ouo.io/HXEu0d
172.67.6.151301 Moved Permanently 0 B IP 172.67.6.151:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /HXEu0d HTTP/1.1
Host: ouo.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 22 Sep 2022 23:26:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 23 Sep 2022 00:26:06 GMT
Location: https://ouo.io/HXEu0d
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74eecdbac9100b45-OSL
firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 22 Sep 2022 23:14:06 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: -sBSUzQEBVtnOXuI_X4BC8jRlXvlSq1PySepgGYbyPrwQlg0qU-L5A==
Age: 720
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a26d0784548ecab22f417f3d689daf23
8893b79366bbadeb5c8d587b8f023e310694df1c
35baaae7b3ce3110ebb2b075881cfab55ecf3eab57d834283fd18ac691b41fa2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35BAAAE7B3CE3110EBB2B075881CFAB55ECF3EAB57D834283FD18AC691B41FA2"
Last-Modified: Tue, 20 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9781
Expires: Fri, 23 Sep 2022 02:09:07 GMT
Date: Thu, 22 Sep 2022 23:26:06 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.35200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.35:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 22 Sep 2022 04:35:15 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: e4ch_kOb2CqlFq8bEt3jS2DDeA3p8edhHyGMYRzDnOoDzSlEr6lkwQ==
age: 67852
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 23:26:06 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Thu, 22 Sep 2022 23:03:22 GMT
Expires: Thu, 22 Sep 2022 23:12:09 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: apowKyIOXuaYYGjZApq7fXGKDuFUhUrqYtelonGPaH10y-BTF7zSWg==
Age: 1365
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 86624f45fb3b7126dbe002f69c94dd86
30bcf274db5037122f989fb25dbf1e72c9ec417b
2cc9600578cf057dc499835773fb495caa60ac154c4945f0fc1f2b31d43f5502
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4099
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 23:26:07 GMT
Last-Modified: Thu, 22 Sep 2022 22:17:49 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
ouo.press/images/world.png
104.22.59.251200 OK 5.7 kB URL HTTP/2 ouo.press/images/world.png
IP 104.22.59.251:0
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 4eea420a8830a6d695114427bf52b556
35579e7f1a656beb3a07a7093166ff37c634bade
70f03c74cc197cf154af36fa552a448d9ffebb55081c96e55ef4cf469123fe22
GET /images/world.png HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/HXEu0d
Cookie: ouoio_session=eyJpdiI6IkIrNm9yeU5PT1VNdkRUdkdzNU5Nc04xM0ZDdmt3azlzNWp3RCtRV2ZoWW89IiwidmFsdWUiOiJ1Y2dKR1ZQRW54TlQ1dktZZjh2NDB0QkRJaWNTTjJaSjZtRTk5bllMQnFlSWZzMHZmVDRcL1RiM2Yrbmxpck4zRmdZTEwwdjFGZUdtSXBDTmVzNTNzRWc9PSIsIm1hYyI6IjY5ODkzNjQyYTczNmJkNjliNWIzMzk5YmNjMjU1NzA4OTY3MzViMTMwZDMxZDMzODc3MjU1NGMxYWJmMzc2ZTAifQ%3D%3D; language=eyJpdiI6IkNYY2JUTlBJWjRjazNBXC9BQTRNSnpjeTRKVXh4d0FtS2Q5bW1OQVFzQ3hZPSIsInZhbHVlIjoid3hqSTA3dEtxSjBIVFQwS3l0dUNISUcrb2pOMFRFNVdSek85Y2JTOTRhTT0iLCJtYWMiOiI4OTQ1ODZjY2I0ZjA5YzgzNGExMWM4ZjE2YjA5OWVkZGE2Y2MxN2RiMzJiMzBiOWE3YzY3NWZkYTdiYjljODJhIn0%3D; 8bda37baf9a6873089ee143985f1e681425300fa=eyJpdiI6IkpvVlZvMmhyTGZ2U2Zza3haMVB3SWFNVWlTNU9VcUlFTXcxNm5CSDA1cnc9IiwidmFsdWUiOiIxb1lmRFFtV2pGNXBYbXpjSUYrV1hUM1pBb2lqclRRWlJJcVpySEsyZ2RoRGJIWVBhR2VFd1UyUDFXUmNDQmlHR2I4TzdlZTdoaWpLaDV5NHZIYnZUUGVXRWJBQnM3eHQ2Z1dTUUxSbUpISngwZzdEYVdRMGhCQ0hMc3RyS09RSEF1OGVNbWVrQ3NDbzFod1lmSnF4U0NBMXhyclUrWHh6bU9QNUcyMW4xRXdiYWl4VEZEbTlhSkxxclwvTGtVcHllNjJBaWVZMWpzazJIcVdaMmtwalZhYm80THM2cDJJRkRDdWFcLzBWU3dxOWpheFE0QW5rZGVXWUE0NlcxZlNFSnl1NTQrbU1mcEM3OWJIWkJrK0ZxdjhudTVTYk1NaUpBOXpzN0JtV01mXC9sXC9pTEN1eFpzUWVcLzk1M3B5d3dFbEFBdXpac1RpYkpEWkZQNDFidDdCc2FONVdVbXNGM2ROUkFCMTZZTTB6YWNWVlJtUHJiNWY4NGtUV25cL3V2ZkxhSFwvIiwibWFjIjoiYWEzNWE1NTg1YWJlOWVhYTQwYWYxNGM2NTM5ZDMxZmFlYjFjY2Q1ZDlkZWJjY2QzZjRmMDZlZThmMTBlM2FiNCJ9; __cf_bm=egKrPu.Vl_MX6GXLJLDmkpHL3lmtIHOiPOp02CkIXAQ-1663889167-0-ASMmveyrFcp5TOiBh8EG//sRs6CtdlSCmI8yVpZNDf1tcYzk6zB6f2J0pMIjFlS53UOFCGq08UeW04MPSYhFp7U=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 23:26:07 GMT
content-type: image/png
content-length: 5692
cache-control: max-age=2592000
cf-bgj: imgq:85,h2pri
cf-polished: status=not_needed
etag: "5549a07c-163c"
expires: Tue, 04 Oct 2022 22:31:44 GMT
last-modified: Wed, 06 May 2015 05:02:52 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 1558463
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74eecdc1fb450af6-OSL
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.41.98.34101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.41.98.34:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: /omeVB3QeM2/Tm2sDYuyqA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: DZloCjQGaJuzTva403SwDZJ3oTM=
ouo.press/css/bootstrap.css
104.22.59.251200 OK 19 kB URL HTTP/2 ouo.press/css/bootstrap.css
IP 104.22.59.251:0
File type ASCII text, with very long lines (65452)
Hash 3278bddec49e36ebc67bdc57d14df1d7
96647a00cea013966bcf21b5e35fe192aff7189c
1d8f1d26e3f6564fba386370f647cfc48f96f8e6d85c6cb0c4c8a70545ddbf24
GET /css/bootstrap.css HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/HXEu0d
Cookie: ouoio_session=eyJpdiI6IkIrNm9yeU5PT1VNdkRUdkdzNU5Nc04xM0ZDdmt3azlzNWp3RCtRV2ZoWW89IiwidmFsdWUiOiJ1Y2dKR1ZQRW54TlQ1dktZZjh2NDB0QkRJaWNTTjJaSjZtRTk5bllMQnFlSWZzMHZmVDRcL1RiM2Yrbmxpck4zRmdZTEwwdjFGZUdtSXBDTmVzNTNzRWc9PSIsIm1hYyI6IjY5ODkzNjQyYTczNmJkNjliNWIzMzk5YmNjMjU1NzA4OTY3MzViMTMwZDMxZDMzODc3MjU1NGMxYWJmMzc2ZTAifQ%3D%3D; language=eyJpdiI6IkNYY2JUTlBJWjRjazNBXC9BQTRNSnpjeTRKVXh4d0FtS2Q5bW1OQVFzQ3hZPSIsInZhbHVlIjoid3hqSTA3dEtxSjBIVFQwS3l0dUNISUcrb2pOMFRFNVdSek85Y2JTOTRhTT0iLCJtYWMiOiI4OTQ1ODZjY2I0ZjA5YzgzNGExMWM4ZjE2YjA5OWVkZGE2Y2MxN2RiMzJiMzBiOWE3YzY3NWZkYTdiYjljODJhIn0%3D; 8bda37baf9a6873089ee143985f1e681425300fa=eyJpdiI6IkpvVlZvMmhyTGZ2U2Zza3haMVB3SWFNVWlTNU9VcUlFTXcxNm5CSDA1cnc9IiwidmFsdWUiOiIxb1lmRFFtV2pGNXBYbXpjSUYrV1hUM1pBb2lqclRRWlJJcVpySEsyZ2RoRGJIWVBhR2VFd1UyUDFXUmNDQmlHR2I4TzdlZTdoaWpLaDV5NHZIYnZUUGVXRWJBQnM3eHQ2Z1dTUUxSbUpISngwZzdEYVdRMGhCQ0hMc3RyS09RSEF1OGVNbWVrQ3NDbzFod1lmSnF4U0NBMXhyclUrWHh6bU9QNUcyMW4xRXdiYWl4VEZEbTlhSkxxclwvTGtVcHllNjJBaWVZMWpzazJIcVdaMmtwalZhYm80THM2cDJJRkRDdWFcLzBWU3dxOWpheFE0QW5rZGVXWUE0NlcxZlNFSnl1NTQrbU1mcEM3OWJIWkJrK0ZxdjhudTVTYk1NaUpBOXpzN0JtV01mXC9sXC9pTEN1eFpzUWVcLzk1M3B5d3dFbEFBdXpac1RpYkpEWkZQNDFidDdCc2FONVdVbXNGM2ROUkFCMTZZTTB6YWNWVlJtUHJiNWY4NGtUV25cL3V2ZkxhSFwvIiwibWFjIjoiYWEzNWE1NTg1YWJlOWVhYTQwYWYxNGM2NTM5ZDMxZmFlYjFjY2Q1ZDlkZWJjY2QzZjRmMDZlZThmMTBlM2FiNCJ9; __cf_bm=egKrPu.Vl_MX6GXLJLDmkpHL3lmtIHOiPOp02CkIXAQ-1663889167-0-ASMmveyrFcp5TOiBh8EG//sRs6CtdlSCmI8yVpZNDf1tcYzk6zB6f2J0pMIjFlS53UOFCGq08UeW04MPSYhFp7U=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 23:26:07 GMT
content-type: text/css
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=109522
etag: W/"54def1fc-1abd2"
expires: Fri, 23 Sep 2022 08:50:17 GMT
last-modified: Sat, 14 Feb 2015 06:58:04 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 9350
vary: Accept-Encoding
server: cloudflare
cf-ray: 74eecdc1eb420af6-OSL
content-encoding: br
X-Firefox-Spdy: h2
ouo.press/css/link-safe.css
104.22.59.251200 OK 2.2 kB URL HTTP/2 ouo.press/css/link-safe.css
IP 104.22.59.251:0
Hash 234637fd3fc12ae7f36562e948408b12
b2a27ba464c60673c2262d4b04322efef2b8fd3f
bc193cd5bb6c796301293a042386944ae4ec363b050a576d173a1ea14e96794a
GET /css/link-safe.css HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/HXEu0d
Cookie: ouoio_session=eyJpdiI6IkIrNm9yeU5PT1VNdkRUdkdzNU5Nc04xM0ZDdmt3azlzNWp3RCtRV2ZoWW89IiwidmFsdWUiOiJ1Y2dKR1ZQRW54TlQ1dktZZjh2NDB0QkRJaWNTTjJaSjZtRTk5bllMQnFlSWZzMHZmVDRcL1RiM2Yrbmxpck4zRmdZTEwwdjFGZUdtSXBDTmVzNTNzRWc9PSIsIm1hYyI6IjY5ODkzNjQyYTczNmJkNjliNWIzMzk5YmNjMjU1NzA4OTY3MzViMTMwZDMxZDMzODc3MjU1NGMxYWJmMzc2ZTAifQ%3D%3D; language=eyJpdiI6IkNYY2JUTlBJWjRjazNBXC9BQTRNSnpjeTRKVXh4d0FtS2Q5bW1OQVFzQ3hZPSIsInZhbHVlIjoid3hqSTA3dEtxSjBIVFQwS3l0dUNISUcrb2pOMFRFNVdSek85Y2JTOTRhTT0iLCJtYWMiOiI4OTQ1ODZjY2I0ZjA5YzgzNGExMWM4ZjE2YjA5OWVkZGE2Y2MxN2RiMzJiMzBiOWE3YzY3NWZkYTdiYjljODJhIn0%3D; 8bda37baf9a6873089ee143985f1e681425300fa=eyJpdiI6IkpvVlZvMmhyTGZ2U2Zza3haMVB3SWFNVWlTNU9VcUlFTXcxNm5CSDA1cnc9IiwidmFsdWUiOiIxb1lmRFFtV2pGNXBYbXpjSUYrV1hUM1pBb2lqclRRWlJJcVpySEsyZ2RoRGJIWVBhR2VFd1UyUDFXUmNDQmlHR2I4TzdlZTdoaWpLaDV5NHZIYnZUUGVXRWJBQnM3eHQ2Z1dTUUxSbUpISngwZzdEYVdRMGhCQ0hMc3RyS09RSEF1OGVNbWVrQ3NDbzFod1lmSnF4U0NBMXhyclUrWHh6bU9QNUcyMW4xRXdiYWl4VEZEbTlhSkxxclwvTGtVcHllNjJBaWVZMWpzazJIcVdaMmtwalZhYm80THM2cDJJRkRDdWFcLzBWU3dxOWpheFE0QW5rZGVXWUE0NlcxZlNFSnl1NTQrbU1mcEM3OWJIWkJrK0ZxdjhudTVTYk1NaUpBOXpzN0JtV01mXC9sXC9pTEN1eFpzUWVcLzk1M3B5d3dFbEFBdXpac1RpYkpEWkZQNDFidDdCc2FONVdVbXNGM2ROUkFCMTZZTTB6YWNWVlJtUHJiNWY4NGtUV25cL3V2ZkxhSFwvIiwibWFjIjoiYWEzNWE1NTg1YWJlOWVhYTQwYWYxNGM2NTM5ZDMxZmFlYjFjY2Q1ZDlkZWJjY2QzZjRmMDZlZThmMTBlM2FiNCJ9; __cf_bm=egKrPu.Vl_MX6GXLJLDmkpHL3lmtIHOiPOp02CkIXAQ-1663889167-0-ASMmveyrFcp5TOiBh8EG//sRs6CtdlSCmI8yVpZNDf1tcYzk6zB6f2J0pMIjFlS53UOFCGq08UeW04MPSYhFp7U=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 23:26:07 GMT
content-type: text/css
cache-control: max-age=86400
cf-bgj: minify
cf-polished: status=cannot_optimize
etag: W/"5d951ace-1830"
expires: Fri, 23 Sep 2022 00:48:12 GMT
last-modified: Wed, 02 Oct 2019 21:46:54 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 38275
vary: Accept-Encoding
server: cloudflare
cf-ray: 74eecdc1eb430af6-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 9ca0f6ae496b3092786fe4ea63ffebb9
6389820fd89048d91cf3ffe839d6e35f9e9e283e
4322b7c1d65ae4cb108231b66ab233f1d6f5842a4da4cf440322f0367f7ce1d9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2507
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 23:26:07 GMT
Last-Modified: Thu, 22 Sep 2022 22:44:21 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 75a6c13f18620214e5e013385d752044
174c34759a1e50884846a2505f0be16c285d75cc
fe6fcbbe324ceefc1e833208faedaeae6934b34f868690e5ad4676b02c0b3bf0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 23:26:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?render=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x
142.250.74.164200 OK 585 B URL HTTP/2 www.google.com/recaptcha/api.js?render=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x
IP 142.250.74.164:0
File type ASCII text, with very long lines (884), with no line terminators
Hash ffc0e5974b36df4fbf86044645f56feb
582d8833edc2dab0f78d8f3a368dd36479481348
51fe629ea38f998cc3139171392cbae2a1348d03c75074cd60ae1fc03be69997
GET /recaptcha/api.js?render=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Thu, 22 Sep 2022 23:26:07 GMT
date: Thu, 22 Sep 2022 23:26:07 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 585
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
hhklc.com/c.js
172.67.223.102200 OK 2.7 kB IP 172.67.223.102:0
File type ASCII text, with very long lines (8328), with no line terminators
Hash b5ec5dd597a313c42fcdef67ab885c00
9da4aa362fbd65d5432610e6d75bedfe0a3964b3
d59979d89f15c6cfbcfe46f1d106fbc4e648f5e6975f8bb15eec799277ca4a80
GET /c.js HTTP/1.1
Host: hhklc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 23:26:07 GMT
content-type: application/javascript
last-modified: Mon, 19 Sep 2022 19:48:44 GMT
etag: W/"6328c79c-2088"
server-asp-net: Asp Net
expires: Fri, 23 Sep 2022 00:05:29 GMT
cache-control: public, max-age=14400
cf-cache-status: HIT
age: 338
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fTYnWVYphVjhkASqxzRTIWEFeB8FD3vrEPGLU0Y8LTueBEAu1N89bwBU%2FNMmNlZAcaii2lbHCntI68h%2BYV9u1V84YhXbxbTG6PwgplCFTfAmJt7h2YTqvHGL8RA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74eecdc239deb4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Questrial
142.250.74.10200 OK 859 B URL HTTP/2 fonts.googleapis.com/css?family=Questrial
IP 142.250.74.10:0
Hash 3f6fddbd75902eb4b1134bc0e92bb635
1197d8cbf6b50254d82cc385d8250aa4acfafbf8
1f419c2bdbe1075ee85180842473fd5cedf4ccd4cb024217e56e592039a6bdbe
GET /css?family=Questrial HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 22 Sep 2022 23:26:07 GMT
date: Thu, 22 Sep 2022 23:26:07 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f4589cef50f0426b60bf56a1fadb93a5
7db92337dc8c6161e31f89f49db18c4cd22b871f
db8b6e5f5a4e43b9e8e835e9434f0f94ead7965c04dc4641dad639ac778d8215
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 23:26:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ouo.io/HXEu0d
172.67.6.151302 Found 3.9 kB IP 172.67.6.151:0
Hash a1c875161d603975bc6079a892b50ffd
eca5a2097be4b234bc3f33487b3f536a74ce1aec
7d88960d8996470c02a4aaeee79ae3e1465efbc24785e926e5d148a50922d165
GET /HXEu0d HTTP/1.1
Host: ouo.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Thu, 22 Sep 2022 23:26:07 GMT
content-type: text/html; charset=UTF-8
location: https://ouo.press/HXEu0d
cache-control: no-cache
set-cookie: ouoio_session=eyJpdiI6Im9NVkNFYWxJY0FrU01WNlVTK2NLNjVIYkRUdGRzMkt0TmJNNmVjOHFzb1k9IiwidmFsdWUiOiIrNHRvZ0FNaVR0WTVocmVSM0JrUnQ0ZVp3ZVErQitWMjBTMHdEVmVSTnFvdGc2QjhpeVNZZFZjSFRaOHNJMURnNE8zSVl6RDlYU2xlWlM3RHhhdUhSdz09IiwibWFjIjoiOTVkMDViYjVmNjgwNWQ0OTFjOGUwOTkwZTllMGJkZTM1N2NiNzdiZDExNTZhYjA0OTc5YmM5MTkzNmY3ZGY5OSJ9; path=/; httponly
language=eyJpdiI6InlNMXZBdE9uZXZ5OHpON0kwb1BjaGg0dFp3UmtBYjVTaTlkdFFMdXdXNG89IiwidmFsdWUiOiJGM2tPTnpXOXAyUFhRQ3lSTkRkNzRnNVFGMk5BTjZnS0JGbmFrUXV6UmNJPSIsIm1hYyI6Ijg2YTkyMGYzZjU5NDM4NzBiZmIyMzFhYTJlZTIzMmYzZTYyMjhiNTZmYWYwZmM5YmYyNzQ2ZWFjNjE0ODEwMDgifQ%3D%3D; expires=Tue, 21-Sep-2027 23:26:07 GMT; Max-Age=157680000; path=/; httponly
9819110543a931ef118d1337e3a5511c0e9da398=eyJpdiI6InkzekJhWklHTlVEWisrVGpxSWNuTDNrckZrblNZQzk0bml0bW0zdXhZSG89IiwidmFsdWUiOiJ5NzVPemw3NXowNjdKS1FEaWFpQ0JrNHVDNzk5dkRrTExsRlBRUXZyTk1qNW8zS2F3SlhQTGwySnV6QklYa0ptMlY4WUxmXC9XajJpb0MraTdCVE9FNWNKWGl6Yll5T0JYTUZkM1FqY3psekd6NjBGRitnalRsdVVUaWJ1UVwveUp5OVdZc2ZXQ2NRM2tGc29JM0hHK21qVlpEc0ZUbzVSU0pZZ2Vnd0VOVk9PNXcyT3NxT1dPU1ZWcjlvd1hqS0pGazR4NG5aVTI1XC9BdGZjVGh5NHZIZXZjMGY5Y21LeVFZMkI0c21YZ0VQbjV6TGZDRUxyczhZMEdQVEwrQkZkelNmOEQ2U1BSa3hmZ0R0aVM0SFRpRTJTMDg2Skh1QzNXd21tSHhkUldaQXJZMStRaUtiOWxSM21XVjNXdFRYZDVxQzlwSGNZRmJxMHNiNTZ0UzJVNW5XcWc9PSIsIm1hYyI6IjlkZmY2MGYxY2JiZmVjZTVkZmYzZDE2MGY1YmU0NDJjZGEyM2E5ZDAxNjJjMmIxZDNhYjcwOGUxNmYxZDU4NjEifQ%3D%3D; expires=Fri, 23-Sep-2022 01:26:07 GMT; Max-Age=7200; path=/; httponly
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74eecdbc399e1bfa-OSL
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 7a2d69c1e723d879dfc0126af865a927
