ouo.press/ct3d85
104.22.59.251403 Forbidden 3.8 kB IP 104.22.59.251:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (836)
Hash 73e232f9d40131b027196e981142ec33
5b8327499f007e04081ee69e0c31a0405d864df8
1e8fa9300a9491d81af9a357f4e7820715546bb1c57130027e415fea8039ef37
GET /ct3d85 HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 403 Forbidden
Date: Tue, 29 Nov 2022 15:10:59 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
CF-Chl-Bypass: 1
Referrer-Policy: same-origin
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Frame-Options: SAMEORIGIN
Set-Cookie: __cf_bm=GqAEnM9tXlrINv5rM3S47XUNyQ5zbiJDKS5Y1HxpO9Y-1669734659-0-AZI3lQIesKLEdLg4rZ4TUOvKRwtjFxBDy9unDbi4EBE93BBRE8iXZPk+DHmCx6yl1QooCmrCcsfGv1jJuivfmWw=; path=/; expires=Tue, 29-Nov-22 15:40:59 GMT; domain=.ouo.press; HttpOnly; SameSite=None
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 771c45f30b4eb51b-OSL
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a5daf4dc99951793ae2315d4795e8146
4427507ca4d3a5632cc8f598afbc85e2195d00bd
94fb64c1c826ed7099283c0bedb3cea7ac7e1d9526794cb9fad6e761f5989d32
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94FB64C1C826ED7099283C0BEDB3CEA7AC7E1D9526794CB9FAD6E761F5989D32"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13330
Expires: Tue, 29 Nov 2022 18:53:09 GMT
Date: Tue, 29 Nov 2022 15:10:59 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4ed065cb23b5fca1a179dd73b3c5b7b2
4422eb24688f5e056fc1b18b127c7f63b1dbf5e0
b723d770d0dec7441d8505dc5a4e7d34f55c9f564ec52f20d9b70c7c3a0d9d35
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6278
Cache-Control: max-age=162290
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 15:10:59 GMT
Etag: "6385df6f-1d7"
Expires: Thu, 01 Dec 2022 12:15:49 GMT
Last-Modified: Tue, 29 Nov 2022 10:31:11 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9fce5679881bf302a8978a0b462f01a9
b699fe030ea13ac73813e655c42ed9b531925e2b
a3ec545a8f9364ac9062eddb41279e1465687a1b60f9c1dec6b3a3df8b033eb3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3EC545A8F9364AC9062EDDB41279E1465687A1B60F9C1DEC6B3A3DF8B033EB3"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3092
Expires: Tue, 29 Nov 2022 16:02:31 GMT
Date: Tue, 29 Nov 2022 15:10:59 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 29 Nov 2022 14:17:55 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3184
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: y3aqAEtsPrT1R7MJqW5UXML8Q6mqmWb1P6EMhA8ZpTbDfWBZEgckWSSg6djz427im1bJu3MLijo=
x-amz-request-id: KKAYWGDSE0W432T5
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 29 Nov 2022 14:42:32 GMT
age: 1707
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ouo.press/cdn-cgi/styles/challenges.css
104.22.59.251200 OK 2.6 kB URL HTTP/1.1 ouo.press/cdn-cgi/styles/challenges.css
IP 104.22.59.251:0
File type ASCII text, with very long lines (6294), with no line terminators
Hash ba2d8534d208d2a5b158507e004d7150
ab81307634698ea304a68783fa38937f562009a2
63b366fdbfea7cbec639f9a5f24714a831e171570625def9462d724b5c8fdc59
GET /cdn-cgi/styles/challenges.css HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ouo.press/ct3d85
Connection: keep-alive
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 15:10:59 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 13:34:50 GMT
ETag: W/"637ccffa-1896"
Server: cloudflare
CF-RAY: 771c45f54bceb511-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Expires: Tue, 29 Nov 2022 17:10:59 GMT
Cache-Control: max-age=7200, public
Content-Encoding: gzip
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 15:10:59 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ouo.press/favicon.ico
104.22.59.251200 OK 0 B IP 104.22.59.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ouo.press/ct3d85
Connection: keep-alive
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 15:10:59 GMT
Content-Type: image/x-icon
Content-Length: 0
Connection: keep-alive
Last-Modified: Sat, 14 Feb 2015 06:41:24 GMT
ETag: "54deee14-0"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=86400
CF-Cache-Status: HIT
Age: 6925
Accept-Ranges: bytes
Set-Cookie: __cf_bm=bqFJd3L_3dUHQ8ldmr7DhXdTyBcuyZfzy6sBvcP5pWA-1669734659-0-AYEJCVF+vnOp6rnJ6MAbNikcEYYnUOlrVUmUxrr6H++3KdAXinRU8uHR1FmzzplMI3bJBirtqbGWN1UDBy4GjHw=; path=/; expires=Tue, 29-Nov-22 15:40:59 GMT; domain=.ouo.press; HttpOnly; SameSite=None
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 771c45f57a25b500-OSL
ouo.press/cdn-cgi/images/trace/managed/js/transparent.gif?ray=771c45f30b4eb51b
104.22.59.251200 OK 42 B URL HTTP/1.1 ouo.press/cdn-cgi/images/trace/managed/js/transparent.gif?ray=771c45f30b4eb51b
IP 104.22.59.251:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /cdn-cgi/images/trace/managed/js/transparent.gif?ray=771c45f30b4eb51b HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ouo.press/ct3d85
Connection: keep-alive
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 15:10:59 GMT
Content-Type: image/gif
Content-Length: 42
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 13:34:50 GMT
ETag: "637ccffa-2a"
Server: cloudflare
CF-RAY: 771c45f62d11b511-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Expires: Tue, 29 Nov 2022 17:10:59 GMT
Cache-Control: max-age=7200, public
