ouo.press/Zhu1Nr
172.67.22.15403 Forbidden 3.8 kB IP 172.67.22.15:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (836)
Hash 93dd7e06353916400740c865113abf59
cca2d35748d0b31c78405aa739551ec620e171b5
dfd698b2ec56f4195a3df80a5bd1a7ab761e30b239530c35fa4d4fb6e203e7b2
GET /Zhu1Nr HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 403 Forbidden
Date: Sat, 26 Nov 2022 06:26:32 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
CF-Chl-Bypass: 1
Referrer-Policy: same-origin
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Frame-Options: SAMEORIGIN
Set-Cookie: __cf_bm=8qgPFTkm0TV7yFoXBFWHGsyLnUS9QiaDXA.Zcs_.neM-1669443992-0-AWw7L7iE1nTPB2Ept6lSqz9k4Ry48vFqvdkGrG0q/Iz55TO95sGnMHT2iiv0RGaIJa/tBSKsSz6h93x8qxre5Ds=; path=/; expires=Sat, 26-Nov-22 06:56:32 GMT; domain=.ouo.press; HttpOnly; SameSite=None
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77008d9728d51c02-OSL
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7c60904d097cde276e4e5632cef1b9f1
4f805026462589345d85e8df2d18eafba6237504
12af026999398f4976749e320667d43da3f99b7a2e8254aca7a410a964a106aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "12AF026999398F4976749E320667D43DA3F99B7A2E8254ACA7A410A964A106AA"
Last-Modified: Thu, 24 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5565
Expires: Sat, 26 Nov 2022 07:59:17 GMT
Date: Sat, 26 Nov 2022 06:26:32 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 10730f388c028d64e19b8a48d414768f
e43b104e57e5ea7ff8568835776858cf2ede6f00
f3c30c6d139288f1bfe13fce85c6ddc1514e1639fcf4d31a6012a3309ed1d50d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4138
Cache-Control: max-age=105220
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 06:26:32 GMT
Etag: "63809972-1d7"
Expires: Sun, 27 Nov 2022 11:40:12 GMT
Last-Modified: Fri, 25 Nov 2022 10:31:14 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4d7e4eed097b9c4e5d509419f1cfc85a
290bb3d428a7c6330e2e3d73a952b16f820896c8
0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 26 Nov 2022 06:19:13 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 439
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8c63b226725ca6e92e3ef586ac19e603
d21ae42a1927501e5293ff3564f52b49f6b0decc
141ac47acc3800e5d35a82012fa4b044277abad3a95dc24415f66fb72c972ae6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "141AC47ACC3800E5D35A82012FA4B044277ABAD3A95DC24415F66FB72C972AE6"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13230
Expires: Sat, 26 Nov 2022 10:07:02 GMT
Date: Sat, 26 Nov 2022 06:26:32 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: N3+5zTJz6aReveLYiwojCW7/mcD/pL8wtP4+Q/GDS08Tx2zmkOHn0nIcjbjPiU85wRLs13XPgalGgyCD0QNVpQ==
x-amz-request-id: 6DZZ8DABVRTY4S50
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 26 Nov 2022 05:41:05 GMT
age: 2727
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ouo.press/cdn-cgi/styles/challenges.css
172.67.22.15200 OK 2.6 kB URL HTTP/1.1 ouo.press/cdn-cgi/styles/challenges.css
IP 172.67.22.15:0
File type ASCII text, with very long lines (6294), with no line terminators
Hash ba2d8534d208d2a5b158507e004d7150
ab81307634698ea304a68783fa38937f562009a2
63b366fdbfea7cbec639f9a5f24714a831e171570625def9462d724b5c8fdc59
GET /cdn-cgi/styles/challenges.css HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ouo.press/Zhu1Nr
Connection: keep-alive
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 06:26:32 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 13:34:50 GMT
ETag: W/"637ccffa-1896"
Server: cloudflare
CF-RAY: 77008d997b5bb4f3-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Expires: Sat, 26 Nov 2022 08:26:32 GMT
Cache-Control: max-age=7200, public
Content-Encoding: gzip
ouo.press/favicon.ico
172.67.22.15200 OK 0 B IP 172.67.22.15:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ouo.press/Zhu1Nr
Connection: keep-alive
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 06:26:32 GMT
Content-Type: image/x-icon
Content-Length: 0
Connection: keep-alive
Last-Modified: Sat, 14 Feb 2015 06:41:24 GMT
ETag: "54deee14-0"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=86400
CF-Cache-Status: HIT
Age: 3215
Accept-Ranges: bytes
Set-Cookie: __cf_bm=Ve.GgOrM1Njx2XHNLNMQbFTreHdUKd1PiNfaLPwmpg0-1669443992-0-AanDb9kRQfIR2BrK4IGDxZbg08CYprvzyrnLZYKp+5kXwZrmpF3UOGcvVvJXlr2Yz9dHrJn7UkaNVF+j3FBUROw=; path=/; expires=Sat, 26-Nov-22 06:56:32 GMT; domain=.ouo.press; HttpOnly; SameSite=None
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77008d997d2db518-OSL
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 06:26:32 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ouo.press/cdn-cgi/images/trace/managed/js/transparent.gif?ray=77008d9728d51c02
172.67.22.15200 OK 42 B URL HTTP/1.1 ouo.press/cdn-cgi/images/trace/managed/js/transparent.gif?ray=77008d9728d51c02
IP 172.67.22.15:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /cdn-cgi/images/trace/managed/js/transparent.gif?ray=77008d9728d51c02 HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ouo.press/Zhu1Nr
Connection: keep-alive
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 06:26:32 GMT
Content-Type: image/gif
Content-Length: 42
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 13:34:50 GMT
ETag: "637ccffa-2a"
Server: cloudflare
CF-RAY: 77008d99fb94b4f3-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Expires: Sat, 26 Nov 2022 08:26:32 GMT
Cache-Control: max-age=7200, public
Accept-Ranges: bytes
ouo.press/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=77008d9728d51c02
172.67.22.15200 OK 24 kB URL HTTP/1.1 ouo.press/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=77008d9728d51c02
IP 172.67.22.15:0
File type ASCII text, with very long lines (56460), with no line terminators
Hash 08e6be217ff85cabf837a732a37797a7
48598158e268b897fa7b4ba5974b1bbd2c2abdc3
1820cc3d3603023722afcdb0902a30aaa1ea9d2effb562d53f92df5f1499e0f0
GET /cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=77008d9728d51c02 HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ouo.press/Zhu1Nr?__cf_chl_rt_tk=eVxD_NxXox1rnAESMkinyPc9hMNIQWA.flb_DR8nlow-1669443992-0-gaNycGzNAv0
Connection: keep-alive
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 06:26:32 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: max-age=0, must-revalidate
Set-Cookie: __cf_bm=Wq7oEFkGwSu5Q4H.LSgBTi.9k6MuULapLhUX.yhg56Y-1669443992-0-AR3hBkjh3em7MQlc2k1W09DCaQUboQITXem/B9HZ68i2Kb0Bf0y5BnnLy6DlTJhSjjlNLYKIDn2HJZ3tkh6JiMQ=; path=/; expires=Sat, 26-Nov-22 06:56:32 GMT; domain=.ouo.press; HttpOnly; SameSite=None
Server: cloudflare
CF-RAY: 77008d99fd8bb518-OSL
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash fd601c130b7b4f59f3890fe0ce52ef6f
6393ef7f5cdc741f3bc0ba014fa626016c2cae08
3fa05de238618cda74ba856cf248988de73b0933fa7a61f8dfaba523e01ec086
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2359
Cache-Control: max-age=104173
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 06:26:32 GMT
Etag: "63809c4e-118"
Expires: Sun, 27 Nov 2022 11:22:45 GMT
Last-Modified: Fri, 25 Nov 2022 10:43:26 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 280
ouo.press/cdn-cgi/challenge-platform/h/b/flow/ov1/0.1516019112055803:1669442835:02rbXrfehwWFudVPTgnN90YBmKYI3KtorENQS-JhKuY/77008d9728d51c02/994fcb732e7b7d8
172.67.22.15200 OK 59 kB URL HTTP/1.1 ouo.press/cdn-cgi/challenge-platform/h/b/flow/ov1/0.1516019112055803:1669442835:02rbXrfehwWFudVPTgnN90YBmKYI3KtorENQS-JhKuY/77008d9728d51c02/994fcb732e7b7d8
IP 172.67.22.15:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash a6f9a94c564874d14cf1f9766d606ac2
ab1a24b8a9123c83258a99b0bb6bdee40094584a
69996916ca86137b9b0eb4b3c1ef48249eb47c148c3401905c23c8bd94c501d4
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/0.1516019112055803:1669442835:02rbXrfehwWFudVPTgnN90YBmKYI3KtorENQS-JhKuY/77008d9728d51c02/994fcb732e7b7d8 HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ouo.press/Zhu1Nr
Content-type: application/x-www-form-urlencoded
CF-Challenge: 994fcb732e7b7d8
Content-Length: 1818
Origin: http://ouo.press
Connection: keep-alive
