GMT
content-type: text/javascript
content-length: 908
x-amz-id-2: w9ADNRdrUc0iHWZBLfIb0me5IbCCwH7gPELK+Qx3tQZSrgnZz9Jl7+QMcHgcehSX+voNeu2uJlM=
x-amz-request-id: 3JG2R7S1MREYZDZN
last-modified: Wed, 15 Jun 2022 13:18:30 GMT
etag: "4f8f059fbf3b6b0e3a37926f648a3993"
content-encoding: gzip
x-amz-version-id: f.ffT1LrPbQX.EIpax0NyQEwqJ97JBVW
cf-cache-status: HIT
age: 6764
expires: Thu, 22 Sep 2022 16:50:55 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74eb2b4a89aab4f4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
jsc.adskeeper.com/a/d/adtrue.ouo.press.991771.es6.js
104.18.4.42200 OK 77 kB URL HTTP/2 jsc.adskeeper.com/a/d/adtrue.ouo.press.991771.es6.js
IP 104.18.4.42:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (32897)
Hash e559caae45cb818b6896845671336a3b
3ce9fd0ad9284532bd6b75814d851ddaa2ed63a3
1fcadff5f97dce2a2bb1e11a2d579b84656d4416e50171bae0d2013a8dc9c3ff
GET /a/d/adtrue.ouo.press.991771.es6.js HTTP/1.1
Host: jsc.adskeeper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 12:50:55 GMT
content-type: text/javascript
content-length: 76738
x-amz-id-2: PnJDZztMxmjTDXtgyAPj/PBR6CL5E6pRM2TrRTb+odsStliOy2V1CJgPRRW6/2lFOUgjvNBOdso=
x-amz-request-id: P8WQNC29BTQYTDWP
last-modified: Wed, 24 Aug 2022 10:09:52 GMT
etag: "e559caae45cb818b6896845671336a3b"
content-encoding: gzip
x-amz-version-id: NX7wQXc7.FGN_u6PGufKW0wdpyDY_3AN
cf-cache-status: HIT
age: 6764
expires: Thu, 22 Sep 2022 16:50:55 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74eb2b4aa9dcb4f4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
hhkld.com/slider-220901.php?sid=105641&tid=17503&w=432&h=243&cbb=1663851055319
141.94.202.176200 OK 1.1 kB URL HTTP/2 hhkld.com/slider-220901.php?sid=105641&tid=17503&w=432&h=243&cbb=1663851055319
IP 141.94.202.176:0
Hash 5145bbd8c9b25881e1732008c8b4b776
0cfc04642a79ef3f9eb183f55b4c712891ae86ca
f8425cc3ef686d93a6320692eceef08eae5d325ea3c5bf12804bd94be8f35688
GET /slider-220901.php?sid=105641&tid=17503&w=432&h=243&cbb=1663851055319 HTTP/1.1
Host: hhkld.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ouo.press/
Origin: https://ouo.press
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 12:50:55 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://ouo.press
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
set-cookie: uid=jV7KsGMsWi+N9JGoKYI1Ag==; expires=Fri, 22-Sep-23 12:50:55 GMT; domain=.hhkld.com; path=/
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
content-encoding: gzip
X-Firefox-Spdy: h2
viavideo.digital/vi/19_ENG0.ts
141.94.202.176200 OK 515 kB URL HTTP/2 viavideo.digital/vi/19_ENG0.ts
IP 141.94.202.176:0
Size 515 kB (515308 bytes)
Hash c5a2a11a945751cdc42d2f10b12d9a92
ccf7adaff9640202056b64dc54a66daac236c48e
6787c997fd3be922e3a09fea77ecd244b9f9f381a953cc4bb3ea738045906eff
GET /vi/19_ENG0.ts HTTP/1.1
Host: viavideo.digital
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 12:50:55 GMT
content-type: video/mp2t
content-length: 515308
last-modified: Sun, 26 Jun 2022 07:47:49 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public, no-transform
access-control-allow-origin: https://ouo.press
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fouo.press%2FxNNZFxn&pid=sO1N6049DMjeU&cb=0&ws=728x90&v=22.9.81452&t=2000&slots=%5B%7B%22sd%22%3A%2293863%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%5D&schain=1.0%2C1!firstimpression.io%2C7419%2C1%2C%2C%2C&pubid=4cd01fd0-0780-4b33-a4da-c39467660185&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
54.230.241.131200 OK 154 B URL HTTP/2 aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fouo.press%2FxNNZFxn&pid=sO1N6049DMjeU&cb=0&ws=728x90&v=22.9.81452&t=2000&slots=%5B%7B%22sd%22%3A%2293863%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%5D&schain=1.0%2C1!firstimpression.io%2C7419%2C1%2C%2C%2C&pubid=4cd01fd0-0780-4b33-a4da-c39467660185&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
IP 54.230.241.131:0
File type ASCII text, with no line terminators
Hash bb7b4ee21d41485b3c8d171a7bf8b853
04fdbd451ad2cf3aceb697a99ea093fa4c7b4522
5b74ca7f2f7320a7821eedeecfc6bc9cf4c5b0364ae656e62b66657c227aae7e
GET /e/dtb/bid?src=600&u=https%3A%2F%2Fouo.press%2FxNNZFxn&pid=sO1N6049DMjeU&cb=0&ws=728x90&v=22.9.81452&t=2000&slots=%5B%7B%22sd%22%3A%2293863%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%5D&schain=1.0%2C1!firstimpression.io%2C7419%2C1%2C%2C%2C&pubid=4cd01fd0-0780-4b33-a4da-c39467660185&gdprl=%7B%22status%22%3A%22no-cmp%22%7D HTTP/1.1
Host: aax-dtb-cf.amazon-adsystem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
content-length: 154
server: Server
date: Thu, 22 Sep 2022 12:50:55 GMT
x-amz-rid: 24G5578J7XCDH0GRWZYF
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
timing-allow-origin: *
strict-transport-security: max-age=47474747; includeSubDomains; preload
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: -UkfOEmn-aDMN3GZz1UaPOPrid8jraOU52vwxGMwvzZIPRRDaMQGAw==
X-Firefox-Spdy: h2
ouo.press/favicon.ico
104.22.58.251200 OK 0 B IP 104.22.58.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/xNNZFxn
Cookie: ouoio_session=eyJpdiI6ImFEUEFBSzJDcGN1cmpZcjBDOGN6d25GZkN6QWNSdHdlXC9cL2w0V2JNaUZ4ST0iLCJ2YWx1ZSI6IkpKOEw0a3dwMG9ISGVpVTIwRGpiZ1N4b0FiVU9HcVNKSkE4R1lcL1hiQVBadlVNeWdcL2tZVXVaald2T01ZWitSZEhQVHh5ZnlpbTJDOStpZHpoeSs1b2c9PSIsIm1hYyI6ImUwNGYzNDk2MzE1M2EwZWUzZjFmZWViNjhlMDcyOGUxMDY4OGZlNzFhYzc3MmMxNGJiY2U4NmZmNDNlOWZmYjIifQ%3D%3D; language=eyJpdiI6IkxYRHZFWGx5dlk0YVpJMWJBZEtVdEM5eGFrVE93eGZ6Z1wvRTducWtIcUJJPSIsInZhbHVlIjoiUjJ2WEZZQ0NLOWJHNFhaNXVobVZEeWVIUnlmcmh1cTlsdVAydlR5XC80MHM9IiwibWFjIjoiM2U1N2ZhNTJlNDI0NWZkZmZmZGFlYTU0NmE4YWRkODRiZDUyMzlmMTg1MTdiOWE5ZmIzNmFjZGM5MDEwYzRjZCJ9; 5a55e5a19ab03ba43e98979e14e085800a98e9fa=eyJpdiI6IjJPbGkxNVd1enNIQUsrenppTEMyaG00REtBN1p3S3RuVGpuVndVSGVYclE9IiwidmFsdWUiOiJoMmRuZkV3VjZaeUdmNloxTk9KODRXUmtUSmRnbTltVEpadU9lOVFORHR4aWxOUmt0c1E2OEtOeUNpTkt6TTYyRWNDa3VcL08zODZNNUNDWmZYUmo3RlZFaEJvR1FTMUJEeHVvZEZqTEw0TTJBYnFQdVlFQ3JPcnk0dVJPOUk1bDFaQ01xUFBPRUZMTmlmZThXeUswdUNGUTI3VjIrdDA1KzErNGxOSlhHN2JyaFpJQlhUZlVRU3hIZURZUHhTaFNZQ1B3VjlJNGVhRGExUFFJS2ZjMHk2b0tHaHphZEEzS3lDcSs1UDVLa0dRUVFxb0pHSXhuTUlEZXV5aTJic1owdXVMZFE2ZXJLZjM4Slpka3orNThtZXBxXC9TeGRVd1MxbFlDQ1FBVGUra3BIKzU4RFdEWVdNbElKaW5ab2swTE5pZVZsMzhnNVl5WkUwXC9WK2lWM3E2Z2Ezbk43MmxTVVZlaFlNcjdudGxJRHI3aTMzODV3YVwvSHFqVXRxbG5oZkd2IiwibWFjIjoiYzBjZjBhMjYzZjVkZDEyZmJiNDQ3OTJhNTc3ZWMyZjhmYzI4NGNlOWJhYWFiYjQ4YzNmMmI5ZGEyMWQ5MzhlMiJ9; __cf_bm=SiDWwpvNAKwfLbQCktmEKrxInP9wzU5iHB1k8nt31g4-1663851054-0-AaCbihslSQQGJh7IR4RYs7FwdQT2AfnYBk2DFmfF5L1i/ygUxcHbIUDslNaJZYga/NVwtuMEj3moLfLTMPCZxP4=; _pbjs_userid_consent_data=3524755945110770; pbjs-pubCommonId=2df4ecfe-c0a4-44c9-93f1-b2f967a4167e; dom3ic8zudi28v8lr6fgphwffqoz0j6c=cbb1543f-c39b-4ec3-9232-3be379210602%3A1%3A1; sb_page_ed36014633829dc70a42dccaefdf3f11=1; sb_idelay_ed36014633829dc70a42dccaefdf3f11=1; sb_onpage_ed36014633829dc70a42dccaefdf3f11=0; sb_main_ed36014633829dc70a42dccaefdf3f11=1; cto_bidid=rxBfrF9rMk5yT0FVRVg0eFFPeGZkV0U1NEF4TDZ2YVc2b1FXdkxYWEt0WFplbG5nVzliMmhoc28lMkJMWjVacCUyRllMR2UyYmo3V1VEajNTU0l0Mld6QUxZRnJqbXclM0QlM0Q; cto_bundle=rKMJul9EckR5M0pTRVgwMFFKJTJCbTM2Z2t2TmhKdHpiN1pYRjM5bTgyd0p1Q3h3SnZUSW81MWJPZVZnaWxKeVplUzVad01sbFRwWmNDRlFlJTJCRTJkVGdWVDVtaGNFU3JkSE5tU0Jjd3VyTlFkWHolMkJhZW8lMkJocDljeXJobjlWcjRvUlA3T3Vh; AdskeeperStorage=%7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%7D%2C%22C991771%22%3A%7B%22page%22%3A1%7D%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 12:50:55 GMT
content-type: image/x-icon
content-length: 0
last-modified: Sat, 14 Feb 2015 06:41:24 GMT
etag: "54deee14-0"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=86400
cf-cache-status: HIT
age: 1741
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74eb2b4ba94a0b39-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 952d0fe4c407a1ee52a7aaae2707f958
e75f8b479e6e8ba0b67eb48b5741598f7dd2edbd
9dc04f355cfd2e8ff7e64b03d20f60ab739906296581df36a578177f6e0692f6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 43
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 12:50:55 GMT
Last-Modified: Thu, 22 Sep 2022 12:50:12 GMT
Server: ECS (amb/6B9F)
X-Cache: HIT
Content-Length: 279
fonts.googleapis.com/css?family=Questrial
216.58.211.10200 OK 158 kB URL HTTP/2 fonts.googleapis.com/css?family=Questrial
IP 216.58.211.10:0
File type ASCII text, with very long lines (581)
Size 158 kB (158114 bytes)
Hash f2e559391346f58fd8f7d32aea382d78
8744f4126d91cca570914b865cf9bb21bfe85175
ba91b9174e01e72e6a517a49996d0734643e57b09e149a19c103bafc739ef2b6
GET /css?family=Questrial HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 22 Sep 2022 12:50:54 GMT
date: Thu, 22 Sep 2022 12:50:54 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
widgets.outbrain.com/images/widgetIcons/achoice.svg
23.38.201.81200 OK 2.7 kB URL HTTP/2 widgets.outbrain.com/images/widgetIcons/achoice.svg
IP 23.38.201.81:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2290)
Hash 9d26fa4e7238ed94f1d0d92afb453b3e
ae18efe7d09337bf2f580b3f5bc912284aad7821
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
GET /images/widgetIcons/achoice.svg HTTP/1.1
Host: widgets.outbrain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/svg+xml
etag: "9d26fa4e7238ed94f1d0d92afb453b3e:1662969032.874716"
last-modified: Mon, 12 Sep 2022 07:37:47 GMT
server: AkamaiNetStorage
content-length: 2735
cache-control: max-age=2592000
expires: Sat, 22 Oct 2022 12:50:56 GMT
date: Thu, 22 Sep 2022 12:50:56 GMT
timing-allow-origin: *, *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a388d1785dc7b642a92cc8a6b016993c
a5637d7c51f8eeb7ff77eb989a488fa111a94b63
7ae715c1ed89779c07fecdd6a82b6bbc2347a37dbf7e9b6fafdeb07549be3798
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2444
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 12:50:56 GMT
Last-Modified: Thu, 22 Sep 2022 12:10:12 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
ads.pubmatic.com/AdServer/js/pwt/161673/7165/pwt.js