Accept-Ranges: bytes
ouo.press/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=771c45f30b4eb51b
104.22.59.251200 OK 24 kB URL HTTP/1.1 ouo.press/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=771c45f30b4eb51b
IP 104.22.59.251:0
File type ASCII text, with very long lines (53554), with no line terminators
Hash d2aff68520687a98820d4851b3e0c146
89aa8289942ef8b917bd1419790dcf984a3a2111
b1b56138f266a5ca1be5ebc66b627dbe62ae107e9346e51e381776f053b5a6ab
GET /cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=771c45f30b4eb51b HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ouo.press/ct3d85?__cf_chl_rt_tk=L9z14DPJqOcGuGsXz5HvhzMnTq0VMUrbMc_nC7lzEyo-1669734659-0-gaNycGzNAxE
Connection: keep-alive
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 15:10:59 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: max-age=0, must-revalidate
Set-Cookie: __cf_bm=NHNqgOCEWBLKPlPvnrIq3O.j.XKS__I0nx6FbyG7iGA-1669734659-0-ARzz3DKDuq0gh5tjslP8hGe4M3ieNZaHXtsYwbL1qWLJ25SMZc7L8hWoQF/a1agO7y5VVQ3ynpIGpmfjy/Dy4HY=; path=/; expires=Tue, 29-Nov-22 15:40:59 GMT; domain=.ouo.press; HttpOnly; SameSite=None
Server: cloudflare
CF-RAY: 771c45f62b02b500-OSL
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 381ec5590b3943dc09bdafa08c96eb04
f3fe85cb6c55276d5501ac74c747bd8537ed79e4
721858cbf15420c66986526f57d5517d5c4465867a3a6c26bd3bfd10652015dd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6076
Cache-Control: max-age=162809
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 15:10:59 GMT
Etag: "6385e240-116"
Expires: Thu, 01 Dec 2022 12:24:28 GMT
Last-Modified: Tue, 29 Nov 2022 10:43:12 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 278
ouo.press/cdn-cgi/challenge-platform/h/b/flow/ov1/0.9467641713639864:1669731795:WRkO51B-gKuyN62Jw6iWKcP2d_Ur1muK1JG6a2Vu-rg/771c45f30b4eb51b/933792acb8ecff3
104.22.59.251200 OK 63 kB URL HTTP/1.1 ouo.press/cdn-cgi/challenge-platform/h/b/flow/ov1/0.9467641713639864:1669731795:WRkO51B-gKuyN62Jw6iWKcP2d_Ur1muK1JG6a2Vu-rg/771c45f30b4eb51b/933792acb8ecff3
IP 104.22.59.251:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash b905b2c7c86e6917569af652ce4a01c1
74c280b1c3ca9df6d90564f8e1c38ac21e0a7527
32dd0bf8b7dfc44707fa9a24123311eeb01bb7e523f314f31266c97ec7791ba4
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/0.9467641713639864:1669731795:WRkO51B-gKuyN62Jw6iWKcP2d_Ur1muK1JG6a2Vu-rg/771c45f30b4eb51b/933792acb8ecff3 HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ouo.press/ct3d85
Content-type: application/x-www-form-urlencoded
CF-Challenge: 933792acb8ecff3
Content-Length: 1823
Origin: http://ouo.press
Connection: keep-alive
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 15:10:59 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf_chl_gen: iwRnpOCfYJwHmgBBltSsPyiFp13ml1jNAvBMR2rDEiuLjKAUjg5VnSv7XyKjVjrkgfPzyrBspgyxBzMHIzAT5MOFIDZUiHsU/muob7LSw0h8MBekaIBWshnG+zwcpR/6PN22Q/ZEW2n6MHOzlFXv8T5YKl+J4g8yheWaUYPwkMX4U4XuECWnweZY+ZXoNNa6X0nFvCmEpK+toK1ps8JJnp2dqZdlRKzmGQPeuAkYebojs3B+65+XKoaB0pI+uc8mbq8R5fGJ1VHQuT5mLoKLTZ+czlcxYhWfaayNOyu4gocBIlGmQqvpaKX6t3qnTkx2qj0GtWP0SpoJMkwMT0xk9sR5FtDD9PCZvyHMusI5ymI=$1sOjPSOqC6qzZ7WTfJ4dig==
Set-Cookie: __cf_bm=WzvrD6evJ3LjctKCwXpdECIYx5ftrWvW9J0QTGy7vak-1669734659-0-ASx8norGqxDWJHG3NHyOWhLdbcaAUulomitzmQz803DB68maaS0vqc5AzFQjVbCWDQ9PV3/3pYo0HsW0Zth2+IA=; path=/; expires=Tue, 29-Nov-22 15:40:59 GMT; domain=.ouo.press; HttpOnly; SameSite=None
Server: cloudflare
CF-RAY: 771c45f76c79b500-OSL
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 29 Nov 2022 15:10:02 GMT
cache-control: public,max-age=3600
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
age: 58
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3c8c689bd654417640d85f3da51af313
85123b6d46230a23d03768bf304b386e5d301305
516138ca79703b45e904d32d7dde1c1e9fd35995b9f1bb1331c547542745676d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6136
Cache-Control: max-age=157084
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 15:11:00 GMT
Etag: "6385cba8-1d7"
Expires: Thu, 01 Dec 2022 10:49:04 GMT
Last-Modified: Tue, 29 Nov 2022 09:06:48 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.70.239.215101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.70.239.215:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: wFmTNeaxRXlT3nXskjurTw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: u2a6/hOc62f5wv6rUIKtAXIRAh0=
ouo.press/cdn-cgi/challenge-platform/h/b/img/771c45f30b4eb51b/1669734659764/nAcI4PmU9Dh9qVb
104.22.59.251200 OK 61 B URL HTTP/1.1 ouo.press/cdn-cgi/challenge-platform/h/b/img/771c45f30b4eb51b/1669734659764/nAcI4PmU9Dh9qVb
IP 104.22.59.251:0
File type PNG image data, 60 x 11, 8-bit/color RGB, non-interlaced\012- data
Hash a6031b82b36c7ce7d759b62433b06f4c
f2622aa21b9ceb0821281cb87e40134e00a42935
0ba731d9934b55afdf23f13c62cfb84fd7f478f9b4c52be837aab48196441d73
GET /cdn-cgi/challenge-platform/h/b/img/771c45f30b4eb51b/1669734659764/nAcI4PmU9Dh9qVb HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ouo.press/ct3d85
Connection: keep-alive
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 15:11:00 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cf_bm=0Kgq4ddhdzGNgYJAjMzsE9fBKzx3SPCm._6NSaazvp0-1669734660-0-ARCFcFGDR1eabJT1A6+IG4aqTXnhOVzKsaccyhpl5XHRmp5yqhONuAq9Bg4HhowJFTiruyT3igd3JDtcFX/7PLQ=; path=/; expires=Tue, 29-Nov-22 15:41:00 GMT; domain=.ouo.press; HttpOnly; SameSite=None