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 06:26:32 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf_chl_gen: uNbcJHTKTG6qflM7ogJB3j/a0HRNfcGL8MX2K0GyaKu7/ZnakIm8p6KBVA8hRSo4tgUhJy/MDPrCcM6MxzvQzS59w4rU0DhxwmlDEayekhIJayg4OTPYV26h/tq1iTskAprd+4EQnIa9ocSTwiEweUU178cK9TXFn/iiIoKsxeWRktv3mwTk6ogiY9FUK5cWEg4PUW0pFyIDDiQ2FuIFzJ4jrAGM+QegARgPowu/PnBqdD8mcDHNvXnMtC9QEfvIXBK5B2/zSBSmV4pXeTXHOF1t01DVB/JVeX9872MIangXlTGEvq+19TIQ9P78VlOyhHN79zEqMVbH7rK8XxCKRxhfaEwUzmW8mtpkcCDMRxfLQROCsm+oqBavrM2CtvNRyLxWW+ph/KLU9Rxv+oZZ4w==$EKY0p0J8AF4JkIxxXMa0Lw==
Set-Cookie: __cf_bm=px_TqdUpjtFf6uB1BOwZ.ZIVfzKZ2jA_m2bzNhhHXJw-1669443992-0-Abt6RJD+Bxtlu4N5z9tXtVqQBSArTN6IOW8hQauqKYVdViOvwU8rXPRB8QKcUW08swtrqIgALONSxteyogq/O14=; path=/; expires=Sat, 26-Nov-22 06:56:32 GMT; domain=.ouo.press; HttpOnly; SameSite=None
Server: cloudflare
CF-RAY: 77008d9b1e36b518-OSL
Content-Encoding: gzip
ouo.press/cdn-cgi/challenge-platform/h/b/img/77008d9728d51c02/1669443992826/H-2f4AmMyrid7-E
172.67.22.15200 OK 61 B URL HTTP/1.1 ouo.press/cdn-cgi/challenge-platform/h/b/img/77008d9728d51c02/1669443992826/H-2f4AmMyrid7-E
IP 172.67.22.15:0
File type PNG image data, 80 x 7, 8-bit/color RGB, non-interlaced\012- data
Hash 44c5799340116fa8dbbed149cb0523b3
8e41d584a29d415f97e2fd705bf78b3a8a0916a5
3109ae4beec2464425ef08c4eedb0f3d9cf5698ec10ff7a376db1868657761f5
GET /cdn-cgi/challenge-platform/h/b/img/77008d9728d51c02/1669443992826/H-2f4AmMyrid7-E HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ouo.press/Zhu1Nr
Connection: keep-alive
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 06:26:32 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cf_bm=puhAXGooOG9NdJp3Zn_7UEbI6D6RZJzBW1MycoU.S_U-1669443992-0-AYKJx8p2uD5XOIKhjRRxHMf5JPTCznVH8ot2aPaOPpXAOUFf6u3wVX965rPnDEEnCW+YnYy3R+bI+u8xxAgwNco=; path=/; expires=Sat, 26-Nov-22 06:56:32 GMT; domain=.ouo.press; HttpOnly; SameSite=None
Server: cloudflare
CF-RAY: 77008d9b9e77b518-OSL
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 26 Nov 2022 06:08:54 GMT
cache-control: public,max-age=3600
age: 1059
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash df06e70fc8a35facf1d8db463d18e231
fa8a2975566cc792898f870e48ae7518d3657326
4cef7e704f4d575ce6733f6f2d803d241b597be51ff3fb03f72e5c33a893b504
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5253
Cache-Control: max-age=101271
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 06:26:33 GMT
Etag: "638085ab-1d7"
Expires: Sun, 27 Nov 2022 10:34:24 GMT
Last-Modified: Fri, 25 Nov 2022 09:06:51 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.149.51.98101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.149.51.98:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: IQ7UGyU4aFc87XKpQ/YGcg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 6qgpDP4wVPpt5MisqrVx0G9RWoU=
ouo.press/cdn-cgi/challenge-platform/h/b/flow/ov1/0.1516019112055803:1669442835:02rbXrfehwWFudVPTgnN90YBmKYI3KtorENQS-JhKuY/77008d9728d51c02/994fcb732e7b7d8
172.67.22.15200 OK 3.8 kB URL HTTP/1.1 ouo.press/cdn-cgi/challenge-platform/h/b/flow/ov1/0.1516019112055803:1669442835:02rbXrfehwWFudVPTgnN90YBmKYI3KtorENQS-JhKuY/77008d9728d51c02/994fcb732e7b7d8
IP 172.67.22.15:0
File type ASCII text, with very long lines (5060), with no line terminators
Hash f37a30e5b24a277315f103da39a69237
b6ef21a1da20405f30536d204d90fc3ab60469e8
e19d823f23c3d773a02a4293b853a52c8da6ee68e98395bcfad267841f86d668
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/0.1516019112055803:1669442835:02rbXrfehwWFudVPTgnN90YBmKYI3KtorENQS-JhKuY/77008d9728d51c02/994fcb732e7b7d8 HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ouo.press/Zhu1Nr
Content-type: application/x-www-form-urlencoded
CF-Challenge: 994fcb732e7b7d8
Content-Length: 16215
Origin: http://ouo.press
Connection: keep-alive
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 06:26:34 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf_chl_gen: TYjx5EtSUZusXANG+TH9AT0BiMqFV666nBlaJehcvQo=$wpDz8eqNtlq11weLIz1dQg==
Set-Cookie: __cf_bm=m5SEVkQ13ptKVCGJlEPr5iWEcaCen4CTgqdgEOZa3xE-1669443994-0-AaoUljTYZsaIOOir72IlnX/WOgQO4mRUORicLQVG7iq1M+P0OiPFIwvRpg570qVfXiaGDNNVrky8T4nHLiC/yZE=; path=/; expires=Sat, 26-Nov-22 06:56:34 GMT; domain=.ouo.press; HttpOnly; SameSite=None
Server: cloudflare
CF-RAY: 77008da56c49b518-OSL
Content-Encoding: gzip
challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit
104.18.6.185302 Found 0 B URL HTTP/2 challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit
IP 104.18.6.185:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sat, 26 Nov 2022 06:26:34 GMT
content-length: 0
location: /turnstile/v0/75e640aa/api.js?onload=_cf_chl_turnstile_l&render=explicit
cache-control: max-age: 300
vary: Accept-Encoding
server: cloudflare
cf-ray: 77008da5cb42b4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8181
Expires: Sat, 26 Nov 2022 08:42:55 GMT
Date: Sat, 26 Nov 2022 06:26:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8181
Expires: Sat, 26 Nov 2022 08:42:55 GMT
Date: Sat, 26 Nov 2022 06:26:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8181
Expires: Sat, 26 Nov 2022 08:42:55 GMT
Date: Sat, 26 Nov 2022 06:26:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8181
Expires: Sat, 26 Nov 2022 08:42:55 GMT
Date: Sat, 26 Nov 2022 06:26:34 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab1c6bf9-39a7-42ca-a718-a572401add09.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab1c6bf9-39a7-42ca-a718-a572401add09.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b72976b3f013ace345c85b0bdfea5f76
3e9004d90ed72f3034eae5cddd476eb50ac63ea6
068a487b9ae3d7461ef16e04cee8802a7b76a2bce19bf66df48b2b1cdb0c772c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab1c6bf9-39a7-42ca-a718-a572401add09.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6382
x-amzn-requestid: e1e4c180-7f90-4d4b-a5f4-094e5f542a18
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLacUFC4oAMFayA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63813de8-09efee9d0604d16c61e3d452;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 22:12:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: SR2His1pCOwZHi7bBtnG8QeCtZQsCMeJxs-UCpd79SK_77eM5fWeog==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 22:24:51 GMT
age: 28903
etag: "3e9004d90ed72f3034eae5cddd476eb50ac63ea6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: 47c2739d-73c5-4d91-914c-fe635cb09772
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b1U8xGxgIAMF-qQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63786851-6fbe19dc5c4c20dd657604e3;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 05:23:29 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ezHvyK3va4SioabOjSittTiLQRs_Q8k4TPxkiGp_svtZ8omDPTUN-A==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 05:04:28 GMT
age: 4926
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88ca6be9-2485-4243-a3fe-1e61449736dd.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88ca6be9-2485-4243-a3fe-1e61449736dd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 801dd70f0c591086062e2a9054f78efc
6a2f4d4bfec41d16fa84b0a9b0b13f7dcff2be3d
ba28f27ea906aaa6db1fbdca53ecbd4366b99d2696fb888e47b731e21c0f82da
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88ca6be9-2485-4243-a3fe-1e61449736dd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6431
x-amzn-requestid: 0daa58b7-3fd8-463f-85f5-6f84fdb17661
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLVOBEpEIAMF87A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381358c-3f8b9c18598ba2532518668d;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:37:16 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PuOd4PnHQfvwM2zDA15uprEEgoy7BfUUgjvkrf89DYmN43XfEfyJvg==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:49:35 GMT
age: 31019
etag: "6a2f4d4bfec41d16fa84b0a9b0b13f7dcff2be3d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf04cc9f-ee4b-42fd-914f-cd86b9dc30eb.jpeg
34.120.237.76200 OK 3.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf04cc9f-ee4b-42fd-914f-cd86b9dc30eb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a783df85f30f9c555f9df6b99f61744d
61f9bed607e81606be78285596acdc5e0e4f4994
19db42201d0fa059f680d890ede6683c04e893e6308a2256d0203f826a7f34de
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf04cc9f-ee4b-42fd-914f-cd86b9dc30eb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3502