ce9e04917a4525b562b81b42e58cec55700ddabd
c9c108102fa20ed777708e3493f65d45d63b246e0bec6daab7dae922bbbb4ef9
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 23:26:07 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 19 Sep 2022 20:45:59 GMT
Expires: Mon, 26 Sep 2022 20:45:58 GMT
Etag: "ce9e04917a4525b562b81b42e58cec55700ddabd"
Cache-Control: max-age=335390,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74eecdc2cb3a0b69-OSL
cdn.runative-syndicate.com/sdk/v1/n.js
8.247.218.249200 OK 5.2 kB URL HTTP/2 cdn.runative-syndicate.com/sdk/v1/n.js
IP 8.247.218.249:0
File type ASCII text, with very long lines (591)
Hash e6b953ae4edfbe129269f196fe87eee9
eb99511c1d23000bc72b2c640bbcd5792eb431f2
eb6d42f0cdeddc023b69947db248be42bc66aa2da8c59178b7f22b528c4dd60f
GET /sdk/v1/n.js HTTP/1.1
Host: cdn.runative-syndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 23:26:07 GMT
content-type: application/javascript
content-length: 5220
last-modified: Wed, 23 Mar 2022 15:25:35 GMT
server: nginx
x-robots-tag: noindex, nofollow
content-encoding: gzip
vary: Accept-Encoding
etag: W/"623b3bef-3202"
age: 3594409
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash da0c49e71cb94c29072ef6fd36efa52e
bd58fc1dcf3061065e87493d7dfe46fb232b8851
a0fc507f1e014a458ca44dd7bea70b5d2d36b11da2ae73398cad416a9465657a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A0FC507F1E014A458CA44DD7BEA70B5D2D36B11DA2AE73398CAD416A9465657A"
Last-Modified: Wed, 21 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16186
Expires: Fri, 23 Sep 2022 03:55:53 GMT
Date: Thu, 22 Sep 2022 23:26:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 748f3b28db935832207086a2e4890b61
c402ad55fb49efa636b89e8b272f50123b4e673c
e666e5f16efab20876f06451b40fa8f1e596218dbb174f1b09289b0a8ade06ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E666E5F16EFAB20876F06451B40FA8F1E596218DBB174F1B09289B0A8ADE06BA"
Last-Modified: Tue, 20 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13650
Expires: Fri, 23 Sep 2022 03:13:38 GMT
Date: Thu, 22 Sep 2022 23:26:08 GMT
Connection: keep-alive
prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D26%26uid%3D
147.75.85.234302 Found 0 B URL HTTP/2 prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D26%26uid%3D
IP 147.75.85.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D26%26uid%3D HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: max-age=0, private, must-revalidate
content-length: 0
date: Thu, 22 Sep 2022 23:26:07 GMT
location: https://sync.viavideo.digital/tools/sync?dsp=26&uid=c4df5647-f214-4180-8c9c-06a5b3478406&gdpr=0&gdpr_consent=&us_privacy=
server: envoy
x-envoy-upstream-service-time: 0
X-Firefox-Spdy: h2
hhkld.com/logs/req/site?sid=105641&uid=&event=playerLoaded&v=206231&cb=1663889167364
141.94.202.176200 OK 43 B URL HTTP/2 hhkld.com/logs/req/site?sid=105641&uid=&event=playerLoaded&v=206231&cb=1663889167364
IP 141.94.202.176:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /logs/req/site?sid=105641&uid=&event=playerLoaded&v=206231&cb=1663889167364 HTTP/1.1
Host: hhkld.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 23:26:07 GMT
content-type: image/gif
content-length: 43
last-modified: Tue, 28 Jun 2022 15:48:44 GMT
etag: "62bb22dc-2b"
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsalphasha2g2
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.21.226:0
Hash 0f0e2e38f5cb144e28530ca93f942684
d3b12d4310784688b53ec49c8be22c476db46584
3da53edb1509152c0751a8c861de51bf931d83b56a4961317b2bc0abf06612b0
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 23:26:08 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Mon, 26 Sep 2022 21:42:19 GMT
ETag: "d3b12d4310784688b53ec49c8be22c476db46584"
Last-Modified: Thu, 22 Sep 2022 21:42:20 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2516
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74eecdc4ac5cb4ee-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0dd3f73a36152547cf6f8efd3e4e9ed1
da39b3477c1f511b8f74ad5ea6a3cffee4476800
bad6354f9453d9ef22a85ec0671d30fd6e2afdd5c7575069aea14ff2683d6b96
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BAD6354F9453D9EF22A85EC0671D30FD6E2AFDD5C7575069AEA14FF2683D6B96"
Last-Modified: Wed, 21 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7682
Expires: Fri, 23 Sep 2022 01:34:10 GMT
Date: Thu, 22 Sep 2022 23:26:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f34eac09abbd5929461fc4a4e9f99896
9e1ac1b9221dd23bb8c6f3ed1470b1ee99ba554c
6cb14216d2419b84ad222c3d88b3876a15c80d2192b5db03776332da2037ce25
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6CB14216D2419B84AD222C3D88B3876A15C80D2192B5DB03776332DA2037CE25"
Last-Modified: Tue, 20 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6244
Expires: Fri, 23 Sep 2022 01:10:12 GMT
Date: Thu, 22 Sep 2022 23:26:08 GMT
Connection: keep-alive
sync.viavideo.digital/tools/sync?dsp=26&uid=c4df5647-f214-4180-8c9c-06a5b3478406&gdpr=0&gdpr_consent=&us_privacy=
141.94.202.176301 Moved Permanently 0 B URL HTTP/2 sync.viavideo.digital/tools/sync?dsp=26&uid=c4df5647-f214-4180-8c9c-06a5b3478406&gdpr=0&gdpr_consent=&us_privacy=
IP 141.94.202.176:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tools/sync?dsp=26&uid=c4df5647-f214-4180-8c9c-06a5b3478406&gdpr=0&gdpr_consent=&us_privacy= HTTP/1.1
Host: sync.viavideo.digital
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ouo.press/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Thu, 22 Sep 2022 23:26:08 GMT
content-length: 0
location: https://sync.hhkld.com/tools/sync?dsp=26&uid=c4df5647-f214-4180-8c9c-06a5b3478406&gdpr=0&gdpr_consent=&us_privacy=&viads_uid=ccmeu472tal37loi4gj0Xx
set-cookie: uid=ccmeu472tal37loi4gj0Xx; expires=Fri, 22 Sep 2023 23:26:08 GMT; domain=.viavideo.digital; path=/
X-Firefox-Spdy: h2
sync.dmp.otm-r.com/match/vibe
148.251.9.22204 No Content 0 B URL HTTP/2 sync.dmp.otm-r.com/match/vibe
IP 148.251.9.22:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/vibe HTTP/1.1
Host: sync.dmp.otm-r.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx/1.17.2
date: Thu, 22 Sep 2022 23:26:08 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
sync.hhkld.com/tools/sync?dsp=26&uid=c4df5647-f214-4180-8c9c-06a5b3478406&gdpr=0&gdpr_consent=&us_privacy=&viads_uid=ccmeu472tal37loi4gj0Xx
141.94.202.176301 Moved Permanently 0 B URL HTTP/2 sync.hhkld.com/tools/sync?dsp=26&uid=c4df5647-f214-4180-8c9c-06a5b3478406&gdpr=0&gdpr_consent=&us_privacy=&viads_uid=ccmeu472tal37loi4gj0Xx
IP 141.94.202.176:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tools/sync?dsp=26&uid=c4df5647-f214-4180-8c9c-06a5b3478406&gdpr=0&gdpr_consent=&us_privacy=&viads_uid=ccmeu472tal37loi4gj0Xx HTTP/1.1
Host: sync.hhkld.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ouo.press/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
server: nginx
date: Thu, 22 Sep 2022 23:26:08 GMT
content-length: 0
location: https://sync.vicodes.com/tools/sync?dsp=26&uid=c4df5647-f214-4180-8c9c-06a5b3478406&gdpr=0&gdpr_consent=&us_privacy=&viads_uid=ccmeu472tal37loi4gj0Xx
set-cookie: uid=ccmeu472tal37loi4gj0Xx; expires=Fri, 22 Sep 2023 23:26:08 GMT; domain=.hhkld.com; path=/
X-Firefox-Spdy: h2
hhkld.com/rucdn/js/player/hls2.js
141.94.202.176200 OK 115 kB URL HTTP/2 hhkld.com/rucdn/js/player/hls2.js
IP 141.94.202.176:0
Size 115 kB (115356 bytes)
Hash ead42535547659ea0a2e6aca72d9a25d
3132b78993b7cc9fb5ac0568336afafd57ee6358
ccfee2120403fb70b63e8841006b2645ad3c651b7eb93c998fe031f49fff3f8d
GET /rucdn/js/player/hls2.js HTTP/1.1
Host: hhkld.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 23:26:08 GMT
content-type: application/javascript
last-modified: Wed, 22 Jun 2022 03:32:17 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public, no-transform
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 753869adeecf1cdd8d194d3b29a6515d
3da9a25fcde3e45addd310b852720d62647ac9a7
7db0796874bb334a1429951ca8e031e21b98ad706e2153fcd153d596ef935c1e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7DB0796874BB334A1429951CA8E031E21B98AD706E2153FCD153D596EF935C1E"
Last-Modified: Wed, 21 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18319
Expires: Fri, 23 Sep 2022 04:31:27 GMT
Date: Thu, 22 Sep 2022 23:26:08 GMT
Connection: keep-alive
sync.vicodes.com/tools/sync?dsp=26&uid=c4df5647-f214-4180-8c9c-06a5b3478406&gdpr=0&gdpr_consent=&us_privacy=&viads_uid=ccmeu472tal37loi4gj0Xx
141.94.202.176200 OK 43 B URL HTTP/2 sync.vicodes.com/tools/sync?dsp=26&uid=c4df5647-f214-4180-8c9c-06a5b3478406&gdpr=0&gdpr_consent=&us_privacy=&viads_uid=ccmeu472tal37loi4gj0Xx
IP 141.94.202.176:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /tools/sync?dsp=26&uid=c4df5647-f214-4180-8c9c-06a5b3478406&gdpr=0&gdpr_consent=&us_privacy=&viads_uid=ccmeu472tal37loi4gj0Xx HTTP/1.1
Host: sync.vicodes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ouo.press/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 23:26:08 GMT
content-type: image/gif
content-length: 43
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Accept
access-control-allow-methods: GET, POST
access-control-allow-origin: *
last-modified: Thu, 22 Sep 2022 23:26:08 GMT
expires: Wed, 11 Nov 1998 11:11:11 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
set-cookie: uid=ccmeu472tal37loi4gj0Xx; expires=Fri, 22 Sep 2023 23:26:08 GMT; domain=.vicodes.com; path=/
X-Firefox-Spdy: h2
hhkld.com/ru/tag/msync.js?sid=105641&gdpr=0&consent=
141.94.202.176200 OK 586 B URL HTTP/2 hhkld.com/ru/tag/msync.js?sid=105641&gdpr=0&consent=
IP 141.94.202.176:0
Hash 2f6dfc517a2219e00f8129a15e1a013a
551d3feddbe1a5cda3120769f34f1e71960b0df7
19f1874e016578ed654392c7e20b7f73cb604cdbb9001ec2f06d012bca0e8133
GET /ru/tag/msync.js?sid=105641&gdpr=0&consent= HTTP/1.1
Host: hhkld.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 23:26:08 GMT
content-type: application/javascript
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
set-cookie: uid=jV7KsGMs7xBw9wR4cbPEAg==; expires=Fri, 22-Sep-23 23:26:08 GMT; domain=.hhkld.com; path=/
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
content-encoding: gzip
X-Firefox-Spdy: h2
itineraryupper.com/ed/36/01/ed36014633829dc70a42dccaefdf3f11.js
192.243.59.12200 OK 13 kB URL HTTP/1.1 itineraryupper.com/ed/36/01/ed36014633829dc70a42dccaefdf3f11.js
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (37146), with no line terminators
Hash 548433ce4fd95194e6d5fb849484a8d1
1cbfd4adb14a59650f5fe8e07f78df869c7f8ed8
1d9fdff3657ce1d242ed0e83cd622949d0e09f88550d5a8a1ac5c7c5acd4f4a9
Analyzer Verdict Alert fortinet Malware
GET /ed/36/01/ed36014633829dc70a42dccaefdf3f11.js HTTP/1.1
Host: itineraryupper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 22 Sep 2022 23:26:08 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ee49311aa4c37968479091f764a6b1bb
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 06e14e06762a246fd6267980ba382eac
74f5e418f78ea21e73cd8ca1e8db4e7c0dec6f34
76c6bcee87ca4bf1da0f0121e8434a92972e53ce6a238667b8b70b1cd5f5b121
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1027
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 23:26:08 GMT
Last-Modified: Thu, 22 Sep 2022 23:09:01 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash edd6c63988b69a64a51433c3fd91b0ba
a0a41a5403a2c397d70cfa267c1d6407250df043
c9b1efff4ebf41ad54d3137ee7a93b688c66765df99e387ae730b39abe2f115f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 23:26:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2
142.250.74.163200 OK 19 kB URL HTTP/2 fonts.gstatic.com/s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 19292, version 1.0\012- data
Hash 19007b17e56daa60133bce9e9b352a95
bac1384caeae5762e7a1d8c18037f69c8cd21bc4
fd88a03358ba14440b78c6329717bdf6ed1a9fe97c3ad4e0a0a39d31fb1ac546
GET /s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ouo.press
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19292
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 19 Sep 2022 20:03:15 GMT
expires: Tue, 19 Sep 2023 20:03:15 GMT
cache-control: public, max-age=31536000
age: 271373
last-modified: Wed, 27 Apr 2022 16:12:54 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
viavideo.digital/vi/19_ENG0.ts
141.94.202.176200 OK 515 kB URL HTTP/2 viavideo.digital/vi/19_ENG0.ts
IP 141.94.202.176:0
Size 515 kB (515308 bytes)
Hash c5a2a11a945751cdc42d2f10b12d9a92
ccf7adaff9640202056b64dc54a66daac236c48e
6787c997fd3be922e3a09fea77ecd244b9f9f381a953cc4bb3ea738045906eff
GET /vi/19_ENG0.ts HTTP/1.1
Host: viavideo.digital
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 23:26:08 GMT
content-type: video/mp2t
content-length: 515308
last-modified: Sun, 26 Jun 2022 07:47:49 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public, no-transform
access-control-allow-origin: https://ouo.press
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash edd6c63988b69a64a51433c3fd91b0ba
a0a41a5403a2c397d70cfa267c1d6407250df043
c9b1efff4ebf41ad54d3137ee7a93b688c66765df99e387ae730b39abe2f115f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 23:26:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 389994a7455c8c61e967ada2ec63a895
cc36df56270f6896aeafa490b1078679c818ee0b
39f2483a1b6bc748449a6c432e657e51e0a1af2704bc35490955f0c9d110eb8a
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 22 Sep 2022 23:26:08 GMT
Last-Modified: Thu, 22 Sep 2022 22:04:29 GMT
Server: ECS (bsa/EB1B)
X-Cache: Miss from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: vv-3-cthSJ1eIWa_rUnd_CVpxi7ziopN1n2h-BVEmnAF5L-quQXn6Q==
Age: 4899
simplewebanalysis.com/stats
3.64.106.196200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 3.64.106.196:0
File type ASCII text, with no line terminators
Hash 809e5b5761f740bb9b87581b55eb7704
1b78c8e82fce7590784cf779a1a98e904ba76336
cc5e92eb98244a49860054fa0844804fff49583c2078e33e648737de46b24030
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 23:26:08 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
set-cookie: uid_id2=8aaefb20-7837-4dc0-b5d1-9c54f66b27b0:3:1; expires=Sun, 19 Sep 2032 23:26:08 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 06e14e06762a246fd6267980ba382eac
74f5e418f78ea21e73cd8ca1e8db4e7c0dec6f34
76c6bcee87ca4bf1da0f0121e8434a92972e53ce6a238667b8b70b1cd5f5b121
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1027
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 23:26:08 GMT