Server: cloudflare
CF-RAY: 771c45fd1cb7b500-OSL
ouo.press/cdn-cgi/challenge-platform/h/b/flow/ov1/0.9467641713639864:1669731795:WRkO51B-gKuyN62Jw6iWKcP2d_Ur1muK1JG6a2Vu-rg/771c45f30b4eb51b/933792acb8ecff3
104.22.59.251200 OK 3.9 kB URL HTTP/1.1 ouo.press/cdn-cgi/challenge-platform/h/b/flow/ov1/0.9467641713639864:1669731795:WRkO51B-gKuyN62Jw6iWKcP2d_Ur1muK1JG6a2Vu-rg/771c45f30b4eb51b/933792acb8ecff3
IP 104.22.59.251:0
File type ASCII text, with very long lines (5116), with no line terminators
Hash 6bc0056dbe91baf03ba682280f64bc91
15767c0799681e9285296fa8f3e5ec10a5007502
1f41624fc234e29db5c748f15885c09ee1f37e8c1fc2a839fe91d2529f2136ff
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/0.9467641713639864:1669731795:WRkO51B-gKuyN62Jw6iWKcP2d_Ur1muK1JG6a2Vu-rg/771c45f30b4eb51b/933792acb8ecff3 HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ouo.press/ct3d85
Content-type: application/x-www-form-urlencoded
CF-Challenge: 933792acb8ecff3
Content-Length: 16052
Origin: http://ouo.press
Connection: keep-alive
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 15:11:00 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf_chl_gen: hlvIlwRJmosEGb5R+nv7hFZhXSEz5RN2c1wov+AioSY=$13o9+o9Xxdy1dsinmh3tQA==
Set-Cookie: __cf_bm=YmSF63RHkykJact9uI9JgV7bBjfCDA1pNqhwYp0XSwo-1669734660-0-AY/YETzaeFZwhVgdo1dOT9B8b1KfdjkFpy5ggpzsybMd4oU2jxiJ3E4CcGEywKxrEdghoPyeX3g3FhYA5EkKMmI=; path=/; expires=Tue, 29-Nov-22 15:41:00 GMT; domain=.ouo.press; HttpOnly; SameSite=None
Server: cloudflare
CF-RAY: 771c45fdbd6ab500-OSL
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 544169851262b1699a38b0a17d79deb8
80c19774b8ead93cba0abdf8d3f8816fabc2174c
d2f6a3b5c1b1de9ea87713224c9f056bd03096e0d87e6e6c5176c53eb5e390d7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2260
Cache-Control: max-age=87352
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 15:11:00 GMT
Etag: "6384ca68-118"
Expires: Wed, 30 Nov 2022 15:26:52 GMT
Last-Modified: Mon, 28 Nov 2022 14:49:12 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 544169851262b1699a38b0a17d79deb8
80c19774b8ead93cba0abdf8d3f8816fabc2174c
d2f6a3b5c1b1de9ea87713224c9f056bd03096e0d87e6e6c5176c53eb5e390d7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2260
Cache-Control: max-age=87352
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 15:11:00 GMT
Etag: "6384ca68-118"
Expires: Wed, 30 Nov 2022 15:26:52 GMT
Last-Modified: Mon, 28 Nov 2022 14:49:12 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 280
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4121
Expires: Tue, 29 Nov 2022 16:19:42 GMT
Date: Tue, 29 Nov 2022 15:11:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4121
Expires: Tue, 29 Nov 2022 16:19:42 GMT
Date: Tue, 29 Nov 2022 15:11:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4121
Expires: Tue, 29 Nov 2022 16:19:42 GMT
Date: Tue, 29 Nov 2022 15:11:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4121
Expires: Tue, 29 Nov 2022 16:19:42 GMT
Date: Tue, 29 Nov 2022 15:11:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4121
Expires: Tue, 29 Nov 2022 16:19:42 GMT
Date: Tue, 29 Nov 2022 15:11:01 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 03014221d7f49b50ffc2d1b0a0e75457
772d86ad983042a728ee3490630a9cf1134ad0dd
81fb954fa569955907952987e9d8efd1dac80e0e4a682826abf3c5d90eb31771
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10176
x-amzn-requestid: c2231955-5c78-4073-8399-b8b90f1add78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMo3oHpSoAMF5Qw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bb63-55a1cb004ac73c8b02f2fb8d;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:08:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: uGocx-Lv8ieJVvICjnTGQZyzaQzjVdICX2RZaNyBTQvUKeIcNxaCJQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 04:49:50 GMT
age: 37271
etag: "772d86ad983042a728ee3490630a9cf1134ad0dd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: 80f7f1c8-0316-4181-83ac-2787b1ae825f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iFHoIAMF2-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-2c0a081b07e0785b4350c10c;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 9fRfgj9_S00P8fI_T-tVt7khJ1kYZux_55K_yLYUsiyVEoiWRM9QAw==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 22:07:26 GMT
age: 61415
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5e6403-f1a3-4b44-a62d-0e47d56bb08e.webp
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5e6403-f1a3-4b44-a62d-0e47d56bb08e.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 83c1fedec73299637cc7dc47c48af758
2e3f7326aeea6be8a34bf2c39b34862c07bfdc41
1fea143e23bb0156062f4c06569824900a67ed83cb99fd635d4c4ab968dc65e9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5e6403-f1a3-4b44-a62d-0e47d56bb08e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4916
x-amzn-requestid: b8c80a6c-e3f1-4f20-beb8-27b0af760692
