ouo.press/kPFS6b3
403 Forbidden 3.8 kB IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (838)
Hash 8f9085b774885e7df10a6a08950c2d38
28999a57a5d8868d41a0e4265e335405aa780348
748404997c9d62d8360969652e0746b6f7ea02856aec6b68f15eec01a79b091f
GET /kPFS6b3 HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 403 Forbidden
Date: Fri, 23 Sep 2022 01:59:31 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
CF-Chl-Bypass: 1
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Frame-Options: SAMEORIGIN
Set-Cookie: __cf_bm=fMSHhFVALz16Kyknpq8oIjgocymfiGVZuFHvgiPK1Vk-1663898371-0-AcSh7Qc5uUqUo7sPZjJ1xkcav63/CR1K/lQV4sDeu5XZHOyREuqDs+qwWas3rVcJ0vjtYmJVW3J2Vb1uBf9jtUI=; path=/; expires=Fri, 23-Sep-22 02:29:31 GMT; domain=.ouo.press; HttpOnly; SameSite=None
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74efae73a9251bfa-OSL
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 23 Sep 2022 01:14:06 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 9dBor09U3xrHhscxuGc4XbcvCndnRiuqe59N6QUqFhY6gGItTDNe7A==
Age: 2725
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a26d0784548ecab22f417f3d689daf23
8893b79366bbadeb5c8d587b8f023e310694df1c
35baaae7b3ce3110ebb2b075881cfab55ecf3eab57d834283fd18ac691b41fa2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35BAAAE7B3CE3110EBB2B075881CFAB55ECF3EAB57D834283FD18AC691B41FA2"
Last-Modified: Tue, 20 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2403
Expires: Fri, 23 Sep 2022 02:39:34 GMT
Date: Fri, 23 Sep 2022 01:59:31 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 22 Sep 2022 04:35:15 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: vorJvre5WV34ljpyDjTjj9gNzl3ix9gt07DLGxu-4YgeTbj0cvuChA==
age: 77057
X-Firefox-Spdy: h2
ouo.press/cdn-cgi/styles/challenges.css
200 OK 2.6 kB URL HTTP/1.1 ouo.press/cdn-cgi/styles/challenges.css
IP
File type ASCII text, with very long lines (6294), with no line terminators
Hash ba2d8534d208d2a5b158507e004d7150
ab81307634698ea304a68783fa38937f562009a2
63b366fdbfea7cbec639f9a5f24714a831e171570625def9462d724b5c8fdc59
GET /cdn-cgi/styles/challenges.css HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/kPFS6b3
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 01:59:31 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 20 Sep 2022 14:16:31 GMT
ETag: W/"6329cb3f-1896"
Server: cloudflare
CF-RAY: 74efae7628f4fac0-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Expires: Fri, 23 Sep 2022 03:59:31 GMT
Cache-Control: max-age=7200, public
Content-Encoding: gzip
ouo.press/favicon.ico
200 OK 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/kPFS6b3
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 01:59:31 GMT
Content-Type: image/x-icon
Content-Length: 0
Connection: keep-alive
Last-Modified: Sat, 14 Feb 2015 06:41:24 GMT
ETag: "54deee14-0"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=86400
CF-Cache-Status: HIT
Age: 3915
Accept-Ranges: bytes
Set-Cookie: __cf_bm=XSfuncsujkV808qhX3ZO1FUgaVroM.ZiRKygJhb7WMk-1663898371-0-AS0ZiKG+v1DRaVh6x7fupvqlxjh0ntl9DzWtAdr5m84NmWcudckoH4pl9xu/5OvuzwiYo6T+B6+TvU8IN8wza/A=; path=/; expires=Fri, 23-Sep-22 02:29:31 GMT; domain=.ouo.press; HttpOnly; SameSite=None
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74efae763f050b3d-OSL
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 01:59:31 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ouo.press/cdn-cgi/images/trace/managed/js/transparent.gif?ray=74efae73a9251bfa
200 OK 42 B URL HTTP/1.1 ouo.press/cdn-cgi/images/trace/managed/js/transparent.gif?ray=74efae73a9251bfa
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /cdn-cgi/images/trace/managed/js/transparent.gif?ray=74efae73a9251bfa HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/kPFS6b3
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 01:59:31 GMT
Content-Type: image/gif
Content-Length: 42
Connection: keep-alive
Last-Modified: Tue, 20 Sep 2022 14:16:31 GMT
ETag: "6329cb3f-2a"
Server: cloudflare
CF-RAY: 74efae76d910fac0-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Expires: Fri, 23 Sep 2022 03:59:31 GMT
Cache-Control: max-age=7200, public
Accept-Ranges: bytes
ouo.press/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=74efae73a9251bfa
200 OK 21 kB URL HTTP/1.1 ouo.press/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=74efae73a9251bfa
IP
File type HTML document, ASCII text, with very long lines (60705), with no line terminators
Hash aa6926a1e0d78eb3f0e4581b80585753
dec0b7bf7321a6dbbc2b7b2945e70f07a843f923
2a70687610f8a900c50575a9b70a5d35f9ee2334bfb893f94fd1409ebbafc860
GET /cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=74efae73a9251bfa HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/kPFS6b3?__cf_chl_rt_tk=R1SuQuCP1GmuCUCm6Bi48pjXBcOmxeSbwMnG7U8e.eU-1663898371-0-gaNycGzNAv0
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 01:59:31 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: max-age=0, must-revalidate
Set-Cookie: __cf_bm=_0913Lo761j5mTzp2GIsU6EiepXKDjaMTx_1lu6t0EQ-1663898371-0-AYWb2/inbB0Um2MScH9NW4I3jwUoP1rwzb60MjAWucie3Q9NIIIJR5Ja2YDFHcRWV64ROwYFYcvuQ/Pj45KAb0I=; path=/; expires=Fri, 23-Sep-22 02:29:31 GMT; domain=.ouo.press; HttpOnly; SameSite=None
Server: cloudflare
CF-RAY: 74efae76df330b3d-OSL
Content-Encoding: gzip
ouo.press/cdn-cgi/challenge-platform/h/g/flow/ov1/0.36448377359022466:1663895218:xEXyIaflSx_mWhBciLeoTBlfiQDk5Aag1i1ulIu30bE/74efae73a9251bfa/c67d56c4b9b3749
200 OK 53 kB URL HTTP/1.1 ouo.press/cdn-cgi/challenge-platform/h/g/flow/ov1/0.36448377359022466:1663895218:xEXyIaflSx_mWhBciLeoTBlfiQDk5Aag1i1ulIu30bE/74efae73a9251bfa/c67d56c4b9b3749
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash ac39507c14e51ebdff29ce39f80f7783
ea8dc71ddcdbc533c1fbce06242d4873fe8ead39
cb2771a37cf6e6808304a18cd79b99889ff68485df762c8a9a6ea9e390fbd89a
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/0.36448377359022466:1663895218:xEXyIaflSx_mWhBciLeoTBlfiQDk5Aag1i1ulIu30bE/74efae73a9251bfa/c67d56c4b9b3749 HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-type: application/x-www-form-urlencoded
CF-Challenge: c67d56c4b9b3749
Content-Length: 1759
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/kPFS6b3
Cookie: cf_chl_prog=e
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 01:59:31 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf_chl_gen: pmt7vRSjRskUYh7DnpBlUKET1ARNTMyijxyD1m6CIWqSkMNT9YKOUATcvLfYMnzDNO5NSIu0ugb3lgaaaTZmu4dD9AD6sfoYOfNO7ZpV2uIuapnH+r4yS9tiVaSCtU/tCCbtx7BvwFRDXdP7UmtGSCwuvz1GgqTj8kVjvgzROk1MKNzqKNQWdqxnWqNflrewSvuP02ULoq2E3q7Xxar1lmuh6UhSFNGIqAWZXm1ZuJ77MEu8dnZrqjMSPyF7B6DIdDW0EXbHdRCWpVbUa3+ravsSZJlFIEb1Vru0Zz6sa7Y=$ijrJEUxqliC0mhQo7zJcMA==
set-cookie: cf_chl_seq_c67d56c4b9b3749=cXzxGJ820vXVh3H;SameSite=Strict;HttpOnly
__cf_bm=QPWdSNrMq6FNfd8CZ2u7KQlO7qT.bWax7Iy6A.bwKeg-1663898371-0-AQwozfvxlxBVHSgjwCRHnjFSef3JbKNwVVvR3Y3RTQMQ8B1dkjCXNvvxRPd7FOOpEgf8tHe+1YvCJB8WlfMwIOs=; path=/; expires=Fri, 23-Sep-22 02:29:31 GMT; domain=.ouo.press; HttpOnly; SameSite=None
Server: cloudflare
CF-RAY: 74efae77df6e0b3d-OSL
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Fri, 23 Sep 2022 01:03:22 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Fri, 23 Sep 2022 01:13:47 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 794BCjzUGTxcZBBM52a9SKv4vrQF-kf9a7245s1p9UzQY0-vxYmrLA==
Age: 3370
ouo.press/cdn-cgi/challenge-platform/h/g/img/74efae73a9251bfa/1663898371826/qoGCEUAw_jMDtHK
200 OK 61 B URL HTTP/1.1 ouo.press/cdn-cgi/challenge-platform/h/g/img/74efae73a9251bfa/1663898371826/qoGCEUAw_jMDtHK
IP
File type PNG image data, 33 x 48, 8-bit/color RGB, non-interlaced\012- data
Hash cee4550c6bd60652cbaf4a37ea619ed8
df888ef8b53c6786e1f820319eec569b062a6119
f4995dfb1c25a6b8d5dd7dac0aac62ec5c07672fc59db85a37a712b530ebdbfe
GET /cdn-cgi/challenge-platform/h/g/img/74efae73a9251bfa/1663898371826/qoGCEUAw_jMDtHK HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/kPFS6b3
Cookie: cf_chl_prog=e
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 01:59:32 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cf_bm=7f33jri9WtCzMRk3wGKdSK.eOXoqcd7Ei08uhS.1qbE-1663898372-0-AeJlPVL8pr/k02QXNoubHSmIsb2bE8fHp/1KMo9Ti6lAY63/Kaj5dytWr83UcVRAhWtg6VuAK6YR5P3XTNy1Z84=; path=/; expires=Fri, 23-Sep-22 02:29:32 GMT; domain=.ouo.press; HttpOnly; SameSite=None
Server: cloudflare
CF-RAY: 74efae7a38110b3d-OSL
ocsp.digicert.com/
200 OK 471 B IP
Hash 86624f45fb3b7126dbe002f69c94dd86
30bcf274db5037122f989fb25dbf1e72c9ec417b
2cc9600578cf057dc499835773fb495caa60ac154c4945f0fc1f2b31d43f5502
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1940
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 01:59:32 GMT
Last-Modified: Fri, 23 Sep 2022 01:27:12 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: V3dnecFBR0hX1TSYlmlEQw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 8CXnu4IMHtNJtqaZ+Xqjli34GnM=
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5991
Expires: Fri, 23 Sep 2022 03:39:24 GMT
Date: Fri, 23 Sep 2022 01:59:33 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5991
Expires: Fri, 23 Sep 2022 03:39:24 GMT
Date: Fri, 23 Sep 2022 01:59:33 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5991
Expires: Fri, 23 Sep 2022 03:39:24 GMT
Date: Fri, 23 Sep 2022 01:59:33 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5991
Expires: Fri, 23 Sep 2022 03:39:24 GMT
Date: Fri, 23 Sep 2022 01:59:33 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9bb1df1b-7300-4e0d-ad7a-6e90b6c03299.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9bb1df1b-7300-4e0d-ad7a-6e90b6c03299.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e2bbb3856eeac20d0ee556c96144bf6c
76ac1f33cd006227162e12e7142e754562bec0c0
1e3f6551d401346b6d809d8feb9b36a9e0006f99f518d1130aa9bd630bfb6801
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9bb1df1b-7300-4e0d-ad7a-6e90b6c03299.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12538
x-amzn-requestid: 2ae96766-6999-44ec-8084-a19d26b3e118
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YpOJOHYFIAMFXYw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6326c3d4-060b96fa5fc99e79711bde3f;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 07:08:04 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: f2gWVJG2DTnIblkJjx4bkFIeg8GauM9TnrThPQPZTkAuL7D7AyG2TQ==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 17:48:34 GMT
age: 29459
etag: "76ac1f33cd006227162e12e7142e754562bec0c0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ea09a2e-db97-4846-b5c4-9bc0e69977bc.jpeg
200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ea09a2e-db97-4846-b5c4-9bc0e69977bc.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 634db5bfe2b27e608c3f3518b0c44ebb
06f5f63e681d711bd68626805c5dd2b902ebf9cf
935d3442ed37fe78df5fe40fac87ca00466a3e19ef3c72a80dae17ffbcacd45d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ea09a2e-db97-4846-b5c4-9bc0e69977bc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13000
x-amzn-requestid: 0658a29b-3c96-431c-ab00-952ab7365e1f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YioLNHd1oAMFkbw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632420ad-488015441a19070348de1398;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 07:07:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Vhg1m3Tpmoo68IBbutFCvjCLD6iBW3YWysB7hA837CwDK3DSSFp_KA==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 09:35:19 GMT
age: 59054