23.38.200.201200 OK 68 kB URL HTTP/2 ads.pubmatic.com/AdServer/js/pwt/161673/7165/pwt.js
IP 23.38.200.201:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash c486343ee4c10598f90221bcd11429b2
2cb8a96e1902c35bfb0de435976d4825988453aa
57d80318fc1f90d0132ad5a686e9b76d0976496c3df1ec993082c321024f5113
GET /AdServer/js/pwt/161673/7165/pwt.js HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 30 Aug 2022 10:48:20 GMT
server: Apache
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type: application/javascript
content-length: 68097
cache-control: max-age=44563
expires: Fri, 23 Sep 2022 01:13:39 GMT
date: Thu, 22 Sep 2022 12:50:56 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5af22e39b225120461ea5dc341b14321
38a609c3fa222ded0cfe61ff6ed446561f92d10d
ba3362176a7e67ea61abf9de1e8104df80614b02ce23ab7ab0ab75480b65fd38
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 12:50:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ssum-sec.casalemedia.com/usermatchredir?s=197828&cb=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D50%26uid%3D
104.18.19.126302 Found 0 B URL HTTP/2 ssum-sec.casalemedia.com/usermatchredir?s=197828&cb=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D50%26uid%3D
IP 104.18.19.126:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usermatchredir?s=197828&cb=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D50%26uid%3D HTTP/1.1
Host: ssum-sec.casalemedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 22 Sep 2022 12:50:56 GMT
content-length: 0
location: /usermatchredir?cb=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D50%26uid%3D&s=197828&C=1
cf-ray: 74eb2b4c08f9b52d-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
set-cookie: CMID=YyxaMOYJ8I6.s7ST-NUuUgAA; Path=/; Domain=casalemedia.com; Expires=Fri, 22 Sep 2023 12:50:56 GMT; Max-Age=31536000; Secure; SameSite=None
CMPS=4364; Path=/; Domain=casalemedia.com; Expires=Wed, 21 Dec 2022 12:50:56 GMT; Max-Age=7776000; Secure; SameSite=None
CMPRO=4364; Path=/; Domain=casalemedia.com; Expires=Wed, 21 Dec 2022 12:50:56 GMT; Max-Age=7776000; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2cwhvFgrjTle%2FoX%2BSTknu9CfN%2B5VZuDFy21hLpiB4MnVPxeGbJmAgjY6j9i4mWNWahPZmm1XNhfgCznIxRRczsA2TJIAmCPPtZaOw%2FvPrXS5nA61Tj6xUqP8VL70uSngAVVQ%2FArLTo9H%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e2d0f4f4dfaba4dec7031f8e676caca2
6534b730950d3dcb40abb9d8f9033a5655f9eb80
e780eb5d9601306a8bfb9186281e8abdc00ff59e81429f72fd3e685b94a1da71
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4967
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 12:50:56 GMT
Last-Modified: Thu, 22 Sep 2022 11:28:10 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 952d0fe4c407a1ee52a7aaae2707f958
e75f8b479e6e8ba0b67eb48b5741598f7dd2edbd
9dc04f355cfd2e8ff7e64b03d20f60ab739906296581df36a578177f6e0692f6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 44
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 12:50:56 GMT
Last-Modified: Thu, 22 Sep 2022 12:50:12 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 279
cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D30%26uid%3D%24UID
37.157.2.234200 OK 43 B URL HTTP/2 cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D30%26uid%3D%24UID
IP 37.157.2.234:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /cookie?redirect_url=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D30%26uid%3D%24UID HTTP/1.1
Host: cm.adform.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 12:50:56 GMT
content-type: image/gif
content-length: 43
X-Firefox-Spdy: h2
ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
216.58.207.198200 OK 104 B URL HTTP/2 ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
IP 216.58.207.198:0
File type MS Windows icon resource - 2 icons, 16x16, 16 colors, 32x32, 16 colors\012- data
Hash 32ac8a9b81788b981a3a7e13c14082d4
fbfd48a2bfe8d4247a975176f88d18c3c2ad1952
00cc7617e054596ff0aaabd8a93a9214dc5304bfe317316022dbf4fb3ea073d2
GET /favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250 HTTP/1.1
Host: ad.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 104
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:35:30 GMT
expires: Thu, 22 Sep 2022 19:35:30 GMT
cache-control: public, max-age=86400
age: 62126
last-modified: Tue, 08 May 2012 13:08:06 GMT
content-type: image/x-icon
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s-img.adskeeper.com/g/13268963/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNi8xMDE5MjQvYmQ1OTc2Mjg2NmJkMjA2YzBlMGIzYTVkMmNkMDU2OWIuanBlZw.webp?v=1663851055-AJwDFah5oXPtJyqmsPnUep_s9RRBeWOmoFOQBcxSw7Q
104.18.4.42200 OK 14 kB URL HTTP/2 s-img.adskeeper.com/g/13268963/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNi8xMDE5MjQvYmQ1OTc2Mjg2NmJkMjA2YzBlMGIzYTVkMmNkMDU2OWIuanBlZw.webp?v=1663851055-AJwDFah5oXPtJyqmsPnUep_s9RRBeWOmoFOQBcxSw7Q
IP 104.18.4.42:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 492x277, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 43367fc0307f3877338b67e87df8f5d1
ab2b80631e8cd3da56b8cdce48e4a00292af0916
d5a469505c40cb7c2baf734dea5e4b8ff06d743483b824bedf66eff2e647d740
GET /g/13268963/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNi8xMDE5MjQvYmQ1OTc2Mjg2NmJkMjA2YzBlMGIzYTVkMmNkMDU2OWIuanBlZw.webp?v=1663851055-AJwDFah5oXPtJyqmsPnUep_s9RRBeWOmoFOQBcxSw7Q HTTP/1.1
Host: s-img.adskeeper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 12:50:56 GMT
content-type: image/webp
content-length: 13494
x-mg-request-uuid: 53ee2600-7209-4917-a5a6-d33dd3a854e7
access-control-allow-origin: *
last-modified: Thu, 16 Jun 2022 11:47:42 GMT
cache-control: immutable, max-age=31536000
cf-cache-status: HIT
age: 335958
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74eb2b4c9b5c0afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pixel.rubiconproject.com/exchange/sync.php?p=pbs-viads&gdpr=0&gdpr_consent=&us_privacy=0
213.19.162.90204 No Content 0 B URL HTTP/1.1 pixel.rubiconproject.com/exchange/sync.php?p=pbs-viads&gdpr=0&gdpr_consent=&us_privacy=0
IP 213.19.162.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /exchange/sync.php?p=pbs-viads&gdpr=0&gdpr_consent=&us_privacy=0 HTTP/1.1
Host: pixel.rubiconproject.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 54ab5e55007c9747024b4f039df5ce6b
Content-Type: image/gif
ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D50%26uid%3D&s=197828&C=1
104.18.19.126302 Found 0 B URL HTTP/2 ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D50%26uid%3D&s=197828&C=1
IP 104.18.19.126:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usermatchredir?cb=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D50%26uid%3D&s=197828&C=1 HTTP/1.1
Host: ssum-sec.casalemedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ouo.press/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Thu, 22 Sep 2022 12:50:56 GMT
content-length: 0
location: https://sync.viavideo.digital/tools/sync?dsp=50&uid=0
cf-ray: 74eb2b4c7978b52d-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xvOOEQywlLgSykgu0tbEmU6DWv184AptLjIFlxgzg6HAYvjRig4%2B7OygelnSVqNMIH%2F3GjCcSVANn5QD%2FLRHfnPKZVTLLCf%2Bi6iW8hkzpPqLPtDrdgPzMyMvY5a%2FDwN1SmxYgyxythoY7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 1172ada439bbd974bea02694e50dc71c
2e4b6b262534662020a8b9896cf8c870ecc40277
97e3475a2a8c02d5d7262585f04cf84e280e68f0d2eed1c4f025c7ce209da142
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1364
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 12:50:56 GMT
Last-Modified: Thu, 22 Sep 2022 12:28:12 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 278
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5af22e39b225120461ea5dc341b14321
38a609c3fa222ded0cfe61ff6ed446561f92d10d
ba3362176a7e67ea61abf9de1e8104df80614b02ce23ab7ab0ab75480b65fd38
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 12:50:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 8cfadda5d24dc125d3f9c0ac37d65fda
6a26109821dd629fa13a1a1984110c01b95a1a89
aff12bd9eb40dc7124a9793d81a93e1a578722c6cacc51fa8a86e5a308bc4a2c
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 22 Sep 2022 12:50:56 GMT
Last-Modified: Thu, 22 Sep 2022 12:01:23 GMT
Server: ECS (nyb/1D20)
X-Cache: Miss from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 2l-HKEz6Bbx-VXNaOnRJxaUStEoMBfEq3XWEK4abaSIiqW0FYMJiZg==
Age: 2973
sync.viavideo.digital/tools/sync?dsp=50&uid=0
141.94.202.176301 Moved Permanently 0 B URL HTTP/2 sync.viavideo.digital/tools/sync?dsp=50&uid=0
IP 141.94.202.176:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tools/sync?dsp=50&uid=0 HTTP/1.1
Host: sync.viavideo.digital
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ouo.press/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
server: nginx
date: Thu, 22 Sep 2022 12:50:56 GMT
content-length: 0
location: https://sync.hhkld.com/tools/sync?dsp=50&uid=0&viads_uid=ccm5kc72talfj1d30cl0Xx
set-cookie: uid=ccm5kc72talfj1d30cl0Xx; expires=Fri, 22 Sep 2023 12:50:56 GMT; domain=.viavideo.digital; path=/
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.23200 OK 1.8 kB IP 192.124.249.23:0
Hash 255604cdccb1ccc1278c88efc4381a13
82994bae618d6138c571ff8825463d1c6b8c4d26
f07aecbce2952b447fa31aa7efea32e6549cfb0a79fb95c55a1844badca62c1d
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Thu, 22 Sep 2022 12:50:56 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 21 Sep 2022 22:01:50 GMT
Expires: Thu, 22 Sep 2022 22:01:50 GMT
ETag: "82994bae618d6138c571ff8825463d1c6b8c4d26"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ice.360yield.com/server_match?partner_id=2046&r=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D53%26uid%3D{PUB_USER_ID}
18.159.40.100302 Found 0 B URL HTTP/2 ice.360yield.com/server_match?partner_id=2046&r=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D53%26uid%3D{PUB_USER_ID}
IP 18.159.40.100:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /server_match?partner_id=2046&r=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D53%26uid%3D{PUB_USER_ID} HTTP/1.1