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPYcrELFoAMFaeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382d450-155cfb365525173c0ede8adb;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 03:06:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Twtw6dO3pjTB9OLi0HliKKCDgCuHRqgtx4PFTczrZQ9f8JztgXZoSg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 03:18:11 GMT
age: 42770
etag: "2e3f7326aeea6be8a34bf2c39b34862c07bfdc41"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabddece8-6c4f-4cb5-9041-4d427b16b826.jpeg
34.120.237.76200 OK 4.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabddece8-6c4f-4cb5-9041-4d427b16b826.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a2a5c8d4113d282600462749315f2c4f
e2b4d2e15bb7c086333c0da438873e4c139ba931
9b5d0e5dd11d4cbf1c78a71730cd63544170c91ab635bf3cf917827ac84874e6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabddece8-6c4f-4cb5-9041-4d427b16b826.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4417
x-amzn-requestid: 01de83c2-51d2-4329-98f6-09a0edf46942
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVNnGEcRIAMFaXA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63852960-34583b6c588a0e937fcfaa46;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:24 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wqEe45jzMOryT-E-vThc39-cLiZudKF4gn6cS3LBmeaJ2amJF5GPIA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:46:54 GMT
age: 62647
etag: "e2b4d2e15bb7c086333c0da438873e4c139ba931"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1f434933b5bd6377d299ada22d1ae7ef
075531f525e625b117b2497f31139c9824d0e9c5
b587a3249e4f20112088608e3651c2ccbc44225a5c9d88d3bf5884d7f0e9029c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9430
x-amzn-requestid: 454ca8bd-a256-45f2-8b41-feee86c5af82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR7wyGCIIAMFhgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d99e-1488f8ce71a91ebc3ad6b7e0;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:41:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NMMuQ1NNks65LJK_HDAK69MfCJ3pS0Y6VzBs8_5Oku64v4FSWADCdw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 22:01:55 GMT
age: 61746
etag: "075531f525e625b117b2497f31139c9824d0e9c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc326607e-c0fa-4e9d-b8d4-1c9173793bed.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc326607e-c0fa-4e9d-b8d4-1c9173793bed.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cce27a1fe8c0222811a5ce0e7f89e1cb
28c165bac8cf68cd1b0763c311aece00672cb3a5
4530e34a47ef78c2c2b0d34a0511253a61f1927b192ab42f82361002ff10819e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc326607e-c0fa-4e9d-b8d4-1c9173793bed.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9376
x-amzn-requestid: c52b3092-90d2-4289-b6e0-ab99c9d4710a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPmz3EVUoAMFWUw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382eb4b-39f46c89238eff696e9f2dba;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 04:44:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ofQEhaEiX1vE25a_1xHeab9Px9zgGpk8omlX_aHmLE1oN1aZTPzWxQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 10:09:32 GMT
age: 18089
etag: "28c165bac8cf68cd1b0763c311aece00672cb3a5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ouo.press/cdn-cgi/challenge-platform/h/b/flow/ov1/0.9467641713639864:1669731795:WRkO51B-gKuyN62Jw6iWKcP2d_Ur1muK1JG6a2Vu-rg/771c45f30b4eb51b/933792acb8ecff3
104.22.59.251200 OK 2.0 kB URL HTTP/1.1 ouo.press/cdn-cgi/challenge-platform/h/b/flow/ov1/0.9467641713639864:1669731795:WRkO51B-gKuyN62Jw6iWKcP2d_Ur1muK1JG6a2Vu-rg/771c45f30b4eb51b/933792acb8ecff3
IP 104.22.59.251:0
File type ASCII text, with very long lines (2656), with no line terminators
Hash 9f4da293bc50475686bb037313ed3d81
d9676413ea3bff74957882961a83856ba893aa51
d99d19b3d0669ae82ef63a9d412264d50678bd0c0531afe04293bb90da1c3d76
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/0.9467641713639864:1669731795:WRkO51B-gKuyN62Jw6iWKcP2d_Ur1muK1JG6a2Vu-rg/771c45f30b4eb51b/933792acb8ecff3 HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ouo.press/ct3d85
Content-type: application/x-www-form-urlencoded
CF-Challenge: 933792acb8ecff3
Content-Length: 16740
Origin: http://ouo.press
Connection: keep-alive
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 15:11:02 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf_chl_out: 7Sykr/R5D1/zQGpadZeyVK9okwd3ru+bvIHXLBKWi4BbnJDOqtljIFfVrelnVDFr1EHlQPo4W0Q84yxXasXgbA==$2sibd1zmMzcUfrcHlN4uAA==
cf_chl_out_s: RzH9ZfLuGAn9oVUNDBygR6y0x6lvI0k9ghxZeuTrIjYEqNFen+fjWf9HKVl5nSm2ivBAEiYdg9j9ZAXztDsIH/z2VLj8czxQ9dtjKobG6DQ2oD3QytEXSsdCRfwyTDwtcZhC8utq3FkvXvtIc5ab4iFRLLFxiW2I2W9ExTbAnj/fCXt69Rd7+Si8ZDvIT/wE$t4UVde0L0sDE8H0ximeGaA==
set-cookie: cf_chl_rc_m=;Expires=Mon, 28 Nov 2022 15:11:02 GMT;SameSite=Strict
__cf_bm=0wqgrIDK5GXtZAZuZI5G7SePnc56f2gO.ks5RYoc2n4-1669734662-0-AbE4HZ9OeCFDjF2Dfh1WW6iZmSB8HTm1kh/Dg9wAx2ZDIix43qnipJYdpe4NZRxCBesG2IdVefbN3l6HF9IwpFY=; path=/; expires=Tue, 29-Nov-22 15:41:02 GMT; domain=.ouo.press; HttpOnly; SameSite=None
Server: cloudflare
CF-RAY: 771c46076af4b500-OSL
Content-Encoding: gzip
ouo.press/ct3d85
104.22.59.251200 OK 3.5 kB IP 104.22.59.251:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1938)
Hash 37528562217c178524c3db6351d17ec9
799cd89da180896e8078a0d9aa103aa5f16c5857
1cb0abfca7fbf854dc086a16e4278477d82eff2d98227c6fda44205e817349ce