Last-Modified: Thu, 22 Sep 2022 23:09:01 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 280
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15196
Expires: Fri, 23 Sep 2022 03:39:24 GMT
Date: Thu, 22 Sep 2022 23:26:08 GMT
Connection: keep-alive
ecdn.firstimpression.io/static/js/fiamp.js
54.230.111.77200 OK 37 kB URL HTTP/2 ecdn.firstimpression.io/static/js/fiamp.js
IP 54.230.111.77:0
Hash c91f7566c7268ba57db071cb64aabb04
4549313f623fd7fa4e6ecab174471f0fd22753ac
a6c29f65e29bc8ec7f762bfb2b5ba11f2f2a10adb80f0665ab253c6bf030e968
GET /static/js/fiamp.js HTTP/1.1
Host: ecdn.firstimpression.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
server: nginx/1.20.0
last-modified: Fri, 08 Apr 2022 08:48:22 GMT
access-control-allow-origin: *
content-encoding: gzip
date: Thu, 22 Sep 2022 22:38:56 GMT
expires: Thu, 22 Sep 2022 23:38:53 GMT
cache-control: max-age=3600
etag: W/"624ff6d6-1b8e9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Gn2ECD54K-xiC54y-QOaZRFuVkBZ2glFHXNNdzsgfP5oOvYDMpS_ng==
age: 2835
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15196
Expires: Fri, 23 Sep 2022 03:39:24 GMT
Date: Thu, 22 Sep 2022 23:26:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15196
Expires: Fri, 23 Sep 2022 03:39:24 GMT
Date: Thu, 22 Sep 2022 23:26:08 GMT
Connection: keep-alive
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
151.101.85.229200 OK 8.9 kB URL HTTP/2 cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
IP 151.101.85.229:0
File type ASCII text, with very long lines (26606)
Hash 77019dfea792351eb58beb264f808970
106d35ea53f5a6e4024ba9bfafe6b0bd0551771f
ca2b0e50ed967336aea35965d7a99b4986429c5c5984f8de96d92b2c573b7bef
GET /npm/prebid-universal-creative@latest/dist/creative.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.13.0
x-jsd-version-type: version
etag: W/"682b-2ihEYwqesMldd0dS8BiHEV2ELiA"
content-encoding: gzip
accept-ranges: bytes
date: Thu, 22 Sep 2022 23:26:08 GMT
age: 8158
x-served-by: cache-fra19130-FRA, cache-bma1643-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 8874
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9444e811-e2d5-4901-a86d-9e9269a6f846.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9444e811-e2d5-4901-a86d-9e9269a6f846.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3b6b51846ec2b7d856b7dc12e4d720f4
5a69190a9a778a6979e11fafedd43e1031caf8e2
a497c04d1c9d0be88aa9c288423346e83c6a7b296295387b3b7b855c550492a2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9444e811-e2d5-4901-a86d-9e9269a6f846.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10927
x-amzn-requestid: a4c6c1b1-3777-4410-bef1-5dd2518af86a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YcCjSEqfIAMF1kA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63217e14-4cdfc5ea1c42120d4a085752;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 07:09:08 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: b3Zf70hsIlHF67m0hhfBtDxu7FeNv0Z7JY7-Iei61XiGbDOqfKoUGQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:07:57 GMT
age: 4691
etag: "5a69190a9a778a6979e11fafedd43e1031caf8e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56c6b5fd-d351-45b8-9f62-d5052869881a.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56c6b5fd-d351-45b8-9f62-d5052869881a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 948abf9bedd1bd67010284080ba06d01
dd94d525ad264856a0fdcb7a4b1faa2d68c3f68b
236639cc2279c6f269dd521796a087a40b43b252cb55faf3e4214cbdc8369a62
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56c6b5fd-d351-45b8-9f62-d5052869881a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10822
x-amzn-requestid: 0cec2f7d-e906-4f5f-baa7-5d8a1a7c6820
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y2P7bEeQoAMFhGQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632bf9e2-5bdf18be72eed24028034edb;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 06:00:02 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Pj5hSr5LtIWPRDYjHxp8-K8gVghjf8GlO-FnXDvxscJqdygfZH8hIA==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 19:36:01 GMT
age: 13807
etag: "dd94d525ad264856a0fdcb7a4b1faa2d68c3f68b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98db69a9-8416-4b0b-b1b4-1ed196b985e5.jpeg
34.120.237.76200 OK 5.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98db69a9-8416-4b0b-b1b4-1ed196b985e5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3b318ea5c36d2b22b925f7dfe382df5f
0264e73c4cfff0bb255757c7e1c760a5ad3ece80
0c2f58ea4f5f32bb327f292e1b8fb5a4a60230bffc3abc440a624df27ec0d6bc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98db69a9-8416-4b0b-b1b4-1ed196b985e5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5340
x-amzn-requestid: b13bc974-e15d-43a4-a918-fbc35b09a36f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y19HljIAMFY8w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4f2-2cb226ba4bd7c7e74d9ab2db;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:42 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8DCVWC4Ihr4R21i3ySyiWdUK0aGymTE22B842ZKolG-ZThiKSMX-uQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:04:45 GMT
age: 4883
etag: "0264e73c4cfff0bb255757c7e1c760a5ad3ece80"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F155952bd-256a-4103-9017-437efcfb03bf.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F155952bd-256a-4103-9017-437efcfb03bf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1985a957e6bc0c15d8489fa731e7f14e
4584bff61bf4d5c9b8fd3b97c048a8e6975e4323
9f3e1fd6e18d85d4f6645d077da643a3bc2cca611d5e85f534ba798102dca243
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F155952bd-256a-4103-9017-437efcfb03bf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7005
x-amzn-requestid: c805d882-7a00-4abd-a239-d8313d7df0c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4aBwEaMIAMF09A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd6d7-6d6a417f10c9628a16d438e1;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:42:47 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 7edV0FJytVSpHH-WkCiYzhW1JP4L6i6bpPCq9MTxPdhwFQTryf06BQ==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:12:22 GMT
etag: "4584bff61bf4d5c9b8fd3b97c048a8e6975e4323"
content-type: image/jpeg
age: 4426
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 02a682b4703bb9d6381c762726c05531
1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54
fb672de67420a239fe5d7e2588f640150ed29883fe2a46ded160385e3265004c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8029
x-amzn-requestid: 2fc5c63d-5cef-42f4-a6d2-b55f51c57af6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y0tHjGoAMFcFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4ea-73f2f78a2d1ca8fc666d2571;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 5ur411n5hU7eWb68iExZCUrhpCybRyTBHCi72ra8dS2kd3UhW8sb1A==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 21:59:00 GMT
age: 5228
etag: "1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53fa68ad-0fdf-4958-b6f1-e38245c20380.jpeg
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53fa68ad-0fdf-4958-b6f1-e38245c20380.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d22173527a1bc9b264170aaa07491248
944c0453511761e101cb9e50ba8af7545e32e357
c04b0975162a54e0afc5ae4a863f8e8393415d455e8f7ff3fc67a47868e09ec0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53fa68ad-0fdf-4958-b6f1-e38245c20380.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4947
x-amzn-requestid: 2d8325c6-7564-4fab-86ad-75bc44451ac8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YzHtOFNXoAMF5iQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632ab987-30ba7b1d6088630236d03486;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 07:13:11 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 3NJdOO87M_on7FBlPCczqwUtjsq75kEXAxq9CcsiHDvuaUDCYhd9LQ==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:08:23 GMT
age: 4665
etag: "944c0453511761e101cb9e50ba8af7545e32e357"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.21.226:0
Hash 042c0b8644032c2d3ebe76f8c72d6f6c
231e89676b055b347f72215aef2eaf92ddb02061
aacbc97476c29071f6ff48f544da973ecb792d3125ec19d6c2d45f00513b080d
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 23:26:08 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "4AE7707555649CD8345489A41CB02736CC0CD651"
Expires: Fri, 23 Sep 2022 10:00:00 GMT
Last-Modified: Thu, 22 Sep 2022 22:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2267
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74eecdc8f9c00b59-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 35db2afacdffd28256c4b9372fe01e0d
1c38543b534fe648aaa669d26f520a8ecc7f0403
605f32d76571a2b3b6e8a93febfa0e507657f2d6ecc6237b7122a3d25d64445a
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 23:26:08 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 20 Sep 2022 12:01:34 GMT
Expires: Tue, 27 Sep 2022 12:01:33 GMT
Etag: "1c38543b534fe648aaa669d26f520a8ecc7f0403"
Cache-Control: max-age=390324,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74eecdc7ed4f0b69-OSL
viavideo.digital/logs/event/dsp?event=rtb&event2=request&sid=105641&tids=17504%2C17503&v=206231&cb=1663889168226
141.94.202.176200 OK 43 B URL HTTP/2 viavideo.digital/logs/event/dsp?event=rtb&event2=request&sid=105641&tids=17504%2C17503&v=206231&cb=1663889168226
IP 141.94.202.176:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /logs/event/dsp?event=rtb&event2=request&sid=105641&tids=17504%2C17503&v=206231&cb=1663889168226 HTTP/1.1
Host: viavideo.digital
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 23:26:08 GMT
content-type: image/gif
content-length: 43
last-modified: Tue, 28 Jun 2022 15:48:44 GMT
etag: "62bb22dc-2b"
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.run-syndicate.com/sdk/v1/n.css
8.254.252.210200 OK 8.3 kB URL HTTP/2 cdn.run-syndicate.com/sdk/v1/n.css
IP 8.254.252.210:0
File type ASCII text, with very long lines (8277), with no line terminators
Hash 37ebbc4b85fb5383d08547f5fe9d8d9f
99dac34980b1fd00028f76e782444bdf948724c5
24b59f4e4fbf1d4a988ffa478952ceb54e0b2f0774da926bcd2cc0376200dbfe
GET /sdk/v1/n.css HTTP/1.1
Host: cdn.run-syndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 23:26:08 GMT
content-type: text/css
content-length: 8277
etag: "6114dd75-2055"
last-modified: Thu, 12 Aug 2021 08:36:05 GMT
server: nginx
x-robots-tag: noindex, nofollow
age: 17541956
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash dc73e9101ccb87a614785d70b0910c53
17d447e5e984a5c6e103eac541ad4138161e2213
7a599023a769663870439b5c6f0f1c144d39cf06ad997e8f54fed566f14253a4
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 23:26:08 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 03:56:18 GMT
Expires: Wed, 28 Sep 2022 03:56:17 GMT
Etag: "17d447e5e984a5c6e103eac541ad4138161e2213"
Cache-Control: max-age=447608,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74eecdc9afbbb50f-OSL
lcdn.tsyndicate.com/images/e/2/3a8df226ea3d09add576fadd15816ceb8c64dc/300x250.webp
8.248.225.238200 OK 3.1 kB URL HTTP/2 lcdn.tsyndicate.com/images/e/2/3a8df226ea3d09add576fadd15816ceb8c64dc/300x250.webp
IP 8.248.225.238:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x217, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 380485887ed52a497cfb3efc0b5485ec
d69325c88a96559c1d48ba7ce1cf4fbb0220f296
597933ffd60087e549ad28de033acfa9a9cc0dc418bc4ebf2790033f3935e0d4
GET /images/e/2/3a8df226ea3d09add576fadd15816ceb8c64dc/300x250.webp HTTP/1.1
Host: lcdn.tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 23:26:08 GMT
content-type: image/webp
content-length: 3113
last-modified: Wed, 07 Jul 2021 15:17:05 GMT
server: nginx
x-robots-tag: noindex, nofollow
content-encoding: gzip
vary: Accept-Encoding
etag: W/"60e5c571-c12"
age: 4329492
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e2d0f4f4dfaba4dec7031f8e676caca2
6534b730950d3dcb40abb9d8f9033a5655f9eb80
e780eb5d9601306a8bfb9186281e8abdc00ff59e81429f72fd3e685b94a1da71
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4263
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 23:26:09 GMT
Last-Modified: Thu, 22 Sep 2022 22:15:06 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
ouo.press/favicon.ico
104.22.59.251200 OK 0 B IP 104.22.59.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/HXEu0d
Cookie: ouoio_session=eyJpdiI6IkIrNm9yeU5PT1VNdkRUdkdzNU5Nc04xM0ZDdmt3azlzNWp3RCtRV2ZoWW89IiwidmFsdWUiOiJ1Y2dKR1ZQRW54TlQ1dktZZjh2NDB0QkRJaWNTTjJaSjZtRTk5bllMQnFlSWZzMHZmVDRcL1RiM2Yrbmxpck4zRmdZTEwwdjFGZUdtSXBDTmVzNTNzRWc9PSIsIm1hYyI6IjY5ODkzNjQyYTczNmJkNjliNWIzMzk5YmNjMjU1NzA4OTY3MzViMTMwZDMxZDMzODc3MjU1NGMxYWJmMzc2ZTAifQ%3D%3D; language=eyJpdiI6IkNYY2JUTlBJWjRjazNBXC9BQTRNSnpjeTRKVXh4d0FtS2Q5bW1OQVFzQ3hZPSIsInZhbHVlIjoid3hqSTA3dEtxSjBIVFQwS3l0dUNISUcrb2pOMFRFNVdSek85Y2JTOTRhTT0iLCJtYWMiOiI4OTQ1ODZjY2I0ZjA5YzgzNGExMWM4ZjE2YjA5OWVkZGE2Y2MxN2RiMzJiMzBiOWE3YzY3NWZkYTdiYjljODJhIn0%3D; 8bda37baf9a6873089ee143985f1e681425300fa=eyJpdiI6IkpvVlZvMmhyTGZ2U2Zza3haMVB3SWFNVWlTNU9VcUlFTXcxNm5CSDA1cnc9IiwidmFsdWUiOiIxb1lmRFFtV2pGNXBYbXpjSUYrV1hUM1pBb2lqclRRWlJJcVpySEsyZ2RoRGJIWVBhR2VFd1UyUDFXUmNDQmlHR2I4TzdlZTdoaWpLaDV5NHZIYnZUUGVXRWJBQnM3eHQ2Z1dTUUxSbUpISngwZzdEYVdRMGhCQ0hMc3RyS09RSEF1OGVNbWVrQ3NDbzFod1lmSnF4U0NBMXhyclUrWHh6bU9QNUcyMW4xRXdiYWl4VEZEbTlhSkxxclwvTGtVcHllNjJBaWVZMWpzazJIcVdaMmtwalZhYm80THM2cDJJRkRDdWFcLzBWU3dxOWpheFE0QW5rZGVXWUE0NlcxZlNFSnl1NTQrbU1mcEM3OWJIWkJrK0ZxdjhudTVTYk1NaUpBOXpzN0JtV01mXC9sXC9pTEN1eFpzUWVcLzk1M3B5d3dFbEFBdXpac1RpYkpEWkZQNDFidDdCc2FONVdVbXNGM2ROUkFCMTZZTTB6YWNWVlJtUHJiNWY4NGtUV25cL3V2ZkxhSFwvIiwibWFjIjoiYWEzNWE1NTg1YWJlOWVhYTQwYWYxNGM2NTM5ZDMxZmFlYjFjY2Q1ZDlkZWJjY2QzZjRmMDZlZThmMTBlM2FiNCJ9; __cf_bm=egKrPu.Vl_MX6GXLJLDmkpHL3lmtIHOiPOp02CkIXAQ-1663889167-0-ASMmveyrFcp5TOiBh8EG//sRs6CtdlSCmI8yVpZNDf1tcYzk6zB6f2J0pMIjFlS53UOFCGq08UeW04MPSYhFp7U=; dom3ic8zudi28v8lr6fgphwffqoz0j6c=8aaefb20-7837-4dc0-b5d1-9c54f66b27b0%3A3%3A1; sb_page_ed36014633829dc70a42dccaefdf3f11=1; sb_idelay_ed36014633829dc70a42dccaefdf3f11=1; sb_onpage_ed36014633829dc70a42dccaefdf3f11=0; sb_main_ed36014633829dc70a42dccaefdf3f11=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 23:26:09 GMT
content-type: image/x-icon
content-length: 0
last-modified: Sat, 14 Feb 2015 06:41:24 GMT
etag: "54deee14-0"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=86400
cf-cache-status: HIT
age: 2470