x-amzn-requestid: ca3f2610-e03c-48a7-abb3-fbbab76f63d2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvYUHO5IAMFqDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc5ce-7e36137711dc4668278c1c94;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:03:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: QS3ZKYetcm87GNwSr34eRPF2d4r8ppwf3fT19aV-u84f7ObX4bU8wQ==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 08:20:28 GMT
age: 79566
etag: "61f9bed607e81606be78285596acdc5e0e4f4994"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2f841c6-d0f5-4b9b-9f04-4eee5f479227.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2f841c6-d0f5-4b9b-9f04-4eee5f479227.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a0064a575afa520aa6c112249e7b195a
7387cf7c1f6fae78ce7df10271a0fd2504c71382
37876de2a100c65b70bfd199c8405f3ec282c45786ab08744c64592dc16b0353
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2f841c6-d0f5-4b9b-9f04-4eee5f479227.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9718
x-amzn-requestid: 1b621759-18a2-491a-b44e-f23540e4228c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLVC5FLbIAMFzFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63813545-78dec425016dc2746242a6c7;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:36:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: zWdyq64XfAJTwN2HPvv__Q2wm597cilWEJACu8vIDwKUGixYTdUL_g==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:53:21 GMT
age: 30793
etag: "7387cf7c1f6fae78ce7df10271a0fd2504c71382"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0b25450-4da4-45fe-97c4-620a26a2ac8f.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0b25450-4da4-45fe-97c4-620a26a2ac8f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2f470fab0957e148a9c58dfeedc72463
2f88534696701cfdaf7e2aa78f6d4b8766a2b77f
c2c5617f8fbf3860578a9bcf821dea13e3225ccd02774f29f4bf022e4abd9ff9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0b25450-4da4-45fe-97c4-620a26a2ac8f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11186
x-amzn-requestid: 67dbfbd2-ba7f-4540-8d2c-5c2c4de21cae
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLUf7HGdIAMFhow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63813465-36b0d8fc4bdb5faf328bd99d;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:32:21 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: aWg_mLQcRYtCNYfaypt-rqwKNbzd4FOFd3mMT8sSQU_dmO7KP29Rsw==
via: 1.1 7b00c3fd9220034414107b03e53b1b8e.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 22:01:51 GMT
age: 30283
etag: "2f88534696701cfdaf7e2aa78f6d4b8766a2b77f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ouo.press/cdn-cgi/challenge-platform/h/b/flow/ov1/0.1516019112055803:1669442835:02rbXrfehwWFudVPTgnN90YBmKYI3KtorENQS-JhKuY/77008d9728d51c02/994fcb732e7b7d8
172.67.22.15200 OK 3.3 kB URL HTTP/1.1 ouo.press/cdn-cgi/challenge-platform/h/b/flow/ov1/0.1516019112055803:1669442835:02rbXrfehwWFudVPTgnN90YBmKYI3KtorENQS-JhKuY/77008d9728d51c02/994fcb732e7b7d8
IP 172.67.22.15:0
Hash 450b24e60b2beea154c6deaedc14cd50
745f7aed46d5e2cf79ae21a49a5ba570522e14ef
4ef898cf0a524d2f13f222fa28df5a57cc9ae27c64e298e4b516b2696e3fe7a4
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/0.1516019112055803:1669442835:02rbXrfehwWFudVPTgnN90YBmKYI3KtorENQS-JhKuY/77008d9728d51c02/994fcb732e7b7d8 HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ouo.press/Zhu1Nr
Content-type: application/x-www-form-urlencoded
CF-Challenge: 994fcb732e7b7d8
Content-Length: 16906
Origin: http://ouo.press
Connection: keep-alive
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 06:26:37 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf_chl_out: /9jaPdQjVuPdQlBr61P7nwTmFoSVK3FeTnXGX73cgMXGH3Z0ZC8NuR+ERwFVF1gMU7ub3Rp0n//8DHSbW4ZSjQ==$FiCshFwxJhOwOKB8jVaORw==
cf_chl_out_s: 6H3yrYnQY/bLu4bHExzOno0WmBRJz+onjdGBOQvyN1p3xY5DAbUW1lG9FMdZp8rwo3l30G4JPeVTCNO/wVmVCbk6AKyRfLfTAZtb20raZC/dkLLu5lnaI98+QY5OzKDw3Wgmy4VsCObiEZCr6oUk297yHgArTXIAPb6bujpGdg9VOwFO5PWvtTP5ljtcqQmH$sGKPhCI+MGhpau9FASq/qQ==
set-cookie: cf_chl_rc_m=;Expires=Fri, 25 Nov 2022 06:26:37 GMT;SameSite=Strict
__cf_bm=QhDEtyAqO5FKhdDNHONkNAhOF20znRPMjzuEhyuMzDk-1669443997-0-ARnORnYbdRPysqo3Xy7eHQG7VrYfQ+73g5BrdGC4Vi50HSGsJcDW37XM18ZhElryr0W332sL5muyz/z0S9yg7Ko=; path=/; expires=Sat, 26-Nov-22 06:56:37 GMT; domain=.ouo.press; HttpOnly; SameSite=None
Server: cloudflare
CF-RAY: 77008db94917b518-OSL
Content-Encoding: gzip
ouo.press/Zhu1Nr
172.67.22.15200 OK 3.4 kB IP 172.67.22.15:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1938)
Hash c76d47994c58b539cf5eee4aa682e6cb
04d53ee435fa1840b300a30da8210c680f7705c5
5fe1f6d57e7c0923da5f0f5b040138fdc81a9f8b378b93047d1543b244aaca01
POST /Zhu1Nr HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ouo.press/Zhu1Nr?__cf_chl_tk=eVxD_NxXox1rnAESMkinyPc9hMNIQWA.flb_DR8nlow-1669443992-0-gaNycGzNAv0
Content-Type: application/x-www-form-urlencoded
Content-Length: 1780
Origin: http://ouo.press
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 06:26:38 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
CF-Cache-Status: DYNAMIC
Set-Cookie: cf_clearance=8bcL5tqEav6_nnglGLonDV6i1tn0hwyAYagtRZyQBAY-1669443997-0-250; path=/; expires=Sun, 26-Nov-23 06:26:37 GMT; domain=.ouo.press; HttpOnly
ouoio_session=eyJpdiI6Ill5a2JvVDE2aGdCcWJPenVZejdnK2NDT0N0MU9UY2wzQjJQNm1DbFIzTVU9IiwidmFsdWUiOiJZejhVT2RHcXR6OUlxcVdoYUh0aEtQSVBCZERLcGRkU0dkcktRVTFSRGRkU1JxeWhwc1A1SFpWMXBDWkM0QUdcLzlcL3gzSFpOcTFyS3ZYekpGT2puZEtRPT0iLCJtYWMiOiJhYTQyYTA2MWQ5MGJjNTM1OGFkMzAzZThlMDkwMjg2NjEwYjMxYWNjN2NlNmU3M2Y3ZjNmNzg4NDk3NDRmYzU2In0%3D; path=/; httponly
language=eyJpdiI6ImF5aUVxbnIxN1dNWWo1T2FiNWlWcDgxXC9rdnRLdnF5SWRIR3BlTzdwNmo4PSIsInZhbHVlIjoiQjh0M2hrazNJekRsTjQ5RDdKVVBXbWMzMkU2WDV3TmN5UnRwVlFqVEtYZz0iLCJtYWMiOiI5OTc5OGEwYjVkMjMwZjE1MzMxYWViMmViNGEyOTgzYTAyZDAwYjE1MDBiODQ2ODY1Zjc2OWEyYzdmMDlmMWEzIn0%3D; expires=Thu, 25-Nov-2027 06:26:38 GMT; Max-Age=157680000; path=/; httponly
66d17f44c7ed11ac8c6cf8a36a3733f75539904d=eyJpdiI6IkNueXdVcmsrZEh4WitXUTQ2WlJuZTlCQmRhaitGd2VDMlFaWlk3RlB1RFk9IiwidmFsdWUiOiJrUTF6MDBreDk3K1dGdHBKWW53MStCQXdvXC9xNGlOdTJcL1BMQmZTVE5ac0pZdVpVNDArWVVublRXYjhmTFZJXC9mbThNRFBzSlVlXC9SOVJuVEZcLzBYZEp1R052TlVKN0lGV0loT3JoZzdaZ3RKb3VBN1FSU3VzdEl3UWx4VDlHY25yejNWdGs2SFZSTEFpYkZNOE9nVmx3SFZDK0o0b1R0UEpyZG5lUzdtRUdSQ3dlVkxiOHA5RVwveGhQU09DSXhSbFFMSk5lRzZ2RElWTHZFeXJhZCtPWlJsRm9MOGV3SEJLUjl2OHB0eHVsTlJNM2RuUk5idXB4UnpnTmRqcmxNSE9XMEcwcTNcL24yRUpZMnZkdVQycVVBTm1cL2pJaFczN2lwZ3dZSEprUlwvZjZRMFwvVnFnV251V3ZyemhwTW9LSUJzc25VbUVZd2F4UXdIblJCREVmU0tVdnNcL0RERm8ySjlpWHU2T3I3SUJQSmhBR3FqRjRhaW5HbmpmancwbjhQQUUrTSIsIm1hYyI6IjgwZTAyYjk4ZDA3OTlkZGEyNzZkMmIwMWViZGI3ZTZiZjFjNzYzZTJkYmI5OWJjM2M1YzAwODQwNDRmZGZiNWMifQ%3D%3D; expires=Sat, 26-Nov-2022 08:26:38 GMT; Max-Age=7200; path=/; httponly
__cf_bm=KPquEFDVCpveMpQHuFeasqTqF3FnQJBuFy9cq1wXcgA-1669443998-0-AX3F8vyJA/sASUq3trBf6lEOuY881OCjxXnlw8M00Ymtsrm9l5UkH+Yxkx5u9UMlxf3L5nd46TAeM7xrNysoSKw=; path=/; expires=Sat, 26-Nov-22 06:56:38 GMT; domain=.ouo.press; HttpOnly; SameSite=None
Server: cloudflare
CF-RAY: 77008dba69bbb518-OSL
Content-Encoding: gzip
ouo.press/css/link-safe.css
172.67.22.15200 OK 1.8 kB URL HTTP/1.1 ouo.press/css/link-safe.css
IP 172.67.22.15:0
Hash d91a45478adaa488ef4f1733dfa3c44c
3686ea901ce8ca85bb82f42bf0a8d39095ebf73d
4bb66b15dd5791ec4c9867c3a89ee2ef9bdb5f0bbd0d442a1fbfe2c34e9bc86b
GET /css/link-safe.css HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/Zhu1Nr