etag: "06f5f63e681d711bd68626805c5dd2b902ebf9cf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F155952bd-256a-4103-9017-437efcfb03bf.jpeg
200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F155952bd-256a-4103-9017-437efcfb03bf.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1985a957e6bc0c15d8489fa731e7f14e
4584bff61bf4d5c9b8fd3b97c048a8e6975e4323
9f3e1fd6e18d85d4f6645d077da643a3bc2cca611d5e85f534ba798102dca243
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F155952bd-256a-4103-9017-437efcfb03bf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7005
x-amzn-requestid: c805d882-7a00-4abd-a239-d8313d7df0c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4aBwEaMIAMF09A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd6d7-6d6a417f10c9628a16d438e1;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:42:47 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 7edV0FJytVSpHH-WkCiYzhW1JP4L6i6bpPCq9MTxPdhwFQTryf06BQ==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 21:53:16 GMT
age: 14777
etag: "4584bff61bf4d5c9b8fd3b97c048a8e6975e4323"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9444e811-e2d5-4901-a86d-9e9269a6f846.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9444e811-e2d5-4901-a86d-9e9269a6f846.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3b6b51846ec2b7d856b7dc12e4d720f4
5a69190a9a778a6979e11fafedd43e1031caf8e2
a497c04d1c9d0be88aa9c288423346e83c6a7b296295387b3b7b855c550492a2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9444e811-e2d5-4901-a86d-9e9269a6f846.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10927
x-amzn-requestid: ae562f19-3dd9-42b1-bb98-ab026140506e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YsqHOHguIAMFS7Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632823c7-6d4bcabf6879463427e68a50;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 08:09:43 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: u4DgvdhOG7agsl8-aoovMcR029kbfcAk9eoiUiHb-PZuq3RbbFg9Mw==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 21:48:51 GMT
age: 15042
etag: "5a69190a9a778a6979e11fafedd43e1031caf8e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ca56e32-b483-4063-a12c-be8fa8c3d85e.jpeg
200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ca56e32-b483-4063-a12c-be8fa8c3d85e.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7606ff88f05062b66970d9805f38987a
d47db5fcd83023b4a8de40a47d4510e183de387a
20f89dd859e5715e27c289040fac6a121248e5b6c06da0a7f186984ffb029eb2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ca56e32-b483-4063-a12c-be8fa8c3d85e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8497
x-amzn-requestid: 8543ac70-48ab-4523-856f-5d5fa1191c97
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yin-pEryoAMFTfQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6324205d-660bba3f655f940d143bc437;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 07:06:05 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: e9KUFhjuFMzjuh37rFiNKaMNVaGZwPGBkLrv0zgfSTT7dCIuWj4G9Q==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:11:27 GMT
age: 13686
etag: "d47db5fcd83023b4a8de40a47d4510e183de387a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ac33f06-9198-44a5-b43b-9cbcc092cf52.jpeg
200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ac33f06-9198-44a5-b43b-9cbcc092cf52.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1eab8da8cc1495a0221efadddd1a0bcc
4156c37b612d5fb99c6b061187a3cb0b314ae4a8
2fc5dbd9216f775cd305de80d17db2e6c74abcb1e30bfa7065c4d763a7345026
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ac33f06-9198-44a5-b43b-9cbcc092cf52.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9481
x-amzn-requestid: d527d22a-6822-4b90-b9cb-034f58f73c24
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y0IGl7oAMFSKg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4e7-13a676d9596cbd20663d2d8f;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:31 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: V8vtLV7n0bPpR5xQtqcH6WK7uBV4ObaMdy_9qN_TtISqAozEwPe0hA==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:11:15 GMT
age: 13698
etag: "4156c37b612d5fb99c6b061187a3cb0b314ae4a8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ouo.press/cdn-cgi/challenge-platform/h/g/flow/ov1/0.36448377359022466:1663895218:xEXyIaflSx_mWhBciLeoTBlfiQDk5Aag1i1ulIu30bE/74efae73a9251bfa/c67d56c4b9b3749
200 OK 3.1 kB URL HTTP/1.1 ouo.press/cdn-cgi/challenge-platform/h/g/flow/ov1/0.36448377359022466:1663895218:xEXyIaflSx_mWhBciLeoTBlfiQDk5Aag1i1ulIu30bE/74efae73a9251bfa/c67d56c4b9b3749
IP
File type ASCII text, with very long lines (4092), with no line terminators
Hash 4cc364a082b732ee4bfac78cd71b22a0
bcab0e84dba82b56ae8f61c17b5b67ed89c11ba2
522d585404a44b8a3daf272d1c253bde86dc4587084edc9938edaf8af87aab30
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/0.36448377359022466:1663895218:xEXyIaflSx_mWhBciLeoTBlfiQDk5Aag1i1ulIu30bE/74efae73a9251bfa/c67d56c4b9b3749 HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-type: application/x-www-form-urlencoded
CF-Challenge: c67d56c4b9b3749
Content-Length: 15245
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/kPFS6b3
Cookie: cf_chl_seq_c67d56c4b9b3749=cXzxGJ820vXVh3H; cf_chl_prog=b
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 01:59:34 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf_chl_gen: 2c3X489pUiiLEqtakPHzMpovVZ+/fL69A3BCuner3xc=$IL0Z6GJ9dyE1dHtw737h4g==
set-cookie: cf_chl_seq_c67d56c4b9b3749=KHUPA60MhQho5ow;SameSite=Strict;HttpOnly
__cf_bm=QUKw_M2vOlFRspobEecWuCYmrrcwLtrODn1djttKGQE-1663898374-0-AUWWV0hA0CewAvSOAlbjB/DURLX5po/NHC0hchXA0fxz72x5uVIBIjeMEFjnS2UzhsXTZn/QrvVefa/1kMUEvvE=; path=/; expires=Fri, 23-Sep-22 02:29:34 GMT; domain=.ouo.press; HttpOnly; SameSite=None
Server: cloudflare
CF-RAY: 74efae881b530b3d-OSL
Content-Encoding: gzip
ocsp.digicert.com/
200 OK 279 B IP
Hash ee6aad95aa5e0a7ce931e21213a958d5
d2c1e4f772baf5526df3042f823763db1257ce9b
28c9700aaf0834601a46809e7ebe0280a854362e7222e9b460e0a727d58f1a97
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2725
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 01:59:34 GMT
Last-Modified: Fri, 23 Sep 2022 01:14:09 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit
302 Found 0 B URL HTTP/2 challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Fri, 23 Sep 2022 01:59:34 GMT
content-length: 0
location: /turnstile/v0/192bead3/api.js?onload=_cf_chl_turnstile_l&render=explicit
cache-control: max-age: 300
vary: Accept-Encoding
server: cloudflare
cf-ray: 74efae888cdcfac0-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash ee6aad95aa5e0a7ce931e21213a958d5
d2c1e4f772baf5526df3042f823763db1257ce9b
28c9700aaf0834601a46809e7ebe0280a854362e7222e9b460e0a727d58f1a97
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2725
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 01:59:34 GMT
Last-Modified: Fri, 23 Sep 2022 01:14:09 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
ouo.press/cdn-cgi/challenge-platform/h/g/flow/ov1/0.36448377359022466:1663895218:xEXyIaflSx_mWhBciLeoTBlfiQDk5Aag1i1ulIu30bE/74efae73a9251bfa/c67d56c4b9b3749
200 OK 2.9 kB URL HTTP/1.1 ouo.press/cdn-cgi/challenge-platform/h/g/flow/ov1/0.36448377359022466:1663895218:xEXyIaflSx_mWhBciLeoTBlfiQDk5Aag1i1ulIu30bE/74efae73a9251bfa/c67d56c4b9b3749
IP
File type ASCII text, with very long lines (3712), with no line terminators
Hash 7dcc8f39ffa8d46e325cdc54cb6dfa20
a94674e7fc29e026e353a5d30f90d8747869417a
96b2fd7021ef5e03e6cd7738f1565989e228e890c00bb8df5e69f56f45b3efb9
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/0.36448377359022466:1663895218:xEXyIaflSx_mWhBciLeoTBlfiQDk5Aag1i1ulIu30bE/74efae73a9251bfa/c67d56c4b9b3749 HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-type: application/x-www-form-urlencoded
CF-Challenge: c67d56c4b9b3749
Content-Length: 15963
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/kPFS6b3
Cookie: cf_chl_seq_c67d56c4b9b3749=KHUPA60MhQho5ow; cf_chl_prog=b
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 01:59:37 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf_chl_out: sL5CkRGuX1Oj0qa4Zl7WVAcpC91BsL42iJYw0T1IQpbN7yn0QVx/r6Uw/K7L3QrSGJm8H5On0bv7gYoln88iDg==$wieWPOeVFB7DMBLkWz8ntA==
cf_chl_out_s: JECmvzNozckE+p+IDIkVyJQXgfnw5PmpUilCOJC1tjAQ3XXaXQ3LkdtCEYHLd5sNhoOACnYyH2+eRqR+XSeTO/NqD91o73QsdrfPBFW3szdwF3H5NdMU79kwys8vfBJKMzpWNX7CpiJ9XE+obrvUzQ==$O7GYpcYMZ0q6TzlyN0o+Xg==
set-cookie: cf_chl_rc_m=;Expires=Thu, 22 Sep 2022 01:59:37 GMT;SameSite=Strict
__cf_bm=50nGYEUsZ0wu8iLTWX1frebDXzpmn5B11q8_X1ubRvo-1663898377-0-AZt1QWk7fPgySSpAfAtBN5iBi9addYTHoocRG4q95I3/kUEAgvmr5osw/pwcspkH5OSN93V79ZzKg/u2DtMGHpI=; path=/; expires=Fri, 23-Sep-22 02:29:37 GMT; domain=.ouo.press; HttpOnly; SameSite=None
Server: cloudflare
CF-RAY: 74efae9b88560b3d-OSL
Content-Encoding: gzip
ouo.press/kPFS6b3
200 OK 3.5 kB IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1938)
Hash f3a666a8d8e1340c1f5f14489b4b4c6e
9791028bd481c8b5776d01e803289ef80465e3fd
5db0ff6378a64558e00bcd5676a76a7b2aab26abe3bfb50458e46573f8eb8fcb
POST /kPFS6b3 HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 1756
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/kPFS6b3?__cf_chl_tk=R1SuQuCP1GmuCUCm6Bi48pjXBcOmxeSbwMnG7U8e.eU-1663898371-0-gaNycGzNAv0
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 01:59:38 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
CF-Cache-Status: DYNAMIC
Set-Cookie: cf_clearance=5GHV1_JB3godbn.yzXHCjE20kKF1uOL1xYx5uG6B.9U-1663898377-0-250; path=/; expires=Sat, 23-Sep-23 02:59:37 GMT; domain=.ouo.press; HttpOnly
ouoio_session=eyJpdiI6IjRKbWZzN0FVNUdvRTVPcmNIWDYxcHdRRmdFakxBMklKdDBcLzZ3ZTJES2NVPSIsInZhbHVlIjoiNXVtK2ExbVQxbENvZzIyRXZqREpGM3FGRWtVZ2JDMlQ1U043V3Nac3ZreTkwdEd3aGxWSXNVVFl0NXRYZnQ5MTVubEg4SmVNR3ZDeGtCbzZOZU93Ync9PSIsIm1hYyI6IjBmYTVjOWYyZjc1MmEyZTdlNGMwYTZmYzcyM2YzNTFmOTFjZjQ4M2M4NTQ0Mzc3ZjBmOTI0ZDJhNTFlNzA2NDAifQ%3D%3D; path=/; httponly
language=eyJpdiI6ImYwOEJWY3lWOSsxRnlISG5uaTdwbkhKK1JGVmZHZitkeUlRWUhucjRVc1U9IiwidmFsdWUiOiI0Z3V3TWlKczI0SWR0blk4eTZ5bHV3ZnB0QXZCV3NWSUR2TUszVUd0aHJnPSIsIm1hYyI6ImE3M2ViOGFkN2Q5MDNlZTcyYmExMTRmZjk4OTEzZTE2MTRiYjZkMmYxNDU4MDk2ZTkxN2U5YjIxZDAzMWMzNzYifQ%3D%3D; expires=Wed, 22-Sep-2027 01:59:37 GMT; Max-Age=157680000; path=/; httponly
a8dbf2593645ff98d5654fdbf766cef32fdd073d=eyJpdiI6IjY1NlJvYnR4VEhnVjlDdmUzNHhYbk5XZUlhY0srYWhtVXp6eGJHb0hiVXc9IiwidmFsdWUiOiI4Y2RlalRRZUhwUDA5VHVPWk9tYVlJd05NcnpMZEZXWlVcL1wvXC9oOU8xVjZQZWFaWnkzN1orRzgxNEpVR21UQW1MYVgzc2RrUmxkdHVmUFpWMHhtbVllVFdOaGtRdHBOZCtSS0pEWW8yNVdFSExjUWlrdVJsdTZuQmJ0WlF0eWRPMlVFK1RPbmNHSFwvZTUrNldCdFwvMzAxQlAyeTBCVUNtTzM3VVZQYlVjTlI2QXhLTUx5d25XWEdTMUpBTkdKdnUwcmRXN1JEXC95S1YwaE1ZSWE5dlhLNWZiSlQrK2pRMndHcWFsWHc1ZTlPQjhSZUk5MVh0SWdBTmJ6bGh2d3VmeFlaSjU0cGV0N2dEdHNpQW4rVXBXSjVDaGtLOFdIeU92QUFDU2xGUEk1WUw0aWk5TlZ5T3YrMVAzZkthaWJtcmJCQ1wvcVRJSFdCR0VBWkZTTXUwMG1teTI3TUE2czJaQlc4YityRlkrbDUydkdQUWxnaTBFdEhHQktJXC9oNktLbUFjTSIsIm1hYyI6IjdlMmEyYTg1NWFiMzU3NTZkNmRiOWNjNTdhMTMwMzg5MDQxZjQyODA4ODY5ZmZmNjU1M2RjNGRkYTBkOWI3MjEifQ%3D%3D; expires=Fri, 23-Sep-2022 03:59:37 GMT; Max-Age=7200; path=/; httponly
__cf_bm=2aL2IbL9tbkuzwdv3.Oy5JO3wNHdkA0M_6doW03p7iQ-1663898378-0-AbuQ5RuslexkxcgYle64XRxCIAUvOTmc+0F57oS52A+NLL/yUolsv1qYtnUSg69ZCPk0VdAGy/+Q7NjvmJkWPkw=; path=/; expires=Fri, 23-Sep-22 02:29:38 GMT; domain=.ouo.press; HttpOnly; SameSite=None
Server: cloudflare
CF-RAY: 74efae9c98e20b3d-OSL
Content-Encoding: gzip