POST /ct3d85 HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ouo.press/ct3d85?__cf_chl_tk=L9z14DPJqOcGuGsXz5HvhzMnTq0VMUrbMc_nC7lzEyo-1669734659-0-gaNycGzNAxE
Content-Type: application/x-www-form-urlencoded
Content-Length: 1780
Origin: http://ouo.press
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 15:11:03 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
CF-Cache-Status: DYNAMIC
Set-Cookie: cf_clearance=KAUYGcHQKF9IM0pDogJGza092sAj36fPpnMXHHY6XCU-1669734662-0-250; path=/; expires=Wed, 29-Nov-23 15:11:02 GMT; domain=.ouo.press; HttpOnly
ouoio_session=eyJpdiI6IjFtK09QQ3JcL3FDK0FjekZcL04rVUsybW1KM2R5eFc5SWxOelZoMVwvZVhLVDQ9IiwidmFsdWUiOiIzVlpRSTJVaHc0YmwrUFJIcGJMMVVhZWlNaXN3SWZ4WStzMW5JdG04OVpkRkZnWkpFSzdoS091ZkFiRWVld0VtdUJ2em0xZkNqbU1PQ2xNNEJYSFpOZz09IiwibWFjIjoiNWU5YzAzYzFiNWFlMTc5NTM3OWMzMGE3NmRlMzVjYzQxMjA0YzQ2ZDUxNjAyYTk0NDQwMDhlMjc5OGZlN2ViMyJ9; path=/; httponly
language=eyJpdiI6Ill6QnBwOEFkK1VHVWFEWnlrcGY0VHgzNG5cLzRpMFdNZkxueXJ3UkdlUFJBPSIsInZhbHVlIjoiNFZFNzZVNk9cL1wvRFo3a2xyUkxjN243M0p3a3FGV1U0TnNxUlhxSVREZDNnPSIsIm1hYyI6IjE2ZWZkMmY2NDllMGFlZmZiYjExMGU3ODhkZThmNzE5OGRjN2Q5NzhmODdmMzAyZjgxNjEyZjZhZmJlNGVkMWMifQ%3D%3D; expires=Sun, 28-Nov-2027 15:11:03 GMT; Max-Age=157680000; path=/; httponly
8638cdb8a59d2cef3863f5aed4f2e7dd86d2f39f=eyJpdiI6ImRiXC9GRXg0alNxbFJPdzhOMG9MS2MzTUZsQ1V3RTRESTlaZjRKTFdcL0FRND0iLCJ2YWx1ZSI6IjM1aVJPUXlMS0hKSzI2cUhTQnUrd3ZVZ0p0cHM2OEJcLzN6QWhzRjNOZVBEUm1ROEJGaEpjXC9MZE1FUFFTRXlQR2xHUnpSNVVXVWl6Rm1mSXFKK0VWbmJGVlhGM2JTM0hvRzBvYVhvS2xiRUxvdnB2MlBYaG0zQzB2N2VJZnBHaW85TzFFblV5a0w2WE0xc3RXTVFZeGUwdVYxTndoRW9sMTNvMjhFa0U5ZFE3MVBFQ0JpcjFWXC9QU1lzbTJLQkhSVVVYQ1wvd3plbjRldjNOdjhFb1F5Zml0YSs4UHlXQ0RKdGxpUk0ybmFLcnJoZWhXUm9UZ2RiXC9Wc25CcHRFNGU3NUE2eWFGem9QUWxBYjRCaDRWYmsrMTNqU0tMM0E2YTR0RWRvYUlGY1hrejcrRm5uRXdCUGU2c01BYlUwWUlVTk1BTnp6TXplV2pFSDRpdmtCUkQ3UlBPQlpjV2ZZUkoxdHJwNldsS09yWHZsTGxBaGhFaFkzT3R3NDNzTUNpdkgyIiwibWFjIjoiZTQ0MDQxMmIwYTJjODIwYzNkNDUyYThlNDg4OTJiMzczZTA3Y2RkMDlmMWNmNTFmNDhjOTRlNzYwYTg5NzU2MyJ9; expires=Tue, 29-Nov-2022 17:11:03 GMT; Max-Age=7200; path=/; httponly
__cf_bm=OCwpiIs71DX4duIWD6dBOv8R4cCbBIrmutDfCUvVY_8-1669734663-0-AYO0DuPb2TnOoc7W3q3iRV5CPDomaxEkqnSRki0LTCPav/sccUz5xa1nqx+H34wA5+TEwndik/jt5Wj4v9Jj5bQ=; path=/; expires=Tue, 29-Nov-22 15:41:03 GMT; domain=.ouo.press; HttpOnly; SameSite=None
Server: cloudflare
CF-RAY: 771c460acef6b500-OSL
Content-Encoding: gzip
ouo.press/css/bootstrap.css
104.22.59.251200 OK 18 kB URL HTTP/1.1 ouo.press/css/bootstrap.css
IP 104.22.59.251:0
File type ASCII text, with very long lines (65452)
Hash ecd7a3b8fdf856cece681f760bad623c
3c16d8b0523e3c6de3b20f7c7f9de2ae48a2949a
40f5215bfeb4c595389b7d02127c47c94e173dbca21022c9f67eca101d03ab92
GET /css/bootstrap.css HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/ct3d85
Cookie: cf_clearance=KAUYGcHQKF9IM0pDogJGza092sAj36fPpnMXHHY6XCU-1669734662-0-250; ouoio_session=eyJpdiI6IjFtK09QQ3JcL3FDK0FjekZcL04rVUsybW1KM2R5eFc5SWxOelZoMVwvZVhLVDQ9IiwidmFsdWUiOiIzVlpRSTJVaHc0YmwrUFJIcGJMMVVhZWlNaXN3SWZ4WStzMW5JdG04OVpkRkZnWkpFSzdoS091ZkFiRWVld0VtdUJ2em0xZkNqbU1PQ2xNNEJYSFpOZz09IiwibWFjIjoiNWU5YzAzYzFiNWFlMTc5NTM3OWMzMGE3NmRlMzVjYzQxMjA0YzQ2ZDUxNjAyYTk0NDQwMDhlMjc5OGZlN2ViMyJ9; language=eyJpdiI6Ill6QnBwOEFkK1VHVWFEWnlrcGY0VHgzNG5cLzRpMFdNZkxueXJ3UkdlUFJBPSIsInZhbHVlIjoiNFZFNzZVNk9cL1wvRFo3a2xyUkxjN243M0p3a3FGV1U0TnNxUlhxSVREZDNnPSIsIm1hYyI6IjE2ZWZkMmY2NDllMGFlZmZiYjExMGU3ODhkZThmNzE5OGRjN2Q5NzhmODdmMzAyZjgxNjEyZjZhZmJlNGVkMWMifQ%3D%3D; 8638cdb8a59d2cef3863f5aed4f2e7dd86d2f39f=eyJpdiI6ImRiXC9GRXg0alNxbFJPdzhOMG9MS2MzTUZsQ1V3RTRESTlaZjRKTFdcL0FRND0iLCJ2YWx1ZSI6IjM1aVJPUXlMS0hKSzI2cUhTQnUrd3ZVZ0p0cHM2OEJcLzN6QWhzRjNOZVBEUm1ROEJGaEpjXC9MZE1FUFFTRXlQR2xHUnpSNVVXVWl6Rm1mSXFKK0VWbmJGVlhGM2JTM0hvRzBvYVhvS2xiRUxvdnB2MlBYaG0zQzB2N2VJZnBHaW85TzFFblV5a0w2WE0xc3RXTVFZeGUwdVYxTndoRW9sMTNvMjhFa0U5ZFE3MVBFQ0JpcjFWXC9QU1lzbTJLQkhSVVVYQ1wvd3plbjRldjNOdjhFb1F5Zml0YSs4UHlXQ0RKdGxpUk0ybmFLcnJoZWhXUm9UZ2RiXC9Wc25CcHRFNGU3NUE2eWFGem9QUWxBYjRCaDRWYmsrMTNqU0tMM0E2YTR0RWRvYUlGY1hrejcrRm5uRXdCUGU2c01BYlUwWUlVTk1BTnp6TXplV2pFSDRpdmtCUkQ3UlBPQlpjV2ZZUkoxdHJwNldsS09yWHZsTGxBaGhFaFkzT3R3NDNzTUNpdkgyIiwibWFjIjoiZTQ0MDQxMmIwYTJjODIwYzNkNDUyYThlNDg4OTJiMzczZTA3Y2RkMDlmMWNmNTFmNDhjOTRlNzYwYTg5NzU2MyJ9
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 15:11:03 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=86400
Cf-Bgj: minify
Cf-Polished: origSize=109522
ETag: W/"54def1fc-1abd2"
Expires: Tue, 29 Nov 2022 23:09:11 GMT
Last-Modified: Sat, 14 Feb 2015 06:58:04 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
CF-Cache-Status: HIT
Age: 14512
Set-Cookie: __cf_bm=yGZnpc4jZMlFSrHqGn_C8wYZtxzygdWUoGTbQVKmpHw-1669734663-0-Aep0c0XOoZXBjkwIeIz8SDu7Y8hUl5ijm52375KgsDr8WxPtX2nLAHGfoE1IkR+B14DIr+rQ68FiJC+4fapu9XA=; path=/; expires=Tue, 29-Nov-22 15:41:03 GMT; domain=.ouo.press; HttpOnly; SameSite=None
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 771c460d79f8b500-OSL
Content-Encoding: gzip
ouo.press/css/link-safe.css
104.22.59.251200 OK 1.8 kB URL HTTP/1.1 ouo.press/css/link-safe.css
IP 104.22.59.251:0
Hash d91a45478adaa488ef4f1733dfa3c44c
3686ea901ce8ca85bb82f42bf0a8d39095ebf73d
4bb66b15dd5791ec4c9867c3a89ee2ef9bdb5f0bbd0d442a1fbfe2c34e9bc86b