Cookie: cf_clearance=8bcL5tqEav6_nnglGLonDV6i1tn0hwyAYagtRZyQBAY-1669443997-0-250; ouoio_session=eyJpdiI6Ill5a2JvVDE2aGdCcWJPenVZejdnK2NDT0N0MU9UY2wzQjJQNm1DbFIzTVU9IiwidmFsdWUiOiJZejhVT2RHcXR6OUlxcVdoYUh0aEtQSVBCZERLcGRkU0dkcktRVTFSRGRkU1JxeWhwc1A1SFpWMXBDWkM0QUdcLzlcL3gzSFpOcTFyS3ZYekpGT2puZEtRPT0iLCJtYWMiOiJhYTQyYTA2MWQ5MGJjNTM1OGFkMzAzZThlMDkwMjg2NjEwYjMxYWNjN2NlNmU3M2Y3ZjNmNzg4NDk3NDRmYzU2In0%3D; language=eyJpdiI6ImF5aUVxbnIxN1dNWWo1T2FiNWlWcDgxXC9rdnRLdnF5SWRIR3BlTzdwNmo4PSIsInZhbHVlIjoiQjh0M2hrazNJekRsTjQ5RDdKVVBXbWMzMkU2WDV3TmN5UnRwVlFqVEtYZz0iLCJtYWMiOiI5OTc5OGEwYjVkMjMwZjE1MzMxYWViMmViNGEyOTgzYTAyZDAwYjE1MDBiODQ2ODY1Zjc2OWEyYzdmMDlmMWEzIn0%3D; 66d17f44c7ed11ac8c6cf8a36a3733f75539904d=eyJpdiI6IkNueXdVcmsrZEh4WitXUTQ2WlJuZTlCQmRhaitGd2VDMlFaWlk3RlB1RFk9IiwidmFsdWUiOiJrUTF6MDBreDk3K1dGdHBKWW53MStCQXdvXC9xNGlOdTJcL1BMQmZTVE5ac0pZdVpVNDArWVVublRXYjhmTFZJXC9mbThNRFBzSlVlXC9SOVJuVEZcLzBYZEp1R052TlVKN0lGV0loT3JoZzdaZ3RKb3VBN1FSU3VzdEl3UWx4VDlHY25yejNWdGs2SFZSTEFpYkZNOE9nVmx3SFZDK0o0b1R0UEpyZG5lUzdtRUdSQ3dlVkxiOHA5RVwveGhQU09DSXhSbFFMSk5lRzZ2RElWTHZFeXJhZCtPWlJsRm9MOGV3SEJLUjl2OHB0eHVsTlJNM2RuUk5idXB4UnpnTmRqcmxNSE9XMEcwcTNcL24yRUpZMnZkdVQycVVBTm1cL2pJaFczN2lwZ3dZSEprUlwvZjZRMFwvVnFnV251V3ZyemhwTW9LSUJzc25VbUVZd2F4UXdIblJCREVmU0tVdnNcL0RERm8ySjlpWHU2T3I3SUJQSmhBR3FqRjRhaW5HbmpmancwbjhQQUUrTSIsIm1hYyI6IjgwZTAyYjk4ZDA3OTlkZGEyNzZkMmIwMWViZGI3ZTZiZjFjNzYzZTJkYmI5OWJjM2M1YzAwODQwNDRmZGZiNWMifQ%3D%3D
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 06:26:38 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=86400
Cf-Bgj: minify
Cf-Polished: status=cannot_optimize
ETag: W/"5d951ace-1830"
Expires: Sat, 26 Nov 2022 13:14:43 GMT
Last-Modified: Wed, 02 Oct 2019 21:46:54 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
CF-Cache-Status: HIT
Age: 18715
Set-Cookie: __cf_bm=wlS.S0TuHsEk8K1k9JXqvM7l3YI.ZTuU1jf47pXJ_4w-1669443998-0-Af77PajuYGWv9XDhl6CBquY5x10DpTcLuyNbEPFdb43tdX7XvD9ydNi04VZezf12zWY4BacQiBbg9hlXVeE1mDM=; path=/; expires=Sat, 26-Nov-22 06:56:38 GMT; domain=.ouo.press; HttpOnly; SameSite=None
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77008dbcf851b4f3-OSL
Content-Encoding: gzip
ouo.press/css/bootstrap.css
172.67.22.15200 OK 18 kB URL HTTP/1.1 ouo.press/css/bootstrap.css
IP 172.67.22.15:0
Hash c86ef398656795a82c5b3f8540953fa7
a509ce4a3f78ab3718df8a6495868d5686cb30ae
13c8009dbc200ed4383b5e59d100c5498f74637023a08007dffe2c0b187bef0b
GET /css/bootstrap.css HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/Zhu1Nr
Cookie: cf_clearance=8bcL5tqEav6_nnglGLonDV6i1tn0hwyAYagtRZyQBAY-1669443997-0-250; ouoio_session=eyJpdiI6Ill5a2JvVDE2aGdCcWJPenVZejdnK2NDT0N0MU9UY2wzQjJQNm1DbFIzTVU9IiwidmFsdWUiOiJZejhVT2RHcXR6OUlxcVdoYUh0aEtQSVBCZERLcGRkU0dkcktRVTFSRGRkU1JxeWhwc1A1SFpWMXBDWkM0QUdcLzlcL3gzSFpOcTFyS3ZYekpGT2puZEtRPT0iLCJtYWMiOiJhYTQyYTA2MWQ5MGJjNTM1OGFkMzAzZThlMDkwMjg2NjEwYjMxYWNjN2NlNmU3M2Y3ZjNmNzg4NDk3NDRmYzU2In0%3D; language=eyJpdiI6ImF5aUVxbnIxN1dNWWo1T2FiNWlWcDgxXC9rdnRLdnF5SWRIR3BlTzdwNmo4PSIsInZhbHVlIjoiQjh0M2hrazNJekRsTjQ5RDdKVVBXbWMzMkU2WDV3TmN5UnRwVlFqVEtYZz0iLCJtYWMiOiI5OTc5OGEwYjVkMjMwZjE1MzMxYWViMmViNGEyOTgzYTAyZDAwYjE1MDBiODQ2ODY1Zjc2OWEyYzdmMDlmMWEzIn0%3D; 66d17f44c7ed11ac8c6cf8a36a3733f75539904d=eyJpdiI6IkNueXdVcmsrZEh4WitXUTQ2WlJuZTlCQmRhaitGd2VDMlFaWlk3RlB1RFk9IiwidmFsdWUiOiJrUTF6MDBreDk3K1dGdHBKWW53MStCQXdvXC9xNGlOdTJcL1BMQmZTVE5ac0pZdVpVNDArWVVublRXYjhmTFZJXC9mbThNRFBzSlVlXC9SOVJuVEZcLzBYZEp1R052TlVKN0lGV0loT3JoZzdaZ3RKb3VBN1FSU3VzdEl3UWx4VDlHY25yejNWdGs2SFZSTEFpYkZNOE9nVmx3SFZDK0o0b1R0UEpyZG5lUzdtRUdSQ3dlVkxiOHA5RVwveGhQU09DSXhSbFFMSk5lRzZ2RElWTHZFeXJhZCtPWlJsRm9MOGV3SEJLUjl2OHB0eHVsTlJNM2RuUk5idXB4UnpnTmRqcmxNSE9XMEcwcTNcL24yRUpZMnZkdVQycVVBTm1cL2pJaFczN2lwZ3dZSEprUlwvZjZRMFwvVnFnV251V3ZyemhwTW9LSUJzc25VbUVZd2F4UXdIblJCREVmU0tVdnNcL0RERm8ySjlpWHU2T3I3SUJQSmhBR3FqRjRhaW5HbmpmancwbjhQQUUrTSIsIm1hYyI6IjgwZTAyYjk4ZDA3OTlkZGEyNzZkMmIwMWViZGI3ZTZiZjFjNzYzZTJkYmI5OWJjM2M1YzAwODQwNDRmZGZiNWMifQ%3D%3D
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 06:26:38 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=86400
Cf-Bgj: minify
Cf-Polished: origSize=109522
ETag: W/"54def1fc-1abd2"
Expires: Sat, 26 Nov 2022 10:27:59 GMT
Last-Modified: Sat, 14 Feb 2015 06:58:04 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
CF-Cache-Status: HIT
Age: 28719
Set-Cookie: __cf_bm=DOiHfaEZM4bTlVvNcoTUIGTRLrDIKM91WWxrvxcXSqc-1669443998-0-AVlgEmq5KsrXsMGYBjam3E/RtuCz6eXElpXmKbaPKB0MtYpIKtQZzfWi2oCn2Ky1gQdHjHkx06jdilNirM2mqDE=; path=/; expires=Sat, 26-Nov-22 06:56:38 GMT; domain=.ouo.press; HttpOnly; SameSite=None
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77008dbcfb8ab518-OSL
Content-Encoding: gzip
ouo.press/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
172.67.22.15200 OK 655 B URL HTTP/1.1 ouo.press/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP 172.67.22.15:0
File type HTML document, ASCII text, with very long lines (1238)
Hash bc3ba461c8a309acf61b6d9c41cb6236
88482306ecc9258d5e9cbb9ba5314dab223a5db4
31331f1b1519882d2f2fb60367708fd56a7a1ec0bddd0554c635547179c7dc8f
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/Zhu1Nr
Cookie: cf_clearance=8bcL5tqEav6_nnglGLonDV6i1tn0hwyAYagtRZyQBAY-1669443997-0-250; ouoio_session=eyJpdiI6Ill5a2JvVDE2aGdCcWJPenVZejdnK2NDT0N0MU9UY2wzQjJQNm1DbFIzTVU9IiwidmFsdWUiOiJZejhVT2RHcXR6OUlxcVdoYUh0aEtQSVBCZERLcGRkU0dkcktRVTFSRGRkU1JxeWhwc1A1SFpWMXBDWkM0QUdcLzlcL3gzSFpOcTFyS3ZYekpGT2puZEtRPT0iLCJtYWMiOiJhYTQyYTA2MWQ5MGJjNTM1OGFkMzAzZThlMDkwMjg2NjEwYjMxYWNjN2NlNmU3M2Y3ZjNmNzg4NDk3NDRmYzU2In0%3D; language=eyJpdiI6ImF5aUVxbnIxN1dNWWo1T2FiNWlWcDgxXC9rdnRLdnF5SWRIR3BlTzdwNmo4PSIsInZhbHVlIjoiQjh0M2hrazNJekRsTjQ5RDdKVVBXbWMzMkU2WDV3TmN5UnRwVlFqVEtYZz0iLCJtYWMiOiI5OTc5OGEwYjVkMjMwZjE1MzMxYWViMmViNGEyOTgzYTAyZDAwYjE1MDBiODQ2ODY1Zjc2OWEyYzdmMDlmMWEzIn0%3D; 66d17f44c7ed11ac8c6cf8a36a3733f75539904d=eyJpdiI6IkNueXdVcmsrZEh4WitXUTQ2WlJuZTlCQmRhaitGd2VDMlFaWlk3RlB1RFk9IiwidmFsdWUiOiJrUTF6MDBreDk3K1dGdHBKWW53MStCQXdvXC9xNGlOdTJcL1BMQmZTVE5ac0pZdVpVNDArWVVublRXYjhmTFZJXC9mbThNRFBzSlVlXC9SOVJuVEZcLzBYZEp1R052TlVKN0lGV0loT3JoZzdaZ3RKb3VBN1FSU3VzdEl3UWx4VDlHY25yejNWdGs2SFZSTEFpYkZNOE9nVmx3SFZDK0o0b1R0UEpyZG5lUzdtRUdSQ3dlVkxiOHA5RVwveGhQU09DSXhSbFFMSk5lRzZ2RElWTHZFeXJhZCtPWlJsRm9MOGV3SEJLUjl2OHB0eHVsTlJNM2RuUk5idXB4UnpnTmRqcmxNSE9XMEcwcTNcL24yRUpZMnZkdVQycVVBTm1cL2pJaFczN2lwZ3dZSEprUlwvZjZRMFwvVnFnV251V3ZyemhwTW9LSUJzc25VbUVZd2F4UXdIblJCREVmU0tVdnNcL0RERm8ySjlpWHU2T3I3SUJQSmhBR3FqRjRhaW5HbmpmancwbjhQQUUrTSIsIm1hYyI6IjgwZTAyYjk4ZDA3OTlkZGEyNzZkMmIwMWViZGI3ZTZiZjFjNzYzZTJkYmI5OWJjM2M1YzAwODQwNDRmZGZiNWMifQ%3D%3D
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 06:26:38 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 13:35:09 GMT
ETag: W/"637cd00d-4d7"
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77008dbd0863b4f3-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Expires: Mon, 28 Nov 2022 06:26:38 GMT
Cache-Control: max-age=172800, public
Content-Encoding: gzip
fonts.googleapis.com/css?family=Questrial
142.250.74.10200 OK 387 B URL HTTP/1.1 fonts.googleapis.com/css?family=Questrial
IP 142.250.74.10:0
Hash 7b73b3eed6a43db40b0640388112329f
ad4bb62a66f1f95c0a252f83345b40d40dcd5bb4
1776d3903d4f6fb36773bac4ccb4b86c0658838f29674d1fb506859506a41bc3
GET /css?family=Questrial HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Sat, 26 Nov 2022 06:26:38 GMT
Date: Sat, 26 Nov 2022 06:26:38 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
hhklc.com/c.js
172.67.223.102301 Moved Permanently 0 B IP 172.67.223.102:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.js HTTP/1.1
Host: hhklc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 301 Moved Permanently
Date: Sat, 26 Nov 2022 06:26:38 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 26 Nov 2022 07:26:38 GMT
Location: https://hhklc.com/c.js
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r03%2FdBUhy0JUv6fuz2S2hEJHCiIiaXA5o%2BybmHPhrRbnwbmy36oxfiig5DBoJJHMe011NBuAIE3Gf01fIFuBzueJ4a5bgDiM658goO0iHp6amrr7iJuXDgQACYE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77008dbd0e070b59-OSL
alt-svc: h2=":443"; ma=60
ecdn.analysis.fi/static/js/fab.js
54.230.111.15200 OK 4.2 kB URL HTTP/1.1 ecdn.analysis.fi/static/js/fab.js
IP 54.230.111.15:0
File type ASCII text, with very long lines (574)
Hash 28a0bef1ecb63168106f97b637ab3414
e577575dd115f6a95aea8c2ae87d2c30c8464728
d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6
GET /static/js/fab.js HTTP/1.1
Host: ecdn.analysis.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 4240
Connection: keep-alive
Server: nginx/1.20.0
Last-Modified: Tue, 14 Dec 2021 15:30:51 GMT
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Date: Sat, 26 Nov 2022 06:23:14 GMT
Expires: Sat, 26 Nov 2022 07:23:10 GMT
Cache-Control: max-age=3600
ETag: "61b8b8ab-1090"
X-Cache: Hit from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: zuKjdmZQ_qjJJ8zXKNU4loYhqKoefIOrRahk_0mShoJz-3HbTzLdSg==
Age: 208