ouo.press/css/bootstrap.css
200 OK 18 kB URL HTTP/1.1 ouo.press/css/bootstrap.css
IP
File type ASCII text, with very long lines (65452)
Hash ecd7a3b8fdf856cece681f760bad623c
3c16d8b0523e3c6de3b20f7c7f9de2ae48a2949a
40f5215bfeb4c595389b7d02127c47c94e173dbca21022c9f67eca101d03ab92
GET /css/bootstrap.css HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/kPFS6b3
Cookie: language=eyJpdiI6ImYwOEJWY3lWOSsxRnlISG5uaTdwbkhKK1JGVmZHZitkeUlRWUhucjRVc1U9IiwidmFsdWUiOiI0Z3V3TWlKczI0SWR0blk4eTZ5bHV3ZnB0QXZCV3NWSUR2TUszVUd0aHJnPSIsIm1hYyI6ImE3M2ViOGFkN2Q5MDNlZTcyYmExMTRmZjk4OTEzZTE2MTRiYjZkMmYxNDU4MDk2ZTkxN2U5YjIxZDAzMWMzNzYifQ%3D%3D; cf_clearance=5GHV1_JB3godbn.yzXHCjE20kKF1uOL1xYx5uG6B.9U-1663898377-0-250; ouoio_session=eyJpdiI6IjRKbWZzN0FVNUdvRTVPcmNIWDYxcHdRRmdFakxBMklKdDBcLzZ3ZTJES2NVPSIsInZhbHVlIjoiNXVtK2ExbVQxbENvZzIyRXZqREpGM3FGRWtVZ2JDMlQ1U043V3Nac3ZreTkwdEd3aGxWSXNVVFl0NXRYZnQ5MTVubEg4SmVNR3ZDeGtCbzZOZU93Ync9PSIsIm1hYyI6IjBmYTVjOWYyZjc1MmEyZTdlNGMwYTZmYzcyM2YzNTFmOTFjZjQ4M2M4NTQ0Mzc3ZjBmOTI0ZDJhNTFlNzA2NDAifQ%3D%3D; a8dbf2593645ff98d5654fdbf766cef32fdd073d=eyJpdiI6IjY1NlJvYnR4VEhnVjlDdmUzNHhYbk5XZUlhY0srYWhtVXp6eGJHb0hiVXc9IiwidmFsdWUiOiI4Y2RlalRRZUhwUDA5VHVPWk9tYVlJd05NcnpMZEZXWlVcL1wvXC9oOU8xVjZQZWFaWnkzN1orRzgxNEpVR21UQW1MYVgzc2RrUmxkdHVmUFpWMHhtbVllVFdOaGtRdHBOZCtSS0pEWW8yNVdFSExjUWlrdVJsdTZuQmJ0WlF0eWRPMlVFK1RPbmNHSFwvZTUrNldCdFwvMzAxQlAyeTBCVUNtTzM3VVZQYlVjTlI2QXhLTUx5d25XWEdTMUpBTkdKdnUwcmRXN1JEXC95S1YwaE1ZSWE5dlhLNWZiSlQrK2pRMndHcWFsWHc1ZTlPQjhSZUk5MVh0SWdBTmJ6bGh2d3VmeFlaSjU0cGV0N2dEdHNpQW4rVXBXSjVDaGtLOFdIeU92QUFDU2xGUEk1WUw0aWk5TlZ5T3YrMVAzZkthaWJtcmJCQ1wvcVRJSFdCR0VBWkZTTXUwMG1teTI3TUE2czJaQlc4YityRlkrbDUydkdQUWxnaTBFdEhHQktJXC9oNktLbUFjTSIsIm1hYyI6IjdlMmEyYTg1NWFiMzU3NTZkNmRiOWNjNTdhMTMwMzg5MDQxZjQyODA4ODY5ZmZmNjU1M2RjNGRkYTBkOWI3MjEifQ%3D%3D
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 01:59:38 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=86400
Cf-Bgj: minify
Cf-Polished: origSize=109522
ETag: W/"54def1fc-1abd2"
Expires: Fri, 23 Sep 2022 08:50:17 GMT
Last-Modified: Sat, 14 Feb 2015 06:58:04 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
CF-Cache-Status: HIT
Age: 18561
Set-Cookie: __cf_bm=Lfa1Fz1f7VV_eEsSdp.IxNRDRf_lHqJpPoXTq4EKx70-1663898378-0-ASb2JvO4RNVaUqVjdH0M/uMV3jIbmJEFZ47gdxzb0bhwMQ719hv/RNNt0dZBxL/jnlxselTT+fTZ4aQ4ts9WUh4=; path=/; expires=Fri, 23-Sep-22 02:29:38 GMT; domain=.ouo.press; HttpOnly; SameSite=None
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74efae9f49920b3d-OSL
Content-Encoding: gzip
ouo.press/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
200 OK 655 B URL HTTP/1.1 ouo.press/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP
File type HTML document, ASCII text, with very long lines (1238)
Hash bc3ba461c8a309acf61b6d9c41cb6236
88482306ecc9258d5e9cbb9ba5314dab223a5db4
31331f1b1519882d2f2fb60367708fd56a7a1ec0bddd0554c635547179c7dc8f
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/kPFS6b3
Cookie: language=eyJpdiI6ImYwOEJWY3lWOSsxRnlISG5uaTdwbkhKK1JGVmZHZitkeUlRWUhucjRVc1U9IiwidmFsdWUiOiI0Z3V3TWlKczI0SWR0blk4eTZ5bHV3ZnB0QXZCV3NWSUR2TUszVUd0aHJnPSIsIm1hYyI6ImE3M2ViOGFkN2Q5MDNlZTcyYmExMTRmZjk4OTEzZTE2MTRiYjZkMmYxNDU4MDk2ZTkxN2U5YjIxZDAzMWMzNzYifQ%3D%3D; cf_clearance=5GHV1_JB3godbn.yzXHCjE20kKF1uOL1xYx5uG6B.9U-1663898377-0-250; ouoio_session=eyJpdiI6IjRKbWZzN0FVNUdvRTVPcmNIWDYxcHdRRmdFakxBMklKdDBcLzZ3ZTJES2NVPSIsInZhbHVlIjoiNXVtK2ExbVQxbENvZzIyRXZqREpGM3FGRWtVZ2JDMlQ1U043V3Nac3ZreTkwdEd3aGxWSXNVVFl0NXRYZnQ5MTVubEg4SmVNR3ZDeGtCbzZOZU93Ync9PSIsIm1hYyI6IjBmYTVjOWYyZjc1MmEyZTdlNGMwYTZmYzcyM2YzNTFmOTFjZjQ4M2M4NTQ0Mzc3ZjBmOTI0ZDJhNTFlNzA2NDAifQ%3D%3D; a8dbf2593645ff98d5654fdbf766cef32fdd073d=eyJpdiI6IjY1NlJvYnR4VEhnVjlDdmUzNHhYbk5XZUlhY0srYWhtVXp6eGJHb0hiVXc9IiwidmFsdWUiOiI4Y2RlalRRZUhwUDA5VHVPWk9tYVlJd05NcnpMZEZXWlVcL1wvXC9oOU8xVjZQZWFaWnkzN1orRzgxNEpVR21UQW1MYVgzc2RrUmxkdHVmUFpWMHhtbVllVFdOaGtRdHBOZCtSS0pEWW8yNVdFSExjUWlrdVJsdTZuQmJ0WlF0eWRPMlVFK1RPbmNHSFwvZTUrNldCdFwvMzAxQlAyeTBCVUNtTzM3VVZQYlVjTlI2QXhLTUx5d25XWEdTMUpBTkdKdnUwcmRXN1JEXC95S1YwaE1ZSWE5dlhLNWZiSlQrK2pRMndHcWFsWHc1ZTlPQjhSZUk5MVh0SWdBTmJ6bGh2d3VmeFlaSjU0cGV0N2dEdHNpQW4rVXBXSjVDaGtLOFdIeU92QUFDU2xGUEk1WUw0aWk5TlZ5T3YrMVAzZkthaWJtcmJCQ1wvcVRJSFdCR0VBWkZTTXUwMG1teTI3TUE2czJaQlc4YityRlkrbDUydkdQUWxnaTBFdEhHQktJXC9oNktLbUFjTSIsIm1hYyI6IjdlMmEyYTg1NWFiMzU3NTZkNmRiOWNjNTdhMTMwMzg5MDQxZjQyODA4ODY5ZmZmNjU1M2RjNGRkYTBkOWI3MjEifQ%3D%3D
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 01:59:38 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 20 Sep 2022 14:16:51 GMT
ETag: W/"6329cb53-4d7"
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74efae9f58f8b51d-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Expires: Sun, 25 Sep 2022 01:59:38 GMT
Cache-Control: max-age=172800, public
Content-Encoding: gzip
ouo.press/css/link-safe.css
200 OK 1.8 kB URL HTTP/1.1 ouo.press/css/link-safe.css
IP
Hash d91a45478adaa488ef4f1733dfa3c44c
3686ea901ce8ca85bb82f42bf0a8d39095ebf73d
4bb66b15dd5791ec4c9867c3a89ee2ef9bdb5f0bbd0d442a1fbfe2c34e9bc86b
GET /css/link-safe.css HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/kPFS6b3
Cookie: language=eyJpdiI6ImYwOEJWY3lWOSsxRnlISG5uaTdwbkhKK1JGVmZHZitkeUlRWUhucjRVc1U9IiwidmFsdWUiOiI0Z3V3TWlKczI0SWR0blk4eTZ5bHV3ZnB0QXZCV3NWSUR2TUszVUd0aHJnPSIsIm1hYyI6ImE3M2ViOGFkN2Q5MDNlZTcyYmExMTRmZjk4OTEzZTE2MTRiYjZkMmYxNDU4MDk2ZTkxN2U5YjIxZDAzMWMzNzYifQ%3D%3D; cf_clearance=5GHV1_JB3godbn.yzXHCjE20kKF1uOL1xYx5uG6B.9U-1663898377-0-250; ouoio_session=eyJpdiI6IjRKbWZzN0FVNUdvRTVPcmNIWDYxcHdRRmdFakxBMklKdDBcLzZ3ZTJES2NVPSIsInZhbHVlIjoiNXVtK2ExbVQxbENvZzIyRXZqREpGM3FGRWtVZ2JDMlQ1U043V3Nac3ZreTkwdEd3aGxWSXNVVFl0NXRYZnQ5MTVubEg4SmVNR3ZDeGtCbzZOZU93Ync9PSIsIm1hYyI6IjBmYTVjOWYyZjc1MmEyZTdlNGMwYTZmYzcyM2YzNTFmOTFjZjQ4M2M4NTQ0Mzc3ZjBmOTI0ZDJhNTFlNzA2NDAifQ%3D%3D; a8dbf2593645ff98d5654fdbf766cef32fdd073d=eyJpdiI6IjY1NlJvYnR4VEhnVjlDdmUzNHhYbk5XZUlhY0srYWhtVXp6eGJHb0hiVXc9IiwidmFsdWUiOiI4Y2RlalRRZUhwUDA5VHVPWk9tYVlJd05NcnpMZEZXWlVcL1wvXC9oOU8xVjZQZWFaWnkzN1orRzgxNEpVR21UQW1MYVgzc2RrUmxkdHVmUFpWMHhtbVllVFdOaGtRdHBOZCtSS0pEWW8yNVdFSExjUWlrdVJsdTZuQmJ0WlF0eWRPMlVFK1RPbmNHSFwvZTUrNldCdFwvMzAxQlAyeTBCVUNtTzM3VVZQYlVjTlI2QXhLTUx5d25XWEdTMUpBTkdKdnUwcmRXN1JEXC95S1YwaE1ZSWE5dlhLNWZiSlQrK2pRMndHcWFsWHc1ZTlPQjhSZUk5MVh0SWdBTmJ6bGh2d3VmeFlaSjU0cGV0N2dEdHNpQW4rVXBXSjVDaGtLOFdIeU92QUFDU2xGUEk1WUw0aWk5TlZ5T3YrMVAzZkthaWJtcmJCQ1wvcVRJSFdCR0VBWkZTTXUwMG1teTI3TUE2czJaQlc4YityRlkrbDUydkdQUWxnaTBFdEhHQktJXC9oNktLbUFjTSIsIm1hYyI6IjdlMmEyYTg1NWFiMzU3NTZkNmRiOWNjNTdhMTMwMzg5MDQxZjQyODA4ODY5ZmZmNjU1M2RjNGRkYTBkOWI3MjEifQ%3D%3D
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 01:59:38 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=86400
Cf-Bgj: minify
Cf-Polished: status=cannot_optimize
ETag: W/"5d951ace-1830"
Expires: Fri, 23 Sep 2022 12:54:14 GMT
Last-Modified: Wed, 02 Oct 2019 21:46:54 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
CF-Cache-Status: HIT
Age: 3924
Set-Cookie: __cf_bm=bnhlVHEFbC0FKAdc8Xd2pGuA0I5H7eMjxEM6uf5iuHE-1663898378-0-AWUtctKihouQloNcTevTZS+y3EPk9MV+056sIl/Axi9QgWSIgRQMN+qxuHXx2Nm/2KRBYSRLrKBIX57CO6l0V0Q=; path=/; expires=Fri, 23-Sep-22 02:29:38 GMT; domain=.ouo.press; HttpOnly; SameSite=None
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74efae9f498cfac0-OSL
Content-Encoding: gzip
hhklc.com/c.js
301 Moved Permanently 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.js HTTP/1.1
Host: hhklc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 301 Moved Permanently
Date: Fri, 23 Sep 2022 01:59:38 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 23 Sep 2022 02:59:38 GMT
Location: https://hhklc.com/c.js
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nwyg3%2BeC7cxpqAsvZpd0jE%2FwwZuH3HOhtSRJyxoV7oX03mDEgwXqJgAEGCbRO1pp9V9pq3YP0ec949yh9QcTgT2K8t99ymwjQgK%2BdiWNYBC%2BHB0KuPAT6u8eHig%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74efae9f68afb4fd-OSL
alt-svc: h2=":443"; ma=60
cdn.adtrue.com/rtb/async.js
301 Moved Permanently 0 B URL HTTP/1.1 cdn.adtrue.com/rtb/async.js
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rtb/async.js HTTP/1.1
Host: cdn.adtrue.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 301 Moved Permanently
Date: Fri, 23 Sep 2022 01:59:38 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 23 Sep 2022 02:59:38 GMT
Location: https://cdn.adtrue.com/rtb/async.js
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZzxuLkXa3kpUKWS6YNCRyxboxPCzIJQZLHz%2BltXBIIrnGJMAvylGIrLZxCTfdn2vxOh55G2OWs7z%2BIO%2BgcOXKvVfRJqH1rj9ZAmVuCtnhiqrjRD3vn2RmSL%2BFlxqyMAtTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74efae9f68f9b51b-OSL
alt-svc: h2=":443"; ma=60
fonts.googleapis.com/css?family=Questrial
200 OK 6.6 kB URL HTTP/1.1 fonts.googleapis.com/css?family=Questrial
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1196)
Hash 3367e4cebc07fda3b543c6920ebf79cb
090f2ce6231654c418067d5d280d1cf58cce4b24
fe4a02d695e6e1caee633b35e34b09b4b0b1d540b04afdfb84b683c628ce97f2
GET /css?family=Questrial HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Fri, 23 Sep 2022 01:59:38 GMT
Date: Fri, 23 Sep 2022 01:59:38 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
ocsp.digicert.com/
200 OK 278 B IP
Hash 391185a27666e752a053df02149226de
c55c53aaac37750f43fa06a24b84cd617779e0d6
b1039b1d1d634fc894b2a5fbf91e65ff1675de69687caaa5fd74f52c7643b203
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3532
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 01:59:38 GMT
Last-Modified: Fri, 23 Sep 2022 01:00:46 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 278
ecdn.analysis.fi/static/js/fab.js
200 OK 4.2 kB URL HTTP/1.1 ecdn.analysis.fi/static/js/fab.js
IP
File type ASCII text, with very long lines (574)
Hash 28a0bef1ecb63168106f97b637ab3414
e577575dd115f6a95aea8c2ae87d2c30c8464728
d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6
GET /static/js/fab.js HTTP/1.1
Host: ecdn.analysis.fi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 4240
Connection: keep-alive
Server: nginx/1.20.0
Last-Modified: Tue, 14 Dec 2021 15:30:51 GMT
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Date: Fri, 23 Sep 2022 01:38:46 GMT
Expires: Fri, 23 Sep 2022 02:38:44 GMT
Cache-Control: max-age=3600
ETag: "61b8b8ab-1090"
X-Cache: Hit from cloudfront
Via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: uRkqKStVOyKOjjJUPwRk8Y7HXP2FQcZk8OxYndNDva7H6cD5OEl0tQ==
Age: 1254
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 75a6c13f18620214e5e013385d752044
174c34759a1e50884846a2505f0be16c285d75cc
fe6fcbbe324ceefc1e833208faedaeae6934b34f868690e5ad4676b02c0b3bf0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 01:59:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ecdn.firstimpression.io/fi_client.js
200 OK 100 kB URL HTTP/1.1 ecdn.firstimpression.io/fi_client.js
IP
File type ASCII text, with very long lines (618)
Size 100 kB (100067 bytes)
Hash 5be601a76a41f537f9339034ea2a0a7a
a9ba6e6f8e7b851e5ef11e773d0a7ffe46060c4c
d9d9e284bacd815e5c7c6a26071e26f13f00cbd16dfb57d7c05ba376de303cee
GET /fi_client.js HTTP/1.1
Host: ecdn.firstimpression.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Date: Fri, 23 Sep 2022 01:34:42 GMT
Server: nginx/1.20.0
X-Powered-By: PHP/8.0.14
X-XSS-Protection: 0
Last-Modified: Fri, 23 Sep 2022 01:34:42 UTC
ETag: W/"54ae89e4bc15dc107f21e6b47e1502cc"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: VkjxGxaiyFo6l9invV0EHwsiM9deowe1KSiOA-uyj5TsbY-70iYWyQ==
Age: 1496
hhklc.com/c.js
200 OK 2.4 kB IP