GET /css/link-safe.css HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/ct3d85
Cookie: cf_clearance=KAUYGcHQKF9IM0pDogJGza092sAj36fPpnMXHHY6XCU-1669734662-0-250; ouoio_session=eyJpdiI6IjFtK09QQ3JcL3FDK0FjekZcL04rVUsybW1KM2R5eFc5SWxOelZoMVwvZVhLVDQ9IiwidmFsdWUiOiIzVlpRSTJVaHc0YmwrUFJIcGJMMVVhZWlNaXN3SWZ4WStzMW5JdG04OVpkRkZnWkpFSzdoS091ZkFiRWVld0VtdUJ2em0xZkNqbU1PQ2xNNEJYSFpOZz09IiwibWFjIjoiNWU5YzAzYzFiNWFlMTc5NTM3OWMzMGE3NmRlMzVjYzQxMjA0YzQ2ZDUxNjAyYTk0NDQwMDhlMjc5OGZlN2ViMyJ9; language=eyJpdiI6Ill6QnBwOEFkK1VHVWFEWnlrcGY0VHgzNG5cLzRpMFdNZkxueXJ3UkdlUFJBPSIsInZhbHVlIjoiNFZFNzZVNk9cL1wvRFo3a2xyUkxjN243M0p3a3FGV1U0TnNxUlhxSVREZDNnPSIsIm1hYyI6IjE2ZWZkMmY2NDllMGFlZmZiYjExMGU3ODhkZThmNzE5OGRjN2Q5NzhmODdmMzAyZjgxNjEyZjZhZmJlNGVkMWMifQ%3D%3D; 8638cdb8a59d2cef3863f5aed4f2e7dd86d2f39f=eyJpdiI6ImRiXC9GRXg0alNxbFJPdzhOMG9MS2MzTUZsQ1V3RTRESTlaZjRKTFdcL0FRND0iLCJ2YWx1ZSI6IjM1aVJPUXlMS0hKSzI2cUhTQnUrd3ZVZ0p0cHM2OEJcLzN6QWhzRjNOZVBEUm1ROEJGaEpjXC9MZE1FUFFTRXlQR2xHUnpSNVVXVWl6Rm1mSXFKK0VWbmJGVlhGM2JTM0hvRzBvYVhvS2xiRUxvdnB2MlBYaG0zQzB2N2VJZnBHaW85TzFFblV5a0w2WE0xc3RXTVFZeGUwdVYxTndoRW9sMTNvMjhFa0U5ZFE3MVBFQ0JpcjFWXC9QU1lzbTJLQkhSVVVYQ1wvd3plbjRldjNOdjhFb1F5Zml0YSs4UHlXQ0RKdGxpUk0ybmFLcnJoZWhXUm9UZ2RiXC9Wc25CcHRFNGU3NUE2eWFGem9QUWxBYjRCaDRWYmsrMTNqU0tMM0E2YTR0RWRvYUlGY1hrejcrRm5uRXdCUGU2c01BYlUwWUlVTk1BTnp6TXplV2pFSDRpdmtCUkQ3UlBPQlpjV2ZZUkoxdHJwNldsS09yWHZsTGxBaGhFaFkzT3R3NDNzTUNpdkgyIiwibWFjIjoiZTQ0MDQxMmIwYTJjODIwYzNkNDUyYThlNDg4OTJiMzczZTA3Y2RkMDlmMWNmNTFmNDhjOTRlNzYwYTg5NzU2MyJ9
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 15:11:03 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=86400
Cf-Bgj: minify
Cf-Polished: status=cannot_optimize
ETag: W/"5d951ace-1830"
Expires: Wed, 30 Nov 2022 01:31:13 GMT
Last-Modified: Wed, 02 Oct 2019 21:46:54 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
CF-Cache-Status: HIT
Age: 5990
Set-Cookie: __cf_bm=tBqV_kKlf7KaAKqOOsWOJfjtU.qlz1QLvXPVT1RLeCA-1669734663-0-AUBKa/mNgqbFY3vcqnpRURO9Cyhv0vNfCBdhk8dHECF4SPwVJTfp3aT2ghHHPyTJJjpNnEiAxNuLjKpzkeHGYV4=; path=/; expires=Tue, 29-Nov-22 15:41:03 GMT; domain=.ouo.press; HttpOnly; SameSite=None
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 771c460d7f58b511-OSL
Content-Encoding: gzip
hhklc.com/c.js
104.21.70.122301 Moved Permanently 0 B IP 104.21.70.122:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.js HTTP/1.1
Host: hhklc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 301 Moved Permanently
Date: Tue, 29 Nov 2022 15:11:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 29 Nov 2022 16:11:03 GMT
Location: https://hhklc.com/c.js
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A0DLwwJ7Lq0FG7BdGGO45cBrZYAdiBU22MQfJ8nML5SQYd%2Bu0W1MKUfd%2BeeWRd9sfqMW9VL16LLkkPtCUCZCkYW4BdY%2BS3jVheECUzbKHmr6V4gQ62rx6UD%2F2wY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 771c460d8eef0b41-OSL
alt-svc: h2=":443"; ma=60
ouo.press/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
104.22.59.251200 OK 655 B URL HTTP/1.1 ouo.press/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP 104.22.59.251:0
File type HTML document, ASCII text, with very long lines (1238)
Hash bc3ba461c8a309acf61b6d9c41cb6236
88482306ecc9258d5e9cbb9ba5314dab223a5db4
31331f1b1519882d2f2fb60367708fd56a7a1ec0bddd0554c635547179c7dc8f
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/ct3d85
Cookie: cf_clearance=KAUYGcHQKF9IM0pDogJGza092sAj36fPpnMXHHY6XCU-1669734662-0-250; ouoio_session=eyJpdiI6IjFtK09QQ3JcL3FDK0FjekZcL04rVUsybW1KM2R5eFc5SWxOelZoMVwvZVhLVDQ9IiwidmFsdWUiOiIzVlpRSTJVaHc0YmwrUFJIcGJMMVVhZWlNaXN3SWZ4WStzMW5JdG04OVpkRkZnWkpFSzdoS091ZkFiRWVld0VtdUJ2em0xZkNqbU1PQ2xNNEJYSFpOZz09IiwibWFjIjoiNWU5YzAzYzFiNWFlMTc5NTM3OWMzMGE3NmRlMzVjYzQxMjA0YzQ2ZDUxNjAyYTk0NDQwMDhlMjc5OGZlN2ViMyJ9; language=eyJpdiI6Ill6QnBwOEFkK1VHVWFEWnlrcGY0VHgzNG5cLzRpMFdNZkxueXJ3UkdlUFJBPSIsInZhbHVlIjoiNFZFNzZVNk9cL1wvRFo3a2xyUkxjN243M0p3a3FGV1U0TnNxUlhxSVREZDNnPSIsIm1hYyI6IjE2ZWZkMmY2NDllMGFlZmZiYjExMGU3ODhkZThmNzE5OGRjN2Q5NzhmODdmMzAyZjgxNjEyZjZhZmJlNGVkMWMifQ%3D%3D; 8638cdb8a59d2cef3863f5aed4f2e7dd86d2f39f=eyJpdiI6ImRiXC9GRXg0alNxbFJPdzhOMG9MS2MzTUZsQ1V3RTRESTlaZjRKTFdcL0FRND0iLCJ2YWx1ZSI6IjM1aVJPUXlMS0hKSzI2cUhTQnUrd3ZVZ0p0cHM2OEJcLzN6QWhzRjNOZVBEUm1ROEJGaEpjXC9MZE1FUFFTRXlQR2xHUnpSNVVXVWl6Rm1mSXFKK0VWbmJGVlhGM2JTM0hvRzBvYVhvS2xiRUxvdnB2MlBYaG0zQzB2N2VJZnBHaW85TzFFblV5a0w2WE0xc3RXTVFZeGUwdVYxTndoRW9sMTNvMjhFa0U5ZFE3MVBFQ0JpcjFWXC9QU1lzbTJLQkhSVVVYQ1wvd3plbjRldjNOdjhFb1F5Zml0YSs4UHlXQ0RKdGxpUk0ybmFLcnJoZWhXUm9UZ2RiXC9Wc25CcHRFNGU3NUE2eWFGem9QUWxBYjRCaDRWYmsrMTNqU0tMM0E2YTR0RWRvYUlGY1hrejcrRm5uRXdCUGU2c01BYlUwWUlVTk1BTnp6TXplV2pFSDRpdmtCUkQ3UlBPQlpjV2ZZUkoxdHJwNldsS09yWHZsTGxBaGhFaFkzT3R3NDNzTUNpdkgyIiwibWFjIjoiZTQ0MDQxMmIwYTJjODIwYzNkNDUyYThlNDg4OTJiMzczZTA3Y2RkMDlmMWNmNTFmNDhjOTRlNzYwYTg5NzU2MyJ9
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 15:11:03 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 13:35:09 GMT
ETag: W/"637cd00d-4d7"
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 771c460d9a14b500-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Expires: Thu, 01 Dec 2022 15:11:03 GMT
Cache-Control: max-age=172800, public
Content-Encoding: gzip
fonts.googleapis.com/css?family=Questrial
142.250.74.106200 OK 448 B URL HTTP/1.1 fonts.googleapis.com/css?family=Questrial