Host: ice.360yield.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 22 Sep 2022 12:50:56 GMT
content-type: text/plain
content-length: 0
location: https://ice.360yield.com/ul_cb/server_match?partner_id=2046&r=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D53%26uid%3D%7BPUB_USER_ID%7D
set-cookie: tuuid=ffb8cc62-c389-4379-9b61-e3efabd96740; Expires=Wed, 21 Dec 2022 12:50:56 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
tuuid_lu=1663851056; Expires=Wed, 21 Dec 2022 12:50:56 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
sync.hhkld.com/tools/sync?dsp=50&uid=0&viads_uid=ccm5kc72talfj1d30cl0Xx
141.94.202.176301 Moved Permanently 0 B URL HTTP/2 sync.hhkld.com/tools/sync?dsp=50&uid=0&viads_uid=ccm5kc72talfj1d30cl0Xx
IP 141.94.202.176:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tools/sync?dsp=50&uid=0&viads_uid=ccm5kc72talfj1d30cl0Xx HTTP/1.1
Host: sync.hhkld.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ouo.press/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
server: nginx
date: Thu, 22 Sep 2022 12:50:56 GMT
content-length: 0
location: https://sync.vicodes.com/tools/sync?dsp=50&uid=0&viads_uid=ccm5kc72talfj1d30cl0Xx
set-cookie: uid=ccm5kc72talfj1d30cl0Xx; expires=Fri, 22 Sep 2023 12:50:56 GMT; domain=.hhkld.com; path=/
X-Firefox-Spdy: h2
ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D38%26uid%3D%24UID
72.251.249.14204 No Content 0 B URL HTTP/1.1 ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D38%26uid%3D%24UID
IP 72.251.249.14:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D38%26uid%3D%24UID HTTP/1.1
Host: ap.lijit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Thu, 22 Sep 2022 12:50:56 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type
X-Sovrn-Pod: ad_ap1ams1
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&bundle=rKMJul9EckR5M0pTRVgwMFFKJTJCbTM2Z2t2TmhKdHpiN1pYRjM5bTgyd0p1Q3h3SnZUSW81MWJPZVZnaWxKeVplUzVad01sbFRwWmNDRlFlJTJCRTJkVGdWVDVtaGNFU3JkSE5tU0Jjd3VyTlFkWHolMkJhZW8lMkJocDljeXJobjlWcjRvUlA3T3Vh&cw=1&lsw=1
178.250.0.157200 OK 443 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&bundle=rKMJul9EckR5M0pTRVgwMFFKJTJCbTM2Z2t2TmhKdHpiN1pYRjM5bTgyd0p1Q3h3SnZUSW81MWJPZVZnaWxKeVplUzVad01sbFRwWmNDRlFlJTJCRTJkVGdWVDVtaGNFU3JkSE5tU0Jjd3VyTlFkWHolMkJhZW8lMkJocDljeXJobjlWcjRvUlA3T3Vh&cw=1&lsw=1
IP 178.250.0.157:0
Hash c59486aa77822071037e5adf4d7b9215
324d6478a6216123c51692378f0e0c3d928228f1
1b87a3766775fe21b1b4fba950cf56a807475e3d57dca7976c335200bce32468
GET /sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&bundle=rKMJul9EckR5M0pTRVgwMFFKJTJCbTM2Z2t2TmhKdHpiN1pYRjM5bTgyd0p1Q3h3SnZUSW81MWJPZVZnaWxKeVplUzVad01sbFRwWmNDRlFlJTJCRTJkVGdWVDVtaGNFU3JkSE5tU0Jjd3VyTlFkWHolMkJhZW8lMkJocDljeXJobjlWcjRvUlA3T3Vh&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 12:50:55 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://ouo.press
server-processing-duration-in-ticks: 1240150
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
sync.vicodes.com/tools/sync?dsp=50&uid=0&viads_uid=ccm5kc72talfj1d30cl0Xx
141.94.202.176200 OK 43 B URL HTTP/2 sync.vicodes.com/tools/sync?dsp=50&uid=0&viads_uid=ccm5kc72talfj1d30cl0Xx
IP 141.94.202.176:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /tools/sync?dsp=50&uid=0&viads_uid=ccm5kc72talfj1d30cl0Xx HTTP/1.1
Host: sync.vicodes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ouo.press/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 12:50:56 GMT
content-type: image/gif
content-length: 43
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Accept
access-control-allow-methods: GET, POST
access-control-allow-origin: *
last-modified: Thu, 22 Sep 2022 12:50:56 GMT
expires: Wed, 11 Nov 1998 11:11:11 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
set-cookie: uid=ccm5kc72talfj1d30cl0Xx; expires=Fri, 22 Sep 2023 12:50:56 GMT; domain=.vicodes.com; path=/
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 880faa949b81724658c4d6fb9b07c2dc
df5de74a1e3ac39ebecc2615b8908b328a85308e
95770eff7b650f372d7cbcf322a03d264905d54775d49ac8c2305c527a358fa5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "95770EFF7B650F372D7CBCF322A03D264905D54775D49AC8C2305C527A358FA5"
Last-Modified: Wed, 21 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17469
Expires: Thu, 22 Sep 2022 17:42:05 GMT
Date: Thu, 22 Sep 2022 12:50:56 GMT
Connection: keep-alive
lb.eu-1-id5-sync.com/lb/v1
141.95.98.66200 33 B URL HTTP/1.1 lb.eu-1-id5-sync.com/lb/v1
IP 141.95.98.66:0
File type JSON data\012- , ASCII text, with no line terminators
Hash d6392e3025cdcceed2928b7ee0cff359
c757496b8947c9dcedb76990dd5cbfbdb2875385
60c9eb96944263c6a21e68e0a2da516788a8ac7e89b9d1963a7c32b8d6e7b906
GET /lb/v1 HTTP/1.1
Host: lb.eu-1-id5-sync.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://ouo.press
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Thu, 22 Sep 2022 12:50:55 GMT
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 0c2e17d8cf31157df1a4bd2f99a54c6c
c0bbb9ac61662fda8781947855cf7074484ac540
52f7b19b0215b25985a1e67274af794f09cd838879b503fe985141aee33a5707
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 12:50:56 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 20 Sep 2022 04:09:18 GMT
Expires: Tue, 27 Sep 2022 04:09:17 GMT
Etag: "c0bbb9ac61662fda8781947855cf7074484ac540"
Cache-Control: max-age=400100,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74eb2b4c8b67b4ff-OSL
ads.betweendigital.com/match?bidder_id=44738&callback_url=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D39%26uid%3D%24%7BUSER_ID%7D
188.42.196.115302 Found 0 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=44738&callback_url=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D39%26uid%3D%24%7BUSER_ID%7D
IP 188.42.196.115:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?bidder_id=44738&callback_url=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D39%26uid%3D%24%7BUSER_ID%7D HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: /match?bidder_id=44738&callback_url=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D39%26uid%3D%24%7BUSER_ID%7D&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Fri, 22 Sep 2023 12:50:56 GMT; Path=/; Domain=.betweendigital.com
tuuid=dd2d5c25-990c-5209-a721-a7c3c40dfdf3; Max-Age=31536000; Expires=Fri, 22 Sep 2023 12:50:56 GMT; Path=/; Domain=.betweendigital.com
ut=YyxaMAAEtwgqYCi2djbHs9-Bfv-J8Z5nOcMeEg==; Max-Age=31536000; Expires=Fri, 22 Sep 2023 12:50:56 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash b43e09c740cace41ec28cdfecbcc7455
36b0a9cb16d59754c09243baf202ffc7cdee8d68
323a98b51d34aac6719fe604e2a547a56426c466f4d9698b44a98bbe61fd0530
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2194
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 12:50:56 GMT
Last-Modified: Thu, 22 Sep 2022 12:14:22 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 313
ads.betweendigital.com/match?bidder_id=44738&callback_url=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D39%26uid%3D%24%7BUSER_ID%7D&crf=1
188.42.196.115200 OK 68 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=44738&callback_url=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D39%26uid%3D%24%7BUSER_ID%7D&crf=1
IP 188.42.196.115:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
GET /match?bidder_id=44738&callback_url=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D39%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ouo.press/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Fri, 22 Sep 2023 12:50:56 GMT; Path=/; Domain=.betweendigital.com
tuuid=82605d4a-e07a-5209-9af4-274df9d87d7d; Max-Age=31536000; Expires=Fri, 22 Sep 2023 12:50:56 GMT; Path=/; Domain=.betweendigital.com
ut=YyxaMAAF0EhP5BU_OZoaxI9EsHyC_8Hhn0p4WA==; Max-Age=31536000; Expires=Fri, 22 Sep 2023 12:50:56 GMT; Path=/; Domain=.betweendigital.com
content-length: 68
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c6e360932a24cf96fa8c9566cfec673a
5c0771762691b48a9ec4d5a9f27ad1bcdfdb398b
068ee8e2aec1d2394ed8df21a90d7a8a699250a45784c656daa3589260fab4b9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "068EE8E2AEC1D2394ED8DF21A90D7A8A699250A45784C656DAA3589260FAB4B9"
Last-Modified: Wed, 21 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12460
Expires: Thu, 22 Sep 2022 16:18:37 GMT
Date: Thu, 22 Sep 2022 12:50:57 GMT
Connection: keep-alive
id5-sync.com/g/v2/806.json
141.95.98.64200 215 B URL HTTP/1.1 id5-sync.com/g/v2/806.json
IP 141.95.98.64:0
File type JSON data\012- , ASCII text, with no line terminators
Hash d34698332711b42b57fdd1f4a0fae561
b2782537babe3d78570b7b68b3dfa1502ddbff8a
9151114f56143baf5de55cfa4696313387d19a2189c1ac57fc0204211fb09e58
POST /g/v2/806.json HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 195
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Thu, 22 Sep 2022 12:50:57 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.21.226:0
Hash c54f1b0f15c6bda31a92dfacfc12aafb
6ead2f3fb75a2815a1523b686135002897568adf
a1fb3654a9d595853090a69aebe107ca1b6fef0196fd2f2e1bae5763428b90fa
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 12:50:57 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Mon, 26 Sep 2022 12:31:07 GMT
ETag: "6ead2f3fb75a2815a1523b686135002897568adf"
Last-Modified: Thu, 22 Sep 2022 12:31:08 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 426
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74eb2b546fe3b524-OSL
ocsp.godaddy.com/
192.124.249.23200 OK 1.8 kB IP 192.124.249.23:0
Hash 5ce409450144b47b75895482975f2a8e
a22f2a3d65f20cba66c0aab5b6e226615dd25ef0
033d22481b95a29928e17d3f2736da2077a8ce71cd9c31f14c56daf39f4c4988
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Thu, 22 Sep 2022 12:50:57 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 21 Sep 2022 23:41:13 GMT
Expires: Thu, 22 Sep 2022 23:41:13 GMT