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 30f833b25d6e5af2229d9584c6f6cf97
ee79c3fa994d53c1d0687ca61353d63cce459e25
1bc091991c4663dbc86ae735e47ddc3e887a24661050ad9f24b8d458bfd11a6b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 06:26:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ecdn.firstimpression.io/fi_client.js
54.230.111.77200 OK 100 kB URL HTTP/1.1 ecdn.firstimpression.io/fi_client.js
IP 54.230.111.77:0
File type ASCII text, with very long lines (618)
Size 100 kB (100129 bytes)
Hash deb02e3b2aa3b44493afaa949d207b35
bed849dbe52d10606c794fd72a4d3cc48400a416
790bd62a6bb2d2dd97e15b025d4db4b92372585eb3c1e37d2474a3ab235148b7
GET /fi_client.js HTTP/1.1
Host: ecdn.firstimpression.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Date: Sat, 26 Nov 2022 06:11:42 GMT
Server: nginx/1.20.0
X-Powered-By: PHP/8.0.14
X-XSS-Protection: 0
Last-Modified: Sat, 26 Nov 2022 06:11:42 UTC
ETag: W/"0347841b4433020f6fd0c98f4365224c"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: qTznmU2WjH6isQ-KDA7efUa4x5ZAk0TnnJEi0OHbCSl1nS79VZzs9A==
Age: 896
www.google.com/recaptcha/api.js?render=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x
142.250.74.164200 OK 582 B URL HTTP/2 www.google.com/recaptcha/api.js?render=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x
IP 142.250.74.164:0
File type ASCII text, with very long lines (884), with no line terminators
Hash 729acee2a72aedc9406dba71bf4c1d00
e7f1dea037aaa2df1c1e5b884dc5d73b7bc35e82
7e9b8e953f317a7a47db6df1d1ac8be5c78e9a9524a0a07755c748c2198f816a
GET /recaptcha/api.js?render=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Sat, 26 Nov 2022 06:26:38 GMT
date: Sat, 26 Nov 2022 06:26:38 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 582
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tv.gourdycortes.com/1clkn/48786
172.255.6.124200 OK 49 kB URL HTTP/1.1 tv.gourdycortes.com/1clkn/48786
IP 172.255.6.124:0
Hash db56d2dcf9b57485d3a9a8c84d208c5b
29d57cb59d057a0a91392020ecc74d1a811f05c6
7ba0851f6fc702f04a249e0de9084f05807fbabb76ef4e1db09a4b1c952ec60e
GET /1clkn/48786 HTTP/1.1
Host: tv.gourdycortes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 06:26:38 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Set-Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; expires=Sun, 27-Nov-2022 06:26:38 GMT; Max-Age=86400; path=/
GL_GI10=eJxNjM0KgkAYRW0qSwrjQg%2FQC2T%2Fi7bVMnThAwxmXzFg84kz%2FdjTpwbR5nI4cK7jOGLsQ6gcw%2B0i2M6D9TJYbNZoX4khwgjDlO%2FaFqXUyY3ghlw8kxJuQVfFGmK%2BwuDLMuUzoRtG0z%2FXRIPIZDzZ1z8lOqmqt1bwav52vaprXFuZHP4uU69JzNndVi8GniYrTU50hrdPThnNDvER%2Fs82H24LfWVkXvCrrHhk1Y3erEny5WLIVqr1cMUHDLFHVQ%3D%3D; expires=Sun, 27-Nov-2022 06:26:38 GMT; Max-Age=86400; path=/
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
ouo.press/images/world.png
172.67.22.15200 OK 5.7 kB URL HTTP/1.1 ouo.press/images/world.png
IP 172.67.22.15:0
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 4eea420a8830a6d695114427bf52b556
35579e7f1a656beb3a07a7093166ff37c634bade
70f03c74cc197cf154af36fa552a448d9ffebb55081c96e55ef4cf469123fe22
GET /images/world.png HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/Zhu1Nr
Cookie: cf_clearance=8bcL5tqEav6_nnglGLonDV6i1tn0hwyAYagtRZyQBAY-1669443997-0-250; ouoio_session=eyJpdiI6Ill5a2JvVDE2aGdCcWJPenVZejdnK2NDT0N0MU9UY2wzQjJQNm1DbFIzTVU9IiwidmFsdWUiOiJZejhVT2RHcXR6OUlxcVdoYUh0aEtQSVBCZERLcGRkU0dkcktRVTFSRGRkU1JxeWhwc1A1SFpWMXBDWkM0QUdcLzlcL3gzSFpOcTFyS3ZYekpGT2puZEtRPT0iLCJtYWMiOiJhYTQyYTA2MWQ5MGJjNTM1OGFkMzAzZThlMDkwMjg2NjEwYjMxYWNjN2NlNmU3M2Y3ZjNmNzg4NDk3NDRmYzU2In0%3D; language=eyJpdiI6ImF5aUVxbnIxN1dNWWo1T2FiNWlWcDgxXC9rdnRLdnF5SWRIR3BlTzdwNmo4PSIsInZhbHVlIjoiQjh0M2hrazNJekRsTjQ5RDdKVVBXbWMzMkU2WDV3TmN5UnRwVlFqVEtYZz0iLCJtYWMiOiI5OTc5OGEwYjVkMjMwZjE1MzMxYWViMmViNGEyOTgzYTAyZDAwYjE1MDBiODQ2ODY1Zjc2OWEyYzdmMDlmMWEzIn0%3D; 66d17f44c7ed11ac8c6cf8a36a3733f75539904d=eyJpdiI6IkNueXdVcmsrZEh4WitXUTQ2WlJuZTlCQmRhaitGd2VDMlFaWlk3RlB1RFk9IiwidmFsdWUiOiJrUTF6MDBreDk3K1dGdHBKWW53MStCQXdvXC9xNGlOdTJcL1BMQmZTVE5ac0pZdVpVNDArWVVublRXYjhmTFZJXC9mbThNRFBzSlVlXC9SOVJuVEZcLzBYZEp1R052TlVKN0lGV0loT3JoZzdaZ3RKb3VBN1FSU3VzdEl3UWx4VDlHY25yejNWdGs2SFZSTEFpYkZNOE9nVmx3SFZDK0o0b1R0UEpyZG5lUzdtRUdSQ3dlVkxiOHA5RVwveGhQU09DSXhSbFFMSk5lRzZ2RElWTHZFeXJhZCtPWlJsRm9MOGV3SEJLUjl2OHB0eHVsTlJNM2RuUk5idXB4UnpnTmRqcmxNSE9XMEcwcTNcL24yRUpZMnZkdVQycVVBTm1cL2pJaFczN2lwZ3dZSEprUlwvZjZRMFwvVnFnV251V3ZyemhwTW9LSUJzc25VbUVZd2F4UXdIblJCREVmU0tVdnNcL0RERm8ySjlpWHU2T3I3SUJQSmhBR3FqRjRhaW5HbmpmancwbjhQQUUrTSIsIm1hYyI6IjgwZTAyYjk4ZDA3OTlkZGEyNzZkMmIwMWViZGI3ZTZiZjFjNzYzZTJkYmI5OWJjM2M1YzAwODQwNDRmZGZiNWMifQ%3D%3D
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 06:26:38 GMT
Content-Type: image/png
Content-Length: 5692
Connection: keep-alive
Cache-Control: max-age=2592000
Cf-Bgj: imgq:85,h2pri
Cf-Polished: status=not_needed
ETag: "5549a07c-163c"
Expires: Sat, 03 Dec 2022 22:33:44 GMT
Last-Modified: Wed, 06 May 2015 05:02:52 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
CF-Cache-Status: HIT
Age: 1929174
Accept-Ranges: bytes
Set-Cookie: __cf_bm=omTVV5asQjA6KxKh.GvqsylGaM9UpijlMBxagJdf9nw-1669443998-0-ARU5qhRTiLIjf516KaA6jKOpDupdy0VzbDrZTfkb0JZbdeJHZm9Qe5LStxLRXD0gtnRQhezB6NHz0B/r4cofhls=; path=/; expires=Sat, 26-Nov-22 06:56:38 GMT; domain=.ouo.press; HttpOnly; SameSite=None
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77008dbdac03b518-OSL
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e922b25acaba2d7f8921ebe973a4b261
5dd4c237c84a652cbcf3db163529f3788ceafc46
a7856c7777aa01b671ddae097494f2b031cbbddc7b244fe8714a8c02b85d8589
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 06:26:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash ab38abeb6e1559c84c3f7cb970c3a459
0281c6e31490fea00bdf63660d7402075316eaff
37250f3edc6a0f677d242f1c251608dd67b663acc4f0e9e5df15369bd127ef5d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=156145
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 06:26:38 GMT
Etag: "6381708f-117"
Expires: Mon, 28 Nov 2022 01:49:03 GMT
Last-Modified: Sat, 26 Nov 2022 01:49:03 GMT
Server: nginx
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash ab38abeb6e1559c84c3f7cb970c3a459
0281c6e31490fea00bdf63660d7402075316eaff
37250f3edc6a0f677d242f1c251608dd67b663acc4f0e9e5df15369bd127ef5d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=156145
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 06:26:38 GMT
Etag: "6381708f-117"
Expires: Mon, 28 Nov 2022 01:49:03 GMT
Last-Modified: Sat, 26 Nov 2022 01:49:03 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 279
challenges.cloudflare.com/turnstile/v0/75e640aa/api.js?onload=_cf_chl_turnstile_l&render=explicit
104.18.6.185200 OK 17 kB URL HTTP/2 challenges.cloudflare.com/turnstile/v0/75e640aa/api.js?onload=_cf_chl_turnstile_l&render=explicit
IP 104.18.6.185:0
File type ASCII text, with very long lines (9399)
Hash 9f70a0b97005e1d3a6904ed4f63da828
fefffc08f685fc82629c23da0671c176b5327238
54bdbc825c52684f051e3124c752ac5f0ce460aa9f1ca3f908c16a2b033e7431
GET /turnstile/v0/75e640aa/api.js?onload=_cf_chl_turnstile_l&render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 06:26:34 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000
vary: Accept-Encoding
server: cloudflare
cf-ray: 77008da5fb53b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2
216.58.207.195200 OK 19 kB URL HTTP/1.1 fonts.gstatic.com/s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 19292, version 1.0\012- data
Hash 19007b17e56daa60133bce9e9b352a95
bac1384caeae5762e7a1d8c18037f69c8cd21bc4
fd88a03358ba14440b78c6329717bdf6ed1a9fe97c3ad4e0a0a39d31fb1ac546
GET /s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://ouo.press
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 19292
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 24 Nov 2022 15:53:57 GMT
Expires: Fri, 24 Nov 2023 15:53:57 GMT
Cache-Control: public, max-age=31536000
Age: 138761
Last-Modified: Wed, 27 Apr 2022 16:12:54 GMT
Content-Type: font/woff2
friendshipmale.com/sfp.js
172.64.202.23200 OK 28 kB URL HTTP/1.1 friendshipmale.com/sfp.js
IP 172.64.202.23:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash b1fa950e77a7db5425f9a5257af02e9c
2d5580451f34ad96218f8b97edf9708f9ee1be87