IP 142.250.74.106:0
Hash 4c32c1f7ca7806c02d8887ea22c73462
5ee9341fb125898abde2579ef0028176934d9d10
35e2a514dccf156e8a1ee8296037fb430305b9538e2f940f91962a76a42e40f6
GET /css?family=Questrial HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Tue, 29 Nov 2022 15:11:03 GMT
Date: Tue, 29 Nov 2022 15:11:03 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
ecdn.analysis.fi/static/js/fab.js
54.230.111.87200 OK 4.2 kB URL HTTP/1.1 ecdn.analysis.fi/static/js/fab.js
IP 54.230.111.87:0
File type ASCII text, with very long lines (574)
Hash 28a0bef1ecb63168106f97b637ab3414
e577575dd115f6a95aea8c2ae87d2c30c8464728
d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6
GET /static/js/fab.js HTTP/1.1
Host: ecdn.analysis.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 4240
Connection: keep-alive
Server: nginx/1.20.0
Last-Modified: Tue, 14 Dec 2021 15:30:51 GMT
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Date: Tue, 29 Nov 2022 14:23:13 GMT
Expires: Tue, 29 Nov 2022 15:23:10 GMT
Cache-Control: max-age=3600
ETag: "61b8b8ab-1090"
X-Cache: Hit from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Jdr4Qy0icBapEw-weSXsoyk94hlhLsQKVvC0-eYDsyO4DC0Ul_Xc_w==
Age: 2873
ecdn.firstimpression.io/fi_client.js
54.230.111.73200 OK 100 kB URL HTTP/1.1 ecdn.firstimpression.io/fi_client.js
IP 54.230.111.73:0
File type ASCII text, with very long lines (618)
Size 100 kB (100201 bytes)
Hash 1c858a95f0a66948202ca61d5b16f461
34200b195928bae14f4f365fe53f98099545854f
eb52555e6b4271a4f0287b5a00bef6bb42a0613dba1d2c22ca61957fd6fa79ce
GET /fi_client.js HTTP/1.1
Host: ecdn.firstimpression.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Date: Tue, 29 Nov 2022 14:11:52 GMT
Server: nginx/1.20.0
X-Powered-By: PHP/8.0.14
X-XSS-Protection: 0
Last-Modified: Tue, 29 Nov 2022 14:11:52 UTC
ETag: W/"4ad874682fe1ab0ad75dc02bf1908f48"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 247T4ruHT4kbjPwpcqxYY8NMoBpExOx5B4epuGnhdQmVPsYIpLPjzA==
Age: 3551
cdn.adtrue.com/rtb/async.js
104.21.81.154301 Moved Permanently 0 B URL HTTP/1.1 cdn.adtrue.com/rtb/async.js
IP 104.21.81.154:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rtb/async.js HTTP/1.1
Host: cdn.adtrue.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 301 Moved Permanently
Date: Tue, 29 Nov 2022 15:11:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 29 Nov 2022 16:11:03 GMT
Location: https://cdn.adtrue.com/rtb/async.js
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NOIbEINsHZWCH0%2Bl63mk8k5eH%2F0gi8Dmo7xVv7RjWOj1AOLQUHBOzKH8HPCkymEIfNtTspnztRwFNXGP2RgKQnD%2FO9eK6QMI3nw97oCytiKYzCkrQ%2FcgdoAAjZIhvmV7%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 771c460dcdd60b69-OSL
alt-svc: h2=":443"; ma=60
tv.gourdycortes.com/1clkn/16562
172.255.6.153200 OK 26 B URL HTTP/1.1 tv.gourdycortes.com/1clkn/16562
IP 172.255.6.153:0
File type ASCII text, with no line terminators
Hash 414a242a6fee8464282857e475d3ef61
f669890350347f53aa9bd19c1a355692e8d17d2f
d4914e81dd0b4c1d8ee8e789f6b369d107b93ac886f862930e1a98580e79aafa
GET /1clkn/16562 HTTP/1.1
Host: tv.gourdycortes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 15:11:03 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Set-Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; expires=Wed, 30-Nov-2022 15:11:03 GMT; Max-Age=86400; path=/
GL_GI10=eJxNjM0KgkAYRW0qSwrjQg%2FQC2T%2Fi7bVMnThAwxmXzFg84kz%2FdjTpwbR5nI4cK7jOGLsQ6gcw%2B0i2M6D9TJYbNZoX4khwgjDlO%2FaFqXUyY3ghlw8kxJuQVfFGmK%2BwuDLMuUzoRtG0z%2FXRIPIZDzZ1z8lOqmqt1bwav52vaprXFuZHP4uU69JzNndVi8GniYrTU50hrdPThnNDvER%2Fs82H24LfWVkXvCrrHhk1Y3erEny5WLIVqr1cMUHDLFHVQ%3D%3D; expires=Wed, 30-Nov-2022 15:11:03 GMT; Max-Age=86400; path=/
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit
104.18.7.185302 Found 472 B URL HTTP/2 challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit
IP 104.18.7.185:0
Hash a0fe20d41a043db700a84924cd9793f3
c0da481fef6cd00558f6e68b074acb34bef8292f
03caeb65ab9e22f6d6fe0d344d327950d20ee9ed144e2da0e5e062943a03fc56
GET /turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Tue, 29 Nov 2022 15:11:00 GMT
location: /turnstile/v0/b/75e640aa/api.js?onload=_cf_chl_turnstile_l&render=explicit
cache-control: max-age=300, public
vary: accept-encoding
server: cloudflare
cf-ray: 771c45fe3d09b4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.google.com/recaptcha/api.js?render=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x
142.250.74.164200 OK 582 B URL HTTP/2 www.google.com/recaptcha/api.js?render=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x
IP 142.250.74.164:0
File type ASCII text, with very long lines (884), with no line terminators
Hash 729acee2a72aedc9406dba71bf4c1d00
e7f1dea037aaa2df1c1e5b884dc5d73b7bc35e82
7e9b8e953f317a7a47db6df1d1ac8be5c78e9a9524a0a07755c748c2198f816a
GET /recaptcha/api.js?render=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Tue, 29 Nov 2022 15:11:03 GMT
date: Tue, 29 Nov 2022 15:11:03 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 582
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ouo.press/images/world.png
104.22.59.251200 OK 12 kB URL HTTP/1.1 ouo.press/images/world.png
IP 104.22.59.251:0
Hash f70218cad414c1b0ace6593b5af6d503
29aaac2b4d03b2402154a49e82352ef904f9853d