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74eecdcaaeea0af6-OSL
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/zmiYzsHi8INTJBWt2QZC9aM5/recaptcha__en.js
142.250.74.163200 OK 158 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/zmiYzsHi8INTJBWt2QZC9aM5/recaptcha__en.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (581)
Size 158 kB (157726 bytes)
Hash 6519c7c04cf32a57b1c5ee45a73c233e
4939bb921988e9eb13780cc2244f3099776e9bfb
8352dd4e3e0fe82562cdc280c020fc31d2c6d054f7ead441a3b18de8ef04401b
GET /recaptcha/releases/zmiYzsHi8INTJBWt2QZC9aM5/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 157726
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 05:37:29 GMT
expires: Thu, 21 Sep 2023 05:37:29 GMT
cache-control: public, max-age=31536000
age: 150520
last-modified: Wed, 14 Sep 2022 00:24:01 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash dc73e9101ccb87a614785d70b0910c53
17d447e5e984a5c6e103eac541ad4138161e2213
7a599023a769663870439b5c6f0f1c144d39cf06ad997e8f54fed566f14253a4
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 23:26:09 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 03:56:18 GMT
Expires: Wed, 28 Sep 2022 03:56:17 GMT
Etag: "17d447e5e984a5c6e103eac541ad4138161e2213"
Cache-Control: max-age=447607,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74eecdc9add70b69-OSL
ouo.press/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
104.22.59.251200 OK 9.1 kB URL HTTP/2 ouo.press/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP 104.22.59.251:0
Hash 848a6780c9cdd918abfab55160d2033e
77fea4417611f9cf9c9094535d22baece085d7b5
2098c2c01a841990840b1d133173fd806e5c42fa61246fc9f48b350959a5c563
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/HXEu0d
Cookie: ouoio_session=eyJpdiI6IkIrNm9yeU5PT1VNdkRUdkdzNU5Nc04xM0ZDdmt3azlzNWp3RCtRV2ZoWW89IiwidmFsdWUiOiJ1Y2dKR1ZQRW54TlQ1dktZZjh2NDB0QkRJaWNTTjJaSjZtRTk5bllMQnFlSWZzMHZmVDRcL1RiM2Yrbmxpck4zRmdZTEwwdjFGZUdtSXBDTmVzNTNzRWc9PSIsIm1hYyI6IjY5ODkzNjQyYTczNmJkNjliNWIzMzk5YmNjMjU1NzA4OTY3MzViMTMwZDMxZDMzODc3MjU1NGMxYWJmMzc2ZTAifQ%3D%3D; language=eyJpdiI6IkNYY2JUTlBJWjRjazNBXC9BQTRNSnpjeTRKVXh4d0FtS2Q5bW1OQVFzQ3hZPSIsInZhbHVlIjoid3hqSTA3dEtxSjBIVFQwS3l0dUNISUcrb2pOMFRFNVdSek85Y2JTOTRhTT0iLCJtYWMiOiI4OTQ1ODZjY2I0ZjA5YzgzNGExMWM4ZjE2YjA5OWVkZGE2Y2MxN2RiMzJiMzBiOWE3YzY3NWZkYTdiYjljODJhIn0%3D; 8bda37baf9a6873089ee143985f1e681425300fa=eyJpdiI6IkpvVlZvMmhyTGZ2U2Zza3haMVB3SWFNVWlTNU9VcUlFTXcxNm5CSDA1cnc9IiwidmFsdWUiOiIxb1lmRFFtV2pGNXBYbXpjSUYrV1hUM1pBb2lqclRRWlJJcVpySEsyZ2RoRGJIWVBhR2VFd1UyUDFXUmNDQmlHR2I4TzdlZTdoaWpLaDV5NHZIYnZUUGVXRWJBQnM3eHQ2Z1dTUUxSbUpISngwZzdEYVdRMGhCQ0hMc3RyS09RSEF1OGVNbWVrQ3NDbzFod1lmSnF4U0NBMXhyclUrWHh6bU9QNUcyMW4xRXdiYWl4VEZEbTlhSkxxclwvTGtVcHllNjJBaWVZMWpzazJIcVdaMmtwalZhYm80THM2cDJJRkRDdWFcLzBWU3dxOWpheFE0QW5rZGVXWUE0NlcxZlNFSnl1NTQrbU1mcEM3OWJIWkJrK0ZxdjhudTVTYk1NaUpBOXpzN0JtV01mXC9sXC9pTEN1eFpzUWVcLzk1M3B5d3dFbEFBdXpac1RpYkpEWkZQNDFidDdCc2FONVdVbXNGM2ROUkFCMTZZTTB6YWNWVlJtUHJiNWY4NGtUV25cL3V2ZkxhSFwvIiwibWFjIjoiYWEzNWE1NTg1YWJlOWVhYTQwYWYxNGM2NTM5ZDMxZmFlYjFjY2Q1ZDlkZWJjY2QzZjRmMDZlZThmMTBlM2FiNCJ9; __cf_bm=egKrPu.Vl_MX6GXLJLDmkpHL3lmtIHOiPOp02CkIXAQ-1663889167-0-ASMmveyrFcp5TOiBh8EG//sRs6CtdlSCmI8yVpZNDf1tcYzk6zB6f2J0pMIjFlS53UOFCGq08UeW04MPSYhFp7U=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 23:26:07 GMT
content-type: application/javascript
last-modified: Tue, 20 Sep 2022 14:16:51 GMT
etag: W/"6329cb53-4d7"
vary: Accept-Encoding
server: cloudflare
cf-ray: 74eecdc1fb460af6-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Sat, 24 Sep 2022 23:26:07 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2
lcdn.tsyndicate.com/images/b/5/7fd1a356d651a20cb4579a89a6a4de23fee56e/300x250.webp
8.248.225.238200 OK 5.1 kB URL HTTP/2 lcdn.tsyndicate.com/images/b/5/7fd1a356d651a20cb4579a89a6a4de23fee56e/300x250.webp
IP 8.248.225.238:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 274x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 74ba15ba535a140aa6c331c31a058ebe
1d762dd7383390f91aa3deb0d567baa594764a3d
bcee47bc992a6c5ae162a36f56f7ef3182f6706062cca4e44de8d0912039cf5d
GET /images/b/5/7fd1a356d651a20cb4579a89a6a4de23fee56e/300x250.webp HTTP/1.1
Host: lcdn.tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 23:26:09 GMT
content-type: image/webp
content-length: 5111
last-modified: Wed, 07 Jul 2021 15:16:34 GMT
server: nginx
x-robots-tag: noindex, nofollow
content-encoding: gzip
vary: Accept-Encoding
etag: W/"60e5c552-13e0"
age: 13795069
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b1b12ef71e24748e1b6e935c300e7c0a
89f05674cc535cae0a9bf420e0aeef0595d1f204
0657c349a7ab260d08689d74a83ef24161d0da80fed75b097973eddcea3018d9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4558
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 23:26:09 GMT
Last-Modified: Thu, 22 Sep 2022 22:10:12 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 96f3639e0f20067a501f4b23622ccf27
a884b6a89d018d029940c30ab48af2bf2faeb00b
c658c6f010108155b7a741ed0b1ee8ddcbc365ead7700ace26560a0be1798afc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 23:26:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ssum-sec.casalemedia.com/usermatchredir?s=197828&cb=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D50%26uid%3D
104.18.19.126302 Found 0 B URL HTTP/2 ssum-sec.casalemedia.com/usermatchredir?s=197828&cb=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D50%26uid%3D
IP 104.18.19.126:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usermatchredir?s=197828&cb=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D50%26uid%3D HTTP/1.1
Host: ssum-sec.casalemedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 22 Sep 2022 23:26:09 GMT
content-length: 0
location: /usermatchredir?cb=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D50%26uid%3D&s=197828&C=1
cf-ray: 74eecdcaef860b06-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
set-cookie: CMID=YyzvEUYfrIAy4eTWDVuRuQAA; Path=/; Domain=casalemedia.com; Expires=Fri, 22 Sep 2023 23:26:09 GMT; Max-Age=31536000; Secure; SameSite=None
CMPS=4339; Path=/; Domain=casalemedia.com; Expires=Wed, 21 Dec 2022 23:26:09 GMT; Max-Age=7776000; Secure; SameSite=None
CMPRO=4339; Path=/; Domain=casalemedia.com; Expires=Wed, 21 Dec 2022 23:26:09 GMT; Max-Age=7776000; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5yYfq4ZOWdojtmT%2Fcn8kYW0WFRORzgBdijE0nmxvk6BeLaLR7DWz5%2FKViyPPWQJX2J9N6pBO5NsBypxiAsgzYv%2BxbLB3dJcVWXkI6GA%2FvQ23NWpGkhrMvS9D%2Blnf2SCU0cNXhOr0GMZ9CA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
142.250.74.102200 OK 104 B URL HTTP/2 ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
IP 142.250.74.102:0
File type MS Windows icon resource - 2 icons, 16x16, 16 colors, 32x32, 16 colors\012- data
Hash 32ac8a9b81788b981a3a7e13c14082d4
fbfd48a2bfe8d4247a975176f88d18c3c2ad1952
00cc7617e054596ff0aaabd8a93a9214dc5304bfe317316022dbf4fb3ea073d2
GET /favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250 HTTP/1.1
Host: ad.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 104
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 19:35:30 GMT
expires: Fri, 23 Sep 2022 19:35:30 GMT
cache-control: public, max-age=86400
age: 13839
last-modified: Tue, 08 May 2012 13:08:06 GMT
content-type: image/x-icon
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D30%26uid%3D%24UID
37.157.4.25200 OK 43 B URL HTTP/2 cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D30%26uid%3D%24UID
IP 37.157.4.25:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /cookie?redirect_url=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D30%26uid%3D%24UID HTTP/1.1
Host: cm.adform.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 23:26:09 GMT
content-type: image/gif
content-length: 43
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
37.252.173.27200 OK 145 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 37.252.173.27:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 4f35935a7336170d15eb40b92acc7884
03227b99567a9952f89669625d8b1421bfe87795
7ecaba6b6c34333fa5108040ac3c42e8eaf74b4275f06c5218e13ebe6b844df6
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 682
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Thu, 22 Sep 2022 23:26:09 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 145
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://ouo.press
AN-X-Request-Uuid: f63b04ef-0631-411b-8bbb-79bc5cea6e47
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18438&site_id=202928&zone_id=1317174&size_id=2&rp_schain=1.0,1!firstimpression.io,7419,1,,,&rf=https%3A%2F%2Fouo.press%2FHXEu0d&kw=ouo.press%2Cshortlinks%2Clinkshortener%2CfreeURLshortener&tg_i.ref=https%3A%2F%2Fouo.press%2FHXEu0d&tg_i.page=https%3A%2F%2Fouo.press%2FHXEu0d&tg_i.domain=ouo.press&tg_i.figroup=a9&tk_flint=pbjs_lite_v6.2.0&x_source.tid=5ac22c67-a826-4500-af71-ec248310ba9d&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.21315609894925958
213.19.162.51200 OK 348 B URL HTTP/1.1 fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18438&site_id=202928&zone_id=1317174&size_id=2&rp_schain=1.0,1!firstimpression.io,7419,1,,,&rf=https%3A%2F%2Fouo.press%2FHXEu0d&kw=ouo.press%2Cshortlinks%2Clinkshortener%2CfreeURLshortener&tg_i.ref=https%3A%2F%2Fouo.press%2FHXEu0d&tg_i.page=https%3A%2F%2Fouo.press%2FHXEu0d&tg_i.domain=ouo.press&tg_i.figroup=a9&tk_flint=pbjs_lite_v6.2.0&x_source.tid=5ac22c67-a826-4500-af71-ec248310ba9d&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.21315609894925958
IP 213.19.162.51:0
File type JSON data\012- , ASCII text, with very long lines (348), with no line terminators
Hash 709d308243472abc4e3dc56c66eedc86
c5ca4045639d2ea8dabd95f76160bac1eee30408
6e40c7f1b08f1aaee14bf900ec2aee304f59a6a86167f9011cba3f4b5dc76fc3
GET /a/api/fastlane.json?account_id=18438&site_id=202928&zone_id=1317174&size_id=2&rp_schain=1.0,1!firstimpression.io,7419,1,,,&rf=https%3A%2F%2Fouo.press%2FHXEu0d&kw=ouo.press%2Cshortlinks%2Clinkshortener%2CfreeURLshortener&tg_i.ref=https%3A%2F%2Fouo.press%2FHXEu0d&tg_i.page=https%3A%2F%2Fouo.press%2FHXEu0d&tg_i.domain=ouo.press&tg_i.figroup=a9&tk_flint=pbjs_lite_v6.2.0&x_source.tid=5ac22c67-a826-4500-af71-ec248310ba9d&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.21315609894925958 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.4
Date: Thu, 22 Sep 2022 23:26:09 GMT
Content-Type: application/json
Content-Length: 348
Connection: keep-alive
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Expires: Wed, 17 Sep 1975 21:32:10 GMT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://ouo.press
Pragma: no-cache
Vary: Accept-Encoding
Set-Cookie: khaos=L8DONFM3-U-1OGL; Domain=.rubiconproject.com; Path=/; Expires=Fri, 22-Sep-2023 23:26:09 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|naVuGyos1qqoIkA29UGJOO9DtVM30fCgNnV4EeGx3AYfXHoRY/xXsZZjSCqH74hcJhsHlJbldDdJwe9iGXKQTKZr5ZVxLWDe; Domain=.rubiconproject.com; Path=/; Expires=Fri, 22-Sep-2023 23:26:09 GMT; Max-Age=31536000; SameSite=None; Secure
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel.rubiconproject.com/exchange/sync.php?p=pbs-viva&gdpr=0&gdpr_consent=&us_privacy=0
213.19.162.80204 No Content 0 B URL HTTP/1.1 pixel.rubiconproject.com/exchange/sync.php?p=pbs-viva&gdpr=0&gdpr_consent=&us_privacy=0
IP 213.19.162.80:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /exchange/sync.php?p=pbs-viva&gdpr=0&gdpr_consent=&us_privacy=0 HTTP/1.1
Host: pixel.rubiconproject.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 2eb7d209ab67664d6226c75331547ba1
Content-Type: image/gif
ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D50%26uid%3D&s=197828&C=1
104.18.19.126302 Found 0 B URL HTTP/2 ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D50%26uid%3D&s=197828&C=1
IP 104.18.19.126:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usermatchredir?cb=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D50%26uid%3D&s=197828&C=1 HTTP/1.1
Host: ssum-sec.casalemedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ouo.press/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Thu, 22 Sep 2022 23:26:09 GMT
content-length: 0
location: https://sync.viavideo.digital/tools/sync?dsp=50&uid=0
cf-ray: 74eecdcb3fad0b06-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BQ8J%2B1ww%2F6ZbumYE0mw5o8hyX9%2BrGSFvw0%2BK7Mxj99NTRD7gxnD2uVgUY2z4XkT5re2y7s%2FPQnnPTP89A5KTRYnWtws4gKYoX4%2Biz9UYchQRkcUASsGiv4Hqz5Pq80AtpObTps81rla5cw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
37.252.173.27200 OK 145 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 37.252.173.27:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 4efaa433e9c60a3912808c0ebd7208e8
bbafeabb792986bdda8c346d8c7bf3fe1c848f28
784030f0ac96222e3f78c8b744f255b6c5673c8d6442dbe7a52be56e56d0c3b6
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 563
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Thu, 22 Sep 2022 23:26:09 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 145
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://ouo.press
AN-X-Request-Uuid: b50c7419-5b56-4375-98cc-c584c2f9973c
Set-Cookie: icu=ChgIw6tREAoYASABKAEwkd6zmQY4AUABSAEQkd6zmQYYAA..; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 21-Dec-2022 23:26:09 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=2757910607884068386; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 21-Dec-2022 23:26:09 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 0c2e17d8cf31157df1a4bd2f99a54c6c
c0bbb9ac61662fda8781947855cf7074484ac540
52f7b19b0215b25985a1e67274af794f09cd838879b503fe985141aee33a5707
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 23:26:09 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 20 Sep 2022 04:09:18 GMT
Expires: Tue, 27 Sep 2022 04:09:17 GMT
Etag: "c0bbb9ac61662fda8781947855cf7074484ac540"
Cache-Control: max-age=361987,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74eecdcb3e460b69-OSL
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 96f3639e0f20067a501f4b23622ccf27
a884b6a89d018d029940c30ab48af2bf2faeb00b
c658c6f010108155b7a741ed0b1ee8ddcbc365ead7700ace26560a0be1798afc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 23:26:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.godaddy.com/
192.124.249.41200 OK 1.8 kB IP 192.124.249.41:0
Hash 3bc164e8905aea36b318dbde3641018f
8f6306f4a602b2a95aa3eb7f09dace328228f4b1
107e56ff8e7d22bea733eb32c7e97873443880d503c6047a2d3574c0c1516717