ETag: "a22f2a3d65f20cba66c0aab5b6e226615dd25ef0"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
id.crwdcntrl.net/id
52.18.161.218200 OK 89 kB IP 52.18.161.218:0
Hash 2f4268a44034f7fc6bbd839f6d5de815
f4b89e3c8f2087a0163f4e29526b62d765bef92e
fbbe868bceefa74c799fff21cc22522ccbf4ca190a786b31bd0067637d3e01ce
GET /id HTTP/1.1
Host: id.crwdcntrl.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 12:50:57 GMT
content-type: application/json;charset=utf-8
content-length: 63
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.1.245
access-control-allow-credentials: true
access-control-allow-origin: https://ouo.press
server: Jetty(9.4.38.v20210224)
X-Firefox-Spdy: h2
viavideo.digital/rux/abcdef/105641/?pub_sid=105641&VIA_WIDTH=432&VIA_HEIGHT=243&v=206231&rc=1&cb=1663851054450&page_url=https%3A%2F%2Fouo.press%2FxNNZFxn
141.94.202.176200 OK 1.6 kB URL HTTP/2 viavideo.digital/rux/abcdef/105641/?pub_sid=105641&VIA_WIDTH=432&VIA_HEIGHT=243&v=206231&rc=1&cb=1663851054450&page_url=https%3A%2F%2Fouo.press%2FxNNZFxn
IP 141.94.202.176:0
Hash f9032af721cb5d6e8cd19364a4d576f3
582e42ec325d492d7bc578beb4cb0271650abcf0
1675ab65af858ddb5906148c5a21c9bd0a5a5d1f90b2a98bb7c0471fe57eaec7
GET /rux/abcdef/105641/?pub_sid=105641&VIA_WIDTH=432&VIA_HEIGHT=243&v=206231&rc=1&cb=1663851054450&page_url=https%3A%2F%2Fouo.press%2FxNNZFxn HTTP/1.1
Host: viavideo.digital
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ouo.press/
Origin: https://ouo.press
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 12:50:55 GMT
content-type: application/json
access-control-allow-origin: https://ouo.press
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
set-cookie: uid=jV7KsGMsWi+NuJGk7zEwAg==; expires=Fri, 22-Sep-23 12:50:55 GMT; domain=.viavideo.digital; path=/
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 1.3 kB IP 104.18.32.68:0
File type gzip compressed data, from Unix\012- data
Hash af11fc13254556207a34526b19bb9752
9e382c022615115717359df166c3280be94dd953
723babd793296439aef96ed7cb74212e6bb59e7c47e4582efd0b5f72215dfe16
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 12:50:57 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 13:42:56 GMT
Expires: Wed, 28 Sep 2022 13:42:55 GMT
Etag: "f2cb59ace17ff9d8c7273a3f5d76887700f457a0"
Cache-Control: max-age=520917,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74eb2b53dc34b4ff-OSL
api.rlcdn.com/api/identity/envelope?pid=1258
34.120.133.55401 Unauthorized 19 B URL HTTP/2 api.rlcdn.com/api/identity/envelope?pid=1258
IP 34.120.133.55:0
Hash 63dfbd2b39fe4f536a04e7b32ada47b4
207298c4a215ad5d97d888522927910ae772ba48
26e51290d12b4fea0bb98da3ed118837b744555ba723061771ab3df30000b6b7
GET /api/identity/envelope?pid=1258 HTTP/1.1
Host: api.rlcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 401 Unauthorized
content-type: text/plain; charset=utf-8
x-content-type-options: nosniff
date: Thu, 22 Sep 2022 12:50:57 GMT
content-length: 19
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash a3b00c4674ee0386430e963a8ca3a040
f2cb59ace17ff9d8c7273a3f5d76887700f457a0
17d6cf90b88f4e2897173116ca300b3dbd613af3aca9bfcdbf69adbb3883aa38
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 12:50:58 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 13:42:56 GMT
Expires: Wed, 28 Sep 2022 13:42:55 GMT
Etag: "f2cb59ace17ff9d8c7273a3f5d76887700f457a0"
Cache-Control: max-age=520916,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74eb2b5859eeb4ff-OSL
id5-sync.com/g/v2/231.json
141.95.98.64200 216 B URL HTTP/1.1 id5-sync.com/g/v2/231.json
IP 141.95.98.64:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 53d35de226f7b687360d37d2849c3174
867f5a3c05d951f51dede6e869713b2d36a525d4
5ca212d16f0c3e1447aab912eaaa23b5cdc9f6dfe5c7899b1add5c62e245fc30
POST /g/v2/231.json HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 306
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Thu, 22 Sep 2022 12:50:57 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 117ec669107ae59662529d88c8ac9478
04dc7b5f8b400d85c3bb83efe3d17f8a71cee419
8d549b093e4064eed1779f6c358f47e742dc905a6714b27e3da0329742f9b760
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8D549B093E4064EED1779F6C358F47E742DC905A6714B27E3DA0329742F9B760"
Last-Modified: Wed, 21 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3332
Expires: Thu, 22 Sep 2022 13:46:30 GMT
Date: Thu, 22 Sep 2022 12:50:58 GMT
Connection: keep-alive
ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155495
23.38.200.201200 OK 5.5 kB URL HTTP/2 ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155495
IP 23.38.200.201:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (15844), with no line terminators
Hash 7725e8e949141c8ded449d86975d4c04
8cd8c314a2002cc26f821d331ab9512f52a551a2
a0c49aacf6f552bce544eb8516404f696918253cd934a6404ebeafd71f8780ae
GET /AdServer/js/user_sync.html?kdntuid=1&p=155495 HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
server: Apache
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5549
content-type: text/html; charset=UTF-8
cache-control: max-age=142789
expires: Sat, 24 Sep 2022 04:30:47 GMT
date: Thu, 22 Sep 2022 12:50:58 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
acdn.adnxs.com/dmp/async_usersync.html
23.38.200.189200 OK 17 kB URL HTTP/1.1 acdn.adnxs.com/dmp/async_usersync.html
IP 23.38.200.189:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (52990)
Hash 9c6b5ce6b3452e98573e6409c34dd73c
de607fadef62e36945a409a838eb8fc36d819b42
cd729039a1b314b25ea94b5c45c8d575d3387f7df83f98c233614bf09484a1fc
GET /dmp/async_usersync.html HTTP/1.1
Host: acdn.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
ETag: "623de86a-cf34"
Server: nginx/1.18.0 (Ubuntu)
Access-Control-Allow-Origin: *
Content-Type: text/html
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Fri, 23 Sep 2022 12:51:00 GMT
Date: Thu, 22 Sep 2022 12:50:58 GMT
Connection: keep-alive
Vary: Accept-Encoding
image6.pubmatic.com/AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB
185.64.190.78200 OK 60 B URL HTTP/2 image6.pubmatic.com/AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB
IP 185.64.190.78:0
File type ASCII text, with no line terminators
Hash 8ec10d1d59806dafaeae31b40e67fb88
7dd95a9b8641aec2cebfd0a8bb4278cf56d990b1
cb19f0fc1bad899905f3cc962612d44d5547de5ab231b1d2c45f9c6121d1bab9
GET /AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB HTTP/1.1
Host: image6.pubmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.pubmatic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
cache-control: private
content-type: text/html; charset=UTF-8
expires: Wed, 21 Dec 2022 04:30:02 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Thu, 22 Sep 2022 12:50:57 GMT
content-length: 60
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&pbt=1&lsw=1
178.250.0.157200 OK 399 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&pbt=1&lsw=1
IP 178.250.0.157:0
File type JSON data\012- , ASCII text, with very long lines (481), with no line terminators
Hash 3bbca0f182f7fff95b6710fbb58393f0
5353c1ec173e428beeb27ffd3680973c02d13919
0cdeea748eb6462f8ed9a665e0b5f7ad99fce8a712ffea3aee3de69e9a7806a9
GET /sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&pbt=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 12:50:58 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://ouo.press
server-processing-duration-in-ticks: 925528
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 666f08303ae5c09c3ace105420b1c7e0
0e16995749a9134671a7bdbc956d693600dfb7b2
667af2961f80a5fe83e0c7fdbcafe69f66b7f4eaaa95afb30e2111addd278335
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4699
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 12:50:58 GMT
Last-Modified: Thu, 22 Sep 2022 11:32:39 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 314
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
185.89.211.84200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP 185.89.211.84:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Thu, 22 Sep 2022 12:50:58 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 5c37e621-9f5e-4738-8d21-a8a8f8271c90
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
dnacdn.net/dna
178.250.0.157200 OK 0 B IP 178.250.0.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 12:50:58 GMT
server: Kestrel
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=HsO_NV80M0RITmhlJTJCZkMwOUJGQlhaMUN2czZockk4bG1KaXFNMHR5SExnc3EzZEV3WmEybmxkamlGQUpnUW1UYzZvM3c; expires=Tue, 17 Oct 2023 12:50:58 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://ouo.press
server-processing-duration-in-ticks: 240937
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
reapinject.com/sbar.json?key=ed36014633829dc70a42dccaefdf3f11&uuid=cbb1543f-c39b-4ec3-9232-3be379210602%3A1%3A1
192.243.61.227200 OK 4.1 kB URL HTTP/1.1 reapinject.com/sbar.json?key=ed36014633829dc70a42dccaefdf3f11&uuid=cbb1543f-c39b-4ec3-9232-3be379210602%3A1%3A1
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , ASCII text, with very long lines (5613), with no line terminators
Hash 790e173ca285ea8d424352766328380b
97b6ee4be22155235dafe44f1e079d2bfdb5e3a7
6d85632ec5578fc958bb6c709db490169cfa2b4c90ce452ee396c4a572cf1ba4
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=ed36014633829dc70a42dccaefdf3f11&uuid=cbb1543f-c39b-4ec3-9232-3be379210602%3A1%3A1 HTTP/1.1
Host: reapinject.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 22 Sep 2022 12:50:58 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://ouo.press
Access-Control-Allow-Origin: https://ouo.press
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=15424691; expires=Fri, 23 Sep 2022 12:50:58 GMT; secure; SameSite=None
uid_id2=cbb1543f-c39b-4ec3-9232-3be379210602:1:1; expires=Thu, 29 Sep 2022 12:50:58 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 23 Sep 2022 12:50:58 GMT; secure; SameSite=None
uncs=1; expires=Fri, 23 Sep 2022 12:50:58 GMT; secure; SameSite=None
pdhtkv29=true; expires=Fri, 23 Sep 2022 12:50:58 GMT; secure; SameSite=None