d999c4320df27dc4a1d3de5aec22bb3ef201560b47a7eff3f28f4133c1997a14
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 06:26:39 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: max-age=14400
X-Request-ID: fa51dcd9f4d021f44ebc2e75c4b97215
Strict-Transport-Security: max-age=0; includeSubdomains
CF-Cache-Status: EXPIRED
Last-Modified: Sat, 26 Nov 2022 06:26:38 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WKos%2BYqFgNTZoPAUS6WSngEY0a1tyqEs6iCN7LarcmuSN7QXRDDO%2FoLcK8N0K7BFn%2FZf0b28xqiqTU%2BpryJMcwFIIZ0sv%2BE3tNxnIvN8KozNX%2BWiShPb04YvMlIwGRQpVol%2BMrI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77008dc14c667199-LHR
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash e691756a7eaad68b37a05d81052d4625
51ae79d1a300529013b576ed5f30fd7eeb93f57d
b4057cce093dbc0c5928df15ca2dfa39a93ae1e9b9c0a2824a4bd09b8c356e75
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=111966
Date: Sat, 26 Nov 2022 06:26:39 GMT
Etag: "6380c395-1d7"
Expires: Sun, 27 Nov 2022 13:32:45 GMT
Last-Modified: Fri, 25 Nov 2022 13:31:01 GMT
Server: ECS (dcb/7F15)
X-Cache: Miss from cloudfront
Via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: u9c7bXrjjCjcpRsnv78IwqWonpGjuoYq0pRTFIjmBstLS4ilYA4s8A==
Age: 104
simplewebanalysis.com/stats
52.28.211.11200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.211.11:0
File type ASCII text, with no line terminators
Hash b873c9fc47f44bf261e3a133a19a3087
2a541cf877cca9fa60ad7347b6840ba25ec098d1
61f1b1b7a14b89de0cae1b9af8ca5818c148fa6b54702b65d4e4d23a339ef026
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 06:26:39 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://ouo.press
access-control-allow-credentials: true
set-cookie: uid_id2=d8264e8e-3579-43fe-a977-f2bbe88ebd94:1:1; expires=Tue, 23 Nov 2032 06:26:39 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 91efee6756db8bd4ed30ee6c3dca2c66
0e461f932f3d453bbd44c31da28b48ff4073927b
f9d39d93202411b2663d32eeb6718eb8df71270f627e2314abe0f3b54abca38f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4457
Cache-Control: max-age=136450
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 06:26:39 GMT
Etag: "63811238-117"
Expires: Sun, 27 Nov 2022 20:20:49 GMT
Last-Modified: Fri, 25 Nov 2022 19:06:32 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 279
widgets.outbrain.com/images/widgetIcons/achoice.svg
23.38.201.81200 OK 2.7 kB URL HTTP/2 widgets.outbrain.com/images/widgetIcons/achoice.svg
IP 23.38.201.81:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2290)
Hash 9d26fa4e7238ed94f1d0d92afb453b3e
ae18efe7d09337bf2f580b3f5bc912284aad7821
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
GET /images/widgetIcons/achoice.svg HTTP/1.1
Host: widgets.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/svg+xml
etag: "9d26fa4e7238ed94f1d0d92afb453b3e:1662969032.874716"
last-modified: Mon, 12 Sep 2022 07:37:47 GMT
server: AkamaiNetStorage
content-length: 2735
cache-control: max-age=2592000
expires: Mon, 26 Dec 2022 06:26:39 GMT
date: Sat, 26 Nov 2022 06:26:39 GMT
timing-allow-origin: *, *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
jsc.adskeeper.co.uk/o/u/ouo.press.911109.js
172.64.153.20200 OK 917 B URL HTTP/2 jsc.adskeeper.co.uk/o/u/ouo.press.911109.js
IP 172.64.153.20:0
File type ASCII text, with very long lines (2353)
Hash 81954b37bfde4482100f450e77d81cb7
20ee1e3850d9e66efe98fa995b36a40cb7fb291e
938d8cb267924df2a3eedf0f6a8c87e916440f19790da96fc5421871ccea91f3
GET /o/u/ouo.press.911109.js HTTP/1.1
Host: jsc.adskeeper.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 06:26:39 GMT
content-type: text/javascript
content-length: 917
x-amz-id-2: JmZ0t+U+9+H/3zB92zQes0+Iuq2dOFQvO3K9r+mZgXMPRuQXar2meP7GG6VTASOgrk+rgWLIJSc=
x-amz-request-id: CKA7PTQ6QYF7FT0W
last-modified: Wed, 23 Nov 2022 08:34:07 GMT
etag: "81954b37bfde4482100f450e77d81cb7"
content-encoding: gzip
x-amz-version-id: K6_4DTdgS48TLPF.nDN9N.7stPVqIKTf
cf-cache-status: HIT
age: 4759
expires: Sat, 26 Nov 2022 10:26:39 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77008dc27a49fab4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash be0da545931a6e6f06c7eb8395b8a3af
bea09f1e5d361abfe41135f1497b1b469699b912
3428d08f184d29f34d4067e1796ecfa6aa9f9cc6e76006fac23aaf175bdd4eaf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 06:26:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jsc.adskeeper.co.uk/o/u/ouo.press.911109.es6.js
172.64.153.20200 OK 81 kB URL HTTP/2 jsc.adskeeper.co.uk/o/u/ouo.press.911109.es6.js
IP 172.64.153.20:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (32213)
Hash 8d21d010c2ff0300cb95fd9ba262edfa
fbc7a1cedafb0c5abf743fe1b09cc6d163171e2a
4e939a6d14605de826442406f246715fc6ff0ca00eddc87a5d063e27bc535412
GET /o/u/ouo.press.911109.es6.js HTTP/1.1
Host: jsc.adskeeper.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 06:26:39 GMT
content-type: text/javascript
content-length: 81134
x-amz-id-2: PsJLWzOrIYGrFMC15dKtboTlDpt5eZ7wUz3CHzr0eJy6v+OH7CGmo/GyVnghcL+SmFcWKXJbH3A=
x-amz-request-id: QN29QQV0SM6S37TJ
last-modified: Wed, 23 Nov 2022 11:40:48 GMT
etag: "8d21d010c2ff0300cb95fd9ba262edfa"
content-encoding: gzip
x-amz-version-id: BGWdLTu0gk2Sa_lfFMoGUklmsbUpWNEf
cf-cache-status: HIT
age: 4757
expires: Sat, 26 Nov 2022 10:26:39 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77008dc29a4efab4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 91efee6756db8bd4ed30ee6c3dca2c66
0e461f932f3d453bbd44c31da28b48ff4073927b
f9d39d93202411b2663d32eeb6718eb8df71270f627e2314abe0f3b54abca38f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4457
Cache-Control: max-age=136450
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 06:26:39 GMT
Etag: "63811238-117"
Expires: Sun, 27 Nov 2022 20:20:49 GMT
Last-Modified: Fri, 25 Nov 2022 19:06:32 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 279
ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
142.250.74.102200 OK 104 B URL HTTP/2 ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
IP 142.250.74.102:0
File type MS Windows icon resource - 2 icons, 16x16, 16 colors, 32x32, 16 colors\012- data
Hash 32ac8a9b81788b981a3a7e13c14082d4
fbfd48a2bfe8d4247a975176f88d18c3c2ad1952
00cc7617e054596ff0aaabd8a93a9214dc5304bfe317316022dbf4fb3ea073d2
GET /favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250 HTTP/1.1
Host: ad.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 104
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Fri, 25 Nov 2022 11:00:31 GMT
expires: Sat, 26 Nov 2022 11:00:31 GMT
cache-control: public, max-age=86400
age: 69968
last-modified: Tue, 08 May 2012 13:08:06 GMT
content-type: image/x-icon
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b05606331c6f88a724d9e404e62974e4
72176bc6b618fbbe567b5746ed54e14d381a9815
7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 06:26:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
142.250.74.163200 OK 163 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (730)
Size 163 kB (162976 bytes)
Hash 79d18cf4265108d7cecca1bf4ada6109
e51d0285a545381d4c39e9e0292a650ffeeecbb9
59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6
GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 25 Nov 2022 08:12:22 GMT
expires: Sat, 25 Nov 2023 08:12:22 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
age: 80057
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b05606331c6f88a724d9e404e62974e4
72176bc6b618fbbe567b5746ed54e14d381a9815
7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 06:26:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 619fa0039b94697fc8a5bd24f57e8aa2
53a366391a51d625029cc6d32fb4e8b6060990fd
dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 06:26:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
hhklc.com/c.js
172.67.223.102200 OK 3.9 kB IP 172.67.223.102:0
File type ASCII text, with very long lines (8728), with no line terminators
Hash 18f342974dc34ac7d42604688c190725
79f0f16a52584d2978075b8cb61cea5babad6748
4c02c45cd6dd8e0418d4e45706174e86be8d15ed2131451292d83826031002d3
GET /c.js HTTP/1.1
Host: hhklc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ouo.press/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 06:26:38 GMT