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Thu, 22 Sep 2022 23:26:09 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 22 Sep 2022 22:04:51 GMT
Expires: Fri, 23 Sep 2022 22:04:51 GMT
ETag: "8f6306f4a602b2a95aa3eb7f09dace328228f4b1"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ads.betweendigital.com/match?bidder_id=44738&callback_url=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D39%26uid%3D%24%7BUSER_ID%7D
188.42.191.196302 Found 0 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=44738&callback_url=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D39%26uid%3D%24%7BUSER_ID%7D
IP 188.42.191.196:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?bidder_id=44738&callback_url=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D39%26uid%3D%24%7BUSER_ID%7D HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: /match?bidder_id=44738&callback_url=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D39%26uid%3D%24%7BUSER_ID%7D&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Fri, 22 Sep 2023 23:26:09 GMT; Path=/; Domain=.betweendigital.com
tuuid=3e96f0b9-e02d-520a-9507-992df62b763c; Max-Age=31536000; Expires=Fri, 22 Sep 2023 23:26:09 GMT; Path=/; Domain=.betweendigital.com
ut=YyzvEQADQ_AqMWJwKNfCtx3ijYMAQl8gBJFYIg==; Max-Age=31536000; Expires=Fri, 22 Sep 2023 23:26:09 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2
sync.viavideo.digital/tools/sync?dsp=50&uid=0
141.94.202.176301 Moved Permanently 0 B URL HTTP/2 sync.viavideo.digital/tools/sync?dsp=50&uid=0
IP 141.94.202.176:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tools/sync?dsp=50&uid=0 HTTP/1.1
Host: sync.viavideo.digital
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ouo.press/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
server: nginx
date: Thu, 22 Sep 2022 23:26:09 GMT
content-length: 0
location: https://sync.hhkld.com/tools/sync?dsp=50&uid=0&viads_uid=ccmeu4f2tal37k4jdf4gXx
set-cookie: uid=ccmeu4f2tal37k4jdf4gXx; expires=Fri, 22 Sep 2023 23:26:09 GMT; domain=.viavideo.digital; path=/
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 8cfadda5d24dc125d3f9c0ac37d65fda
6a26109821dd629fa13a1a1984110c01b95a1a89
aff12bd9eb40dc7124a9793d81a93e1a578722c6cacc51fa8a86e5a308bc4a2c
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 22 Sep 2022 23:26:09 GMT
Last-Modified: Thu, 22 Sep 2022 21:51:01 GMT
Server: ECS (nyb/1D2F)
X-Cache: Miss from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 9KkVzikAYGd1XVZoTm7R8Mw6c29VBvUAWV4OBPBn7FObONhE_u9YDw==
Age: 5708
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 36311d68e0a146bffd716bc0964c490c
0abcd5577e335878a388f392e8947e91a91e010f
dfcd4e6cf1e12366a3caee32cac9b75d419faca0c5f4de690e19fe085d9bd848
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 23:26:09 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 01:55:54 GMT
Expires: Wed, 28 Sep 2022 01:55:53 GMT
Etag: "0abcd5577e335878a388f392e8947e91a91e010f"
Cache-Control: max-age=440383,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74eecdcaa875b50f-OSL
ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D38%26uid%3D%24UID
216.52.2.30204 No Content 0 B URL HTTP/1.1 ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D38%26uid%3D%24UID
IP 216.52.2.30:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D38%26uid%3D%24UID HTTP/1.1
Host: ap.lijit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
date: Thu, 22 Sep 2022 23:26:09 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
pod: X-Sovrn-Pod: ad_ap6ams1
ice.360yield.com/server_match?partner_id=2046&r=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D53%26uid%3D{PUB_USER_ID}
35.158.33.69302 Found 0 B URL HTTP/2 ice.360yield.com/server_match?partner_id=2046&r=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D53%26uid%3D{PUB_USER_ID}
IP 35.158.33.69:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /server_match?partner_id=2046&r=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D53%26uid%3D{PUB_USER_ID} HTTP/1.1
Host: ice.360yield.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 22 Sep 2022 23:26:09 GMT
content-type: text/plain
content-length: 0
location: https://ice.360yield.com/ul_cb/server_match?partner_id=2046&r=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D53%26uid%3D%7BPUB_USER_ID%7D
set-cookie: tuuid=3c834946-a151-466e-80aa-55b40be10a21; Expires=Wed, 21 Dec 2022 23:26:09 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
tuuid_lu=1663889169; Expires=Wed, 21 Dec 2022 23:26:09 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
ads.betweendigital.com/match?bidder_id=44738&callback_url=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D39%26uid%3D%24%7BUSER_ID%7D&crf=1
188.42.191.196200 OK 68 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=44738&callback_url=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D39%26uid%3D%24%7BUSER_ID%7D&crf=1
IP 188.42.191.196:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
GET /match?bidder_id=44738&callback_url=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D39%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ouo.press/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Fri, 22 Sep 2023 23:26:09 GMT; Path=/; Domain=.betweendigital.com
tuuid=77b338f0-6cc1-520a-a02c-ba4dc300555c; Max-Age=31536000; Expires=Fri, 22 Sep 2023 23:26:09 GMT; Path=/; Domain=.betweendigital.com
ut=YyzvEQAD96AguUOQm1YgW7Rq4xHC0UgloK0UqQ==; Max-Age=31536000; Expires=Fri, 22 Sep 2023 23:26:09 GMT; Path=/; Domain=.betweendigital.com
content-length: 68
X-Firefox-Spdy: h2
sync.hhkld.com/tools/sync?dsp=50&uid=0&viads_uid=ccmeu4f2tal37k4jdf4gXx
141.94.202.176301 Moved Permanently 0 B URL HTTP/2 sync.hhkld.com/tools/sync?dsp=50&uid=0&viads_uid=ccmeu4f2tal37k4jdf4gXx
IP 141.94.202.176:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tools/sync?dsp=50&uid=0&viads_uid=ccmeu4f2tal37k4jdf4gXx HTTP/1.1
Host: sync.hhkld.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ouo.press/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
server: nginx
date: Thu, 22 Sep 2022 23:26:09 GMT
content-length: 0
location: https://sync.vicodes.com/tools/sync?dsp=50&uid=0&viads_uid=ccmeu4f2tal37k4jdf4gXx
set-cookie: uid=ccmeu4f2tal37k4jdf4gXx; expires=Fri, 22 Sep 2023 23:26:09 GMT; domain=.hhkld.com; path=/
X-Firefox-Spdy: h2
tag.1rx.io/rmp/212927/0/mvo?z=1r&hbv=6.2,2.1
213.19.147.43204 No Content 0 B URL HTTP/2 tag.1rx.io/rmp/212927/0/mvo?z=1r&hbv=6.2,2.1
IP 213.19.147.43:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /rmp/212927/0/mvo?z=1r&hbv=6.2,2.1 HTTP/1.1
Host: tag.1rx.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 605
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 22 Sep 2022 23:26:09 GMT
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
pragma: no-cache
cache-control: private, max-age=0, no-cache, no-store
X-Firefox-Spdy: h2
ice.360yield.com/ul_cb/server_match?partner_id=2046&r=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D53%26uid%3D%7BPUB_USER_ID%7D
35.158.33.69200 OK 43 B URL HTTP/2 ice.360yield.com/ul_cb/server_match?partner_id=2046&r=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D53%26uid%3D%7BPUB_USER_ID%7D
IP 35.158.33.69:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/server_match?partner_id=2046&r=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D53%26uid%3D%7BPUB_USER_ID%7D HTTP/1.1
Host: ice.360yield.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ouo.press/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 23:26:09 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
sync.vicodes.com/tools/sync?dsp=50&uid=0&viads_uid=ccmeu4f2tal37k4jdf4gXx
141.94.202.176200 OK 43 B URL HTTP/2 sync.vicodes.com/tools/sync?dsp=50&uid=0&viads_uid=ccmeu4f2tal37k4jdf4gXx
IP 141.94.202.176:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /tools/sync?dsp=50&uid=0&viads_uid=ccmeu4f2tal37k4jdf4gXx HTTP/1.1
Host: sync.vicodes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ouo.press/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 23:26:09 GMT
content-type: image/gif
content-length: 43
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Accept
access-control-allow-methods: GET, POST
access-control-allow-origin: *
last-modified: Thu, 22 Sep 2022 23:26:09 GMT
expires: Wed, 11 Nov 1998 11:11:11 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
set-cookie: uid=ccmeu4f2tal37k4jdf4gXx; expires=Fri, 22 Sep 2023 23:26:09 GMT; domain=.vicodes.com; path=/
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash 3f2f748122a715c256e37c1460922869
9032c3d10c7ca79de8d2aed5469af3302c091f95
f155c9bf2c776fc64927e9ff6a3f7928adb5fce82d1456dc3a8f8ac8a445e304
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3660
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 23:26:09 GMT
Last-Modified: Thu, 22 Sep 2022 22:25:10 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 312
bidder.criteo.com/cdb?profileId=207&av=34&wv=6.2.0&cb=26034129230
178.250.2.131200 OK 44 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=6.2.0&cb=26034129230
IP 178.250.2.131:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5f1dcf53824ce88cdb7941d34db3f19d
4164a13e3f53e1f002606a807d64a92620720fb0
3a803b7520764b5266cfac90aa9f9b2ff931109f489d9a1deb24aa686c239a74
POST /cdb?profileId=207&av=34&wv=6.2.0&cb=26034129230 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 486
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 23:26:08 GMT
vary: Origin
server: Finatra
content-type: application/json; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: https://ouo.press
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-encoding: gzip
content-length: 44
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pxl.tsyndicate.com/api/v1/p/p.gif?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0WMqYHjhgwYMGq0GINDjEgaZczYaIGDxgwxLWSQIZNDjA0yMG7gKHNDxMMwdcZktBFmhpkcNcaMaTEDaZgWKMUsFUMjxo0WMMSQuRHGBg0bMsJ09QmRjJ2FMnDEgGHjIZw6YhbOkNHQIUQ4cNDWsDH34Rw4E3U0tcFWRluNbfLqoEEDB4y1P8mYWQj2oRg3btDi2JwjBo6Hbdxg1CHjxgwbOdyGHh0jB4zTD-vIYSO3IY0cNGTElpERDR06cOboePHCDpk8ZticUTMmDx43ZlzUcZNmzBs5buDISXMwhowZLqy3ecHGBRw0cH7A6TFGx5qPMe7UQZOj_pkvX26cuWODSx2QhpHRA2Fl1KAVTzEYlIMZG9UwwxgySbWTfwDaMEcPgxXW338wGCZGD2lx5hmFHdogBnc9wODCYyQaBgeKOdARBhtKFGFHG1JAkQcVeMzBxhU1zGEGEXHMEAQTQ5wRBA45yHGFFlcokYUaZRwhhBNwjMFEHUSMYUQZV4wRAx1IQIEDHHfAkEUbdDSxhBFJykFmEkFQQcQSdbAhhhhmfPSGGkbw1UYTbcQgBx5pIAEHFUi4JEcWU1whBBRB1KBFHNS1kEcOV-Cg3BBX0EAEFFawcccXZ1SRBBFSVJFGizaMkVgPjDm2FqxrlJHHHdcJ-EYdb5QgwxDalTHHHMIOMQca19GRLBtpuLEGssNCK22yyzZbhhsIJWuGHGWUkWwVUjCBLbNybtvtsEaAK-6w5Jo7bLbpuoEtQnZU9-4QvwY7bLHHJosEFkXUkSysZMgwoAwIx0BrY4_BgPAMKSJMA4h7zYVwDT048QTCNvTQr3ngHovwDSIDS7Kxc6zgRBh0pGFHGSs0wR0ZbJSBMA4gkgVHG2g99MbPQYtAxhtA6yDCyAAr9NAYMC-0RVVduCWHUDqo-JhbYeTRxhtkLOSYZZNlvWJFIshhh2IfxVZHGhmZEQYNRZUhAw0tHGUaVN_BhANfZbTAlU5ljGGSaTXw9lAaionQmQuuuZCbC7aRJccXjGf0eOSTVx5bGBk18YYeabDBRhgv1LAiCChgEUMMO4DARLR14AECHn9_4VXsauuQgw0rpgDCEYWv8cYL8IG0VgwgGJEGuGa8gccLv69IllIZeUzWdV9gr7T2D7GBtQhFOEHWQXZ8AS5tDNVwg06nOQbDQ3KckRlpHN3wEPpfiCGH2J8xWhnS97WwkeZvaCODHN4gF6EphDRWk14eFkID-qWkN78JznBewLSSzeEFZLlDRrzjGLKgYYQdogFZ5qC2jCxQRnS4TgumkwY68M0FZBCT4ow2voN8IYfeIQsdkhYDG_BFRDYI4BB5wxAjzgCJHaHB_MqiPmPB4QtRa-IRmVTEAIZBDIERoNzyNBG3iG8hUxzDz9InB5ilgYFmy40McqA_jbBGBn1QQEAA&r=1&s=56b763b7cc3c192685488cb5050254286729c46710ee41803fd951350b3209401663889168&w=t&ir=245x208
78.46.40.103200 OK 35 B URL HTTP/2 pxl.tsyndicate.com/api/v1/p/p.gif?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0WMqYHjhgwYMGq0GINDjEgaZczYaIGDxgwxLWSQIZNDjA0yMG7gKHNDxMMwdcZktBFmhpkcNcaMaTEDaZgWKMUsFUMjxo0WMMSQuRHGBg0bMsJ09QmRjJ2FMnDEgGHjIZw6YhbOkNHQIUQ4cNDWsDH34Rw4E3U0tcFWRluNbfLqoEEDB4y1P8mYWQj2oRg3btDi2JwjBo6Hbdxg1CHjxgwbOdyGHh0jB4zTD-vIYSO3IY0cNGTElpERDR06cOboePHCDpk8ZticUTMmDx43ZlzUcZNmzBs5buDISXMwhowZLqy3ecHGBRw0cH7A6TFGx5qPMe7UQZOj_pkvX26cuWODSx2QhpHRA2Fl1KAVTzEYlIMZG9UwwxgySbWTfwDaMEcPgxXW338wGCZGD2lx5hmFHdogBnc9wODCYyQaBgeKOdARBhtKFGFHG1JAkQcVeMzBxhU1zGEGEXHMEAQTQ5wRBA45yHGFFlcokYUaZRwhhBNwjMFEHUSMYUQZV4wRAx1IQIEDHHfAkEUbdDSxhBFJykFmEkFQQcQSdbAhhhhmfPSGGkbw1UYTbcQgBx5pIAEHFUi4JEcWU1whBBRB1KBFHNS1kEcOV-Cg3BBX0EAEFFawcccXZ1SRBBFSVJFGizaMkVgPjDm2FqxrlJHHHdcJ-EYdb5QgwxDalTHHHMIOMQca19GRLBtpuLEGssNCK22yyzZbhhsIJWuGHGWUkWwVUjCBLbNybtvtsEaAK-6w5Jo7bLbpuoEtQnZU9-4QvwY7bLHHJosEFkXUkSysZMgwoAwIx0BrY4_BgPAMKSJMA4h7zYVwDT048QTCNvTQr3ngHovwDSIDS7Kxc6zgRBh0pGFHGSs0wR0ZbJSBMA4gkgVHG2g99MbPQYtAxhtA6yDCyAAr9NAYMC-0RVVduCWHUDqo-JhbYeTRxhtkLOSYZZNlvWJFIshhh2IfxVZHGhmZEQYNRZUhAw0tHGUaVN_BhANfZbTAlU5ljGGSaTXw9lAaionQmQuuuZCbC7aRJccXjGf0eOSTVx5bGBk18YYeabDBRhgv1LAiCChgEUMMO4DARLR14AECHn9_4VXsauuQgw0rpgDCEYWv8cYL8IG0VgwgGJEGuGa8gccLv69IllIZeUzWdV9gr7T2D7GBtQhFOEHWQXZ8AS5tDNVwg06nOQbDQ3KckRlpHN3wEPpfiCGH2J8xWhnS97WwkeZvaCODHN4gF6EphDRWk14eFkID-qWkN78JznBewLSSzeEFZLlDRrzjGLKgYYQdogFZ5qC2jCxQRnS4TgumkwY68M0FZBCT4ow2voN8IYfeIQsdkhYDG_BFRDYI4BB5wxAjzgCJHaHB_MqiPmPB4QtRa-IRmVTEAIZBDIERoNzyNBG3iG8hUxzDz9InB5ilgYFmy40McqA_jbBGBn1QQEAA&r=1&s=56b763b7cc3c192685488cb5050254286729c46710ee41803fd951350b3209401663889168&w=t&ir=245x208
IP 78.46.40.103:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /api/v1/p/p.gif?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0WMqYHjhgwYMGq0GINDjEgaZczYaIGDxgwxLWSQIZNDjA0yMG7gKHNDxMMwdcZktBFmhpkcNcaMaTEDaZgWKMUsFUMjxo0WMMSQuRHGBg0bMsJ09QmRjJ2FMnDEgGHjIZw6YhbOkNHQIUQ4cNDWsDH34Rw4E3U0tcFWRluNbfLqoEEDB4y1P8mYWQj2oRg3btDi2JwjBo6Hbdxg1CHjxgwbOdyGHh0jB4zTD-vIYSO3IY0cNGTElpERDR06cOboePHCDpk8ZticUTMmDx43ZlzUcZNmzBs5buDISXMwhowZLqy3ecHGBRw0cH7A6TFGx5qPMe7UQZOj_pkvX26cuWODSx2QhpHRA2Fl1KAVTzEYlIMZG9UwwxgySbWTfwDaMEcPgxXW338wGCZGD2lx5hmFHdogBnc9wODCYyQaBgeKOdARBhtKFGFHG1JAkQcVeMzBxhU1zGEGEXHMEAQTQ5wRBA45yHGFFlcokYUaZRwhhBNwjMFEHUSMYUQZV4wRAx1IQIEDHHfAkEUbdDSxhBFJykFmEkFQQcQSdbAhhhhmfPSGGkbw1UYTbcQgBx5pIAEHFUi4JEcWU1whBBRB1KBFHNS1kEcOV-Cg3BBX0EAEFFawcccXZ1SRBBFSVJFGizaMkVgPjDm2FqxrlJHHHdcJ-EYdb5QgwxDalTHHHMIOMQca19GRLBtpuLEGssNCK22yyzZbhhsIJWuGHGWUkWwVUjCBLbNybtvtsEaAK-6w5Jo7bLbpuoEtQnZU9-4QvwY7bLHHJosEFkXUkSysZMgwoAwIx0BrY4_BgPAMKSJMA4h7zYVwDT048QTCNvTQr3ngHovwDSIDS7Kxc6zgRBh0pGFHGSs0wR0ZbJSBMA4gkgVHG2g99MbPQYtAxhtA6yDCyAAr9NAYMC-0RVVduCWHUDqo-JhbYeTRxhtkLOSYZZNlvWJFIshhh2IfxVZHGhmZEQYNRZUhAw0tHGUaVN_BhANfZbTAlU5ljGGSaTXw9lAaionQmQuuuZCbC7aRJccXjGf0eOSTVx5bGBk18YYeabDBRhgv1LAiCChgEUMMO4DARLR14AECHn9_4VXsauuQgw0rpgDCEYWv8cYL8IG0VgwgGJEGuGa8gccLv69IllIZeUzWdV9gr7T2D7GBtQhFOEHWQXZ8AS5tDNVwg06nOQbDQ3KckRlpHN3wEPpfiCGH2J8xWhnS97WwkeZvaCODHN4gF6EphDRWk14eFkID-qWkN78JznBewLSSzeEFZLlDRrzjGLKgYYQdogFZ5qC2jCxQRnS4TgumkwY68M0FZBCT4ow2voN8IYfeIQsdkhYDG_BFRDYI4BB5wxAjzgCJHaHB_MqiPmPB4QtRa-IRmVTEAIZBDIERoNzyNBG3iG8hUxzDz9InB5ilgYFmy40McqA_jbBGBn1QQEAA&r=1&s=56b763b7cc3c192685488cb5050254286729c46710ee41803fd951350b3209401663889168&w=t&ir=245x208 HTTP/1.1