uncs29=1; expires=Fri, 23 Sep 2022 12:50:58 GMT; secure; SameSite=None
sleced36014633829dc70a42dccaefdf3f11=[3364848]; expires=Thu, 22 Sep 2022 12:51:03 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: fd68d1e8db14fe6a80f6a2a66fd7b4b3
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
simage4.pubmatic.com/AdServer/SPug?o=1&p=155495&sc=1&u=3741D7C8-809F-4F35-8535-71AC71EE7779&rs=3&gdpr=0&gdpr_consent=&us_privacy=
198.47.127.20200 OK 279 B URL HTTP/2 simage4.pubmatic.com/AdServer/SPug?o=1&p=155495&sc=1&u=3741D7C8-809F-4F35-8535-71AC71EE7779&rs=3&gdpr=0&gdpr_consent=&us_privacy=
IP 198.47.127.20:0
Hash d7ca55e5daf00e83baa4aecf66912f50
7bea98e8aef3994e343e65bb5710dc251f8dae84
725a51112765453ae553fadf82735c44e2a884f71d689d86dce10fa7165b14fa
GET /AdServer/SPug?o=1&p=155495&sc=1&u=3741D7C8-809F-4F35-8535-71AC71EE7779&rs=3&gdpr=0&gdpr_consent=&us_privacy= HTTP/1.1
Host: simage4.pubmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 12:50:57 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
X-Firefox-Spdy: h2
reapinject.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSz2skRRTHqzcRFEFQ9qKgDOJBYTPpH5OeGfewGGMkmP3BrrIiglZXVU%2FK1HQ1VV3TkxwkuCh7HP%2BDzneSDdFFFL26yGRhDzllPEgO5h%2FwogiePMjMBkcfFO%2B9%2Br7Dp771vth1Z8SHo6crV%2FW2VIouLtX92qvvB8Hl2rrMXL%2FWb8UfxY3LNdN7vR3X%2Fddqbwu2qRdDP%2FD9wA9qq9KIVPcXJyJkfr8d1Nt%2BvRHWg6UG%2Bub%2FvXUeLPXAe2fkOUg%2Bnn%2FoXYRkI2Tdb1eE3Sx0fumtrlO00AY9fvBetpnpMkN3VqbGQ5odnE9D25PVB9DZ%2FhQXuvfvYCLHxHv0AEl2cA6JpLc35UwURIaEP42yN4JQI0g6AtN3IPkJARjHtevIuveuaVPSrccqnahjMv%2FXn5DlmMz%2FehFZ95tlJfu1W1q5QurMop9WkP0RZGeE3B2h2L4AWR6BFZ9BcoKsW0Hy01dYkgRLjShdYFE7WWgIFi20wyhciBIRNdth4Md%2BODVGyhFkOoISA1DrwU2O9OBSDy730OWnNRYEQdPnjPqtNmMRb4ok5n5Am2lAAz9uwbEJ%2BwBFPgBTAzCzg9zsYFMOYNxPsBsVLPdgC4Ier1AKgtISlJSglARlQVD2qn2ubGire1xZlwTnOTzPUTXURWeX7uuiIzKym5%2BRZ6eG%2Ffbh99gUpzXBo9gPGnEUtcI2Z02fNkLOGBUpT6M0CGBlBWkvTJ%2B5LU%2Be%2BQW5PHmqQkKPYNURmHwZ1L0IWg6boQ%2B6MWy0fGxnh9rpem6EteC6Ql48gWLL21Vn5PkpQHT7dwh2fOXj5Or4j8O%2FwUyF3FT4RD4k6Ki7w5u6JHs3dWnJd9fzQnblNp385q2CFmLuq3fEVqkNX1uxg8M32ESYlPffFbZYpxmXWceSr5cl58KsasME%2BXHN3hbJDWc3lp3JXL5%2B483Vte4UUOpsBCrHhDw6BpNj8uQP%2B9NFfeHzTyHNCMZV6Lpjch6Q%2Bggs34HNZ%2FxWz8Go2UySeyhdNTRhMrtUkkCJWU%2BTCvY%2FfTKrd%2B1ddMxLoMWd6X72TIWeqkDVANbNDYvcHF%2F5OZoGEuUNE2W8vUQZ9eVjc608rTWjyKdxeyloNqloJo2wlcYBpzRsxGEc0wiFHbNLH4T%2FAAAA%2F%2F8BAAD%2F%2F1enVxlzBAAA
192.243.61.227200 OK 7 B URL HTTP/1.1 reapinject.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSz2skRRTHqzcRFEFQ9qKgDOJBYTPpH5OeGfewGGMkmP3BrrIiglZXVU%2FK1HQ1VV3TkxwkuCh7HP%2BDzneSDdFFFL26yGRhDzllPEgO5h%2FwogiePMjMBkcfFO%2B9%2Br7Dp771vth1Z8SHo6crV%2FW2VIouLtX92qvvB8Hl2rrMXL%2FWb8UfxY3LNdN7vR3X%2Fddqbwu2qRdDP%2FD9wA9qq9KIVPcXJyJkfr8d1Nt%2BvRHWg6UG%2Bub%2FvXUeLPXAe2fkOUg%2Bnn%2FoXYRkI2Tdb1eE3Sx0fumtrlO00AY9fvBetpnpMkN3VqbGQ5odnE9D25PVB9DZ%2FhQXuvfvYCLHxHv0AEl2cA6JpLc35UwURIaEP42yN4JQI0g6AtN3IPkJARjHtevIuveuaVPSrccqnahjMv%2FXn5DlmMz%2FehFZ95tlJfu1W1q5QurMop9WkP0RZGeE3B2h2L4AWR6BFZ9BcoKsW0Hy01dYkgRLjShdYFE7WWgIFi20wyhciBIRNdth4Md%2BODVGyhFkOoISA1DrwU2O9OBSDy730OWnNRYEQdPnjPqtNmMRb4ok5n5Am2lAAz9uwbEJ%2BwBFPgBTAzCzg9zsYFMOYNxPsBsVLPdgC4Ier1AKgtISlJSglARlQVD2qn2ubGire1xZlwTnOTzPUTXURWeX7uuiIzKym5%2BRZ6eG%2Ffbh99gUpzXBo9gPGnEUtcI2Z02fNkLOGBUpT6M0CGBlBWkvTJ%2B5LU%2Be%2BQW5PHmqQkKPYNURmHwZ1L0IWg6boQ%2B6MWy0fGxnh9rpem6EteC6Ql48gWLL21Vn5PkpQHT7dwh2fOXj5Or4j8O%2FwUyF3FT4RD4k6Ki7w5u6JHs3dWnJd9fzQnblNp385q2CFmLuq3fEVqkNX1uxg8M32ESYlPffFbZYpxmXWceSr5cl58KsasME%2BXHN3hbJDWc3lp3JXL5%2B483Vte4UUOpsBCrHhDw6BpNj8uQP%2B9NFfeHzTyHNCMZV6Lpjch6Q%2Bggs34HNZ%2FxWz8Go2UySeyhdNTRhMrtUkkCJWU%2BTCvY%2FfTKrd%2B1ddMxLoMWd6X72TIWeqkDVANbNDYvcHF%2F5OZoGEuUNE2W8vUQZ9eVjc608rTWjyKdxeyloNqloJo2wlcYBpzRsxGEc0wiFHbNLH4T%2FAAAA%2F%2F8BAAD%2F%2F1enVxlzBAAA
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1SSz2skRRTHqzcRFEFQ9qKgDOJBYTPpH5OeGfewGGMkmP3BrrIiglZXVU%2FK1HQ1VV3TkxwkuCh7HP%2BDzneSDdFFFL26yGRhDzllPEgO5h%2FwogiePMjMBkcfFO%2B9%2Br7Dp771vth1Z8SHo6crV%2FW2VIouLtX92qvvB8Hl2rrMXL%2FWb8UfxY3LNdN7vR3X%2Fddqbwu2qRdDP%2FD9wA9qq9KIVPcXJyJkfr8d1Nt%2BvRHWg6UG%2Bub%2FvXUeLPXAe2fkOUg%2Bnn%2FoXYRkI2Tdb1eE3Sx0fumtrlO00AY9fvBetpnpMkN3VqbGQ5odnE9D25PVB9DZ%2FhQXuvfvYCLHxHv0AEl2cA6JpLc35UwURIaEP42yN4JQI0g6AtN3IPkJARjHtevIuveuaVPSrccqnahjMv%2FXn5DlmMz%2FehFZ95tlJfu1W1q5QurMop9WkP0RZGeE3B2h2L4AWR6BFZ9BcoKsW0Hy01dYkgRLjShdYFE7WWgIFi20wyhciBIRNdth4Md%2BODVGyhFkOoISA1DrwU2O9OBSDy730OWnNRYEQdPnjPqtNmMRb4ok5n5Am2lAAz9uwbEJ%2BwBFPgBTAzCzg9zsYFMOYNxPsBsVLPdgC4Ier1AKgtISlJSglARlQVD2qn2ubGire1xZlwTnOTzPUTXURWeX7uuiIzKym5%2BRZ6eG%2Ffbh99gUpzXBo9gPGnEUtcI2Z02fNkLOGBUpT6M0CGBlBWkvTJ%2B5LU%2Be%2BQW5PHmqQkKPYNURmHwZ1L0IWg6boQ%2B6MWy0fGxnh9rpem6EteC6Ql48gWLL21Vn5PkpQHT7dwh2fOXj5Or4j8O%2FwUyF3FT4RD4k6Ki7w5u6JHs3dWnJd9fzQnblNp385q2CFmLuq3fEVqkNX1uxg8M32ESYlPffFbZYpxmXWceSr5cl58KsasME%2BXHN3hbJDWc3lp3JXL5%2B483Vte4UUOpsBCrHhDw6BpNj8uQP%2B9NFfeHzTyHNCMZV6Lpjch6Q%2Bggs34HNZ%2FxWz8Go2UySeyhdNTRhMrtUkkCJWU%2BTCvY%2FfTKrd%2B1ddMxLoMWd6X72TIWeqkDVANbNDYvcHF%2F5OZoGEuUNE2W8vUQZ9eVjc608rTWjyKdxeyloNqloJo2wlcYBpzRsxGEc0wiFHbNLH4T%2FAAAA%2F%2F8BAAD%2F%2F1enVxlzBAAA HTTP/1.1
Host: reapinject.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Cookie: u_pl=15424691; uid_id2=cbb1543f-c39b-4ec3-9232-3be379210602:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleced36014633829dc70a42dccaefdf3f11=[3364848]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 22 Sep 2022 12:50:59 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 867557646342ae61ee6ca3baef8cfd14
Strict-Transport-Security: max-age=0; includeSubdomains
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b7a556e012ef2ad5033d6828be41a6fe
81082e4d3b89c3bd71d4acc17d4717bc15f1383c
5f18e2035118b6323cc8d9000dc10ea05ec18df8b1d62dfcaf283c79ed0f410b
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "5F18E2035118B6323CC8D9000DC10EA05EC18DF8B1D62DFCAF283C79ED0F410B"
Last-Modified: Wed, 21 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9849
Expires: Thu, 22 Sep 2022 15:35:08 GMT
Date: Thu, 22 Sep 2022 12:50:59 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b7a556e012ef2ad5033d6828be41a6fe
81082e4d3b89c3bd71d4acc17d4717bc15f1383c
5f18e2035118b6323cc8d9000dc10ea05ec18df8b1d62dfcaf283c79ed0f410b
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "5F18E2035118B6323CC8D9000DC10EA05EC18DF8B1D62DFCAF283C79ED0F410B"
Last-Modified: Wed, 21 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9849
Expires: Thu, 22 Sep 2022 15:35:08 GMT
Date: Thu, 22 Sep 2022 12:50:59 GMT
Connection: keep-alive
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/arrow.png
172.64.201.2200 OK 2.0 kB URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/arrow.png
IP 172.64.201.2:0
File type PNG image data, 52 x 81, 8-bit/color RGBA, non-interlaced\012- data
Hash ef2bad0eceeff00bf615df0a433a5bff
a910af81d23d78c96283b46c241d3d9652562009
9c362044a93ac6919b7174a1620d4d82dbe1940a450aea1abca32a48fd160d40
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/arrow.png HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 12:50:59 GMT
content-type: image/png
content-length: 2008
last-modified: Fri, 21 May 2021 10:10:48 GMT
etag: "60a78728-7d8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4329971
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9ec6xncHmhDZ6i6SGTtqpMW9Jx7WXnDvtpFE2T6vGcM9jRTLciKMMJLkk0IgKD9uQrqr5PWfH0qBD3dk8oB6VXx%2BNdQQ2rehi%2F8%2BcAct79wqBP7b8hZr%2BhIgUF3C803wuv8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74eb2b5f9be672d8-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.yourwebbars.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/index.html
104.26.6.19200 OK 8.8 kB URL HTTP/2 cdn.yourwebbars.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/index.html
IP 104.26.6.19:0
File type HTML document, ASCII text
Hash 6da9c19bb5f30eaebf2c80534412c54d
4ee659d8c25d1e25fd044a8f572d3b790c0aa818
c3fa3b21304bfde1da26ba7a1e1496d7d4dbf31495b5eed54bf01e0c29b83718
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/index.html HTTP/1.1
Host: cdn.yourwebbars.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 12:50:58 GMT
content-type: text/html
last-modified: Wed, 09 Feb 2022 14:12:53 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 597078
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nqqBIoVWq9VLcrid%2BgjIzqOlh91%2BzNM3IAhwEOdZ0IrGxXz8odwleK5LKSnA0afp4ixH7y8u2HBws%2FfKtIxgSzrqjh2d1m8vrMfLMShw9Dbvc7QziIHICdhz%2BS0HDhGJVDj2zJQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74eb2b5eaf3d1c0e-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/number.png
172.64.201.2200 OK 1.1 kB URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/number.png
IP 172.64.201.2:0
File type PNG image data, 43 x 43, 8-bit/color RGBA, non-interlaced\012- data
Hash 9e4414e85c588bf7db195e49c02ab2bb
09254e79b255f1b2dfe45adbbe44583a4b433782
0b977ec6e7cf5d35df03cd3a8041f5f523f5d4059ac67c152c0a7b613e20b762
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/number.png HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 12:50:59 GMT
content-type: image/png
content-length: 1138
last-modified: Fri, 21 May 2021 10:10:48 GMT
etag: "60a78728-472"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4329971
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iUVHsGDq7SXx870DozcqTqoagE84mCSMr6KzfwOuBXeQlZuZyzcMCgLoc0Vx5AGeSE7MwIxZb9%2F%2F%2Br%2F92pJll3sIL2i8%2BC%2FnCwDIMUpJXh16rhzhOSTILLfgIr2tzLi89Tk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74eb2b5f9be872d8-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b7a556e012ef2ad5033d6828be41a6fe
81082e4d3b89c3bd71d4acc17d4717bc15f1383c
5f18e2035118b6323cc8d9000dc10ea05ec18df8b1d62dfcaf283c79ed0f410b
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "5F18E2035118B6323CC8D9000DC10EA05EC18DF8B1D62DFCAF283C79ED0F410B"
Last-Modified: Wed, 21 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9849
Expires: Thu, 22 Sep 2022 15:35:08 GMT
Date: Thu, 22 Sep 2022 12:50:59 GMT
Connection: keep-alive