File type ASCII text, with very long lines (8328), with no line terminators
Hash 048faa2c8f8e07667b92d6b445166fba
80bdde0028681f73010660f131695ce4ceb24ed0
6f0d88b34621fa77dc8c9944c5273fea4a9013c8a22d96d6138bf98e6c5fecb1
GET /c.js HTTP/1.1
Host: hhklc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ouo.press/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 01:59:38 GMT
content-type: application/javascript
last-modified: Mon, 19 Sep 2022 19:48:44 GMT
etag: W/"6328c79c-2088"
server-asp-net: Asp Net
expires: Fri, 23 Sep 2022 02:26:04 GMT
cache-control: public, max-age=14400
cf-cache-status: HIT
age: 1114
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EaYRoKRi7XIaTfo2k5sws1TmYIGGx%2BtkHljusyibfVH6hS084KVWyTeL2sAoY0QKlxQVH5kD10nzzKZOeH3%2BSEVkQ3NO7rbn%2FQYamlAAQ6iLYh2g1yKbx7n%2FB1Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74efae9fb8f70b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.google.com/recaptcha/api.js?render=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x
200 OK 585 B URL HTTP/2 www.google.com/recaptcha/api.js?render=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x
IP
File type ASCII text, with very long lines (884), with no line terminators
Hash ffc0e5974b36df4fbf86044645f56feb
582d8833edc2dab0f78d8f3a368dd36479481348
51fe629ea38f998cc3139171392cbae2a1348d03c75074cd60ae1fc03be69997
GET /recaptcha/api.js?render=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Fri, 23 Sep 2022 01:59:38 GMT
date: Fri, 23 Sep 2022 01:59:38 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 585
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash f4589cef50f0426b60bf56a1fadb93a5
7db92337dc8c6161e31f89f49db18c4cd22b871f
db8b6e5f5a4e43b9e8e835e9434f0f94ead7965c04dc4641dad639ac778d8215
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 01:59:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tv.gourdycortes.com/1clkn/48786
200 OK 26 B URL HTTP/1.1 tv.gourdycortes.com/1clkn/48786
IP
File type ASCII text, with no line terminators
Hash 414a242a6fee8464282857e475d3ef61
f669890350347f53aa9bd19c1a355692e8d17d2f
d4914e81dd0b4c1d8ee8e789f6b369d107b93ac886f862930e1a98580e79aafa
GET /1clkn/48786 HTTP/1.1
Host: tv.gourdycortes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 23 Sep 2022 01:59:38 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Set-Cookie: GL_UI4=eJw9jUtOwzAYhPMOVUnESDkAR2gi0rRLNqy4Q%2BTYf4Jp4r9y3Ae3xyDBbh6fZoIgiKoS4TWLEV9Ei%2BejGru9pJrkoW6a%2BuXQyLEdRDfWqunqdoeNXnsnhplcgseJDFkte8mKCjz56i85Gb6ZBOlghVEF0sUTc4F8sHxbyVYxEiMWQv6mLY1894T4ZIvouPdSGy%2FDHSJeq7jcIH3X5nIvt1lQFlmA7XkWbmS79Fp5m05WKEL4igcpHE1sv5ArWk%2BOzwDPqv%2Fnfz%2FT%2BWcNmaKrlt6y%2ByD7DTb9Sx8%3D; expires=Sat, 24-Sep-2022 01:59:38 GMT; Max-Age=86400; path=/
GL_GI10=eJxNjMFqg0AURXXSTCOK5UI%2FID9Qk7R2kW3TZdGFHzBY8xIGzDxxJm0mX181ULK5HA6cGwSBeE4hdIdku8m26yx%2FzTbvOWZHYoiiRNLw2bjeK1OfCLLg%2Frf2kD0dNRuI9RviG6uG94R5Ub7cuSmKS9vycjf%2BeDw0etxRIRr51j0O3eRm2nZIP1p9WVbcnt3wYhEZcsp2RHtEu%2Fq7pdVn9YX0304fMsRCW9X1fPEDPzl9oisbUnw4WHJSIPyR4g8Mt0dW; expires=Sat, 24-Sep-2022 01:59:38 GMT; Max-Age=86400; path=/
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash da0c49e71cb94c29072ef6fd36efa52e
bd58fc1dcf3061065e87493d7dfe46fb232b8851
a0fc507f1e014a458ca44dd7bea70b5d2d36b11da2ae73398cad416a9465657a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A0FC507F1E014A458CA44DD7BEA70B5D2D36B11DA2AE73398CAD416A9465657A"
Last-Modified: Wed, 21 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6975
Expires: Fri, 23 Sep 2022 03:55:53 GMT
Date: Fri, 23 Sep 2022 01:59:38 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 748f3b28db935832207086a2e4890b61
c402ad55fb49efa636b89e8b272f50123b4e673c
e666e5f16efab20876f06451b40fa8f1e596218dbb174f1b09289b0a8ade06ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E666E5F16EFAB20876F06451B40FA8F1E596218DBB174F1B09289B0A8ADE06BA"
Last-Modified: Tue, 20 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4440
Expires: Fri, 23 Sep 2022 03:13:38 GMT
Date: Fri, 23 Sep 2022 01:59:38 GMT
Connection: keep-alive
asia.hhkld.com/tag/load-105641.js
200 OK 4.2 kB URL HTTP/2 asia.hhkld.com/tag/load-105641.js
IP
File type ASCII text, with very long lines (2824)
Hash e5bf79e23046bc0485052732eaf03674
ac8385dd0d6e5d427e14e1f15975847fe4a5cedd
250894fd04293087af22e5e7f55d711c9907efa9659ce5f9497eddaf8ec97f65
GET /tag/load-105641.js HTTP/1.1
Host: asia.hhkld.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 01:59:38 GMT
content-type: application/javascript
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
set-cookie: sync6=%7B%22adform%22%3A1663898378%2C%22otm%22%3A1663898378%2C%22indexww3%22%3A1663898378%2C%22adapt%22%3A1663898378%2C%22improve%22%3A1663898378%2C%22sovrn%22%3A1663898378%2C%22between%22%3A1663898378%2C%22magnite%22%3A1663898378%7D; expires=Sat, 01-Oct-2022 01:59:38 GMT; Max-Age=691200
uid=jV7KsGMtEwpwsgR2o4yTAg==; expires=Sat, 23-Sep-23 01:59:38 GMT; domain=.hhkld.com; path=/
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
content-encoding: gzip
X-Firefox-Spdy: h2
hhkld.com/logs/req/site?sid=105641&uid=&event=playerLoaded&v=206231&cb=1663898377815
200 OK 43 B URL HTTP/2 hhkld.com/logs/req/site?sid=105641&uid=&event=playerLoaded&v=206231&cb=1663898377815
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /logs/req/site?sid=105641&uid=&event=playerLoaded&v=206231&cb=1663898377815 HTTP/1.1
Host: hhkld.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 01:59:38 GMT
content-type: image/gif
content-length: 43
last-modified: Tue, 28 Jun 2022 15:48:44 GMT
etag: "62bb22dc-2b"
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsalphasha2g2
200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP
Hash 8bd63b3196d06f1a873646e1cbee6378
c57f4193c5b633f8bab48b211c7d4e95451aacdf
06fcea611196ef681dc6f8099af2e57569489c24f740f9f253a1cf2433f5641b
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 01:59:38 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Tue, 27 Sep 2022 00:17:19 GMT
ETag: "c57f4193c5b633f8bab48b211c7d4e95451aacdf"
Last-Modified: Fri, 23 Sep 2022 00:17:20 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 653
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74efaea23eca1c0a-OSL
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 0dd3f73a36152547cf6f8efd3e4e9ed1
da39b3477c1f511b8f74ad5ea6a3cffee4476800
bad6354f9453d9ef22a85ec0671d30fd6e2afdd5c7575069aea14ff2683d6b96
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BAD6354F9453D9EF22A85EC0671D30FD6E2AFDD5C7575069AEA14FF2683D6B96"
Last-Modified: Wed, 21 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4523
Expires: Fri, 23 Sep 2022 03:15:01 GMT
Date: Fri, 23 Sep 2022 01:59:38 GMT
Connection: keep-alive
sync.viavideo.digital/tools/sync?dsp=26&uid=b6cb8e0c-dbf4-4967-bd51-3003ee9f4053&gdpr=0&gdpr_consent=&us_privacy=
301 Moved Permanently 0 B URL HTTP/2 sync.viavideo.digital/tools/sync?dsp=26&uid=b6cb8e0c-dbf4-4967-bd51-3003ee9f4053&gdpr=0&gdpr_consent=&us_privacy=
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tools/sync?dsp=26&uid=b6cb8e0c-dbf4-4967-bd51-3003ee9f4053&gdpr=0&gdpr_consent=&us_privacy= HTTP/1.1
Host: sync.viavideo.digital
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ouo.press/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 23 Sep 2022 01:59:38 GMT
content-length: 0
location: https://sync.hhkld.com/tools/sync?dsp=26&uid=b6cb8e0c-dbf4-4967-bd51-3003ee9f4053&gdpr=0&gdpr_consent=&us_privacy=&viads_uid=ccmh62n2tal37k67gp6gXx
set-cookie: uid=ccmh62n2tal37k67gp6gXx; expires=Sat, 23 Sep 2023 01:59:38 GMT; domain=.viavideo.digital; path=/
X-Firefox-Spdy: h2
sync.dmp.otm-r.com/match/vibe
204 No Content 0 B URL HTTP/2 sync.dmp.otm-r.com/match/vibe
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/vibe HTTP/1.1
Host: sync.dmp.otm-r.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx/1.17.4
date: Fri, 23 Sep 2022 01:59:38 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
sync.hhkld.com/tools/sync?dsp=26&uid=b6cb8e0c-dbf4-4967-bd51-3003ee9f4053&gdpr=0&gdpr_consent=&us_privacy=&viads_uid=ccmh62n2tal37k67gp6gXx
301 Moved Permanently 0 B URL HTTP/2 sync.hhkld.com/tools/sync?dsp=26&uid=b6cb8e0c-dbf4-4967-bd51-3003ee9f4053&gdpr=0&gdpr_consent=&us_privacy=&viads_uid=ccmh62n2tal37k67gp6gXx
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tools/sync?dsp=26&uid=b6cb8e0c-dbf4-4967-bd51-3003ee9f4053&gdpr=0&gdpr_consent=&us_privacy=&viads_uid=ccmh62n2tal37k67gp6gXx HTTP/1.1
Host: sync.hhkld.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ouo.press/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 23 Sep 2022 01:59:38 GMT
content-length: 0
location: https://sync.vicodes.com/tools/sync?dsp=26&uid=b6cb8e0c-dbf4-4967-bd51-3003ee9f4053&gdpr=0&gdpr_consent=&us_privacy=&viads_uid=ccmh62n2tal37k67gp6gXx
set-cookie: uid=ccmh62n2tal37k67gp6gXx; expires=Sat, 23 Sep 2023 01:59:38 GMT; domain=.hhkld.com; path=/
X-Firefox-Spdy: h2
itineraryupper.com/ed/36/01/ed36014633829dc70a42dccaefdf3f11.js
200 OK 13 kB URL HTTP/1.1 itineraryupper.com/ed/36/01/ed36014633829dc70a42dccaefdf3f11.js
IP
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (37182), with no line terminators
Hash 3060d4f60f1e373d4b9f5314308f2865
04472cd336145deac8c7e17f2ebebd6d8138ac10
f3b449bac75466d2c3b5d3e3ce09d8205172004e058bf2ed29fc2708e915bcd7
Analyzer Verdict Alert fortinet Malware
GET /ed/36/01/ed36014633829dc70a42dccaefdf3f11.js HTTP/1.1
Host: itineraryupper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Fri, 23 Sep 2022 01:59:38 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b4ba1d91cece325d2cda7732e5db90d6
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
hhkld.com/rucdn/static/report.svg
200 OK 3.0 kB URL HTTP/2 hhkld.com/rucdn/static/report.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2042)
Hash c12dad0e0d31548287471223d9118b54
d40516c15ebc64ab96d309a7c0e2e49443d04bb2
8f03524fcc1c423e5375ee91780af2493c8f24426b5b85b058d0a3fbf76fcb34
GET /rucdn/static/report.svg HTTP/1.1
Host: hhkld.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 01:59:38 GMT
content-type: image/svg+xml
content-length: 3025
last-modified: Wed, 22 Jun 2022 05:10:01 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public, no-transform
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.gstatic.com/s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2
200 OK 19 kB URL HTTP/1.1 fonts.gstatic.com/s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 19292, version 1.0\012- data
Hash 19007b17e56daa60133bce9e9b352a95
bac1384caeae5762e7a1d8c18037f69c8cd21bc4
fd88a03358ba14440b78c6329717bdf6ed1a9fe97c3ad4e0a0a39d31fb1ac546
GET /s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://ouo.press
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 19292
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 22 Sep 2022 09:06:13 GMT
Expires: Fri, 22 Sep 2023 09:06:13 GMT
Cache-Control: public, max-age=31536000
Age: 60805
Last-Modified: Wed, 27 Apr 2022 16:12:54 GMT
Content-Type: font/woff2
hhkld.com/rucdn/js/player/hls2.js
200 OK 113 kB URL HTTP/2 hhkld.com/rucdn/js/player/hls2.js
IP
Size 113 kB (112854 bytes)
Hash 18a2f7ae6dc328726023e97aa6e23f99
a1c726cc1e69a20771a7913f76a967a18e209c26
c5f23068bb2be8ca50a4ae626e20b0009cd6b5a6b4ada00d7d25d49b2345501f
GET /rucdn/js/player/hls2.js HTTP/1.1
Host: hhkld.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 01:59:38 GMT
content-type: application/javascript