content-type: application/javascript
last-modified: Fri, 11 Nov 2022 16:10:23 GMT
etag: W/"636e73ef-2218"
server-asp-net: Asp Net
expires: Sat, 26 Nov 2022 06:33:52 GMT
cache-control: public, max-age=14400
cf-cache-status: HIT
age: 2266
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BPHGey0E%2F3K5gUloITlk8AlfOwwRvqtjeO9tcIC%2BJWAe5KFtqZZsHWPWKijHFwAmwbpnzUcOO%2B2sSpBgGiN96oIGayve3Gf3G%2F6I%2FXNzx1hLHz6CO0sXpoCsEwQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77008dbe781ab4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
52.28.211.11200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.211.11:0
File type ASCII text, with no line terminators
Hash b873c9fc47f44bf261e3a133a19a3087
2a541cf877cca9fa60ad7347b6840ba25ec098d1
61f1b1b7a14b89de0cae1b9af8ca5818c148fa6b54702b65d4e4d23a339ef026
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Cookie: uid_id2=d8264e8e-3579-43fe-a977-f2bbe88ebd94:1:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 06:26:39 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://ouo.press
access-control-allow-credentials: true
X-Firefox-Spdy: h2
unseenreport.com/pxf.gif?uuid=d8264e8e-3579-43fe-a977-f2bbe88ebd94&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=ed36014633829dc70a42dccaefdf3f11&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=6
192.243.59.12200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=d8264e8e-3579-43fe-a977-f2bbe88ebd94&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=ed36014633829dc70a42dccaefdf3f11&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=6
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=d8264e8e-3579-43fe-a977-f2bbe88ebd94&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=ed36014633829dc70a42dccaefdf3f11&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=6 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sat, 26 Nov 2022 06:26:40 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f1ca30ed240f010d4e6a053e8516be80
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 70f8773d7c1eccf4306ad3d53cae01e6
1b2756900ae188b5b8c0eadab8527389ec2c9d2f
3bcde7ef68f8d91ea51c79994968ab6a41b5594055d71823cbf13eb16cdad69c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3BCDE7EF68F8D91EA51C79994968AB6A41B5594055D71823CBF13EB16CDAD69C"
Last-Modified: Wed, 23 Nov 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8145
Expires: Sat, 26 Nov 2022 08:42:25 GMT
Date: Sat, 26 Nov 2022 06:26:40 GMT
Connection: keep-alive
lightssyrupdecree.com/sbar.json?key=ed36014633829dc70a42dccaefdf3f11&uuid=d8264e8e-3579-43fe-a977-f2bbe88ebd94%3A1%3A1
192.243.59.13200 OK 4.2 kB URL HTTP/1.1 lightssyrupdecree.com/sbar.json?key=ed36014633829dc70a42dccaefdf3f11&uuid=d8264e8e-3579-43fe-a977-f2bbe88ebd94%3A1%3A1
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , ASCII text, with very long lines (5931), with no line terminators
Hash 29633dc48b7dc1a7fcc48d9a0183086c
52e6841ba5f56f059995da122f14b77db09d7435
c9ffd9cd1eee5b3bfc98b62670c00004581c97281d957e09543db19a0644adcb
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=ed36014633829dc70a42dccaefdf3f11&uuid=d8264e8e-3579-43fe-a977-f2bbe88ebd94%3A1%3A1 HTTP/1.1
Host: lightssyrupdecree.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sat, 26 Nov 2022 06:26:40 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://ouo.press
Access-Control-Allow-Origin: http://ouo.press
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=15424691; expires=Sun, 27 Nov 2022 06:26:40 GMT; secure; SameSite=None
uid_id2=d8264e8e-3579-43fe-a977-f2bbe88ebd94:1:1; expires=Sat, 03 Dec 2022 06:26:40 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 27 Nov 2022 06:26:40 GMT; secure; SameSite=None
uncs=1; expires=Sun, 27 Nov 2022 06:26:40 GMT; secure; SameSite=None
pdhtkv29=true; expires=Sun, 27 Nov 2022 06:26:40 GMT; secure; SameSite=None
uncs29=1; expires=Sun, 27 Nov 2022 06:26:40 GMT; secure; SameSite=None
sleced36014633829dc70a42dccaefdf3f11=[3789941]; expires=Sat, 26 Nov 2022 06:26:45 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3f61a30ebc3dd93cb7f258ab4ea163cc
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
lightssyrupdecree.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSwWskxReu3t%2Fu4acgKF48KIN4UDCT7umezLR7CMY1EoxJ2F0JiAerq6onZaq7mqru6UnwEF1Y1oMwe9Jj55tkw%2BoiBs%2ByMvEiASGjuAQx%2FgEiCMKeZSYDwQdV77363uH7vnq3d4sz4qKgp2vv6G2pFJ1t1t3ay%2Bsy5bq0tZWbNc%2Btu1dr6zKdC67WeuPLdF%2Fz3GbdfaX2lmCberbheq7ruV5tURoR697sBIXMHoRePXTrQaPuNQP0zH97Wziw1AHvnpFnIPnoysaPh5BsiDT55pqwm7nOXn0zKRTNtUGXH7ybbqa6TJFclLFxEKcH02loOyLki0vQ6cFUAXR3b6wAkRwR55GHKD2Y0kTU3T9nGimIFBF%2FEmV3CKGGkHQIpm9B8hMCMI6VVaTJvRVtSrp1jtIxOiKXH%2F8DWY7I5d%2BfRZp8vaBkr3ZDqyKXOrXoxRVkbwjZGSIrjpBvO5DlEVj%2BCST%2Ficw%2BXkaa7K1apSH56Uu83ZgLRFvM%2BM1WOBP4sZihYas1EzeiSLTbIuJhMLFIyiFkPIQSfVDroBgf6aCIHRSZg4Sf1mgzjF23FUex77cDxpjvM9Zsz%2FEm94N27KJgYw195FkfTPXBzA4ys4NN2YcpvofdqGC5A5sTdHmFUhCUlqCkBKUkKHOCslvtc2UbtrrHlS0ib5ob0%2BxXA513dum%2BzjsiJbvZGXl6Ytyf73%2BLTXFaE9yfc71gzvfbjZCzlkuDBmeMipjHfux5sLKCtJcmMrflyVOPkMmT%2F1eI6BGsOgKTL4IWz4OWg1bDBd0YBG0X2%2Bl9Xeh6ZoS14LpCll9BvuXsqjPy3IRA%2BEsBwY7nf23Of%2FTX3Q0wUyEzFT6UPxB01J3BdV2Sveu6tORwNctlIrfp%2BFdv5DQXl798W2yV2vCla7Z%2F%2F3U2Bsblg5vC5ss05TLtWPLVguRcmEVtmCDfLdl1Ea0VdmOhMGmRLa%2B9sbiUTAhKnQ5B5ckHD8HkiDyR3J7s6wu%2FfQpphjBFhaQ4JtOA1Edg2Q5sdjz%2F%2BWerf1zl78FqAqMuZqLMQVlUA9OILh6VJFDioqdRBSsuLIjE8cO%2Fz7Fdewcd44Dmt5AmFbqmQldVoKoPW%2FxvkGfmeP5nfxKIlDOIlHH2ImXU3XNrrTytiWbsxsJtiCgOo7hFXR7GQRjR0BOtqEk95HbEPj6s%2FgUAAP%2F%2FAQAA%2F%2F%2BhAVlKhwQAAA%3D%3D
192.243.59.13200 OK 7 B URL HTTP/1.1 lightssyrupdecree.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSwWskxReu3t%2Fu4acgKF48KIN4UDCT7umezLR7CMY1EoxJ2F0JiAerq6onZaq7mqru6UnwEF1Y1oMwe9Jj55tkw%2BoiBs%2ByMvEiASGjuAQx%2FgEiCMKeZSYDwQdV77363uH7vnq3d4sz4qKgp2vv6G2pFJ1t1t3ay%2Bsy5bq0tZWbNc%2Btu1dr6zKdC67WeuPLdF%2Fz3GbdfaX2lmCberbheq7ruV5tURoR697sBIXMHoRePXTrQaPuNQP0zH97Wziw1AHvnpFnIPnoysaPh5BsiDT55pqwm7nOXn0zKRTNtUGXH7ybbqa6TJFclLFxEKcH02loOyLki0vQ6cFUAXR3b6wAkRwR55GHKD2Y0kTU3T9nGimIFBF%2FEmV3CKGGkHQIpm9B8hMCMI6VVaTJvRVtSrp1jtIxOiKXH%2F8DWY7I5d%2BfRZp8vaBkr3ZDqyKXOrXoxRVkbwjZGSIrjpBvO5DlEVj%2BCST%2Ficw%2BXkaa7K1apSH56Uu83ZgLRFvM%2BM1WOBP4sZihYas1EzeiSLTbIuJhMLFIyiFkPIQSfVDroBgf6aCIHRSZg4Sf1mgzjF23FUex77cDxpjvM9Zsz%2FEm94N27KJgYw195FkfTPXBzA4ys4NN2YcpvofdqGC5A5sTdHmFUhCUlqCkBKUkKHOCslvtc2UbtrrHlS0ib5ob0%2BxXA513dum%2BzjsiJbvZGXl6Ytyf73%2BLTXFaE9yfc71gzvfbjZCzlkuDBmeMipjHfux5sLKCtJcmMrflyVOPkMmT%2F1eI6BGsOgKTL4IWz4OWg1bDBd0YBG0X2%2Bl9Xeh6ZoS14LpCll9BvuXsqjPy3IRA%2BEsBwY7nf23Of%2FTX3Q0wUyEzFT6UPxB01J3BdV2Sveu6tORwNctlIrfp%2BFdv5DQXl798W2yV2vCla7Z%2F%2F3U2Bsblg5vC5ss05TLtWPLVguRcmEVtmCDfLdl1Ea0VdmOhMGmRLa%2B9sbiUTAhKnQ5B5ckHD8HkiDyR3J7s6wu%2FfQpphjBFhaQ4JtOA1Edg2Q5sdjz%2F%2BWerf1zl78FqAqMuZqLMQVlUA9OILh6VJFDioqdRBSsuLIjE8cO%2Fz7Fdewcd44Dmt5AmFbqmQldVoKoPW%2FxvkGfmeP5nfxKIlDOIlHH2ImXU3XNrrTytiWbsxsJtiCgOo7hFXR7GQRjR0BOtqEk95HbEPj6s%2FgUAAP%2F%2FAQAA%2F%2F%2BhAVlKhwQAAA%3D%3D
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSwWskxReu3t%2Fu4acgKF48KIN4UDCT7umezLR7CMY1EoxJ2F0JiAerq6onZaq7mqru6UnwEF1Y1oMwe9Jj55tkw%2BoiBs%2ByMvEiASGjuAQx%2FgEiCMKeZSYDwQdV77363uH7vnq3d4sz4qKgp2vv6G2pFJ1t1t3ay%2Bsy5bq0tZWbNc%2Btu1dr6zKdC67WeuPLdF%2Fz3GbdfaX2lmCberbheq7ruV5tURoR697sBIXMHoRePXTrQaPuNQP0zH97Wziw1AHvnpFnIPnoysaPh5BsiDT55pqwm7nOXn0zKRTNtUGXH7ybbqa6TJFclLFxEKcH02loOyLki0vQ6cFUAXR3b6wAkRwR55GHKD2Y0kTU3T9nGimIFBF%2FEmV3CKGGkHQIpm9B8hMCMI6VVaTJvRVtSrp1jtIxOiKXH%2F8DWY7I5d%2BfRZp8vaBkr3ZDqyKXOrXoxRVkbwjZGSIrjpBvO5DlEVj%2BCST%2Ficw%2BXkaa7K1apSH56Uu83ZgLRFvM%2BM1WOBP4sZihYas1EzeiSLTbIuJhMLFIyiFkPIQSfVDroBgf6aCIHRSZg4Sf1mgzjF23FUex77cDxpjvM9Zsz%2FEm94N27KJgYw195FkfTPXBzA4ys4NN2YcpvofdqGC5A5sTdHmFUhCUlqCkBKUkKHOCslvtc2UbtrrHlS0ib5ob0%2BxXA513dum%2BzjsiJbvZGXl6Ytyf73%2BLTXFaE9yfc71gzvfbjZCzlkuDBmeMipjHfux5sLKCtJcmMrflyVOPkMmT%2F1eI6BGsOgKTL4IWz4OWg1bDBd0YBG0X2%2Bl9Xeh6ZoS14LpCll9BvuXsqjPy3IRA%2BEsBwY7nf23Of%2FTX3Q0wUyEzFT6UPxB01J3BdV2Sveu6tORwNctlIrfp%2BFdv5DQXl798W2yV2vCla7Z%2F%2F3U2Bsblg5vC5ss05TLtWPLVguRcmEVtmCDfLdl1Ea0VdmOhMGmRLa%2B9sbiUTAhKnQ5B5ckHD8HkiDyR3J7s6wu%2FfQpphjBFhaQ4JtOA1Edg2Q5sdjz%2F%2BWerf1zl78FqAqMuZqLMQVlUA9OILh6VJFDioqdRBSsuLIjE8cO%2Fz7Fdewcd44Dmt5AmFbqmQldVoKoPW%2FxvkGfmeP5nfxKIlDOIlHH2ImXU3XNrrTytiWbsxsJtiCgOo7hFXR7GQRjR0BOtqEk95HbEPj6s%2FgUAAP%2F%2FAQAA%2F%2F%2BhAVlKhwQAAA%3D%3D HTTP/1.1