Host: pxl.tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 23:26:09 GMT
content-type: text/plain; charset=utf-8
content-length: 35
x-robots-tag: noindex, nofollow
X-Firefox-Spdy: h2
pxl.tsyndicate.com/api/v1/p/p.gif?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0XgiHEDRxkZNMi0EBNmhpkWNMSQCTPSDBkaLWrIkGEjxowwMsyYGSNGxMMwdcZktFHSTI4aY8a0mHGUJY0yYpSKocGxBQyVN8LYoGFDRhitPiGSsbNQxkYYNh7CqdNTxwwZDR1ChAOnbA0bbx_OgTPRbQ4baGk-HNOmrg4aNWLIuPuTjJmFXR-KceOmbA4YNW7AfdjGDUYdMm7MsJFDbefPMS6PflhHDpuFMzjCwGEjrYg6MjKioUMHzhwdL17YIZPHDJszasbkwePGjIs6btKMeSPHDRw5aQ4qnuFiepsXbFzAQQPnB5weY3SskQEjxp06aHLIP_Ply40zd2xwqQMDBk0yPQBWRg0qlXFDDAblsFMNNcwwhgxkROXRfv3RNEcPTAHWlX78-WeDGD3IcFlmcFHooRjZ9QCDC-2ZSBMcKX7RQhJfSKEFE8TJcEcORBgxxhpkkEGFGHc4kcWPdMSARRpoLEHDGk-gAQUebAQxhhVuxBGFHUFccYYeZLwBRxVEwADFSkVYocYRUwgBBxlGwECGFW3g0AQZR6AxxBT8wQHFEFBI0UYZRbDhRhBL6IHDG08kYcYTMTERxRJkPAHHFUUcUQQUaVzhBBtwtLEGHWucYUUOWdzxxRlVJEGEFFWk4aINhJ2HmGJ3zbpGGXncQR2Ab9TxRgkyDHFdGXPMQewQc6BBHR3LspGGG2soW6y01C7b7LNluIHQsmbIUUYZy1YhBRPaOisHHd1-W6wR4pJbrLnoFrvtut1qi5Ad0sk7RLDDFntssssigUURdSw7KxkyBCjDwjH0cOtiHFZoAxkzqLgwDSHe9dbCNfTgxBML29ADwOKJm-zCN5wsbMrIzrGCE2HQkYYdZazQRHZksFHGwjiEGFaoZT0kZhtFixAm0jqIgPLACg1W80JbUNWFWnIIpcOK7akVRh5tvEHGQjjAINljW7NYkQhy2GEYe6zVkUZGZoRBQ0kfwWSUaCjJMIMYLdA2QxktZNVRGTxlNoNMYaVhmAg5xODCZS7QIIMLDdEQlhxfOJ5R5JOvaDnmNWjOWhgZNfGGHmmwwUYYL9TAIggoYBFDDDuAwMS0deABAh60fbFV7m3r8BeLKYBwBOJrvPECezH0F30MIBiRhrhmvIHHC8fDEFZSGY0cFnVfgN-0-A-xobUIRTgR1kF2fCHuawxl1tFoZZvN9hmVgVYDDjd4CPy-IAY5kA0HAixD_MI2NtDQZm1kkMMbYGM0hYAGa9rLw0Jo8BDs6YY3vgHOC56msjm8ICx3yIhiyhYWNKjQP6YTwRzalhEJ0qFm1GkBdNJAh765gAxjUMz71neQLwBRiBZhWgxqMwMc4CByNkCgCOjQhtwwhIlOhCIAqdIY-SELDl-Y2hXxksUlSjEMYuiL0spQtzqwYSJqUR9FBhOq-MmhZmmYYNqowhHbjAE1MuiDAgIC&r=1&s=f8a5edefa773aacfb95adaaa7b13475e90cd6eacb34878fca83664d72b2f42621663889168&w=t&ir=245x208
78.46.40.103200 OK 35 B URL HTTP/2 pxl.tsyndicate.com/api/v1/p/p.gif?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0XgiHEDRxkZNMi0EBNmhpkWNMSQCTPSDBkaLWrIkGEjxowwMsyYGSNGxMMwdcZktFHSTI4aY8a0mHGUJY0yYpSKocGxBQyVN8LYoGFDRhitPiGSsbNQxkYYNh7CqdNTxwwZDR1ChAOnbA0bbx_OgTPRbQ4baGk-HNOmrg4aNWLIuPuTjJmFXR-KceOmbA4YNW7AfdjGDUYdMm7MsJFDbefPMS6PflhHDpuFMzjCwGEjrYg6MjKioUMHzhwdL17YIZPHDJszasbkwePGjIs6btKMeSPHDRw5aQ4qnuFiepsXbFzAQQPnB5weY3SskQEjxp06aHLIP_Ply40zd2xwqQMDBk0yPQBWRg0qlXFDDAblsFMNNcwwhgxkROXRfv3RNEcPTAHWlX78-WeDGD3IcFlmcFHooRjZ9QCDC-2ZSBMcKX7RQhJfSKEFE8TJcEcORBgxxhpkkEGFGHc4kcWPdMSARRpoLEHDGk-gAQUebAQxhhVuxBGFHUFccYYeZLwBRxVEwADFSkVYocYRUwgBBxlGwECGFW3g0AQZR6AxxBT8wQHFEFBI0UYZRbDhRhBL6IHDG08kYcYTMTERxRJkPAHHFUUcUQQUaVzhBBtwtLEGHWucYUUOWdzxxRlVJEGEFFWk4aINhJ2HmGJ3zbpGGXncQR2Ab9TxRgkyDHFdGXPMQewQc6BBHR3LspGGG2soW6y01C7b7LNluIHQsmbIUUYZy1YhBRPaOisHHd1-W6wR4pJbrLnoFrvtut1qi5Ad0sk7RLDDFntssssigUURdSw7KxkyBCjDwjH0cOtiHFZoAxkzqLgwDSHe9dbCNfTgxBML29ADwOKJm-zCN5wsbMrIzrGCE2HQkYYdZazQRHZksFHGwjiEGFaoZT0kZhtFixAm0jqIgPLACg1W80JbUNWFWnIIpcOK7akVRh5tvEHGQjjAINljW7NYkQhy2GEYe6zVkUZGZoRBQ0kfwWSUaCjJMIMYLdA2QxktZNVRGTxlNoNMYaVhmAg5xODCZS7QIIMLDdEQlhxfOJ5R5JOvaDnmNWjOWhgZNfGGHmmwwUYYL9TAIggoYBFDDDuAwMS0deABAh60fbFV7m3r8BeLKYBwBOJrvPECezH0F30MIBiRhrhmvIHHC8fDEFZSGY0cFnVfgN-0-A-xobUIRTgR1kF2fCHuawxl1tFoZZvN9hmVgVYDDjd4CPy-IAY5kA0HAixD_MI2NtDQZm1kkMMbYGM0hYAGa9rLw0Jo8BDs6YY3vgHOC56msjm8ICx3yIhiyhYWNKjQP6YTwRzalhEJ0qFm1GkBdNJAh765gAxjUMz71neQLwBRiBZhWgxqMwMc4CByNkCgCOjQhtwwhIlOhCIAqdIY-SELDl-Y2hXxksUlSjEMYuiL0spQtzqwYSJqUR9FBhOq-MmhZmmYYNqowhHbjAE1MuiDAgIC&r=1&s=f8a5edefa773aacfb95adaaa7b13475e90cd6eacb34878fca83664d72b2f42621663889168&w=t&ir=245x208
IP 78.46.40.103:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /api/v1/p/p.gif?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0XgiHEDRxkZNMi0EBNmhpkWNMSQCTPSDBkaLWrIkGEjxowwMsyYGSNGxMMwdcZktFHSTI4aY8a0mHGUJY0yYpSKocGxBQyVN8LYoGFDRhitPiGSsbNQxkYYNh7CqdNTxwwZDR1ChAOnbA0bbx_OgTPRbQ4baGk-HNOmrg4aNWLIuPuTjJmFXR-KceOmbA4YNW7AfdjGDUYdMm7MsJFDbefPMS6PflhHDpuFMzjCwGEjrYg6MjKioUMHzhwdL17YIZPHDJszasbkwePGjIs6btKMeSPHDRw5aQ4qnuFiepsXbFzAQQPnB5weY3SskQEjxp06aHLIP_Ply40zd2xwqQMDBk0yPQBWRg0qlXFDDAblsFMNNcwwhgxkROXRfv3RNEcPTAHWlX78-WeDGD3IcFlmcFHooRjZ9QCDC-2ZSBMcKX7RQhJfSKEFE8TJcEcORBgxxhpkkEGFGHc4kcWPdMSARRpoLEHDGk-gAQUebAQxhhVuxBGFHUFccYYeZLwBRxVEwADFSkVYocYRUwgBBxlGwECGFW3g0AQZR6AxxBT8wQHFEFBI0UYZRbDhRhBL6IHDG08kYcYTMTERxRJkPAHHFUUcUQQUaVzhBBtwtLEGHWucYUUOWdzxxRlVJEGEFFWk4aINhJ2HmGJ3zbpGGXncQR2Ab9TxRgkyDHFdGXPMQewQc6BBHR3LspGGG2soW6y01C7b7LNluIHQsmbIUUYZy1YhBRPaOisHHd1-W6wR4pJbrLnoFrvtut1qi5Ad0sk7RLDDFntssssigUURdSw7KxkyBCjDwjH0cOtiHFZoAxkzqLgwDSHe9dbCNfTgxBML29ADwOKJm-zCN5wsbMrIzrGCE2HQkYYdZazQRHZksFHGwjiEGFaoZT0kZhtFixAm0jqIgPLACg1W80JbUNWFWnIIpcOK7akVRh5tvEHGQjjAINljW7NYkQhy2GEYe6zVkUZGZoRBQ0kfwWSUaCjJMIMYLdA2QxktZNVRGTxlNoNMYaVhmAg5xODCZS7QIIMLDdEQlhxfOJ5R5JOvaDnmNWjOWhgZNfGGHmmwwUYYL9TAIggoYBFDDDuAwMS0deABAh60fbFV7m3r8BeLKYBwBOJrvPECezH0F30MIBiRhrhmvIHHC8fDEFZSGY0cFnVfgN-0-A-xobUIRTgR1kF2fCHuawxl1tFoZZvN9hmVgVYDDjd4CPy-IAY5kA0HAixD_MI2NtDQZm1kkMMbYGM0hYAGa9rLw0Jo8BDs6YY3vgHOC56msjm8ICx3yIhiyhYWNKjQP6YTwRzalhEJ0qFm1GkBdNJAh765gAxjUMz71neQLwBRiBZhWgxqMwMc4CByNkCgCOjQhtwwhIlOhCIAqdIY-SELDl-Y2hXxksUlSjEMYuiL0spQtzqwYSJqUR9FBhOq-MmhZmmYYNqowhHbjAE1MuiDAgIC&r=1&s=f8a5edefa773aacfb95adaaa7b13475e90cd6eacb34878fca83664d72b2f42621663889168&w=t&ir=245x208 HTTP/1.1
Host: pxl.tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 23:26:09 GMT
content-type: text/plain; charset=utf-8
content-length: 35
x-robots-tag: noindex, nofollow
X-Firefox-Spdy: h2
c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fouo.press&pubid=4cd01fd0-0780-4b33-a4da-c39467660185
143.204.46.73204 No Content 0 B URL HTTP/2 c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fouo.press&pubid=4cd01fd0-0780-4b33-a4da-c39467660185
IP 143.204.46.73:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cdn/prod/config?src=600&u=https%3A%2F%2Fouo.press&pubid=4cd01fd0-0780-4b33-a4da-c39467660185 HTTP/1.1
Host: c.amazon-adsystem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
cache-control: max-age=21550, s-maxage=21600
date: Thu, 22 Sep 2022 18:09:49 GMT
server: Server
x-cache: Hit from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 28z3DIg-3qFiKE1J9qxa6OKz439D462gg3J0gMPnUvlmyL4ldwBSZQ==
age: 18979
X-Firefox-Spdy: h2
aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fouo.press%2FHXEu0d&pid=GDa5rqNAheqmZ&cb=0&ws=728x90&v=22.9.81452&t=2000&slots=%5B%7B%22sd%22%3A%2293863%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%5D&schain=1.0%2C1!firstimpression.io%2C7419%2C1%2C%2C%2C&pubid=4cd01fd0-0780-4b33-a4da-c39467660185&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
143.204.52.189200 OK 154 B URL HTTP/2 aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fouo.press%2FHXEu0d&pid=GDa5rqNAheqmZ&cb=0&ws=728x90&v=22.9.81452&t=2000&slots=%5B%7B%22sd%22%3A%2293863%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%5D&schain=1.0%2C1!firstimpression.io%2C7419%2C1%2C%2C%2C&pubid=4cd01fd0-0780-4b33-a4da-c39467660185&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
IP 143.204.52.189:0
File type ASCII text, with no line terminators
Hash bb7b4ee21d41485b3c8d171a7bf8b853
04fdbd451ad2cf3aceb697a99ea093fa4c7b4522
5b74ca7f2f7320a7821eedeecfc6bc9cf4c5b0364ae656e62b66657c227aae7e
GET /e/dtb/bid?src=600&u=https%3A%2F%2Fouo.press%2FHXEu0d&pid=GDa5rqNAheqmZ&cb=0&ws=728x90&v=22.9.81452&t=2000&slots=%5B%7B%22sd%22%3A%2293863%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%5D&schain=1.0%2C1!firstimpression.io%2C7419%2C1%2C%2C%2C&pubid=4cd01fd0-0780-4b33-a4da-c39467660185&gdprl=%7B%22status%22%3A%22no-cmp%22%7D HTTP/1.1
Host: aax-dtb-cf.amazon-adsystem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
content-length: 154
server: Server
date: Thu, 22 Sep 2022 23:26:09 GMT
x-amz-rid: 9NNM0ZSR5W98GMX795AK
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
timing-allow-origin: *
strict-transport-security: max-age=47474747; includeSubDomains; preload
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: CHtzLUlswkCy_clZXSPbefjBiw-97ckCJyxABhgZ8Q8bW4r5pl2Tuw==
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 32a56657ee87189d84e36aa919cd2469
c93ce15e966956dbaa7ed6dae6b56c2745114833
2134db13c1af8c05396990aa5c37b0f5d8e9e3561f70cea5540cd6900f2c468f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2134DB13C1AF8C05396990AA5C37B0F5D8E9E3561F70CEA5540CD6900F2C468F"
Last-Modified: Wed, 21 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6173
Expires: Fri, 23 Sep 2022 01:09:02 GMT
Date: Thu, 22 Sep 2022 23:26:09 GMT
Connection: keep-alive
unseenreport.com/pxf.gif?uuid=8aaefb20-7837-4dc0-b5d1-9c54f66b27b0&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=ed36014633829dc70a42dccaefdf3f11&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=23
192.243.61.225200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=8aaefb20-7837-4dc0-b5d1-9c54f66b27b0&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=ed36014633829dc70a42dccaefdf3f11&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=23
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=8aaefb20-7837-4dc0-b5d1-9c54f66b27b0&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=ed36014633829dc70a42dccaefdf3f11&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=23 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 22 Sep 2022 23:26:10 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3396be0552ea46129a66c21d356b103b
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 75195f99f7d05a823fbe15ef839b0e4a
09a0f2a5860b0b0fd077a6d6bd6b164e18cf226c
0d5ece3b53f0934ea7f2fe1f7745d5a215ebc4f9bc3ba7e9d3cd216251b953bd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0D5ECE3B53F0934EA7F2FE1F7745D5A215EBC4F9BC3BA7E9D3CD216251B953BD"
Last-Modified: Tue, 20 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13844
Expires: Fri, 23 Sep 2022 03:16:54 GMT
Date: Thu, 22 Sep 2022 23:26:10 GMT
Connection: keep-alive
peeredgerman.com/sbar.json?key=ed36014633829dc70a42dccaefdf3f11&uuid=8aaefb20-7837-4dc0-b5d1-9c54f66b27b0%3A3%3A1
173.233.139.164200 OK 4.1 kB URL HTTP/1.1 peeredgerman.com/sbar.json?key=ed36014633829dc70a42dccaefdf3f11&uuid=8aaefb20-7837-4dc0-b5d1-9c54f66b27b0%3A3%3A1
IP 173.233.139.164:0
File type JSON data\012- , ASCII text, with very long lines (5650), with no line terminators
Hash de597860d3e33346b5aab5bf2db9b46b
1f0aff62dd09b957464698099c5a91365468df9a
11f5aa143b0bd5a510651f4bce324110a5fb140efb481970afdef75e5dd98a9b
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=ed36014633829dc70a42dccaefdf3f11&uuid=8aaefb20-7837-4dc0-b5d1-9c54f66b27b0%3A3%3A1 HTTP/1.1
Host: peeredgerman.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 22 Sep 2022 23:26:10 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://ouo.press
Access-Control-Allow-Origin: https://ouo.press
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=15424691; expires=Fri, 23 Sep 2022 23:26:10 GMT; secure; SameSite=None
uid_id2=8aaefb20-7837-4dc0-b5d1-9c54f66b27b0:3:1; expires=Thu, 29 Sep 2022 23:26:10 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 23 Sep 2022 23:26:10 GMT; secure; SameSite=None
uncs=1; expires=Fri, 23 Sep 2022 23:26:10 GMT; secure; SameSite=None
pdhtkv29=true; expires=Fri, 23 Sep 2022 23:26:10 GMT; secure; SameSite=None
uncs29=1; expires=Fri, 23 Sep 2022 23:26:10 GMT; secure; SameSite=None
sleced36014633829dc70a42dccaefdf3f11=[3364901]; expires=Thu, 22 Sep 2022 23:26:15 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6c12110d369347ecda5b628cefb87e9c
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash c4f014926a63b3420133e77bd2dcc7ff
d2ee2dd68042dfd7e52d7580d224251e95036326
25a8b7b98fac3956fe35dcfdb7a18de7a24168ce46cb7e1727ee11fb925cc034
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6154
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 23:26:10 GMT
Last-Modified: Thu, 22 Sep 2022 21:43:36 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279
peeredgerman.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSz4scxRvGq7P5wlcEwZCLgjKIgkJ20j9mu2fMIRjjyuLmB4liDoJWV1XPllvT1VR1Tc%2FuaTFEchz%2Fg95ndrOsBlH0apDZQA572vEge3D%2FAQ8igicPMpPF0ffyvm89z%2BHDU%2B%2Fn2%2B6E%2BHD0%2BOo1vSmVoheXmn7j9TtBcKmxKnM3aAza8cdx61LD9N%2FsxE3%2Fjca7gq3ri6Ef%2BH7gB41laUSmBxenImTxsBM0O36zFTaDpRYG5r%2B7dR4s9cD7J%2BQcJJ%2Bcfeydh2Rj5L1vrgq7Xuriwjs9p2ipDfp874N8PddVjt58zIyHLN87dUPbo%2BVH0PnuDBe6%2F48xlRPiPXmENN87hUTa35lxpgoiR8qfRdUfQ6gxJB2D6buQ%2FIgAjOP6DeS9B9e1qejGU5VO1Qk5%2B%2BcfkNWEnP3lPPLe11eUHDRua%2BVKqXOLQVZDDsaQ3TEKd4By8wxkdQBWfgbJCfJeDcmPX21TKrI09BeTdpQstjjzF9MlHix22FIri%2BM0TFJ%2FFoyUY8hsDCWGoHYBznpw0oPLPLjCQ48fN1gQBInPGfXbHcYinog05n5AkyyggR%2B34diUfYiyGIKpIZjZQmG2sC6HMO5H2LUalnuwJUGf16gEQWUJKkpQSYKqJKj69S5XNrT1A66sS4PTHp72qB7psrtNd3XZFTnZLk7I87PAfv3oO6yL44bgUewHrTiK2mGHs8SnrZAzRkXGsygLAlhZQ9ozoNbDpjx67mcU8uiZGik9gFUHYPIVUPcSaDVKQh90bdRq%2B9jM97XTzcIIa8F1jaL8H8oNb1udkBdmANGd1yDY4eVP0muT3%2Ff%2FAjM1ClPjU%2FmYoKvuj27piuzc0pUl394oStmTm3T6m7dLWoqFL98TG5U2fOWqHe6%2FxabCdHz4vrDlKs25zLuWfHVFci7MsjZMkB9W7Icivens2hVncles3nx7eaU3A5Q6H4PKCSFPDsHkhPz%2F%2B93Zob547x6kGcO4Gj13SE4LUh%2BAFVuwxZzf6gUYNfekhYfK1SMTpvNHJQmUmO80rWH%2FtafzedveR9e8DFrend1n39ToqxpUDWHdwqgszOHln6JZIVXeKFXG20mVUV88DdfK40YSRT6NO0tBklCRpK2wncUBpzRsxWEc0wilnbALv537GwAA%2F%2F8BAAD%2F%2F%2FxcPERzBAAA
173.233.139.164200 OK 7 B URL HTTP/1.1 peeredgerman.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSz4scxRvGq7P5wlcEwZCLgjKIgkJ20j9mu2fMIRjjyuLmB4liDoJWV1XPllvT1VR1Tc%2FuaTFEchz%2Fg95ndrOsBlH0apDZQA572vEge3D%2FAQ8igicPMpPF0ffyvm89z%2BHDU%2B%2Fn2%2B6E%2BHD0%2BOo1vSmVoheXmn7j9TtBcKmxKnM3aAza8cdx61LD9N%2FsxE3%2Fjca7gq3ri6Ef%2BH7gB41laUSmBxenImTxsBM0O36zFTaDpRYG5r%2B7dR4s9cD7J%2BQcJJ%2Bcfeydh2Rj5L1vrgq7Xuriwjs9p2ipDfp874N8PddVjt58zIyHLN87dUPbo%2BVH0PnuDBe6%2F48xlRPiPXmENN87hUTa35lxpgoiR8qfRdUfQ6gxJB2D6buQ%2FIgAjOP6DeS9B9e1qejGU5VO1Qk5%2B%2BcfkNWEnP3lPPLe11eUHDRua%2BVKqXOLQVZDDsaQ3TEKd4By8wxkdQBWfgbJCfJeDcmPX21TKrI09BeTdpQstjjzF9MlHix22FIri%2BM0TFJ%2FFoyUY8hsDCWGoHYBznpw0oPLPLjCQ48fN1gQBInPGfXbHcYinog05n5AkyyggR%2B34diUfYiyGIKpIZjZQmG2sC6HMO5H2LUalnuwJUGf16gEQWUJKkpQSYKqJKj69S5XNrT1A66sS4PTHp72qB7psrtNd3XZFTnZLk7I87PAfv3oO6yL44bgUewHrTiK2mGHs8SnrZAzRkXGsygLAlhZQ9ozoNbDpjx67mcU8uiZGik9gFUHYPIVUPcSaDVKQh90bdRq%2B9jM97XTzcIIa8F1jaL8H8oNb1udkBdmANGd1yDY4eVP0muT3%2Ff%2FAjM1ClPjU%2FmYoKvuj27piuzc0pUl394oStmTm3T6m7dLWoqFL98TG5U2fOWqHe6%2FxabCdHz4vrDlKs25zLuWfHVFci7MsjZMkB9W7Icivens2hVncles3nx7eaU3A5Q6H4PKCSFPDsHkhPz%2F%2B93Zob547x6kGcO4Gj13SE4LUh%2BAFVuwxZzf6gUYNfekhYfK1SMTpvNHJQmUmO80rWH%2FtafzedveR9e8DFrend1n39ToqxpUDWHdwqgszOHln6JZIVXeKFXG20mVUV88DdfK40YSRT6NO0tBklCRpK2wncUBpzRsxWEc0wilnbALv537GwAA%2F%2F8BAAD%2F%2F%2FxcPERzBAAA