last-modified: Wed, 22 Jun 2022 03:32:17 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public, no-transform
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
content-encoding: gzip
X-Firefox-Spdy: h2
exchange.adtrue.com/delivery/impress?pzoneid=12953&ref=http%3A%2F%2Fouo.press%2FkPFS6b3&cb=1035427817&timeZone=0&adWidth=300&adHeight=250&loc=http://ouo.press/kPFS6b3
301 Moved Permanently 0 B URL HTTP/1.1 exchange.adtrue.com/delivery/impress?pzoneid=12953&ref=http%3A%2F%2Fouo.press%2FkPFS6b3&cb=1035427817&timeZone=0&adWidth=300&adHeight=250&loc=http://ouo.press/kPFS6b3
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /delivery/impress?pzoneid=12953&ref=http%3A%2F%2Fouo.press%2FkPFS6b3&cb=1035427817&timeZone=0&adWidth=300&adHeight=250&loc=http://ouo.press/kPFS6b3 HTTP/1.1
Host: exchange.adtrue.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 301 Moved Permanently
Date: Fri, 23 Sep 2022 01:59:38 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 23 Sep 2022 02:59:38 GMT
Location: https://exchange.adtrue.com/delivery/impress?pzoneid=12953&ref=http%3A%2F%2Fouo.press%2FkPFS6b3&cb=1035427817&timeZone=0&adWidth=300&adHeight=250&loc=http://ouo.press/kPFS6b3
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0h2%2Fh6Thwo4MiZBDgo8iEKeZuO4WcnA1Q9g9yV0VsKUiqAGT%2FLx5w%2F26pqtdSbK6LibiOCVtJu7gy9JlzDlBFgn5Gi92Xp%2Fr5oT6d19Li%2F7ZlrBPd6I%2BP%2B81YP582t65UiXs8aNI"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74efaea3cbdeb4e8-OSL
alt-svc: h2=":443"; ma=60
sync.vicodes.com/tools/sync?dsp=26&uid=b6cb8e0c-dbf4-4967-bd51-3003ee9f4053&gdpr=0&gdpr_consent=&us_privacy=&viads_uid=ccmh62n2tal37k67gp6gXx
200 OK 43 B URL HTTP/2 sync.vicodes.com/tools/sync?dsp=26&uid=b6cb8e0c-dbf4-4967-bd51-3003ee9f4053&gdpr=0&gdpr_consent=&us_privacy=&viads_uid=ccmh62n2tal37k67gp6gXx
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /tools/sync?dsp=26&uid=b6cb8e0c-dbf4-4967-bd51-3003ee9f4053&gdpr=0&gdpr_consent=&us_privacy=&viads_uid=ccmh62n2tal37k67gp6gXx HTTP/1.1
Host: sync.vicodes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ouo.press/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 01:59:38 GMT
content-type: image/gif
content-length: 43
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Accept
access-control-allow-methods: GET, POST
access-control-allow-origin: *
last-modified: Fri, 23 Sep 2022 01:59:38 GMT
expires: Wed, 11 Nov 1998 11:11:11 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
set-cookie: uid=ccmh62n2tal37k67gp6gXx; expires=Sat, 23 Sep 2023 01:59:38 GMT; domain=.vicodes.com; path=/
X-Firefox-Spdy: h2
viavideo.digital/vi/19_ENG.m3u8
200 OK 566 B URL HTTP/2 viavideo.digital/vi/19_ENG.m3u8
IP
Hash 6206be586663d48cbeea794ded0a4d8f
6629445fe1752f95308253ba5d78c965a0867a1a
6c78ecbeb616994fe99378f6f1399a53b5e439090176e6bc4dc7623f3566f5b9
GET /vi/19_ENG.m3u8 HTTP/1.1
Host: viavideo.digital
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 01:59:38 GMT
content-type: application/vnd.apple.mpegurl
content-length: 566
last-modified: Sun, 26 Jun 2022 07:47:47 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public, no-transform
access-control-allow-origin: http://ouo.press
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.adtrue.com/pb/prebid.js?V=1.2
301 Moved Permanently 1.9 kB URL HTTP/1.1 cdn.adtrue.com/pb/prebid.js?V=1.2
IP
Hash 52cd98d8bd2757114c86d71cb828236c
7c4a8862f4e8bc2020f19948105bb73abd966c91
e5f3e2e9900632c5eda0f3f5b3ee6fb628cc9776e86d9fd93bde73bfa6347934
GET /pb/prebid.js?V=1.2 HTTP/1.1
Host: cdn.adtrue.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 301 Moved Permanently
Date: Fri, 23 Sep 2022 01:59:38 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 23 Sep 2022 02:59:38 GMT
Location: https://cdn.adtrue.com/pb/prebid.js?V=1.2
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sgW69DWiZ0GP%2BTSK6u54z2tVtiVc9v2CRQOKjEYMc2WHY2Krpb5dWBkrDkWBm6h6ahuP3dHXdh4sOuxCmZMj3Xy2qsqUSCctItlRea9u0m1%2BH4TvNYiQWF2wpbOv2xN%2B8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74efaea46be3b51b-OSL
alt-svc: h2=":443"; ma=60
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 389994a7455c8c61e967ada2ec63a895
cc36df56270f6896aeafa490b1078679c818ee0b
39f2483a1b6bc748449a6c432e657e51e0a1af2704bc35490955f0c9d110eb8a
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 23 Sep 2022 01:59:38 GMT
Last-Modified: Fri, 23 Sep 2022 00:48:50 GMT
Server: ECS (nyb/1D23)
X-Cache: Miss from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: pxqlPKA_KEkA1auGXZRFOLGpSa_hiby2EhMImBzTHURZ8fx5o0WaSg==
Age: 4248
track.adtrue.com/track/request?pzoneid=12953&domain=ouo.press&ref=http%3A%2F%2Fouo.press%2FkPFS6b3&loc=http%3A%2F%2Fouo.press%2FkPFS6b3
301 Moved Permanently 0 B URL HTTP/1.1 track.adtrue.com/track/request?pzoneid=12953&domain=ouo.press&ref=http%3A%2F%2Fouo.press%2FkPFS6b3&loc=http%3A%2F%2Fouo.press%2FkPFS6b3
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /track/request?pzoneid=12953&domain=ouo.press&ref=http%3A%2F%2Fouo.press%2FkPFS6b3&loc=http%3A%2F%2Fouo.press%2FkPFS6b3 HTTP/1.1
Host: track.adtrue.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 23 Sep 2022 01:59:38 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 23 Sep 2022 02:59:38 GMT
Location: https://track.adtrue.com/track/request?pzoneid=12953&domain=ouo.press&ref=http%3A%2F%2Fouo.press%2FkPFS6b3&loc=http%3A%2F%2Fouo.press%2FkPFS6b3
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NgWllINbU67OlM9j948vBIA6YSXDw7xlkZR464SBuHTws%2FYlhNwGGP2TR8BYnsUFD8MPy61GXLQPw8JymMoYUcbCA8iegSbY4a6E%2FuALsTMM109ZBa1X%2FBsXDtGKNo0J9zwN"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74efaea47a3db515-OSL
alt-svc: h2=":443"; ma=60
creepingbrings.com/sfp.js
200 OK 23 kB URL HTTP/1.1 creepingbrings.com/sfp.js
IP
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash 487ad2b48cd98e36abf708a3b60f4a36
ccf7b110523d50bb619becd48c3f013cc5fdce87
768eff747f795e1232d182eb859170e32d4f06ed29da872c09af5363c459668f
GET /sfp.js HTTP/1.1
Host: creepingbrings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 01:59:38 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: max-age=14400
X-Request-ID: f3380bb78885edc01a695b2d30cc4554
Strict-Transport-Security: max-age=0; includeSubdomains
CF-Cache-Status: EXPIRED
Last-Modified: Fri, 23 Sep 2022 01:59:38 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JmlO23YNsY0FaKjmjj%2BCGeMKV8L7w%2BPTqKaNDST2tZ%2FO%2Fs283ZsvxwMVWrCBj%2BCmGNFXe27fqtnseaNMjxaOJV%2BXMYd71J1mZiMEEoeicU9niy8SG6E7wY3c11QN3bz5mea1BJQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74efaea36996773e-LHR
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
simplewebanalysis.com/stats
200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP
File type ASCII text, with no line terminators
Hash 557031daf235f995ab76ae1334038bdf
6081637fa7363d48c2dd27c50913650266dfe16b
270d04dce75d3d1f91a65ac2e7ede16061a7f1010fa83a93a0e8ea4d32cbcea4
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 01:59:38 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://ouo.press
access-control-allow-credentials: true
set-cookie: uid_id2=95720e30-ef33-4dba-a7bd-e2fd4fa99a81:1:1; expires=Mon, 20 Sep 2032 01:59:38 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
200 OK 80 kB URL HTTP/1.1 ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 6a4ce36b0d03543974d71b88fa37145d
a5c1750aab7489f287c98bae25f5afff0ed16ce8
30fb02ff951a4220268d02c95e2dbd16adfad28b179a89e9643d75ade8809aaf
GET /AdServer/js/pwt/155495/4202/pwt.js HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 200 OK
Last-Modified: Wed, 27 Oct 2021 05:33:12 GMT
ETag: "1241a12-3fca8-5cf4eee137dd8"
Server: Apache
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Type: text/javascript
Content-Length: 80538
Cache-Control: max-age=137829
Expires: Sat, 24 Sep 2022 16:16:47 GMT
Date: Fri, 23 Sep 2022 01:59:38 GMT
Connection: keep-alive
Vary: Accept-Encoding
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 375756444a8871bbe816165e294fb262
2f9e18473daa3daae633a4df448a2230e77f8c33
c2e94c3082cb76fad8f5ace3c686f46d43c807b7f2d3cb9f2b4d9965b91af4c2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 01:59:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
viavideo.digital/vi/19_ENG0.ts
200 OK 515 kB URL HTTP/2 viavideo.digital/vi/19_ENG0.ts
IP
Size 515 kB (515308 bytes)
Hash c5a2a11a945751cdc42d2f10b12d9a92
ccf7adaff9640202056b64dc54a66daac236c48e
6787c997fd3be922e3a09fea77ecd244b9f9f381a953cc4bb3ea738045906eff
GET /vi/19_ENG0.ts HTTP/1.1
Host: viavideo.digital
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 01:59:38 GMT
content-type: video/mp2t
content-length: 515308
last-modified: Sun, 26 Jun 2022 07:47:49 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public, no-transform
access-control-allow-origin: http://ouo.press
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=GTM-NPLC9ST
200 OK 45 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=GTM-NPLC9ST
IP
File type ASCII text, with very long lines (1720)
Hash ff1c58d0e7a2d86e1938953c8c71d856
ebc24458abb09a45eba1fc60ffe468819e6d587d
75358ac9b9524a3fc7eeeb71f519d315b2fc97fa6d34ed819526b7c50ca7a30c
GET /gtag/js?id=GTM-NPLC9ST HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.adtrue.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 23 Sep 2022 01:59:39 GMT
expires: Fri, 23 Sep 2022 01:59:39 GMT
cache-control: private, max-age=900
last-modified: Fri, 23 Sep 2022 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 45415
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
widgets.outbrain.com/images/widgetIcons/achoice.svg
200 OK 2.7 kB URL HTTP/2 widgets.outbrain.com/images/widgetIcons/achoice.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2290)
Hash 9d26fa4e7238ed94f1d0d92afb453b3e
ae18efe7d09337bf2f580b3f5bc912284aad7821
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
GET /images/widgetIcons/achoice.svg HTTP/1.1
Host: widgets.outbrain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/svg+xml
etag: "9d26fa4e7238ed94f1d0d92afb453b3e:1662969032.874716"
last-modified: Mon, 12 Sep 2022 07:37:47 GMT
server: AkamaiNetStorage
content-length: 2735
cache-control: max-age=2592000
expires: Sun, 23 Oct 2022 01:59:39 GMT
date: Fri, 23 Sep 2022 01:59:39 GMT
timing-allow-origin: *, *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 96f3639e0f20067a501f4b23622ccf27
a884b6a89d018d029940c30ab48af2bf2faeb00b
c658c6f010108155b7a741ed0b1ee8ddcbc365ead7700ace26560a0be1798afc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 01:59:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 471 B IP
Hash b1b12ef71e24748e1b6e935c300e7c0a
89f05674cc535cae0a9bf420e0aeef0595d1f204
0657c349a7ab260d08689d74a83ef24161d0da80fed75b097973eddcea3018d9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3982
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 01:59:39 GMT
Last-Modified: Fri, 23 Sep 2022 00:53:17 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash edd6c63988b69a64a51433c3fd91b0ba
a0a41a5403a2c397d70cfa267c1d6407250df043
c9b1efff4ebf41ad54d3137ee7a93b688c66765df99e387ae730b39abe2f115f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 01:59:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
200 OK 104 B URL HTTP/2 ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
IP
File type MS Windows icon resource - 2 icons, 16x16, 16 colors, 32x32, 16 colors\012- data
Hash 32ac8a9b81788b981a3a7e13c14082d4