reapinject.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F15%2Findex.html&l=2230&fd=48
192.243.61.227200 OK 0 B URL HTTP/1.1 reapinject.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F15%2Findex.html&l=2230&fd=48
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F15%2Findex.html&l=2230&fd=48 HTTP/1.1
Host: reapinject.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Cookie: u_pl=15424691; uid_id2=cbb1543f-c39b-4ec3-9232-3be379210602:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleced36014633829dc70a42dccaefdf3f11=[3364848]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 22 Sep 2022 12:50:59 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/icon.png
172.64.201.2200 OK 157 kB URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/icon.png
IP 172.64.201.2:0
File type PNG image data, 340 x 340, 8-bit/color RGB, non-interlaced\012- data
Size 157 kB (157252 bytes)
Hash 70ffdd6375de1144c67e71e385cedb80
6d5c9590fa9a156851435bcefc963949de13ceb1
18515abb1bfe26c5b54bbbdc24aac4e8a757f879eeaa9c0ad986dc0c8d5ca0af
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/icon.png HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 12:50:59 GMT
content-type: image/png
content-length: 157252
last-modified: Tue, 08 Feb 2022 14:14:59 GMT
etag: "62027ae3-26644"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4329971
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LWL2iR1eIm55MGNAEbP%2BAfbX6fsf6dC6o2yQd%2F%2BIVoBU2SIW6eII1X3ozPlGTu0mRFoYFN2IYoZSXsvbYqBgwOaegQ2xLau10G3xVs0M46TbtrStejiosmyBxLTUI6%2B6Hnc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74eb2b5f9bee72d8-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
reapinject.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F15%2Fcss%2Fstyle.css&l=9494&fd=113
192.243.61.227200 OK 0 B URL HTTP/1.1 reapinject.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F15%2Fcss%2Fstyle.css&l=9494&fd=113
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F15%2Fcss%2Fstyle.css&l=9494&fd=113 HTTP/1.1
Host: reapinject.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Cookie: u_pl=15424691; uid_id2=cbb1543f-c39b-4ec3-9232-3be379210602:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleced36014633829dc70a42dccaefdf3f11=[3364848]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 22 Sep 2022 12:50:59 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
reapinject.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F15%2Fcss%2Fanimate.css&l=79249&fd=109
192.243.61.227200 OK 0 B URL HTTP/1.1 reapinject.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F15%2Fcss%2Fanimate.css&l=79249&fd=109
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F15%2Fcss%2Fanimate.css&l=79249&fd=109 HTTP/1.1
Host: reapinject.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Cookie: u_pl=15424691; uid_id2=cbb1543f-c39b-4ec3-9232-3be379210602:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleced36014633829dc70a42dccaefdf3f11=[3364848]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 22 Sep 2022 12:50:59 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
reapinject.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F15%2Fjs%2Fscript.js&l=711&fd=53
192.243.61.227200 OK 0 B URL HTTP/1.1 reapinject.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F15%2Fjs%2Fscript.js&l=711&fd=53
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F15%2Fjs%2Fscript.js&l=711&fd=53 HTTP/1.1
Host: reapinject.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Cookie: u_pl=15424691; uid_id2=cbb1543f-c39b-4ec3-9232-3be379210602:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleced36014633829dc70a42dccaefdf3f11=[3364848]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 22 Sep 2022 12:50:59 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
reapinject.com/impr.gif?sid=H4sIAAAAAAAC%2F1SSy2tkRRTG604iKIKgzEZBacSFwqRzH%2F10FoMxRoKZBzPKiAhar9spU33rUnVv304WEhyUWbb%2Fwc3XyYToIIpuHaQzMIus0i4kC%2FMPuFEEVy6kexpbDxTnnPrO4ldfnS%2F28nPiI6dnq1fNjtKaLterfuXV94PgcmVDJXm%2F0m81PmrULlds7%2FV2o%2Bq%2FVnlb8i2zHPqB7wd%2BUFlTVsamvzwRodL77aDa9qu1sBrUa%2Bjb%2F%2Fcu9%2BCoB9E7J89BifHiQ%2B8iFB8h6X67Kt1WZtJLb3VzTTNj0ROH7yVbiSkSdOdlbD3EyeFsGsadrj2ASQ6muDC9fweZGhPv0QOw5HAGCdbbn3IyDZmAiadR9EaQegRFR%2BDmDpQ4JQAXuHYdSffeNWMLuv1YpRN1TBb%2F%2BhOqGJPFXy8i6X6zolW%2FcsvoPFMmcejHJVR%2FBNUZIc2Pke1cgCqOwbPPoARB0i2hxNkrnLGgXoviJR612VJN8mipHUbhUsRk1GyHgd%2Fww6kxSo2g4hG0HIA6D%2FnkKA957CFPPXTFWYUHQdD0Bad%2Bq815JJqSNYQf0GYc0MBvtJDzCfsAWToA1wNwu4vU7mJLDWDzn%2BA2SzjhwWUEPVGikASFIygoQaEIioyg6JUHQrvQlfeEdjkLZjmc5agcmqyzRw9M1pEJ2UvPybNTw3778HtsybOKFFHDD2qNKGqFbcGbPq2FgnMqYxFHcRDAqRLKXZg%2Bc0edPvMLUnX6VAlGj%2BH0Mbh6GTR%2FEbQYNkMfdHNYa%2FnYSY5Mbqqplc5BmBJp9gSybW9Pn5PnpwDR7d8h%2BcmVj9nV8R9Hf4PbEqkt8Yl6SNDRd4c3TUH2b5rCke%2Bup5nqqh06%2Bc1bGc3kwlfvyO3CWLG%2B6gZHb%2FCJMCnvvytdtkEToZKOI1%2BvKCGkXTOWS%2FLjurst2Y3cba7kNsnTjRtvrq13p4DKJCNQNSbk0Qm4GpMnfziYLuoLn38KZUeweYlufkJmAWWOwdNduHTO78wCrJ7PsNRDkZdDG7L5pVYEWs57ykq4%2F%2FRsXu%2B5u%2BjYl0CzO9P97NkSPV2C6gFcvjDMUnty5edoGmDaGzJtvX2mrf7ysblOnVUiXzSZjGWTyVq9FksuWL3OfB5zFolWiyNzY37pg%2FAfAAAA%2F%2F8BAAD%2F%2F9dzgvFzBAAA
192.243.61.227200 OK 7 B URL HTTP/1.1 reapinject.com/impr.gif?sid=H4sIAAAAAAAC%2F1SSy2tkRRTG604iKIKgzEZBacSFwqRzH%2F10FoMxRoKZBzPKiAhar9spU33rUnVv304WEhyUWbb%2Fwc3XyYToIIpuHaQzMIus0i4kC%2FMPuFEEVy6kexpbDxTnnPrO4ldfnS%2F28nPiI6dnq1fNjtKaLterfuXV94PgcmVDJXm%2F0m81PmrULlds7%2FV2o%2Bq%2FVnlb8i2zHPqB7wd%2BUFlTVsamvzwRodL77aDa9qu1sBrUa%2Bjb%2F%2Fcu9%2BCoB9E7J89BifHiQ%2B8iFB8h6X67Kt1WZtJLb3VzTTNj0ROH7yVbiSkSdOdlbD3EyeFsGsadrj2ASQ6muDC9fweZGhPv0QOw5HAGCdbbn3IyDZmAiadR9EaQegRFR%2BDmDpQ4JQAXuHYdSffeNWMLuv1YpRN1TBb%2F%2BhOqGJPFXy8i6X6zolW%2FcsvoPFMmcejHJVR%2FBNUZIc2Pke1cgCqOwbPPoARB0i2hxNkrnLGgXoviJR612VJN8mipHUbhUsRk1GyHgd%2Fww6kxSo2g4hG0HIA6D%2FnkKA957CFPPXTFWYUHQdD0Bad%2Bq815JJqSNYQf0GYc0MBvtJDzCfsAWToA1wNwu4vU7mJLDWDzn%2BA2SzjhwWUEPVGikASFIygoQaEIioyg6JUHQrvQlfeEdjkLZjmc5agcmqyzRw9M1pEJ2UvPybNTw3778HtsybOKFFHDD2qNKGqFbcGbPq2FgnMqYxFHcRDAqRLKXZg%2Bc0edPvMLUnX6VAlGj%2BH0Mbh6GTR%2FEbQYNkMfdHNYa%2FnYSY5Mbqqplc5BmBJp9gSybW9Pn5PnpwDR7d8h%2BcmVj9nV8R9Hf4PbEqkt8Yl6SNDRd4c3TUH2b5rCke%2Bup5nqqh06%2Bc1bGc3kwlfvyO3CWLG%2B6gZHb%2FCJMCnvvytdtkEToZKOI1%2BvKCGkXTOWS%2FLjurst2Y3cba7kNsnTjRtvrq13p4DKJCNQNSbk0Qm4GpMnfziYLuoLn38KZUeweYlufkJmAWWOwdNduHTO78wCrJ7PsNRDkZdDG7L5pVYEWs57ykq4%2F%2FRsXu%2B5u%2BjYl0CzO9P97NkSPV2C6gFcvjDMUnty5edoGmDaGzJtvX2mrf7ysblOnVUiXzSZjGWTyVq9FksuWL3OfB5zFolWiyNzY37pg%2FAfAAAA%2F%2F8BAAD%2F%2F9dzgvFzBAAA
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1SSy2tkRRTG604iKIKgzEZBacSFwqRzH%2F10FoMxRoKZBzPKiAhar9spU33rUnVv304WEhyUWbb%2Fwc3XyYToIIpuHaQzMIus0i4kC%2FMPuFEEVy6kexpbDxTnnPrO4ldfnS%2F28nPiI6dnq1fNjtKaLterfuXV94PgcmVDJXm%2F0m81PmrULlds7%2FV2o%2Bq%2FVnlb8i2zHPqB7wd%2BUFlTVsamvzwRodL77aDa9qu1sBrUa%2Bjb%2F%2Fcu9%2BCoB9E7J89BifHiQ%2B8iFB8h6X67Kt1WZtJLb3VzTTNj0ROH7yVbiSkSdOdlbD3EyeFsGsadrj2ASQ6muDC9fweZGhPv0QOw5HAGCdbbn3IyDZmAiadR9EaQegRFR%2BDmDpQ4JQAXuHYdSffeNWMLuv1YpRN1TBb%2F%2BhOqGJPFXy8i6X6zolW%2FcsvoPFMmcejHJVR%2FBNUZIc2Pke1cgCqOwbPPoARB0i2hxNkrnLGgXoviJR612VJN8mipHUbhUsRk1GyHgd%2Fww6kxSo2g4hG0HIA6D%2FnkKA957CFPPXTFWYUHQdD0Bad%2Bq815JJqSNYQf0GYc0MBvtJDzCfsAWToA1wNwu4vU7mJLDWDzn%2BA2SzjhwWUEPVGikASFIygoQaEIioyg6JUHQrvQlfeEdjkLZjmc5agcmqyzRw9M1pEJ2UvPybNTw3778HtsybOKFFHDD2qNKGqFbcGbPq2FgnMqYxFHcRDAqRLKXZg%2Bc0edPvMLUnX6VAlGj%2BH0Mbh6GTR%2FEbQYNkMfdHNYa%2FnYSY5Mbqqplc5BmBJp9gSybW9Pn5PnpwDR7d8h%2BcmVj9nV8R9Hf4PbEqkt8Yl6SNDRd4c3TUH2b5rCke%2Bup5nqqh06%2Bc1bGc3kwlfvyO3CWLG%2B6gZHb%2FCJMCnvvytdtkEToZKOI1%2BvKCGkXTOWS%2FLjurst2Y3cba7kNsnTjRtvrq13p4DKJCNQNSbk0Qm4GpMnfziYLuoLn38KZUeweYlufkJmAWWOwdNduHTO78wCrJ7PsNRDkZdDG7L5pVYEWs57ykq4%2F%2FRsXu%2B5u%2BjYl0CzO9P97NkSPV2C6gFcvjDMUnty5edoGmDaGzJtvX2mrf7ysblOnVUiXzSZjGWTyVq9FksuWL3OfB5zFolWiyNzY37pg%2FAfAAAA%2F%2F8BAAD%2F%2F9dzgvFzBAAA HTTP/1.1
Host: reapinject.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Cookie: u_pl=15424691; uid_id2=cbb1543f-c39b-4ec3-9232-3be379210602:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleced36014633829dc70a42dccaefdf3f11=[3364848]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 22 Sep 2022 12:50:59 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: dea952093f652f98c1eef130f3be4d1a
Strict-Transport-Security: max-age=0; includeSubdomains
reapinject.com/pixel/sbs?c=1
192.243.61.227200 OK 0 B URL HTTP/1.1 reapinject.com/pixel/sbs?c=1
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: reapinject.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Cookie: u_pl=15424691; uid_id2=cbb1543f-c39b-4ec3-9232-3be379210602:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleced36014633829dc70a42dccaefdf3f11=[3364848]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 22 Sep 2022 12:50:59 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
ib.adnxs.com/async_usersync?cbfn=queuePixels
185.89.211.84307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP 185.89.211.84:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Thu, 22 Sep 2022 12:50:59 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: 36e2db0b-7961-4182-be4d-6c6cd6508739
Set-Cookie: uuid2=8215818747621489467; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 21-Dec-2022 12:50:59 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
185.89.211.84200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP 185.89.211.84:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Thu, 22 Sep 2022 12:50:59 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 7522d985-e764-40c4-9339-9a84d74cbcc6
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
static.criteo.net/js/ld/publishertag.prebid.113.js
178.250.2.130200 OK 0 B URL HTTP/2 static.criteo.net/js/ld/publishertag.prebid.113.js
IP 178.250.2.130:0
GET /js/ld/publishertag.prebid.113.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 12:50:57 GMT
content-type: text/javascript
last-modified: Wed, 08 Sep 2021 12:50:31 GMT
etag: W/"6138b197-1532d"
expires: Fri, 23 Sep 2022 12:50:57 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ouo.io/xNNZFxn