Host: lightssyrupdecree.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ouo.press/
Cookie: u_pl=15424691; uid_id2=d8264e8e-3579-43fe-a977-f2bbe88ebd94:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleced36014633829dc70a42dccaefdf3f11=[3789941]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sat, 26 Nov 2022 06:26:40 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0c8e9f75f319b4b47c96bee0836cb62c
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b6600618d25a3e9acc27391d3f680d2b
4b416cee1249ac910f6fb8225e17390a644e3628
213d66ef9ad1f59458b0a4e68bb1b23c8fd349e0ee3010445000a2de12165127
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "213D66EF9AD1F59458B0A4E68BB1B23C8FD349E0EE3010445000A2DE12165127"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5457
Expires: Sat, 26 Nov 2022 07:57:38 GMT
Date: Sat, 26 Nov 2022 06:26:41 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0eae74238d1c9828cd086271241b5e66
4cdd2c9e819b5c71d1d3e4836063a7a9f89ccf15
4884107002b9840725b58cd3ff13215471bdcd8c2a1029c3eeadd16abe4d91d2
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "4884107002B9840725B58CD3FF13215471BDCD8C2A1029C3EEADD16ABE4D91D2"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7447
Expires: Sat, 26 Nov 2022 08:30:48 GMT
Date: Sat, 26 Nov 2022 06:26:41 GMT
Connection: keep-alive
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
142.250.74.10200 OK 660 B URL HTTP/1.1 fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP 142.250.74.10:0
Hash 55130bf120bd75a4bba7d678be617cdf
77b172c0cc1d15e60ab95edccf3ac1e640d16812
262b9e8c2eeba18bdc3dd53ac7bbacdbbec713a9443ff5dc34e359de56ea040d
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Sat, 26 Nov 2022 06:26:41 GMT
Date: Sat, 26 Nov 2022 06:26:41 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
lightssyrupdecree.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fnotifications%2Fgames%2Fnutaku%2Fmulti%2F4%2Findex.html&l=1598&fd=401
192.243.59.13200 OK 0 B URL HTTP/1.1 lightssyrupdecree.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fnotifications%2Fgames%2Fnutaku%2Fmulti%2F4%2Findex.html&l=1598&fd=401
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fnotifications%2Fgames%2Fnutaku%2Fmulti%2F4%2Findex.html&l=1598&fd=401 HTTP/1.1
Host: lightssyrupdecree.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sat, 26 Nov 2022 06:26:41 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0eae74238d1c9828cd086271241b5e66
4cdd2c9e819b5c71d1d3e4836063a7a9f89ccf15
4884107002b9840725b58cd3ff13215471bdcd8c2a1029c3eeadd16abe4d91d2
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "4884107002B9840725B58CD3FF13215471BDCD8C2A1029C3EEADD16ABE4D91D2"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7447
Expires: Sat, 26 Nov 2022 08:30:48 GMT
Date: Sat, 26 Nov 2022 06:26:41 GMT
Connection: keep-alive
cdn.creative-bars1.com/sb/notifications/games/nutaku/multi/4/js/jquery.min.js
172.64.109.13200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/notifications/games/nutaku/multi/4/js/jquery.min.js
IP 172.64.109.13:0
GET /sb/notifications/games/nutaku/multi/4/js/jquery.min.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 06:26:41 GMT
content-type: application/javascript
last-modified: Fri, 19 Aug 2022 09:15:15 GMT
etag: W/"62ff54a3-149b8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 923732
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oXMxmPUSrfp4S3r1s0oservPPdmexjVT379cKtRTIhqjTTHK0w1EJgJA6dbnIBcJ4GZqws6D45eqtm%2FI3a2Yu3aofP94AMDum6XnKxh7qjMQFes3tuu2kEhJ0vP4R6vnQlJ7tXcJqR32"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77008dd07ed6769d-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cloudflare.hcaptcha.com/1/api.js?endpoint=https%3A%2F%2Fcloudflare.hcaptcha.com&assethost=https%3A%2F%2Fcf-assets.hcaptcha.com&imghost=https%3A%2F%2Fcf-imgs.hcaptcha.com&render=explicit&recaptchacompat=off&onload=_cf_chl_hload
104.18.19.132200 OK 0 B URL HTTP/2 cloudflare.hcaptcha.com/1/api.js?endpoint=https%3A%2F%2Fcloudflare.hcaptcha.com&assethost=https%3A%2F%2Fcf-assets.hcaptcha.com&imghost=https%3A%2F%2Fcf-imgs.hcaptcha.com&render=explicit&recaptchacompat=off&onload=_cf_chl_hload
IP 104.18.19.132:0
GET /1/api.js?endpoint=https%3A%2F%2Fcloudflare.hcaptcha.com&assethost=https%3A%2F%2Fcf-assets.hcaptcha.com&imghost=https%3A%2F%2Fcf-imgs.hcaptcha.com&render=explicit&recaptchacompat=off&onload=_cf_chl_hload HTTP/1.1
Host: cloudflare.hcaptcha.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 06:26:32 GMT
content-type: application/javascript
cf-ray: 77008d9abeadb515-OSL
access-control-allow-origin: *
age: 0
cache-control: max-age=120
etag: W/"4a87133d7cfb9f9797187d43ffdd5417"
last-modified: Fri, 25 Nov 2022 11:46:32 GMT
strict-transport-security: max-age=0
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-id: e-vtjjiTuJNWqympaO3s7V_aWlOK4yXOIyZWB7ZnvSo2w49xVfwmGQ==
x-amz-cf-pop: OSL50-P1
x-cache: Hit from cloudfront
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.barscreative1.com/sb/notifications/games/nutaku/multi/4/index.html
45.133.44.3200 OK 0 B URL HTTP/2 cdn.barscreative1.com/sb/notifications/games/nutaku/multi/4/index.html
IP 45.133.44.3:0
ASN #39572 DataWeb Global Group B.V.
Analyzer Verdict Alert fortinet Phishing
GET /sb/notifications/games/nutaku/multi/4/index.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 06:26:41 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Fri, 19 Aug 2022 09:15:02 GMT
etag: W/"62ff5496-63e"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Sat, 26 Nov 2022 07:26:41 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/games/nutaku/multi/4/css/animate.css
172.64.109.13200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/notifications/games/nutaku/multi/4/css/animate.css
IP 172.64.109.13:0
GET /sb/notifications/games/nutaku/multi/4/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 06:26:41 GMT
content-type: text/css
last-modified: Fri, 19 Aug 2022 09:15:04 GMT
etag: W/"62ff5498-ec8b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 923732
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YjE2wdoaIPVxbs0ywaExj6Mg4RRLvfrenuT23e9fda%2F8U61Udic7mF84RwI%2Bel29%2BNP9IBOsbrx8HI%2F2ebQIp2RrhhzpOWwwAq4S71EdUyvQKJXtskiudcOht3P0lMagZltGdasNH54y"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77008dd00e9b769d-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/games/nutaku/multi/4/images/close.svg
172.64.109.13200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/notifications/games/nutaku/multi/4/images/close.svg
IP 172.64.109.13:0
GET /sb/notifications/games/nutaku/multi/4/images/close.svg HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 06:26:41 GMT
content-type: image/svg+xml
last-modified: Fri, 19 Aug 2022 09:15:06 GMT
etag: W/"62ff549a-4ff"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 923732
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2qM8A8%2B8U06lgLyXaVE%2B5VkS0udhk5t45tEqz%2BfC9efy%2B2zfxcBiJ%2Fa7SzzeWfBKqAq99bx7IJiaZJFJAm%2FKhjAlzUtb1RKJ3%2F%2F3yz%2BT6Nh64M159%2FVEC1Ctr0BSQ0d03%2BrvgBQYeBO3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77008dd05eca769d-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/games/nutaku/multi/4/images/landing/booty-calls/13/bg-removebg-preview.png
172.64.109.13200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/notifications/games/nutaku/multi/4/images/landing/booty-calls/13/bg-removebg-preview.png
IP 172.64.109.13:0
GET /sb/notifications/games/nutaku/multi/4/images/landing/booty-calls/13/bg-removebg-preview.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 06:26:41 GMT
content-type: image/png
content-length: 1445587
last-modified: Fri, 19 Aug 2022 09:15:12 GMT
etag: "62ff54a0-160ed3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 923732
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AST1kFyCfpgteISbcx90onCDYdKhvZlSQlu1eMCqWeoTNJzBJTgOnrRhXDbDXRjsJpppcSQQP93jg9C8Kq5Wl1lICve6c2ArvDRqdiXj8P5e6LZyIPjcwQaB5An3vsIjPCPeApvIPyKK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77008dd06ecb769d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2