fbfd48a2bfe8d4247a975176f88d18c3c2ad1952
00cc7617e054596ff0aaabd8a93a9214dc5304bfe317316022dbf4fb3ea073d2
GET /favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250 HTTP/1.1
Host: ad.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 104
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 19:35:30 GMT
expires: Fri, 23 Sep 2022 19:35:30 GMT
cache-control: public, max-age=86400
age: 23049
last-modified: Tue, 08 May 2012 13:08:06 GMT
content-type: image/x-icon
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ssum-sec.casalemedia.com/usermatchredir?s=197828&cb=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D50%26uid%3D
302 Found 0 B URL HTTP/2 ssum-sec.casalemedia.com/usermatchredir?s=197828&cb=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D50%26uid%3D
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usermatchredir?s=197828&cb=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D50%26uid%3D HTTP/1.1
Host: ssum-sec.casalemedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Fri, 23 Sep 2022 01:59:39 GMT
content-length: 0
location: /usermatchredir?cb=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D50%26uid%3D&s=197828&C=1
cf-ray: 74efaea5da56b517-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
set-cookie: CMID=Yy0TC4xHQ2pI1XPuSYyuKQAA; Path=/; Domain=casalemedia.com; Expires=Sat, 23 Sep 2023 01:59:39 GMT; Max-Age=31536000; Secure; SameSite=None
CMPS=4470; Path=/; Domain=casalemedia.com; Expires=Thu, 22 Dec 2022 01:59:39 GMT; Max-Age=7776000; Secure; SameSite=None
CMPRO=4470; Path=/; Domain=casalemedia.com; Expires=Thu, 22 Dec 2022 01:59:39 GMT; Max-Age=7776000; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fhPSZLfO0GzvX5PCMZnCt93bR0iXOiNTLVEHuIibC5OQrHf0Mx9XO9YFxt2O%2BMO1JSoudU7j1S8GOyZSYTLhbHEGNFzFJiKS4aNU8Jt9HdHvrCGh5OmSfpo8QsYEqOYd9IO8uKAcC8WLPw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 83be7f3dd1b409490d0fc2c67deaf983
745d9cf42b27eb75313a4ac5142188a4849f1941
3243e372ad537eb025db0e72c0c3574a79c75482c96d8dbd1b372dec616448b9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2848
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 01:59:39 GMT
Last-Modified: Fri, 23 Sep 2022 01:12:11 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 375756444a8871bbe816165e294fb262
2f9e18473daa3daae633a4df448a2230e77f8c33
c2e94c3082cb76fad8f5ace3c686f46d43c807b7f2d3cb9f2b4d9965b91af4c2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 01:59:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D30%26uid%3D%24UID
200 OK 43 B URL HTTP/2 cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D30%26uid%3D%24UID
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /cookie?redirect_url=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D30%26uid%3D%24UID HTTP/1.1
Host: cm.adform.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 01:59:39 GMT
content-type: image/gif
content-length: 43
X-Firefox-Spdy: h2
status.geotrust.com/
200 OK 471 B IP
Hash c5c0104d74a5e7a5f40d734fd0724658
9e733e6164c335fc1d71fad8502dcb32ebb89ce5
04096290295e0072d17cfb0ea3fa015befe7fb23b1beafd09411048e5886e85d
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4026
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 01:59:39 GMT
Last-Modified: Fri, 23 Sep 2022 00:52:33 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
www.googletagmanager.com/gtag/js?id=G-0DTZ6LRDBJ&l=dataLayer&cx=c
200 OK 75 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-0DTZ6LRDBJ&l=dataLayer&cx=c
IP
File type HTML document text\012- HTML document, ASCII text
Hash 645990c6109ebbe3a3cc8311ef2a9282
9de161e955cb2cb11002a2f48a736572cf65eecb
23f8be4346ead7734489f6116a6a6b87311e4e43ef7c48afb10a7113d72d52bd
GET /gtag/js?id=G-0DTZ6LRDBJ&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.adtrue.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 23 Sep 2022 01:59:39 GMT
expires: Fri, 23 Sep 2022 01:59:39 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 74584
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/zmiYzsHi8INTJBWt2QZC9aM5/recaptcha__en.js
200 OK 158 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/zmiYzsHi8INTJBWt2QZC9aM5/recaptcha__en.js
IP
File type ASCII text, with very long lines (581)
Size 158 kB (157726 bytes)
Hash 6519c7c04cf32a57b1c5ee45a73c233e
4939bb921988e9eb13780cc2244f3099776e9bfb
8352dd4e3e0fe82562cdc280c020fc31d2c6d054f7ead441a3b18de8ef04401b
GET /recaptcha/releases/zmiYzsHi8INTJBWt2QZC9aM5/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 157726
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 05:37:29 GMT
expires: Thu, 21 Sep 2023 05:37:29 GMT
cache-control: public, max-age=31536000
age: 159730
last-modified: Wed, 14 Sep 2022 00:24:01 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 2c6972891cc70d66a9aa944c4b96f013
23804eac528c9258f1378c6df331fbb3b43906fd
3bc9d2ab21519087c6f744d8d85e84ec64cad9f69325d061b177fab1c629838b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 783
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 01:59:39 GMT
Last-Modified: Fri, 23 Sep 2022 01:46:36 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
pixel.rubiconproject.com/exchange/sync.php?p=pbs-viva&gdpr=0&gdpr_consent=&us_privacy=0
204 No Content 0 B URL HTTP/1.1 pixel.rubiconproject.com/exchange/sync.php?p=pbs-viva&gdpr=0&gdpr_consent=&us_privacy=0
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /exchange/sync.php?p=pbs-viva&gdpr=0&gdpr_consent=&us_privacy=0 HTTP/1.1
Host: pixel.rubiconproject.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 0163a7456b0a5605e8b1fb1d4fba3e4d
Content-Type: image/gif
ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D50%26uid%3D&s=197828&C=1
302 Found 0 B URL HTTP/2 ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D50%26uid%3D&s=197828&C=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usermatchredir?cb=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D50%26uid%3D&s=197828&C=1 HTTP/1.1
Host: ssum-sec.casalemedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ouo.press/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Fri, 23 Sep 2022 01:59:39 GMT
content-length: 0
location: https://sync.viavideo.digital/tools/sync?dsp=50&uid=0
cf-ray: 74efaea64a93b517-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LJ56FHdliqo316YUqTbS42g%2F6EQDUbOqzMPIFxZxvquRfYMsjGj1INJwu%2FJEOwtTGUHzg6vm3%2BkuEDJHLeR%2Bwp0%2FEU8HvRThn6jvZi7zeZqpwK0ZdgnkGY%2FTdJqLwdaBcmJABmB2BOfx1w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 312 B IP
Hash 3f2f748122a715c256e37c1460922869
9032c3d10c7ca79de8d2aed5469af3302c091f95
f155c9bf2c776fc64927e9ff6a3f7928adb5fce82d1456dc3a8f8ac8a445e304
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6159
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 01:59:39 GMT
Last-Modified: Fri, 23 Sep 2022 00:17:00 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 312
fptadtrue-d.openx.net/w/1.0/arj?ju=http%3A%2F%2Fouo.press%2FkPFS6b3&ch=UTF-8&res=1280x1024x24&ifr=true&tz=0&tws=1280x939&be=1&bc=hb_pb_3.0.3&dddid=32a60ec0-708e-4687-b913-f1040f904648&nocache=1663898378466&aus=300x250&divids=adtrue_ads_12953_uj6idgha8guhw20flq&aucs=adtrue_ads_12953_uj6idgha8guhw20flq&auid=557936314&aumfs=100
200 OK 79 B URL HTTP/2 fptadtrue-d.openx.net/w/1.0/arj?ju=http%3A%2F%2Fouo.press%2FkPFS6b3&ch=UTF-8&res=1280x1024x24&ifr=true&tz=0&tws=1280x939&be=1&bc=hb_pb_3.0.3&dddid=32a60ec0-708e-4687-b913-f1040f904648&nocache=1663898378466&aus=300x250&divids=adtrue_ads_12953_uj6idgha8guhw20flq&aucs=adtrue_ads_12953_uj6idgha8guhw20flq&auid=557936314&aumfs=100
IP
File type JSON data\012- , ASCII text
Hash 45daee4dc73a1655c65b60d00df57bf1
537dfb9294dbe0e20bb769fe1f8d587bd5cfa2da
bf50be6880d535ab6bba63da80d2d900a3fc77221ccd300319335f01f675e318
GET /w/1.0/arj?ju=http%3A%2F%2Fouo.press%2FkPFS6b3&ch=UTF-8&res=1280x1024x24&ifr=true&tz=0&tws=1280x939&be=1&bc=hb_pb_3.0.3&dddid=32a60ec0-708e-4687-b913-f1040f904648&nocache=1663898378466&aus=300x250&divids=adtrue_ads_12953_uj6idgha8guhw20flq&aucs=adtrue_ads_12953_uj6idgha8guhw20flq&auid=557936314&aumfs=100 HTTP/1.1
Host: fptadtrue-d.openx.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept, Accept-Encoding
server: OXGW/0.0.0
pragma: no-cache
p3p: CP="CUR ADM OUR NOR STA NID"
expires: Mon, 26 Jul 1997 05:00:00 GMT
date: Fri, 23 Sep 2022 01:59:39 GMT
content-type: application/json
content-length: 79
content-encoding: gzip
cache-control: private, max-age=0, no-cache
access-control-allow-origin: http://ouo.press
access-control-allow-credentials: true
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 96f3639e0f20067a501f4b23622ccf27
a884b6a89d018d029940c30ab48af2bf2faeb00b
c658c6f010108155b7a741ed0b1ee8ddcbc365ead7700ace26560a0be1798afc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 01:59:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
hbopenbid.pubmatic.com/translator?source=prebid-client
204 No Content 0 B URL HTTP/2 hbopenbid.pubmatic.com/translator?source=prebid-client
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /translator?source=prebid-client HTTP/1.1
Host: hbopenbid.pubmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 990
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: http://ouo.press
cache-control: no-cache, no-store, must-revalidate
date: Fri, 23 Sep 2022 01:59:39 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash edd6c63988b69a64a51433c3fd91b0ba
a0a41a5403a2c397d70cfa267c1d6407250df043
c9b1efff4ebf41ad54d3137ee7a93b688c66765df99e387ae730b39abe2f115f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 01:59:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ib.adnxs.com/ut/v3/prebid
200 OK 89 kB URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP
Hash 4f30741910cbf52e5cf0691bad577f07
a05ddc932019a61e8cc50e60d7d45b17343df561
8de8227c1d6261e9e62bb80dff3270be4cddd1c43eb347c89d6ddf30252d839e
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 651
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Fri, 23 Sep 2022 01:59:39 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 42
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://ouo.press
AN-X-Request-Uuid: 16472ffb-0da3-4921-8a28-3f7b451d7f8a
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1325)
Hash cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.adtrue.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Fri, 23 Sep 2022 00:41:09 GMT
expires: Fri, 23 Sep 2022 02:41:09 GMT
cache-control: public, max-age=7200
age: 4710
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 0717821010d79cd85ec605c7c670837b
498093034d23eef239e72be076c69463e9e29fcb
f9a711e5842969e7c6c4e639eb32ad9517bc6d6a567f28c56ce6341f8a8c4f56
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 23 Sep 2022 01:59:39 GMT
Last-Modified: Fri, 23 Sep 2022 01:02:45 GMT
Server: ECS (nyb/1D2D)
X-Cache: Miss from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Pg1JZT9ERRfLmPe-EQ3kOM7pYM_AfGgekaCbgVVgljFRMlAcaDz3Ww==
Age: 3415
status.geotrust.com/
200 OK 471 B IP
Hash c5c0104d74a5e7a5f40d734fd0724658
9e733e6164c335fc1d71fad8502dcb32ebb89ce5
04096290295e0072d17cfb0ea3fa015befe7fb23b1beafd09411048e5886e85d
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4026
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 01:59:39 GMT
Last-Modified: Fri, 23 Sep 2022 00:52:33 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash 3bc164e8905aea36b318dbde3641018f
8f6306f4a602b2a95aa3eb7f09dace328228f4b1