104.22.22.162302 Found 0 B IP 104.22.22.162:0
GET /xNNZFxn HTTP/1.1
Host: ouo.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Thu, 22 Sep 2022 12:50:53 GMT
content-type: text/html; charset=UTF-8
location: https://ouo.press/xNNZFxn
cache-control: no-cache
set-cookie: ouoio_session=eyJpdiI6IkhMdmlYWjNrVGdqOG5adVZjNElXZm9RTDZCdEI1aCtXQkNcLzd2RzFoM0E0PSIsInZhbHVlIjoiamR6ZzY4RFpmN0hXVHpKeTVmWWdUVWdFMUdXemthSnh2UVV3djI4U3EwbU4rKzIxMzg5QXJZK01vTDgzMjRhNlFWMlV2QUZEV1hqY2JJSmR3QWlBM2c9PSIsIm1hYyI6ImI4NmEwNGE4MTNjYThjMjVjODRmYTY1ZDJkYjZlNzQ3MDA0ZWUxOWQ0MmQzMjVhOGNkYTBiZjlmMzUzMTEwOTkifQ%3D%3D; path=/; httponly
language=eyJpdiI6IkZjZ1wvK2gyRWVhT2V2ZUdOdGt1VkdHZEtHRHRXb0ZOXC9vWGlYZ1luMHhkcz0iLCJ2YWx1ZSI6Im1UNStPbmx0dHpWb0RcL2hCbUk2ZWZKTFAyd1ZkRHlxK3NvWVN5elljREZVPSIsIm1hYyI6ImRmNmI3ODI0YWM1NWExMTljMTQwYjAyZjNlOTg2ZWM3OThiZTBhOTA4N2JjNTEzYTQ1MDdjNTFiMTdhNzM3NmEifQ%3D%3D; expires=Tue, 21-Sep-2027 12:50:53 GMT; Max-Age=157680000; path=/; httponly
02c947ddbe722aaf60ecb455a251d903130efa44=eyJpdiI6InJ5emlUYitYOEZoaklHWlwvUEcrd1hBNW8yMWVDalhQR3RsSHNEYU5EKytzPSIsInZhbHVlIjoieUZBRGZ3UTMxaUVJSlVmVmg4UHBxNzdwbFRad1VoR1FmV01xOHZEU3pncGhXc0Q4M3V3Q21ISEIzcTFvYTV5QnNmOU9BZ0xoVWtCS1dGUmJ2b2krQkdkSExoZVRUbnlKa3R1K1RzQ1NnQUhxYjFtSlhJeW5JYUdMU1ZkUGg0VHVxYjQ2VEJaUDRtS1RYKzQ0SmIzdkRpNlQ4Q08wUCtcL2kxdXM5VE9ERVJvQXpOTnAxN09UdU5cLzEwXC9KR2dQQmlsamZaVnU5T1NTeHZZbXpzako2Z0ZhdTRGR29ObWxOb1ZkSVFYY2NJdHB1U01aVHE5MUpBN2ZJYWZsUnZcL3p2dFRWVnp1T2FNcUM5a210TDU0Zk8zVEF1YlZxbUQxU1NEdXpuMUpJZDRsVytRQWZlNHZXM1hTNUpTKzlTeWxGQWl1SU1NYTFxbjFVaE9aXC94STBzajE3UGc9PSIsIm1hYyI6Ijk5ZjFhZjY3YWM0OGVmNjI3YzI2ZDNhM2YwNzQwN2NlMWQyNGQ1Mjc5MzJlYzAxMDM3OGVhMWZjZTE3NTQ1YWEifQ%3D%3D; expires=Thu, 22-Sep-2022 14:50:53 GMT; Max-Age=7200; path=/; httponly
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74eb2b3b0a43b4f3-OSL
X-Firefox-Spdy: h2
ouo.press/css/link-safe.css
104.22.58.251200 OK 0 B URL HTTP/2 ouo.press/css/link-safe.css
IP 104.22.58.251:0
GET /css/link-safe.css HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/xNNZFxn
Cookie: ouoio_session=eyJpdiI6ImFEUEFBSzJDcGN1cmpZcjBDOGN6d25GZkN6QWNSdHdlXC9cL2w0V2JNaUZ4ST0iLCJ2YWx1ZSI6IkpKOEw0a3dwMG9ISGVpVTIwRGpiZ1N4b0FiVU9HcVNKSkE4R1lcL1hiQVBadlVNeWdcL2tZVXVaald2T01ZWitSZEhQVHh5ZnlpbTJDOStpZHpoeSs1b2c9PSIsIm1hYyI6ImUwNGYzNDk2MzE1M2EwZWUzZjFmZWViNjhlMDcyOGUxMDY4OGZlNzFhYzc3MmMxNGJiY2U4NmZmNDNlOWZmYjIifQ%3D%3D; language=eyJpdiI6IkxYRHZFWGx5dlk0YVpJMWJBZEtVdEM5eGFrVE93eGZ6Z1wvRTducWtIcUJJPSIsInZhbHVlIjoiUjJ2WEZZQ0NLOWJHNFhaNXVobVZEeWVIUnlmcmh1cTlsdVAydlR5XC80MHM9IiwibWFjIjoiM2U1N2ZhNTJlNDI0NWZkZmZmZGFlYTU0NmE4YWRkODRiZDUyMzlmMTg1MTdiOWE5ZmIzNmFjZGM5MDEwYzRjZCJ9; 5a55e5a19ab03ba43e98979e14e085800a98e9fa=eyJpdiI6IjJPbGkxNVd1enNIQUsrenppTEMyaG00REtBN1p3S3RuVGpuVndVSGVYclE9IiwidmFsdWUiOiJoMmRuZkV3VjZaeUdmNloxTk9KODRXUmtUSmRnbTltVEpadU9lOVFORHR4aWxOUmt0c1E2OEtOeUNpTkt6TTYyRWNDa3VcL08zODZNNUNDWmZYUmo3RlZFaEJvR1FTMUJEeHVvZEZqTEw0TTJBYnFQdVlFQ3JPcnk0dVJPOUk1bDFaQ01xUFBPRUZMTmlmZThXeUswdUNGUTI3VjIrdDA1KzErNGxOSlhHN2JyaFpJQlhUZlVRU3hIZURZUHhTaFNZQ1B3VjlJNGVhRGExUFFJS2ZjMHk2b0tHaHphZEEzS3lDcSs1UDVLa0dRUVFxb0pHSXhuTUlEZXV5aTJic1owdXVMZFE2ZXJLZjM4Slpka3orNThtZXBxXC9TeGRVd1MxbFlDQ1FBVGUra3BIKzU4RFdEWVdNbElKaW5ab2swTE5pZVZsMzhnNVl5WkUwXC9WK2lWM3E2Z2Ezbk43MmxTVVZlaFlNcjdudGxJRHI3aTMzODV3YVwvSHFqVXRxbG5oZkd2IiwibWFjIjoiYzBjZjBhMjYzZjVkZDEyZmJiNDQ3OTJhNTc3ZWMyZjhmYzI4NGNlOWJhYWFiYjQ4YzNmMmI5ZGEyMWQ5MzhlMiJ9; __cf_bm=SiDWwpvNAKwfLbQCktmEKrxInP9wzU5iHB1k8nt31g4-1663851054-0-AaCbihslSQQGJh7IR4RYs7FwdQT2AfnYBk2DFmfF5L1i/ygUxcHbIUDslNaJZYga/NVwtuMEj3moLfLTMPCZxP4=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 12:50:54 GMT
content-type: text/css
cache-control: max-age=86400
cf-bgj: minify
cf-polished: status=cannot_optimize
etag: W/"5d951ace-1830"
expires: Fri, 23 Sep 2022 00:48:12 GMT
last-modified: Wed, 02 Oct 2019 21:46:54 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 162
vary: Accept-Encoding
server: cloudflare
cf-ray: 74eb2b403cf10b39-OSL
content-encoding: br
X-Firefox-Spdy: h2
hhkld.com/rucdn/js/player/hls2.js
141.94.202.176200 OK 0 B URL HTTP/2 hhkld.com/rucdn/js/player/hls2.js
IP 141.94.202.176:0
GET /rucdn/js/player/hls2.js HTTP/1.1
Host: hhkld.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 12:50:54 GMT
content-type: application/javascript
last-modified: Wed, 22 Jun 2022 03:32:17 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public, no-transform
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/css/animate.css
172.64.201.2200 OK 0 B URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/css/animate.css
IP 172.64.201.2:0
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/css/animate.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 12:50:59 GMT
content-type: text/css
last-modified: Fri, 21 May 2021 10:10:46 GMT
etag: W/"60a78726-13591"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4329812
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rVpHaU6cnbUWiJyORrinsNALNXhU%2BUvWIhf%2Bh9GdLOlQytqmyDY6psw8L4y54EXzhIai%2BfztobWBQOmoEUuvsJ83AOLYs7vifYac7nVzoY%2F0%2FlDC8cUYnH4A67duhw9b1s0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74eb2b5f4b9e72d8-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rtb.viavideo.digital/vast/cs?zone=105641&w=432&h=243&vp=4&site=https://ouo.press/&cbb=1663851055317
141.94.202.176200 OK 0 B URL HTTP/2 rtb.viavideo.digital/vast/cs?zone=105641&w=432&h=243&vp=4&site=https://ouo.press/&cbb=1663851055317
IP 141.94.202.176:0
GET /vast/cs?zone=105641&w=432&h=243&vp=4&site=https://ouo.press/&cbb=1663851055317 HTTP/1.1
Host: rtb.viavideo.digital
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ouo.press/
Origin: https://ouo.press
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 12:50:55 GMT
content-type: application/xml; charset=utf-8
age: 0
cache-control: no-store
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Accept
access-control-allow-methods: GET, POST
access-control-allow-origin: https://ouo.press
set-cookie: uid=ccm5kbv2talfj1ntm2p0Xx; expires=Fri, 22 Sep 2023 12:50:55 GMT; domain=.viavideo.digital; path=/
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.id5-sync.com/api/1.0/id5-api.js
104.22.53.86200 OK 0 B URL HTTP/2 cdn.id5-sync.com/api/1.0/id5-api.js
IP 104.22.53.86:0
GET /api/1.0/id5-api.js HTTP/1.1
Host: cdn.id5-sync.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 12:50:56 GMT
content-type: text/javascript;charset=utf-8
x-amz-id-2: ZUddLZ7O1OXf5c7mbsWs7TcoRwu0BI4ksS03RiIChmRO18bIYMRt5FOdSTEoWZMKdnrBtFadaeE=
x-amz-request-id: 5NBR7FENRJFAM1VR
last-modified: Wed, 31 Aug 2022 11:00:45 GMT
etag: W/"b17c28d6fd88a6b12feea5c52e9a7485"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600
cf-cache-status: HIT
age: 459
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 74eb2b4cdf7cb521-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&bundle=rKMJul9EckR5M0pTRVgwMFFKJTJCbTM2Z2t2TmhKdHpiN1pYRjM5bTgyd0p1Q3h3SnZUSW81MWJPZVZnaWxKeVplUzVad01sbFRwWmNDRlFlJTJCRTJkVGdWVDVtaGNFU3JkSE5tU0Jjd3VyTlFkWHolMkJhZW8lMkJocDljeXJobjlWcjRvUlA3T3Vh&cw=1&lsw=1
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&bundle=rKMJul9EckR5M0pTRVgwMFFKJTJCbTM2Z2t2TmhKdHpiN1pYRjM5bTgyd0p1Q3h3SnZUSW81MWJPZVZnaWxKeVplUzVad01sbFRwWmNDRlFlJTJCRTJkVGdWVDVtaGNFU3JkSE5tU0Jjd3VyTlFkWHolMkJhZW8lMkJocDljeXJobjlWcjRvUlA3T3Vh&cw=1&lsw=1
IP 178.250.0.157:0
OPTIONS /sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&bundle=rKMJul9EckR5M0pTRVgwMFFKJTJCbTM2Z2t2TmhKdHpiN1pYRjM5bTgyd0p1Q3h3SnZUSW81MWJPZVZnaWxKeVplUzVad01sbFRwWmNDRlFlJTJCRTJkVGdWVDVtaGNFU3JkSE5tU0Jjd3VyTlFkWHolMkJhZW8lMkJocDljeXJobjlWcjRvUlA3T3Vh&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://ouo.press/
Origin: https://ouo.press
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 12:50:55 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://ouo.press
server-processing-duration-in-ticks: 320571
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1
IP 178.250.0.157:0
GET /sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 12:50:55 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://ouo.press
server-processing-duration-in-ticks: 884293
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
static.criteo.net/js/ld/publishertag.prebid.123.js
178.250.2.130200 OK 0 B URL HTTP/2 static.criteo.net/js/ld/publishertag.prebid.123.js
IP 178.250.2.130:0
GET /js/ld/publishertag.prebid.123.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 12:50:56 GMT
content-type: text/javascript
last-modified: Tue, 03 May 2022 11:21:03 GMT
etag: W/"6271101f-15b58"
expires: Fri, 23 Sep 2022 12:50:56 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ouo.press/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
104.22.58.251200 OK 0 B URL HTTP/2 ouo.press/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP 104.22.58.251:0
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/xNNZFxn
Cookie: ouoio_session=eyJpdiI6ImFEUEFBSzJDcGN1cmpZcjBDOGN6d25GZkN6QWNSdHdlXC9cL2w0V2JNaUZ4ST0iLCJ2YWx1ZSI6IkpKOEw0a3dwMG9ISGVpVTIwRGpiZ1N4b0FiVU9HcVNKSkE4R1lcL1hiQVBadlVNeWdcL2tZVXVaald2T01ZWitSZEhQVHh5ZnlpbTJDOStpZHpoeSs1b2c9PSIsIm1hYyI6ImUwNGYzNDk2MzE1M2EwZWUzZjFmZWViNjhlMDcyOGUxMDY4OGZlNzFhYzc3MmMxNGJiY2U4NmZmNDNlOWZmYjIifQ%3D%3D; language=eyJpdiI6IkxYRHZFWGx5dlk0YVpJMWJBZEtVdEM5eGFrVE93eGZ6Z1wvRTducWtIcUJJPSIsInZhbHVlIjoiUjJ2WEZZQ0NLOWJHNFhaNXVobVZEeWVIUnlmcmh1cTlsdVAydlR5XC80MHM9IiwibWFjIjoiM2U1N2ZhNTJlNDI0NWZkZmZmZGFlYTU0NmE4YWRkODRiZDUyMzlmMTg1MTdiOWE5ZmIzNmFjZGM5MDEwYzRjZCJ9; 5a55e5a19ab03ba43e98979e14e085800a98e9fa=eyJpdiI6IjJPbGkxNVd1enNIQUsrenppTEMyaG00REtBN1p3S3RuVGpuVndVSGVYclE9IiwidmFsdWUiOiJoMmRuZkV3VjZaeUdmNloxTk9KODRXUmtUSmRnbTltVEpadU9lOVFORHR4aWxOUmt0c1E2OEtOeUNpTkt6TTYyRWNDa3VcL08zODZNNUNDWmZYUmo3RlZFaEJvR1FTMUJEeHVvZEZqTEw0TTJBYnFQdVlFQ3JPcnk0dVJPOUk1bDFaQ01xUFBPRUZMTmlmZThXeUswdUNGUTI3VjIrdDA1KzErNGxOSlhHN2JyaFpJQlhUZlVRU3hIZURZUHhTaFNZQ1B3VjlJNGVhRGExUFFJS2ZjMHk2b0tHaHphZEEzS3lDcSs1UDVLa0dRUVFxb0pHSXhuTUlEZXV5aTJic1owdXVMZFE2ZXJLZjM4Slpka3orNThtZXBxXC9TeGRVd1MxbFlDQ1FBVGUra3BIKzU4RFdEWVdNbElKaW5ab2swTE5pZVZsMzhnNVl5WkUwXC9WK2lWM3E2Z2Ezbk43MmxTVVZlaFlNcjdudGxJRHI3aTMzODV3YVwvSHFqVXRxbG5oZkd2IiwibWFjIjoiYzBjZjBhMjYzZjVkZDEyZmJiNDQ3OTJhNTc3ZWMyZjhmYzI4NGNlOWJhYWFiYjQ4YzNmMmI5ZGEyMWQ5MzhlMiJ9; __cf_bm=SiDWwpvNAKwfLbQCktmEKrxInP9wzU5iHB1k8nt31g4-1663851054-0-AaCbihslSQQGJh7IR4RYs7FwdQT2AfnYBk2DFmfF5L1i/ygUxcHbIUDslNaJZYga/NVwtuMEj3moLfLTMPCZxP4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 12:50:54 GMT