IP 173.233.139.164:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1SSz4scxRvGq7P5wlcEwZCLgjKIgkJ20j9mu2fMIRjjyuLmB4liDoJWV1XPllvT1VR1Tc%2FuaTFEchz%2Fg95ndrOsBlH0apDZQA572vEge3D%2FAQ8igicPMpPF0ffyvm89z%2BHDU%2B%2Fn2%2B6E%2BHD0%2BOo1vSmVoheXmn7j9TtBcKmxKnM3aAza8cdx61LD9N%2FsxE3%2Fjca7gq3ri6Ef%2BH7gB41laUSmBxenImTxsBM0O36zFTaDpRYG5r%2B7dR4s9cD7J%2BQcJJ%2Bcfeydh2Rj5L1vrgq7Xuriwjs9p2ipDfp874N8PddVjt58zIyHLN87dUPbo%2BVH0PnuDBe6%2F48xlRPiPXmENN87hUTa35lxpgoiR8qfRdUfQ6gxJB2D6buQ%2FIgAjOP6DeS9B9e1qejGU5VO1Qk5%2B%2BcfkNWEnP3lPPLe11eUHDRua%2BVKqXOLQVZDDsaQ3TEKd4By8wxkdQBWfgbJCfJeDcmPX21TKrI09BeTdpQstjjzF9MlHix22FIri%2BM0TFJ%2FFoyUY8hsDCWGoHYBznpw0oPLPLjCQ48fN1gQBInPGfXbHcYinog05n5AkyyggR%2B34diUfYiyGIKpIZjZQmG2sC6HMO5H2LUalnuwJUGf16gEQWUJKkpQSYKqJKj69S5XNrT1A66sS4PTHp72qB7psrtNd3XZFTnZLk7I87PAfv3oO6yL44bgUewHrTiK2mGHs8SnrZAzRkXGsygLAlhZQ9ozoNbDpjx67mcU8uiZGik9gFUHYPIVUPcSaDVKQh90bdRq%2B9jM97XTzcIIa8F1jaL8H8oNb1udkBdmANGd1yDY4eVP0muT3%2Ff%2FAjM1ClPjU%2FmYoKvuj27piuzc0pUl394oStmTm3T6m7dLWoqFL98TG5U2fOWqHe6%2FxabCdHz4vrDlKs25zLuWfHVFci7MsjZMkB9W7Icivens2hVncles3nx7eaU3A5Q6H4PKCSFPDsHkhPz%2F%2B93Zob547x6kGcO4Gj13SE4LUh%2BAFVuwxZzf6gUYNfekhYfK1SMTpvNHJQmUmO80rWH%2FtafzedveR9e8DFrend1n39ToqxpUDWHdwqgszOHln6JZIVXeKFXG20mVUV88DdfK40YSRT6NO0tBklCRpK2wncUBpzRsxWEc0wilnbALv537GwAA%2F%2F8BAAD%2F%2F%2FxcPERzBAAA HTTP/1.1
Host: peeredgerman.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Cookie: u_pl=15424691; uid_id2=8aaefb20-7837-4dc0-b5d1-9c54f66b27b0:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleced36014633829dc70a42dccaefdf3f11=[3364901]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 22 Sep 2022 23:26:10 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0b155fbaa12354575a48539a3c054d1e
Strict-Transport-Security: max-age=0; includeSubdomains
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b803a6ce3f92e2c474869f819e011de2
cb173569b4402d022e65ae4395ee94b17f3a2a74
92dff408426ce81f09abe452d8b9532064f0ec96bb42264493fd4e8f92f098c9
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "92DFF408426CE81F09ABE452D8B9532064F0EC96BB42264493FD4E8F92F098C9"
Last-Modified: Wed, 21 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14144
Expires: Fri, 23 Sep 2022 03:21:54 GMT
Date: Thu, 22 Sep 2022 23:26:10 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b803a6ce3f92e2c474869f819e011de2
cb173569b4402d022e65ae4395ee94b17f3a2a74
92dff408426ce81f09abe452d8b9532064f0ec96bb42264493fd4e8f92f098c9
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "92DFF408426CE81F09ABE452D8B9532064F0EC96BB42264493FD4E8F92F098C9"
Last-Modified: Wed, 21 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14144
Expires: Fri, 23 Sep 2022 03:21:54 GMT
Date: Thu, 22 Sep 2022 23:26:10 GMT
Connection: keep-alive
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/16/img/arrow.png
172.64.200.2200 OK 2.0 kB URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/16/img/arrow.png
IP 172.64.200.2:0
File type PNG image data, 52 x 81, 8-bit/color RGBA, non-interlaced\012- data
Hash ef2bad0eceeff00bf615df0a433a5bff
a910af81d23d78c96283b46c241d3d9652562009
9c362044a93ac6919b7174a1620d4d82dbe1940a450aea1abca32a48fd160d40
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/16/img/arrow.png HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 23:26:10 GMT
content-type: image/png
content-length: 2008
last-modified: Fri, 21 May 2021 10:10:48 GMT
etag: "60a78728-7d8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4368107
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Yo5kwKnhTrJ6Km0%2FYUAsOGNEg009OzMh3UwR0JEoCtpzX0jWYfYVRh3xp7WYrvmyKgLWXy1xDfJsl9L1vpeLxb1zLIxWvrOduPJqSBxiWXyyugulxdFitu3uQHPWEXfy8g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74eecdd6ac7b731b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/16/img/close.png
172.64.200.2200 OK 6.0 kB URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/16/img/close.png
IP 172.64.200.2:0
File type PNG image data, 522 x 391, 8-bit/color RGBA, non-interlaced\012- data
Hash c489ce2c491a22ee37a55e26a92dfd73
2fa588ab09e94dd902e5bd24b48f98ad1949c9d6
1eed147c7d5de6291c25fbc5274830c12d5549262fb144271576d4e15966e5bd
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/16/img/close.png HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 23:26:10 GMT
content-type: image/png
content-length: 5982
last-modified: Fri, 21 May 2021 10:10:48 GMT
etag: "60a78728-175e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4368107
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8gXmtW0gGHhe7VmmW2DS66v6jyRZqhzo5B5sdqhz1imqNj5A%2FjFY7YirfZRewOSA%2FfH4xFaNTF4zU9A78wZH8R6lVTS3pIWMn%2B1fwWtCbWjhRwj43X4D5%2FrvgTwlS2YtJb4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74eecdd6ac7a731b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
peeredgerman.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F16%2Findex.html&l=2211&fd=48
173.233.139.164200 OK 0 B URL HTTP/1.1 peeredgerman.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F16%2Findex.html&l=2211&fd=48
IP 173.233.139.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F16%2Findex.html&l=2211&fd=48 HTTP/1.1
Host: peeredgerman.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Cookie: u_pl=15424691; uid_id2=8aaefb20-7837-4dc0-b5d1-9c54f66b27b0:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleced36014633829dc70a42dccaefdf3f11=[3364901]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 22 Sep 2022 23:26:10 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b803a6ce3f92e2c474869f819e011de2
cb173569b4402d022e65ae4395ee94b17f3a2a74
92dff408426ce81f09abe452d8b9532064f0ec96bb42264493fd4e8f92f098c9
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "92DFF408426CE81F09ABE452D8B9532064F0EC96BB42264493FD4E8F92F098C9"
Last-Modified: Wed, 21 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14143
Expires: Fri, 23 Sep 2022 03:21:54 GMT
Date: Thu, 22 Sep 2022 23:26:11 GMT
Connection: keep-alive
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/16/img/number.png
172.64.200.2200 OK 1.1 kB URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/16/img/number.png
IP 172.64.200.2:0
File type PNG image data, 43 x 43, 8-bit/color RGBA, non-interlaced\012- data
Hash 9e4414e85c588bf7db195e49c02ab2bb
09254e79b255f1b2dfe45adbbe44583a4b433782
0b977ec6e7cf5d35df03cd3a8041f5f523f5d4059ac67c152c0a7b613e20b762
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/16/img/number.png HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 23:26:10 GMT
content-type: image/png
content-length: 1138
last-modified: Fri, 21 May 2021 10:10:48 GMT
etag: "60a78728-472"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4368107
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GSMhN%2BE6mRFA1o9%2BF3r7sNYd05CHo%2FWgS5clkUWTCZ%2FTKqBI2zWBMAQtOrBh81AiU4t%2Bub1vMldybsCTE9x9aFKho2BMPUUzgCSdiPZ85AFL5qafe3KRUhi6IQpSUZNC9tc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74eecdd6ac7e731b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/16/img/icon.png
172.64.200.2200 OK 107 kB URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/16/img/icon.png
IP 172.64.200.2:0
File type PNG image data, 340 x 340, 8-bit/color RGB, non-interlaced\012- data
Size 107 kB (106874 bytes)
Hash c1f6eb397e4025eb9b9f152caf975d28
0fef898a70d937ab0982906947fcb2826a7fde3c
be6b906095a91adeb37fdb83b3567252be9406419a8c7a65e9d62332a3415e99
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/16/img/icon.png HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 23:26:10 GMT
content-type: image/png
content-length: 106874
last-modified: Tue, 08 Feb 2022 14:16:16 GMT
etag: "62027b30-1a17a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4368107
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=inWiXvpVxKroazU%2F7XhMDC6%2BEsMY7lb3X4l45ljSHGmd%2Fx%2B1YtFHlburLnwtOGzC2QEUlNoyRVioCIU6xSwVfbBegYAxheW8IzGG1J9z%2B5IgPUPYFNsZuOBWLhFtUWd87g0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74eecdd6ac80731b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.firstimpression.io/delivery/lg.php?bannerid=65637%7C65638%7C65639%7C83411%7C93863%7C100721&campaignid=18%7C15%7C9%7C44%7C43%7C22&zoneid=110459%7C110459%7C110459%7C110459%7C110459%7C110459
54.230.111.77200 OK 21 B URL HTTP/2 cdn.firstimpression.io/delivery/lg.php?bannerid=65637%7C65638%7C65639%7C83411%7C93863%7C100721&campaignid=18%7C15%7C9%7C44%7C43%7C22&zoneid=110459%7C110459%7C110459%7C110459%7C110459%7C110459
IP 54.230.111.77:0
File type very short file (no magic)
Hash 2793f659087fed6a6c71efe62625fdab
6b40887d8b55314b057c3ea28e84a899a5e998cc
49835d7ac4b53fab922d54f8e59f6f53fda7becdcfb3e8887855bd6f7e8704fb
POST /delivery/lg.php?bannerid=65637%7C65638%7C65639%7C83411%7C93863%7C100721&campaignid=18%7C15%7C9%7C44%7C43%7C22&zoneid=110459%7C110459%7C110459%7C110459%7C110459%7C110459 HTTP/1.1
Host: cdn.firstimpression.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Cookie: OAID=GDPR
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
date: Thu, 22 Sep 2022 23:26:08 GMT
server: nginx/1.20.0
vary: Accept-Encoding
x-powered-by: PHP/8.0.14
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
expires: 0
access-control-allow-origin: https://ouo.press
p3p: CP="CUR ADM OUR NOR STA NID"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: OrXoCI4t4HukP-izEiicXs_Qpau-HG5X0SmXMHsLr_JBAMxADmJRnQ==
X-Firefox-Spdy: h2
peeredgerman.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F16%2Fcss%2Fstyle.css&l=9494&fd=103
173.233.139.164200 OK 0 B URL HTTP/1.1 peeredgerman.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F16%2Fcss%2Fstyle.css&l=9494&fd=103
IP 173.233.139.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F16%2Fcss%2Fstyle.css&l=9494&fd=103 HTTP/1.1
Host: peeredgerman.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Cookie: u_pl=15424691; uid_id2=8aaefb20-7837-4dc0-b5d1-9c54f66b27b0:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleced36014633829dc70a42dccaefdf3f11=[3364901]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 22 Sep 2022 23:26:11 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/16/js/script.js
172.64.200.2200 OK 317 B URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/16/js/script.js
IP 172.64.200.2:0
Hash 4761ad2393202bfabef11ba0db779752
f67daa266767f3528ac554901f32ca9b43da00ff
92fdc96ed03a7abaff8750ca48f8f19cd769784927289cbd2544b9c642acf55c
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/16/js/script.js HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 23:26:11 GMT
content-type: application/javascript
last-modified: Fri, 21 May 2021 10:10:50 GMT
etag: W/"60a7872a-2c7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 3790118
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z4vjP8YwbuzfBlDoxb9u%2BJS4nscuin0V3w1zKlFE9c2WWrRpjwJJzZqmRBxg%2BniGrh1YdjzNXSG%2Bqxz9F1IIxEgNb8DP4xWZ389fzb3zBn0OJtqSuBBbQ2ZYAYP7z6phojY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74eecdd74d05731b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/16/js/jquery.min.js
172.64.200.2200 OK 48 kB URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/16/js/jquery.min.js
IP 172.64.200.2:0
File type ASCII text, with very long lines (65451)
Hash 2331d54d6ee6ed384fcbc9f0d2dddcf7
dea971e50a09ef33a689d7f010e8965a7a355bf7
2b7e2daaa3168f206123fd5f3d562515842a767b49407c34c8959fc24cb04afb
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/16/js/jquery.min.js HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 23:26:10 GMT
content-type: application/javascript
last-modified: Fri, 21 May 2021 10:10:50 GMT
etag: W/"60a7872a-15d94"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4368107
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tBGjCFWa5RICY3stCW40McxK2BS0yjgkjwnOwgFzg2E8cAhgmpKr%2F8vDStVMhKhRyduWHOrUPZV3QkVbJ%2Flm06l535KcevhR4S3ZCOnYheQXrMJc5qVewAmQl9IwP8RCUuw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74eecdd6ac81731b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
peeredgerman.com/impr.gif?sid=H4sIAAAAAAAC%2F1SSz2tc1RvGz236ha8IgqUbBWUQBYVmeu%2Fc%2BWkXxRgjwfQHrWIXgp5fd3LMmXsu59wzd5JVsFS6HP%2BDm2eShmgRRbcWmRS6yCrjQrIw%2F4ALEcGVC5lpcPTdvO97nmfx4Tnv5zv%2BlITw9GT5mtlSWtPLjWpYef1OFF2prKnUDyqDdvPjZv1Kxfbf7DSr4RuVdyXfMJdrYRSGURhVVpSViRlcnopQ2cNOVO2E1XqtGjXqGNj%2F7s4HcDSA6J%2BSC1Bicv5xcBGKj5H2vlmWbiM32aV3el7T3Fj0xf4H6UZqihS9%2BZjYAEm6f%2BaGcccrj2DSvRkuTP8fI1MTEjx5BJbun0GC9XdnnExDpmDiWRT9MaQeQ9ExuLkLJY4JwAWu30Dae3Dd2IJuPlXpVJ2Q83%2F%2BAVVMyPlfLiLtfb2k1aBy22ifK5M6DJISajCG6o6R%2BUPkW%2BegikPw%2FDMoQZD2Sihx8mqbUpmwWrjYasetxbrg4SJriGixwxv1pNlktRYLZ8EoNYZKxtByCOoW4F0ArwL4JIDPAvTESYVHUdQKBadhu8N5LFqSNUUY0VYS0ShstuH5lH2IPBuC6yG43UZmt7GhhrD%2BR7j1Ek4EcDlBX5QoJEHhCApKUCiCIico%2BuWe0K7mygdCO8%2Bis14763E5Mnl3h%2B6ZvCtTspOdkudngf360XfYkCcVKeJmGNWbcdyudQRvhbReE5xTmYgkTqIITpVQ7hyoC7Cljp%2F7GZk6fqYEo4dw%2BhBcvQLqXwItRq1aCLo%2BqrdDbKUHxptqZqVzEKZElv8P%2BWawo0%2FJCzOA%2BM5rkPzo6ifs2uT3g7%2FAbYnMlvhUPSbo6vujW6Ygu7dM4ci3N7Jc9dQWnf7m7ZzmcuHL9%2BRmYaxYXXbDg7f4VJiOD9%2BXLl%2BjqVBp15GvlpQQ0q4YyyX5YdV9KNlN79aXvE19tnbz7ZXV3gxQmXQMqiaEPDkCVxPy%2F%2B%2F3Zof64r17UHYM60v0%2FBE5KyhzCJ5tw2VzfmcWYPXcw7IAhS9Htsbmj1oRaDnfKSvh%2FrWz%2Bbzj7qNrXwbN787us29L9HUJqodwfmGUZ%2Fbo6k%2FxrMB0MGLaBrtMW%2F3F03CdOqnEoWgxmcgWk%2FVGPZFcsEaDhTzhLBbtNkfuJvzSbxf%2BBgAA%2F%2F8BAAD%2F%2F3yI6axzBAAA