107e56ff8e7d22bea733eb32c7e97873443880d503c6047a2d3574c0c1516717
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 23 Sep 2022 01:59:39 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 22 Sep 2022 22:04:51 GMT
Expires: Fri, 23 Sep 2022 22:04:51 GMT
ETag: "8f6306f4a602b2a95aa3eb7f09dace328228f4b1"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
sync.viavideo.digital/tools/sync?dsp=50&uid=0
301 Moved Permanently 0 B URL HTTP/2 sync.viavideo.digital/tools/sync?dsp=50&uid=0
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tools/sync?dsp=50&uid=0 HTTP/1.1
Host: sync.viavideo.digital
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ouo.press/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 23 Sep 2022 01:59:39 GMT
content-length: 0
location: https://sync.hhkld.com/tools/sync?dsp=50&uid=0&viads_uid=ccmh62v2tal37lg7v3c0Xx
set-cookie: uid=ccmh62v2tal37lg7v3c0Xx; expires=Sat, 23 Sep 2023 01:59:39 GMT; domain=.viavideo.digital; path=/
X-Firefox-Spdy: h2
bidder.criteo.com/cdb?profileId=207&av=34&wv=7.16.0&cb=47064022290&lsavail=0
204 No Content 0 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=7.16.0&cb=47064022290&lsavail=0
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdb?profileId=207&av=34&wv=7.16.0&cb=47064022290&lsavail=0 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 404
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 23 Sep 2022 01:59:39 GMT
vary: Origin
server: Finatra
timing-allow-origin: *
access-control-allow-origin: http://ouo.press
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ice.360yield.com/server_match?partner_id=2046&r=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D53%26uid%3D{PUB_USER_ID}
302 Found 0 B URL HTTP/2 ice.360yield.com/server_match?partner_id=2046&r=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D53%26uid%3D{PUB_USER_ID}
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /server_match?partner_id=2046&r=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D53%26uid%3D{PUB_USER_ID} HTTP/1.1
Host: ice.360yield.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Fri, 23 Sep 2022 01:59:39 GMT
content-type: text/plain
content-length: 0
location: https://ice.360yield.com/ul_cb/server_match?partner_id=2046&r=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D53%26uid%3D%7BPUB_USER_ID%7D
set-cookie: tuuid=8516a96e-a1fd-464d-8229-e32bf808dae8; Expires=Thu, 22 Dec 2022 01:59:39 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
tuuid_lu=1663898379; Expires=Thu, 22 Dec 2022 01:59:39 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D38%26uid%3D%24UID
204 No Content 0 B URL HTTP/1.1 ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D38%26uid%3D%24UID
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D38%26uid%3D%24UID HTTP/1.1
Host: ap.lijit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
date: Fri, 23 Sep 2022 01:59:39 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
pod: X-Sovrn-Pod: ad_ap7ams1
sync.hhkld.com/tools/sync?dsp=50&uid=0&viads_uid=ccmh62v2tal37lg7v3c0Xx
301 Moved Permanently 0 B URL HTTP/2 sync.hhkld.com/tools/sync?dsp=50&uid=0&viads_uid=ccmh62v2tal37lg7v3c0Xx
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tools/sync?dsp=50&uid=0&viads_uid=ccmh62v2tal37lg7v3c0Xx HTTP/1.1
Host: sync.hhkld.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ouo.press/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 23 Sep 2022 01:59:39 GMT
content-length: 0
location: https://sync.vicodes.com/tools/sync?dsp=50&uid=0&viads_uid=ccmh62v2tal37lg7v3c0Xx
set-cookie: uid=ccmh62v2tal37lg7v3c0Xx; expires=Sat, 23 Sep 2023 01:59:39 GMT; domain=.hhkld.com; path=/
X-Firefox-Spdy: h2
ice.360yield.com/ul_cb/server_match?partner_id=2046&r=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D53%26uid%3D%7BPUB_USER_ID%7D
200 OK 43 B URL HTTP/2 ice.360yield.com/ul_cb/server_match?partner_id=2046&r=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D53%26uid%3D%7BPUB_USER_ID%7D
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/server_match?partner_id=2046&r=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D53%26uid%3D%7BPUB_USER_ID%7D HTTP/1.1
Host: ice.360yield.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ouo.press/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 01:59:39 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
200 OK 144 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 724dbcd10c4335be5df6d31150f900c6
aac1b87dc355710609a3b8816058417f61e5962f
c752c0e3e48a469952473d457e056c5662392410cfebe2b42734d2e1fbfdaa98
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 619
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Fri, 23 Sep 2022 01:59:39 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 144
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://ouo.press
AN-X-Request-Uuid: 7edb92e7-6cb9-4bb8-8a9b-7753b60a30ea
Set-Cookie: icu=ChkItZqGARAKGAEgASgBMIumtJkGOAFAAUgBEIumtJkGGAA.; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 22-Dec-2022 01:59:39 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=8150292172803375322; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 22-Dec-2022 01:59:39 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
sync.vicodes.com/tools/sync?dsp=50&uid=0&viads_uid=ccmh62v2tal37lg7v3c0Xx
200 OK 43 B URL HTTP/2 sync.vicodes.com/tools/sync?dsp=50&uid=0&viads_uid=ccmh62v2tal37lg7v3c0Xx
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /tools/sync?dsp=50&uid=0&viads_uid=ccmh62v2tal37lg7v3c0Xx HTTP/1.1
Host: sync.vicodes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ouo.press/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 01:59:39 GMT
content-type: image/gif
content-length: 43
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Accept
access-control-allow-methods: GET, POST
access-control-allow-origin: *
last-modified: Fri, 23 Sep 2022 01:59:39 GMT
expires: Wed, 11 Nov 1998 11:11:11 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
set-cookie: uid=ccmh62v2tal37lg7v3c0Xx; expires=Sat, 23 Sep 2023 01:59:39 GMT; domain=.vicodes.com; path=/
X-Firefox-Spdy: h2
ru.hhkld.com/tag/sync.php
200 OK 505 B URL HTTP/2 ru.hhkld.com/tag/sync.php
IP
Hash eac3a5a1e4e7d1327da7acdff6796572
692950f76d5d170d1834517135085a06251604c8
1b4735a2623533bd0b19b7f99d49f4bf98bfc66f2008123cd570ecd53cf468b4
GET /tag/sync.php HTTP/1.1
Host: ru.hhkld.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ouo.press/
Origin: http://ouo.press
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 01:59:38 GMT
content-type: application/json
access-control-allow-origin: http://ouo.press
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
set-cookie: uid=jV7KsGMtEwpwsgR2o40fAg==; expires=Sat, 23-Sep-23 01:59:38 GMT; domain=.hhkld.com; path=/
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
content-encoding: gzip
X-Firefox-Spdy: h2
ads.betweendigital.com/match?bidder_id=44738&callback_url=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D39%26uid%3D%24%7BUSER_ID%7D
302 Found 0 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=44738&callback_url=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D39%26uid%3D%24%7BUSER_ID%7D
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?bidder_id=44738&callback_url=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D39%26uid%3D%24%7BUSER_ID%7D HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: /match?bidder_id=44738&callback_url=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D39%26uid%3D%24%7BUSER_ID%7D&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Sat, 23 Sep 2023 01:59:39 GMT; Path=/; Domain=.betweendigital.com
tuuid=f5823b59-7e46-520a-8d2b-aeefee06bde4; Max-Age=31536000; Expires=Sat, 23 Sep 2023 01:59:39 GMT; Path=/; Domain=.betweendigital.com
ut=Yy0TCwAI3YiOmPQ3Ax-d_8TaEB8d5p-sfAC5JQ==; Max-Age=31536000; Expires=Sat, 23 Sep 2023 01:59:39 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1
200 OK 512 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1
IP
File type JSON data\012- , ASCII text, with very long lines (583), with no line terminators
Hash f30e167c9ff736fb2e9fe24ef2ba294a
74da8905c77a543ce9a70a4e4458853d6766bf6d
83aeac0e4c5526f63731b74fd143d2872faa7e5ff9f318de447c72712671bcd2
GET /sid/json?origin=prebid&topUrl=http%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 01:59:38 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: http://ouo.press
server-processing-duration-in-ticks: 704530
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
ads.betweendigital.com/match?bidder_id=44738&callback_url=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D39%26uid%3D%24%7BUSER_ID%7D&crf=1
200 OK 68 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=44738&callback_url=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D39%26uid%3D%24%7BUSER_ID%7D&crf=1
IP
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
GET /match?bidder_id=44738&callback_url=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D39%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ouo.press/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Sat, 23 Sep 2023 01:59:39 GMT; Path=/; Domain=.betweendigital.com
tuuid=c7dd24e4-0b26-520a-831b-d9fae036caf1; Max-Age=31536000; Expires=Sat, 23 Sep 2023 01:59:39 GMT; Path=/; Domain=.betweendigital.com
ut=Yy0TCwAKAoC2bzfy4m_BtvI8kHVP_02ZNm7osA==; Max-Age=31536000; Expires=Sat, 23 Sep 2023 01:59:39 GMT; Path=/; Domain=.betweendigital.com
content-length: 68
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP
File type ASCII text, with no line terminators
Hash 557031daf235f995ab76ae1334038bdf
6081637fa7363d48c2dd27c50913650266dfe16b
270d04dce75d3d1f91a65ac2e7ede16061a7f1010fa83a93a0e8ea4d32cbcea4
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Cookie: uid_id2=95720e30-ef33-4dba-a7bd-e2fd4fa99a81:1:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 01:59:39 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://ouo.press
access-control-allow-credentials: true
X-Firefox-Spdy: h2
cdn.adtrue.com/rtb/passback.js
301 Moved Permanently 0 B URL HTTP/1.1 cdn.adtrue.com/rtb/passback.js
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rtb/passback.js HTTP/1.1
Host: cdn.adtrue.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 301 Moved Permanently
Date: Fri, 23 Sep 2022 01:59:39 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 23 Sep 2022 02:59:39 GMT
Location: https://cdn.adtrue.com/rtb/passback.js
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m2v3ougI3cdlEYTqfuZscLEsZFQsPk16etazIH2DHBC%2F6xdgIypbtPj6vYVYcJs6kpctDQeBmshT8sg%2F1HpB6wPpSxm32OTRK5fm7DFIgRsL9gnmp02KdCb0FkjIzkDKDw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74efaea93dedb51b-OSL
alt-svc: h2=":443"; ma=60
viavideo.digital/rux/abcdef/105641/?pub_sid=105641&VIA_WIDTH=432&VIA_HEIGHT=243&v=206231&rc=1&cb=1663898379141&page_url=http%3A%2F%2Fouo.press%2FkPFS6b3
200 OK 519 B URL HTTP/2 viavideo.digital/rux/abcdef/105641/?pub_sid=105641&VIA_WIDTH=432&VIA_HEIGHT=243&v=206231&rc=1&cb=1663898379141&page_url=http%3A%2F%2Fouo.press%2FkPFS6b3
IP
File type JSON data\012- , ASCII text, with very long lines (1178), with no line terminators
Hash e288914009d575deb2634202e2c18947
52af2a831fb264b5f95cb7b7375892a0c4c3e0be
f1f679539d2621cca6251656ca0898ac624d695193d11c63e292bc0d6b6e0a68
GET /rux/abcdef/105641/?pub_sid=105641&VIA_WIDTH=432&VIA_HEIGHT=243&v=206231&rc=1&cb=1663898379141&page_url=http%3A%2F%2Fouo.press%2FkPFS6b3 HTTP/1.1