content-type: application/javascript
last-modified: Tue, 20 Sep 2022 14:16:51 GMT
etag: W/"6329cb53-4d7"
vary: Accept-Encoding
server: cloudflare
cf-ray: 74eb2b404cfe0b39-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Sat, 24 Sep 2022 12:50:54 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&pbt=1&lsw=1
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&pbt=1&lsw=1
IP 178.250.0.157:0
OPTIONS /sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&pbt=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://ouo.press/
Origin: https://ouo.press
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 12:50:57 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://ouo.press
server-processing-duration-in-ticks: 234550
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
asia.hhkld.com/tag/load-105641.js
141.94.202.176200 OK 0 B URL HTTP/2 asia.hhkld.com/tag/load-105641.js
IP 141.94.202.176:0
GET /tag/load-105641.js HTTP/1.1
Host: asia.hhkld.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 12:50:54 GMT
content-type: application/javascript
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
set-cookie: sync6=%7B%22adform%22%3A1663851054%2C%22otm%22%3A1663851054%2C%22indexww3%22%3A1663851054%2C%22adapt%22%3A1663851054%2C%22improve%22%3A1663851054%2C%22sovrn%22%3A1663851054%2C%22between%22%3A1663851054%2C%22magnite%22%3A1663851054%7D; expires=Fri, 30-Sep-2022 12:50:54 GMT; Max-Age=691200
uid=jV7KsGMsWi6N9JGoKYGeAg==; expires=Fri, 22-Sep-23 12:50:54 GMT; domain=.hhkld.com; path=/
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
content-encoding: gzip
X-Firefox-Spdy: h2
hhkld.com/ru/tag/msync.js?sid=105641&gdpr=0&consent=
141.94.202.176200 OK 0 B URL HTTP/2 hhkld.com/ru/tag/msync.js?sid=105641&gdpr=0&consent=
IP 141.94.202.176:0
GET /ru/tag/msync.js?sid=105641&gdpr=0&consent= HTTP/1.1
Host: hhkld.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 12:50:54 GMT
content-type: application/javascript
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
set-cookie: uid=jV7KsGMsWi6N9JGoKYG2Ag==; expires=Fri, 22-Sep-23 12:50:54 GMT; domain=.hhkld.com; path=/
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
content-encoding: gzip
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1
IP 178.250.0.157:0
OPTIONS /sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://ouo.press/
Origin: https://ouo.press
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 12:50:55 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://ouo.press
server-processing-duration-in-ticks: 483611
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/js/jquery.min.js
172.64.201.2200 OK 0 B URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/js/jquery.min.js
IP 172.64.201.2:0
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/js/jquery.min.js HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 12:50:59 GMT
content-type: application/javascript
last-modified: Fri, 21 May 2021 10:10:50 GMT
etag: W/"60a7872a-15d94"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4329971
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bZ9fH6h9xaJ9249Otty%2B2azP2oNI1HgVP0yNs8Gna2PRm7nRz9%2FpWXMN49rpoQXv3HgSVY8F6evHMX9aLeb9XNnYug6sJ0vQPrsOnHxbWNibH4yWaK6RY7a8iiiOHlIV3zM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74eb2b5f9bf272d8-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ouo.press/xNNZFxn
104.22.58.251200 OK 0 B IP 104.22.58.251:0
GET /xNNZFxn HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Thu, 22 Sep 2022 12:50:54 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
set-cookie: ouoio_session=eyJpdiI6ImFEUEFBSzJDcGN1cmpZcjBDOGN6d25GZkN6QWNSdHdlXC9cL2w0V2JNaUZ4ST0iLCJ2YWx1ZSI6IkpKOEw0a3dwMG9ISGVpVTIwRGpiZ1N4b0FiVU9HcVNKSkE4R1lcL1hiQVBadlVNeWdcL2tZVXVaald2T01ZWitSZEhQVHh5ZnlpbTJDOStpZHpoeSs1b2c9PSIsIm1hYyI6ImUwNGYzNDk2MzE1M2EwZWUzZjFmZWViNjhlMDcyOGUxMDY4OGZlNzFhYzc3MmMxNGJiY2U4NmZmNDNlOWZmYjIifQ%3D%3D; path=/; httponly
language=eyJpdiI6IkxYRHZFWGx5dlk0YVpJMWJBZEtVdEM5eGFrVE93eGZ6Z1wvRTducWtIcUJJPSIsInZhbHVlIjoiUjJ2WEZZQ0NLOWJHNFhaNXVobVZEeWVIUnlmcmh1cTlsdVAydlR5XC80MHM9IiwibWFjIjoiM2U1N2ZhNTJlNDI0NWZkZmZmZGFlYTU0NmE4YWRkODRiZDUyMzlmMTg1MTdiOWE5ZmIzNmFjZGM5MDEwYzRjZCJ9; expires=Tue, 21-Sep-2027 12:50:53 GMT; Max-Age=157680000; path=/; httponly
5a55e5a19ab03ba43e98979e14e085800a98e9fa=eyJpdiI6IjJPbGkxNVd1enNIQUsrenppTEMyaG00REtBN1p3S3RuVGpuVndVSGVYclE9IiwidmFsdWUiOiJoMmRuZkV3VjZaeUdmNloxTk9KODRXUmtUSmRnbTltVEpadU9lOVFORHR4aWxOUmt0c1E2OEtOeUNpTkt6TTYyRWNDa3VcL08zODZNNUNDWmZYUmo3RlZFaEJvR1FTMUJEeHVvZEZqTEw0TTJBYnFQdVlFQ3JPcnk0dVJPOUk1bDFaQ01xUFBPRUZMTmlmZThXeUswdUNGUTI3VjIrdDA1KzErNGxOSlhHN2JyaFpJQlhUZlVRU3hIZURZUHhTaFNZQ1B3VjlJNGVhRGExUFFJS2ZjMHk2b0tHaHphZEEzS3lDcSs1UDVLa0dRUVFxb0pHSXhuTUlEZXV5aTJic1owdXVMZFE2ZXJLZjM4Slpka3orNThtZXBxXC9TeGRVd1MxbFlDQ1FBVGUra3BIKzU4RFdEWVdNbElKaW5ab2swTE5pZVZsMzhnNVl5WkUwXC9WK2lWM3E2Z2Ezbk43MmxTVVZlaFlNcjdudGxJRHI3aTMzODV3YVwvSHFqVXRxbG5oZkd2IiwibWFjIjoiYzBjZjBhMjYzZjVkZDEyZmJiNDQ3OTJhNTc3ZWMyZjhmYzI4NGNlOWJhYWFiYjQ4YzNmMmI5ZGEyMWQ5MzhlMiJ9; expires=Thu, 22-Sep-2022 14:50:53 GMT; Max-Age=7200; path=/; httponly
__cf_bm=SiDWwpvNAKwfLbQCktmEKrxInP9wzU5iHB1k8nt31g4-1663851054-0-AaCbihslSQQGJh7IR4RYs7FwdQT2AfnYBk2DFmfF5L1i/ygUxcHbIUDslNaJZYga/NVwtuMEj3moLfLTMPCZxP4=; path=/; expires=Thu, 22-Sep-22 13:20:54 GMT; domain=.ouo.press; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 74eb2b3d79f10b39-OSL
content-encoding: br
X-Firefox-Spdy: h2
ecdn.firstimpression.io/static/js/fiamp.js
54.230.111.73200 OK 0 B URL HTTP/2 ecdn.firstimpression.io/static/js/fiamp.js
IP 54.230.111.73:0
GET /static/js/fiamp.js HTTP/1.1
Host: ecdn.firstimpression.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
server: nginx/1.20.0
last-modified: Fri, 08 Apr 2022 08:48:22 GMT
access-control-allow-origin: *
content-encoding: gzip
date: Thu, 22 Sep 2022 12:38:57 GMT
expires: Thu, 22 Sep 2022 13:38:53 GMT
cache-control: max-age=3600
etag: W/"624ff6d6-1b8e9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: t8jKgte2Fo6trxuDfxZl1z4SX6RlypbD33VKe_ciZYSlBfr5O0-nwg==
age: 722
X-Firefox-Spdy: h2
cdn.adtrue.com/rtb/async.js
104.21.81.154200 OK 0 B URL HTTP/2 cdn.adtrue.com/rtb/async.js
IP 104.21.81.154:0
GET /rtb/async.js HTTP/1.1
Host: cdn.adtrue.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 12:50:54 GMT
content-type: application/x-javascript
last-modified: Mon, 16 Nov 2020 01:20:45 GMT
etag: W/"5fb1d3ed-1c9f"
expires: Thu, 27 Apr 2023 02:15:42 GMT
cache-control: max-age=31104000
cf-cache-status: HIT
age: 12393312
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EA5vBDO1oFv67N%2FFY2T7I1Egv2WBkA%2FWxNzG6DQ2G2jJfQWt%2BrbWy0UrVmRmMurEaLFEnCWHJnXuDr64ZlGL8h02Dws7hj74Q1Li%2Fl8iPtCNWqTDjOt6pZGBvRsyor%2B7SA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74eb2b407e6cfab8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ecdn.firstimpression.io/fi_client.js
54.230.111.73200 OK 0 B URL HTTP/2 ecdn.firstimpression.io/fi_client.js
IP 54.230.111.73:0
GET /fi_client.js HTTP/1.1
Host: ecdn.firstimpression.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Thu, 22 Sep 2022 12:34:42 GMT
server: nginx/1.20.0
x-powered-by: PHP/8.0.14
x-xss-protection: 0
last-modified: Thu, 22 Sep 2022 12:34:42 UTC
etag: W/"cefb66385200b11d4b922357449b10aa"
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: U0aBRLN8JLi7-VNzDXUQmUtTKMrAyc2wiY4XWQFazeCumY2xW0Ie0w==
age: 972
X-Firefox-Spdy: h2
creepingbrings.com/sfp.js
172.64.105.16200 OK 0 B URL HTTP/2 creepingbrings.com/sfp.js
IP 172.64.105.16:0
GET /sfp.js HTTP/1.1
Host: creepingbrings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 12:50:55 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 9349bd2fbd67c3fc969eb76704091981
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Thu, 22 Sep 2022 12:50:54 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xu0diAQ%2FBOMmhMkKr72rzautEgyC6U%2BfyjGckH79Mn6HB2zymNNDO9THpVI6axOfUJS0OLFN6SrZ1ZZkH%2B1Ojv5rEpgRGtjlsIx6UOtojpkJ%2Fzp9Do4lzj%2BMz%2Bj41lwXEvJWe90%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74eb2b45ecc87697-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
143.204.46.73200 OK 0 B URL HTTP/2 c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
IP 143.204.46.73:0
GET /bao-csm/aps-comm/aps_csm.js HTTP/1.1
Host: c.amazon-adsystem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Mon, 19 Sep 2022 09:37:07 GMT
x-amz-version-id: I95TjGhhrR3O7F99m0mjPLrSrnJRj9o4
server: AmazonS3
content-encoding: gzip
date: Thu, 22 Sep 2022 09:42:04 GMT
cache-control: public, max-age=86400
etag: W/"a4d296427fc806b21335359e398c025c"
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: kKoIhUJnsm0srWtyAjybVTlT1KPRreeCFOl_NsQD8yX-wN1ZRG1xkw==
age: 11623
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/js/script.js
172.64.201.2200 OK 0 B URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/js/script.js
IP 172.64.201.2:0
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/js/script.js HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 12:50:59 GMT
content-type: application/javascript
last-modified: Fri, 21 May 2021 10:10:50 GMT
etag: W/"60a7872a-2c7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4329811
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TrPoCP4e4SGt2AVO6JMH1rPXDBGOsnU%2FZpN9SjoB1%2F2canL%2BCeGTW8X9Cm1DTfJFcnit2aJaKRrdfT3ql1hU9KBFHA7Z8%2BKSfDRQpYhCVJ95DsfIxHxEXNxlEGSw95kZnAw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74eb2b603ca372d8-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2