173.233.139.164200 OK 7 B URL HTTP/1.1 peeredgerman.com/impr.gif?sid=H4sIAAAAAAAC%2F1SSz2tc1RvGz236ha8IgqUbBWUQBYVmeu%2Fc%2BWkXxRgjwfQHrWIXgp5fd3LMmXsu59wzd5JVsFS6HP%2BDm2eShmgRRbcWmRS6yCrjQrIw%2F4ALEcGVC5lpcPTdvO97nmfx4Tnv5zv%2BlITw9GT5mtlSWtPLjWpYef1OFF2prKnUDyqDdvPjZv1Kxfbf7DSr4RuVdyXfMJdrYRSGURhVVpSViRlcnopQ2cNOVO2E1XqtGjXqGNj%2F7s4HcDSA6J%2BSC1Bicv5xcBGKj5H2vlmWbiM32aV3el7T3Fj0xf4H6UZqihS9%2BZjYAEm6f%2BaGcccrj2DSvRkuTP8fI1MTEjx5BJbun0GC9XdnnExDpmDiWRT9MaQeQ9ExuLkLJY4JwAWu30Dae3Dd2IJuPlXpVJ2Q83%2F%2BAVVMyPlfLiLtfb2k1aBy22ifK5M6DJISajCG6o6R%2BUPkW%2BegikPw%2FDMoQZD2Sihx8mqbUpmwWrjYasetxbrg4SJriGixwxv1pNlktRYLZ8EoNYZKxtByCOoW4F0ArwL4JIDPAvTESYVHUdQKBadhu8N5LFqSNUUY0VYS0ShstuH5lH2IPBuC6yG43UZmt7GhhrD%2BR7j1Ek4EcDlBX5QoJEHhCApKUCiCIico%2BuWe0K7mygdCO8%2Bis14763E5Mnl3h%2B6ZvCtTspOdkudngf360XfYkCcVKeJmGNWbcdyudQRvhbReE5xTmYgkTqIITpVQ7hyoC7Cljp%2F7GZk6fqYEo4dw%2BhBcvQLqXwItRq1aCLo%2BqrdDbKUHxptqZqVzEKZElv8P%2BWawo0%2FJCzOA%2BM5rkPzo6ifs2uT3g7%2FAbYnMlvhUPSbo6vujW6Ygu7dM4ci3N7Jc9dQWnf7m7ZzmcuHL9%2BRmYaxYXXbDg7f4VJiOD9%2BXLl%2BjqVBp15GvlpQQ0q4YyyX5YdV9KNlN79aXvE19tnbz7ZXV3gxQmXQMqiaEPDkCVxPy%2F%2B%2F3Zof64r17UHYM60v0%2FBE5KyhzCJ5tw2VzfmcWYPXcw7IAhS9Htsbmj1oRaDnfKSvh%2FrWz%2Bbzj7qNrXwbN787us29L9HUJqodwfmGUZ%2Fbo6k%2FxrMB0MGLaBrtMW%2F3F03CdOqnEoWgxmcgWk%2FVGPZFcsEaDhTzhLBbtNkfuJvzSbxf%2BBgAA%2F%2F8BAAD%2F%2F3yI6axzBAAA
IP 173.233.139.164:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1SSz2tc1RvGz236ha8IgqUbBWUQBYVmeu%2Fc%2BWkXxRgjwfQHrWIXgp5fd3LMmXsu59wzd5JVsFS6HP%2BDm2eShmgRRbcWmRS6yCrjQrIw%2F4ALEcGVC5lpcPTdvO97nmfx4Tnv5zv%2BlITw9GT5mtlSWtPLjWpYef1OFF2prKnUDyqDdvPjZv1Kxfbf7DSr4RuVdyXfMJdrYRSGURhVVpSViRlcnopQ2cNOVO2E1XqtGjXqGNj%2F7s4HcDSA6J%2BSC1Bicv5xcBGKj5H2vlmWbiM32aV3el7T3Fj0xf4H6UZqihS9%2BZjYAEm6f%2BaGcccrj2DSvRkuTP8fI1MTEjx5BJbun0GC9XdnnExDpmDiWRT9MaQeQ9ExuLkLJY4JwAWu30Dae3Dd2IJuPlXpVJ2Q83%2F%2BAVVMyPlfLiLtfb2k1aBy22ifK5M6DJISajCG6o6R%2BUPkW%2BegikPw%2FDMoQZD2Sihx8mqbUpmwWrjYasetxbrg4SJriGixwxv1pNlktRYLZ8EoNYZKxtByCOoW4F0ArwL4JIDPAvTESYVHUdQKBadhu8N5LFqSNUUY0VYS0ShstuH5lH2IPBuC6yG43UZmt7GhhrD%2BR7j1Ek4EcDlBX5QoJEHhCApKUCiCIico%2BuWe0K7mygdCO8%2Bis14763E5Mnl3h%2B6ZvCtTspOdkudngf360XfYkCcVKeJmGNWbcdyudQRvhbReE5xTmYgkTqIITpVQ7hyoC7Cljp%2F7GZk6fqYEo4dw%2BhBcvQLqXwItRq1aCLo%2BqrdDbKUHxptqZqVzEKZElv8P%2BWawo0%2FJCzOA%2BM5rkPzo6ifs2uT3g7%2FAbYnMlvhUPSbo6vujW6Ygu7dM4ci3N7Jc9dQWnf7m7ZzmcuHL9%2BRmYaxYXXbDg7f4VJiOD9%2BXLl%2BjqVBp15GvlpQQ0q4YyyX5YdV9KNlN79aXvE19tnbz7ZXV3gxQmXQMqiaEPDkCVxPy%2F%2B%2F3Zof64r17UHYM60v0%2FBE5KyhzCJ5tw2VzfmcWYPXcw7IAhS9Htsbmj1oRaDnfKSvh%2FrWz%2Bbzj7qNrXwbN787us29L9HUJqodwfmGUZ%2Fbo6k%2FxrMB0MGLaBrtMW%2F3F03CdOqnEoWgxmcgWk%2FVGPZFcsEaDhTzhLBbtNkfuJvzSbxf%2BBgAA%2F%2F8BAAD%2F%2F3yI6axzBAAA HTTP/1.1
Host: peeredgerman.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Cookie: u_pl=15424691; uid_id2=8aaefb20-7837-4dc0-b5d1-9c54f66b27b0:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleced36014633829dc70a42dccaefdf3f11=[3364901]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 22 Sep 2022 23:26:11 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e8bb7a3e7a7aa629a4b44a7718ee8625
Strict-Transport-Security: max-age=0; includeSubdomains
peeredgerman.com/pixel/sbs?c=1
173.233.139.164200 OK 0 B URL HTTP/1.1 peeredgerman.com/pixel/sbs?c=1
IP 173.233.139.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: peeredgerman.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Cookie: u_pl=15424691; uid_id2=8aaefb20-7837-4dc0-b5d1-9c54f66b27b0:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleced36014633829dc70a42dccaefdf3f11=[3364901]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 22 Sep 2022 23:26:11 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ac88c56-4515-47b4-9c1e-7745782bd306.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ac88c56-4515-47b4-9c1e-7745782bd306.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b877ead4a15221fdd278ef27f281a7ec
48c10714503e8dfdd3e3c3d39b919ef2792f0d15
f4a1d5abcfa4092828e004b6c0605a7a24e4133d275312f613dceff875971daf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ac88c56-4515-47b4-9c1e-7745782bd306.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 10127
x-amzn-requestid: 456e3c6a-e173-433e-8d54-d787cb50b7e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y0sHmCoAMFVSg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4ea-7a07b336571396533e48b4cb;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: KKYAef15NoI3It5UfVcqhPx50Fr6IK7O2VFasuAILVN9PP8CH1_7Ng==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 21:58:25 GMT
age: 5270
etag: "48c10714503e8dfdd3e3c3d39b919ef2792f0d15"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ecdn.firstimpression.io/fi_client.js
54.230.111.77200 OK 0 B URL HTTP/2 ecdn.firstimpression.io/fi_client.js
IP 54.230.111.77:0
GET /fi_client.js HTTP/1.1
Host: ecdn.firstimpression.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Thu, 22 Sep 2022 22:34:42 GMT
server: nginx/1.20.0
x-powered-by: PHP/8.0.14
x-xss-protection: 0
last-modified: Thu, 22 Sep 2022 22:34:42 UTC
etag: W/"03b39184f17d1d7c8e396f51d039109c"
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 8RYGqgF6Od-25ePxmVcNsrtv6_icapEzv5EQDtu7b1OnMQ6HpsoueQ==
age: 3085
X-Firefox-Spdy: h2
hhkld.com/rucdn/js/player/h6fdj3b5.js
141.94.202.176200 OK 0 B URL HTTP/2 hhkld.com/rucdn/js/player/h6fdj3b5.js
IP 141.94.202.176:0
GET /rucdn/js/player/h6fdj3b5.js HTTP/1.1
Host: hhkld.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 23:26:07 GMT
content-type: application/javascript
last-modified: Tue, 13 Sep 2022 10:46:13 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public, no-transform
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
content-encoding: gzip
X-Firefox-Spdy: h2
c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
143.204.46.73200 OK 0 B URL HTTP/2 c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
IP 143.204.46.73:0
GET /bao-csm/aps-comm/aps_csm.js HTTP/1.1
Host: c.amazon-adsystem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Mon, 19 Sep 2022 09:37:07 GMT
x-amz-version-id: I95TjGhhrR3O7F99m0mjPLrSrnJRj9o4
server: AmazonS3
content-encoding: gzip
date: Thu, 22 Sep 2022 09:42:04 GMT
cache-control: public, max-age=86400
etag: W/"a4d296427fc806b21335359e398c025c"
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: HGtorGca76W0HQe6zu34iB7-iDIKAqyRf6PXhBMXRvW33piH7JFsFQ==
age: 49737
X-Firefox-Spdy: h2
ru.hhkld.com/tag/sync.php
141.94.202.176200 OK 0 B URL HTTP/2 ru.hhkld.com/tag/sync.php
IP 141.94.202.176:0
GET /tag/sync.php HTTP/1.1
Host: ru.hhkld.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ouo.press/
Origin: https://ouo.press
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 23:26:08 GMT
content-type: application/json
access-control-allow-origin: https://ouo.press
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
set-cookie: uid=jV7KsGMs7xBw9wR4cbPRAg==; expires=Fri, 22-Sep-23 23:26:08 GMT; domain=.hhkld.com; path=/
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
content-encoding: gzip
X-Firefox-Spdy: h2
creepingbrings.com/sfp.js
172.64.104.16200 OK 0 B URL HTTP/2 creepingbrings.com/sfp.js
IP 172.64.104.16:0
GET /sfp.js HTTP/1.1
Host: creepingbrings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 23:26:08 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 7bfcb6ad278b32f585663860137b1039
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Thu, 22 Sep 2022 23:26:08 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NXbGcgnA4mCA7EybAntMeXDT4LPZvXuy9B2LY7PCYAApNS8aQfFhDKS6Xm473vYM8dSJCWKVDtXJ47Ho7fXy%2F%2FhVGkTNgKiIONbB73kYaDfKAwcpFChYrS0qTt49hB7iQrulfeo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74eecdc79f6488ad-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
run-syndicate.com/do2/048b86cb1ea4453a9397baf204dd5474/dynamic?format=jsonp&count=2&w=1280&h=1024&keywords=ouo,press,short,links,link,shortener,free,URL,shortener,Free,URL,shorten,service,ouo,press,HXEu,&adtype=label-under&callback=callback_jg1NL
94.130.164.161200 OK 0 B URL HTTP/2 run-syndicate.com/do2/048b86cb1ea4453a9397baf204dd5474/dynamic?format=jsonp&count=2&w=1280&h=1024&keywords=ouo,press,short,links,link,shortener,free,URL,shortener,Free,URL,shorten,service,ouo,press,HXEu,&adtype=label-under&callback=callback_jg1NL
IP 94.130.164.161:0
ASN #24940 Hetzner Online GmbH
GET /do2/048b86cb1ea4453a9397baf204dd5474/dynamic?format=jsonp&count=2&w=1280&h=1024&keywords=ouo,press,short,links,link,shortener,free,URL,shortener,Free,URL,shorten,service,ouo,press,HXEu,&adtype=label-under&callback=callback_jg1NL HTTP/1.1
Host: run-syndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 23:26:08 GMT
content-type: application/javascript; charset=utf-8
pragma: no-cache
expires: 0
vary: Accept-Encoding, *
x-api-version: 2
x-request-id: 637f2ef7f9c48b11
set-cookie: ts_uid=fa4a3e24-f973-423b-863e-7a78ecb57352; expires=Wed, 22 Mar 2023 23:26:08 GMT; domain=.run-syndicate.com; path=/; HttpOnly; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.runative-syndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.yourwebbars.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/16/index.html
104.26.6.19200 OK 0 B URL HTTP/2 cdn.yourwebbars.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/16/index.html
IP 104.26.6.19:0
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/16/index.html HTTP/1.1
Host: cdn.yourwebbars.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 23:26:10 GMT
content-type: text/html
last-modified: Wed, 09 Feb 2022 14:15:28 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 642757
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rLGzUa8hwnjr%2BnV%2BXvNxmylssyEoijlz8xyz2qY020lq6pEbfqvUcIvsGXmeWVnSUfNfgkfESgjydqKQNCqKxpeHWKyvtwAhggqMDJ7Ztyl2o3dyzjy4yzbX3D9SGR27qkIvwao%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74eecdd5cd320b06-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/16/css/animate.css
172.64.200.2200 OK 0 B URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/16/css/animate.css
IP 172.64.200.2:0
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/16/css/animate.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 23:26:10 GMT
content-type: text/css
last-modified: Fri, 21 May 2021 10:10:46 GMT
etag: W/"60a78726-13591"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4366524
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yc7V%2BskurAPF%2BsAFqJsBEL%2BaUfGIqpM%2FQbbgioWw6uCPuMcZETN2LHvQ4HjBd4dRuNNRfQZm%2BeGXhs%2Byd1EoKzDXKaOjUxEE%2BRm%2BjSBtJWusvY98LWWS2goKFstU3tIGh14%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74eecdd66c3d731b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
asia.hhkld.com/tag/load-105641.js
141.94.202.176200 OK 0 B URL HTTP/2 asia.hhkld.com/tag/load-105641.js
IP 141.94.202.176:0
GET /tag/load-105641.js HTTP/1.1
Host: asia.hhkld.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 23:26:07 GMT
content-type: application/javascript
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
set-cookie: sync6=%7B%22adform%22%3A1663889167%2C%22otm%22%3A1663889167%2C%22indexww3%22%3A1663889167%2C%22adapt%22%3A1663889167%2C%22improve%22%3A1663889167%2C%22sovrn%22%3A1663889167%2C%22between%22%3A1663889167%2C%22magnite%22%3A1663889167%7D; expires=Fri, 30-Sep-2022 23:26:07 GMT; Max-Age=691200
uid=jV7KsGMs7w9w9wR4cbNtAg==; expires=Fri, 22-Sep-23 23:26:07 GMT; domain=.hhkld.com; path=/
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
content-encoding: gzip
X-Firefox-Spdy: h2
viavideo.digital/rux/abcdef/105641/?pub_sid=105641&VIA_WIDTH=432&VIA_HEIGHT=243&v=206231&rc=1&cb=1663889167925&page_url=https%3A%2F%2Fouo.press%2FHXEu0d
141.94.202.176200 OK 0 B URL HTTP/2 viavideo.digital/rux/abcdef/105641/?pub_sid=105641&VIA_WIDTH=432&VIA_HEIGHT=243&v=206231&rc=1&cb=1663889167925&page_url=https%3A%2F%2Fouo.press%2FHXEu0d
IP 141.94.202.176:0
GET /rux/abcdef/105641/?pub_sid=105641&VIA_WIDTH=432&VIA_HEIGHT=243&v=206231&rc=1&cb=1663889167925&page_url=https%3A%2F%2Fouo.press%2FHXEu0d HTTP/1.1
Host: viavideo.digital
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ouo.press/
Origin: https://ouo.press
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 23:26:08 GMT
content-type: application/json
access-control-allow-origin: https://ouo.press
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
set-cookie: uid=jV7KsGMs7xBw9wR4cbPmAg==; expires=Fri, 22-Sep-23 23:26:08 GMT; domain=.viavideo.digital; path=/
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
content-encoding: gzip
X-Firefox-Spdy: h2
ecdn.firstimpression.io/static/js/prebidamp.js
54.230.111.77200 OK 0 B URL HTTP/2 ecdn.firstimpression.io/static/js/prebidamp.js
IP 54.230.111.77:0
GET /static/js/prebidamp.js HTTP/1.1
Host: ecdn.firstimpression.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
server: nginx/1.20.0
last-modified: Tue, 14 Dec 2021 15:30:51 GMT
access-control-allow-origin: *
content-encoding: gzip
date: Thu, 22 Sep 2022 23:00:04 GMT
expires: Fri, 23 Sep 2022 00:00:04 GMT
cache-control: max-age=3600
etag: W/"61b8b8ab-4e128"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 1WPYsjQijYjatjQ6SIzhWdsOcxAcIDKm2pwRw-_jyTBx3QDpeRBF_Q==
age: 1564
X-Firefox-Spdy: h2
hhkld.com/slider-220901.php?sid=105641&tid=17503&w=432&h=243&cbb=1663889168232
141.94.202.176200 OK 0 B URL HTTP/2 hhkld.com/slider-220901.php?sid=105641&tid=17503&w=432&h=243&cbb=1663889168232
IP 141.94.202.176:0
GET /slider-220901.php?sid=105641&tid=17503&w=432&h=243&cbb=1663889168232 HTTP/1.1
Host: hhkld.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ouo.press/
Origin: https://ouo.press
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 23:26:08 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://ouo.press
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
set-cookie: uid=jV7KsGMs7xBw9wR4cbQjAg==; expires=Fri, 22-Sep-23 23:26:08 GMT; domain=.hhkld.com; path=/
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
content-encoding: gzip
X-Firefox-Spdy: h2
rtb.viavideo.digital/vast/cs?zone=105641&w=432&h=243&vp=4&site=https://ouo.press/&cbb=1663889168230
141.94.202.176200 OK 0 B URL HTTP/2 rtb.viavideo.digital/vast/cs?zone=105641&w=432&h=243&vp=4&site=https://ouo.press/&cbb=1663889168230
IP 141.94.202.176:0
GET /vast/cs?zone=105641&w=432&h=243&vp=4&site=https://ouo.press/&cbb=1663889168230 HTTP/1.1
Host: rtb.viavideo.digital
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ouo.press/
Origin: https://ouo.press
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 23:26:08 GMT
content-type: application/xml; charset=utf-8
age: 0
cache-control: no-store
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Accept
access-control-allow-methods: GET, POST
access-control-allow-origin: https://ouo.press
set-cookie: uid=ccmeu472tal37k4jdd10Xx; expires=Fri, 22 Sep 2023 23:26:08 GMT; domain=.viavideo.digital; path=/
content-encoding: gzip
X-Firefox-Spdy: h2