Host: viavideo.digital
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ouo.press/
Origin: http://ouo.press
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 01:59:39 GMT
content-type: application/json
access-control-allow-origin: http://ouo.press
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
set-cookie: uid=jV7KsGMtEwtxdgR6febzAg==; expires=Sat, 23-Sep-23 01:59:39 GMT; domain=.viavideo.digital; path=/
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
content-encoding: gzip
X-Firefox-Spdy: h2
viavideo.digital/logs/event/dsp?event=rtb&event2=request&sid=105641&tids=17504%2C17503&v=206231&cb=1663898379311
301 Moved Permanently 178 B URL HTTP/1.1 viavideo.digital/logs/event/dsp?event=rtb&event2=request&sid=105641&tids=17504%2C17503&v=206231&cb=1663898379311
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /logs/event/dsp?event=rtb&event2=request&sid=105641&tids=17504%2C17503&v=206231&cb=1663898379311 HTTP/1.1
Host: viavideo.digital
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 23 Sep 2022 01:59:39 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://viavideo.digital/logs/event/dsp?event=rtb&event2=request&sid=105641&tids=17504%2C17503&v=206231&cb=1663898379311
viavideo.digital/logs/event/dsp?event=rtb&event2=request&sid=105641&tids=17504%2C17503&v=206231&cb=1663898379311
200 OK 43 B URL HTTP/2 viavideo.digital/logs/event/dsp?event=rtb&event2=request&sid=105641&tids=17504%2C17503&v=206231&cb=1663898379311
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /logs/event/dsp?event=rtb&event2=request&sid=105641&tids=17504%2C17503&v=206231&cb=1663898379311 HTTP/1.1
Host: viavideo.digital
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ouo.press/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 01:59:40 GMT
content-type: image/gif
content-length: 43
last-modified: Tue, 28 Jun 2022 15:48:44 GMT
etag: "62bb22dc-2b"
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 479 B IP
Hash c00f00fc8d19130804a1f24d17644925
f460804f0d8409a51d5b4cb496de02156b96c127
2758e6acf29df976735a8f7acfeff06c551b62509f81a4518e212d7a79bda2f1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5772
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 01:59:40 GMT
Last-Modified: Fri, 23 Sep 2022 00:23:28 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
jsc.adskeeper.com/a/d/adtrue.ouo.press.991771.js
200 OK 908 B URL HTTP/2 jsc.adskeeper.com/a/d/adtrue.ouo.press.991771.js
IP
File type ASCII text, with very long lines (2337)
Hash 4f8f059fbf3b6b0e3a37926f648a3993
83b61eb9d45cdf8f7c708bf4e148d7cab569c596
69190d6c2b78d7b0de0a44dbdde96bb7cf6c793f52481633b4f26ca2cfefcd4e
GET /a/d/adtrue.ouo.press.991771.js HTTP/1.1
Host: jsc.adskeeper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 01:59:40 GMT
content-type: text/javascript
content-length: 908
x-amz-id-2: w9ADNRdrUc0iHWZBLfIb0me5IbCCwH7gPELK+Qx3tQZSrgnZz9Jl7+QMcHgcehSX+voNeu2uJlM=
x-amz-request-id: 3JG2R7S1MREYZDZN
last-modified: Wed, 15 Jun 2022 13:18:30 GMT
etag: "4f8f059fbf3b6b0e3a37926f648a3993"
content-encoding: gzip
x-amz-version-id: f.ffT1LrPbQX.EIpax0NyQEwqJ97JBVW
cf-cache-status: HIT
expires: Fri, 23 Sep 2022 05:59:40 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74efaeabbeb61c16-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash fdbf96ac149d047f87e37e7340a3fd38
a088ce2443a2d41e8c3975c2e291a6d755c45f58
8fa935820201d509e12eca69095a255a0abe586c7de816bccfadbe701c0a6bf6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5772
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 01:59:40 GMT
Last-Modified: Fri, 23 Sep 2022 00:23:28 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
200 OK 312 B IP
Hash b611a93cfb255b6c8ecd73aebbf446b4
1d4808c98c2d678684f251c99572d46cc70c2fb6
a657ee44bb4ee53c124d9f7d0ad2ab7612e49c2c8828ee34c1172771d9a3e58f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3294
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 01:59:40 GMT
Last-Modified: Fri, 23 Sep 2022 01:04:46 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 312
jsc.adskeeper.com/a/d/adtrue.ouo.press.991771.es6.js
200 OK 77 kB URL HTTP/2 jsc.adskeeper.com/a/d/adtrue.ouo.press.991771.es6.js
IP
File type HTML document text\012- HTML document, ASCII text, with very long lines (32897)
Hash e559caae45cb818b6896845671336a3b
3ce9fd0ad9284532bd6b75814d851ddaa2ed63a3
1fcadff5f97dce2a2bb1e11a2d579b84656d4416e50171bae0d2013a8dc9c3ff
GET /a/d/adtrue.ouo.press.991771.es6.js HTTP/1.1
Host: jsc.adskeeper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 01:59:40 GMT
content-type: text/javascript
content-length: 76738
x-amz-id-2: PnJDZztMxmjTDXtgyAPj/PBR6CL5E6pRM2TrRTb+odsStliOy2V1CJgPRRW6/2lFOUgjvNBOdso=
x-amz-request-id: P8WQNC29BTQYTDWP
last-modified: Wed, 24 Aug 2022 10:09:52 GMT
etag: "e559caae45cb818b6896845671336a3b"
content-encoding: gzip
x-amz-version-id: NX7wQXc7.FGN_u6PGufKW0wdpyDY_3AN
cf-cache-status: HIT
expires: Fri, 23 Sep 2022 05:59:40 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74efaeabfec51c16-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 767ecb8bd327713c3edad30a7a9608b9
4ff44e83efa60fd5d80afb463098eebd50e9c368
c2bc0d214a29a3e5e7ad6009ecb148c4e43ca0b201d239e24f655daf7bc5f2e2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C2BC0D214A29A3E5E7AD6009ECB148C4E43CA0B201D239E24F655DAF7BC5F2E2"
Last-Modified: Wed, 21 Sep 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11300
Expires: Fri, 23 Sep 2022 05:08:00 GMT
Date: Fri, 23 Sep 2022 01:59:40 GMT
Connection: keep-alive
cloudflare.hcaptcha.com/1/api.js?endpoint=https%3A%2F%2Fcloudflare.hcaptcha.com&assethost=https%3A%2F%2Fcf-assets.hcaptcha.com&imghost=https%3A%2F%2Fcf-imgs.hcaptcha.com&render=explicit&recaptchacompat=off&onload=_cf_chl_hload
200 OK 0 B URL HTTP/2 cloudflare.hcaptcha.com/1/api.js?endpoint=https%3A%2F%2Fcloudflare.hcaptcha.com&assethost=https%3A%2F%2Fcf-assets.hcaptcha.com&imghost=https%3A%2F%2Fcf-imgs.hcaptcha.com&render=explicit&recaptchacompat=off&onload=_cf_chl_hload
IP
GET /1/api.js?endpoint=https%3A%2F%2Fcloudflare.hcaptcha.com&assethost=https%3A%2F%2Fcf-assets.hcaptcha.com&imghost=https%3A%2F%2Fcf-imgs.hcaptcha.com&render=explicit&recaptchacompat=off&onload=_cf_chl_hload HTTP/1.1
Host: cloudflare.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 01:59:31 GMT
content-type: application/javascript
cf-ray: 74efae776b54b524-OSL
access-control-allow-origin: *
age: 0
cache-control: max-age=120
etag: W/"84729783ded6e9166650d2e40d1556b2"
last-modified: Thu, 11 Aug 2022 21:59:15 GMT
strict-transport-security: max-age=0
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-id: 10g5RVqLpYkU0aa-3kxGh5TDyliupy3A-DXslF07tUxdkEnx8Zz81g==
x-amz-cf-pop: OSL50-P1
x-cache: Hit from cloudfront
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
content-encoding: gzip
X-Firefox-Spdy: h2
challenges.cloudflare.com/turnstile/v0/192bead3/api.js?onload=_cf_chl_turnstile_l&render=explicit
200 OK 0 B URL HTTP/2 challenges.cloudflare.com/turnstile/v0/192bead3/api.js?onload=_cf_chl_turnstile_l&render=explicit
IP
GET /turnstile/v0/192bead3/api.js?onload=_cf_chl_turnstile_l&render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ouo.press/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 01:59:34 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000
vary: Accept-Encoding
server: cloudflare
cf-ray: 74efae88fcf0fac0-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.adtrue.com/rtb/async.js
200 OK 0 B URL HTTP/2 cdn.adtrue.com/rtb/async.js
IP
GET /rtb/async.js HTTP/1.1
Host: cdn.adtrue.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ouo.press/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 01:59:38 GMT
content-type: application/x-javascript
last-modified: Mon, 16 Nov 2020 01:20:45 GMT
etag: W/"5fb1d3ed-1c9f"
expires: Thu, 27 Apr 2023 02:15:42 GMT
cache-control: max-age=31104000
cf-cache-status: HIT
age: 12440636
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=286%2FPRcxu6NM9k2ShBy%2BQZUwibLqVvyULoI0bQhDqXHHq%2BMtRWVYbRr5ZhAZ3ulTFgimbogkOH%2Fxz2jNtDgeDn1vC%2FW8OcakfSQiNSi92LCtL7w7ooxdVk9kFbVtpmvBqg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74efae9fa9e50b59-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
hhkld.com/slider-220901.php?sid=105641&tid=17503&w=432&h=243&cbb=1663898379316
200 OK 0 B URL HTTP/2 hhkld.com/slider-220901.php?sid=105641&tid=17503&w=432&h=243&cbb=1663898379316
IP
GET /slider-220901.php?sid=105641&tid=17503&w=432&h=243&cbb=1663898379316 HTTP/1.1
Host: hhkld.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ouo.press/
Origin: http://ouo.press
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 01:59:39 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: http://ouo.press
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
set-cookie: uid=jV7KsGMtEwtwsgR2o441Ag==; expires=Sat, 23-Sep-23 01:59:39 GMT; domain=.hhkld.com; path=/
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
content-encoding: gzip
X-Firefox-Spdy: h2
hhkld.com/rucdn/js/player/h6fdj3b5.js
200 OK 0 B URL HTTP/2 hhkld.com/rucdn/js/player/h6fdj3b5.js
IP
GET /rucdn/js/player/h6fdj3b5.js HTTP/1.1
Host: hhkld.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 01:59:38 GMT
content-type: application/javascript
last-modified: Tue, 13 Sep 2022 10:46:13 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public, no-transform
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
content-encoding: gzip
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1
200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1
IP
OPTIONS /sid/json?origin=prebid&topUrl=http%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: http://ouo.press/
Origin: http://ouo.press
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 01:59:39 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: http://ouo.press
server-processing-duration-in-ticks: 311029
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
rtb.viavideo.digital/vast/cs?zone=105641&w=432&h=243&vp=4&site=http://ouo.press/&cbb=1663898379314
200 OK 0 B URL HTTP/2 rtb.viavideo.digital/vast/cs?zone=105641&w=432&h=243&vp=4&site=http://ouo.press/&cbb=1663898379314
IP
GET /vast/cs?zone=105641&w=432&h=243&vp=4&site=http://ouo.press/&cbb=1663898379314 HTTP/1.1
Host: rtb.viavideo.digital
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ouo.press/
Origin: http://ouo.press
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 01:59:39 GMT
content-type: application/xml; charset=utf-8
age: 0
cache-control: no-store
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Accept
access-control-allow-methods: GET, POST
access-control-allow-origin: http://ouo.press
set-cookie: uid=ccmh62v2tal37lg7v710Xx; expires=Sat, 23 Sep 2023 01:59:39 GMT; domain=.viavideo.digital; path=/
content-encoding: gzip
X-Firefox-Spdy: h2
static.criteo.net/js/ld/publishertag.prebid.123.js
200 OK 0 B URL HTTP/2 static.criteo.net/js/ld/publishertag.prebid.123.js
IP
GET /js/ld/publishertag.prebid.123.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 01:59:40 GMT
content-type: text/javascript
last-modified: Tue, 03 May 2022 11:21:03 GMT
etag: W/"6271101f-15b58"
expires: Sat, 24 Sep 2022 01:59:40 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
172.67.22.15
141.94.202.176
104.18.21.226
23.38.201.81
3.67.144.31
37.157.2.237
23.109.82.15
93.184.220.29
188.42.191.196