79e3106943c1ad18bcdc8e97238a237b5cd3071e6901ff2b996e19381df489e2
GET /images/world.png HTTP/1.1
Host: ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/ct3d85
Cookie: cf_clearance=KAUYGcHQKF9IM0pDogJGza092sAj36fPpnMXHHY6XCU-1669734662-0-250; ouoio_session=eyJpdiI6IjFtK09QQ3JcL3FDK0FjekZcL04rVUsybW1KM2R5eFc5SWxOelZoMVwvZVhLVDQ9IiwidmFsdWUiOiIzVlpRSTJVaHc0YmwrUFJIcGJMMVVhZWlNaXN3SWZ4WStzMW5JdG04OVpkRkZnWkpFSzdoS091ZkFiRWVld0VtdUJ2em0xZkNqbU1PQ2xNNEJYSFpOZz09IiwibWFjIjoiNWU5YzAzYzFiNWFlMTc5NTM3OWMzMGE3NmRlMzVjYzQxMjA0YzQ2ZDUxNjAyYTk0NDQwMDhlMjc5OGZlN2ViMyJ9; language=eyJpdiI6Ill6QnBwOEFkK1VHVWFEWnlrcGY0VHgzNG5cLzRpMFdNZkxueXJ3UkdlUFJBPSIsInZhbHVlIjoiNFZFNzZVNk9cL1wvRFo3a2xyUkxjN243M0p3a3FGV1U0TnNxUlhxSVREZDNnPSIsIm1hYyI6IjE2ZWZkMmY2NDllMGFlZmZiYjExMGU3ODhkZThmNzE5OGRjN2Q5NzhmODdmMzAyZjgxNjEyZjZhZmJlNGVkMWMifQ%3D%3D; 8638cdb8a59d2cef3863f5aed4f2e7dd86d2f39f=eyJpdiI6ImRiXC9GRXg0alNxbFJPdzhOMG9MS2MzTUZsQ1V3RTRESTlaZjRKTFdcL0FRND0iLCJ2YWx1ZSI6IjM1aVJPUXlMS0hKSzI2cUhTQnUrd3ZVZ0p0cHM2OEJcLzN6QWhzRjNOZVBEUm1ROEJGaEpjXC9MZE1FUFFTRXlQR2xHUnpSNVVXVWl6Rm1mSXFKK0VWbmJGVlhGM2JTM0hvRzBvYVhvS2xiRUxvdnB2MlBYaG0zQzB2N2VJZnBHaW85TzFFblV5a0w2WE0xc3RXTVFZeGUwdVYxTndoRW9sMTNvMjhFa0U5ZFE3MVBFQ0JpcjFWXC9QU1lzbTJLQkhSVVVYQ1wvd3plbjRldjNOdjhFb1F5Zml0YSs4UHlXQ0RKdGxpUk0ybmFLcnJoZWhXUm9UZ2RiXC9Wc25CcHRFNGU3NUE2eWFGem9QUWxBYjRCaDRWYmsrMTNqU0tMM0E2YTR0RWRvYUlGY1hrejcrRm5uRXdCUGU2c01BYlUwWUlVTk1BTnp6TXplV2pFSDRpdmtCUkQ3UlBPQlpjV2ZZUkoxdHJwNldsS09yWHZsTGxBaGhFaFkzT3R3NDNzTUNpdkgyIiwibWFjIjoiZTQ0MDQxMmIwYTJjODIwYzNkNDUyYThlNDg4OTJiMzczZTA3Y2RkMDlmMWNmNTFmNDhjOTRlNzYwYTg5NzU2MyJ9
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 15:11:03 GMT
Content-Type: image/png
Content-Length: 5692
Connection: keep-alive
Cache-Control: max-age=2592000
Cf-Bgj: imgq:85,h2pri
Cf-Polished: status=not_needed
ETag: "5549a07c-163c"
Expires: Sat, 03 Dec 2022 22:33:44 GMT
Last-Modified: Wed, 06 May 2015 05:02:52 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
CF-Cache-Status: HIT
Age: 2219839
Accept-Ranges: bytes
Set-Cookie: __cf_bm=hQjaVJU_sHCnt.6DbIuUEzmzIPFB5uD75SnMizjQzTA-1669734663-0-AcUqBfG4B7xBtaAJ4Vk5RPSyYTTbiudn/WjJYaxqykdR/wu1vTlNSbcmUlVeF2VVnq4B7ZN22LxN8AlWN3/7fCY=; path=/; expires=Tue, 29-Nov-22 15:41:03 GMT; domain=.ouo.press; HttpOnly; SameSite=None
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 771c460e3ae6b500-OSL
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash abd55ecd24d357a9f02612558f723a90
6a1e6963864f0b53ddc6205d35225e6cf0bcbeec
195fa531e0462be58d5c62ebbe6060e147c94bdb1d38ff46c341c74e0ab2671a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 15:11:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
itineraryupper.com/ed/36/01/ed36014633829dc70a42dccaefdf3f11.js
192.243.61.225200 OK 13 kB URL HTTP/1.1 itineraryupper.com/ed/36/01/ed36014633829dc70a42dccaefdf3f11.js
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (37180), with no line terminators
Hash d0250793014ec917f4f3329053e22995
944fdd4779b89a206b246bebe46325f3014e26d7
08248b8d3f42cea9ff8e73f0e770498c94589937a0aa39a9af8bc57e0f48dd93
Analyzer Verdict Alert fortinet Malware
GET /ed/36/01/ed36014633829dc70a42dccaefdf3f11.js HTTP/1.1
Host: itineraryupper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Tue, 29 Nov 2022 15:11:03 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 93bbc4ce165012c7883e629a04970ac3
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 6a88f2156832954760c8f078796c1f13
2f74a24ca69f04e2f8341ee582c4564804ab1743
2045157f34e2d2309dfe1d50e3e7dc7a8ffa2a80a982b47bfdff0079ae0ebe33
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=134754
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 15:11:03 GMT
Etag: "63858c69-118"
Expires: Thu, 01 Dec 2022 04:36:57 GMT
Last-Modified: Tue, 29 Nov 2022 04:36:57 GMT
Server: nginx
Content-Length: 280
fonts.gstatic.com/s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2
216.58.207.227200 OK 19 kB URL HTTP/1.1 fonts.gstatic.com/s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 19292, version 1.0\012- data
Hash 19007b17e56daa60133bce9e9b352a95
bac1384caeae5762e7a1d8c18037f69c8cd21bc4
fd88a03358ba14440b78c6329717bdf6ed1a9fe97c3ad4e0a0a39d31fb1ac546
GET /s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://ouo.press
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 19292
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 25 Nov 2022 14:28:03 GMT
Expires: Sat, 25 Nov 2023 14:28:03 GMT
Cache-Control: public, max-age=31536000
Age: 348180
Last-Modified: Wed, 27 Apr 2022 16:12:54 GMT
Content-Type: font/woff2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 6a88f2156832954760c8f078796c1f13
2f74a24ca69f04e2f8341ee582c4564804ab1743
2045157f34e2d2309dfe1d50e3e7dc7a8ffa2a80a982b47bfdff0079ae0ebe33
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=134754
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 15:11:03 GMT
Etag: "63858c69-118"
Expires: Thu, 01 Dec 2022 04:36:57 GMT
Last-Modified: Tue, 29 Nov 2022 04:36:57 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 280
exchange.adtrue.com/delivery/impress?pzoneid=12953&ref=http%3A%2F%2Fouo.press%2Fct3d85&cb=905118327&timeZone=0&adWidth=300&adHeight=250&loc=http://ouo.press/ct3d85
172.67.144.172301 Moved Permanently 0 B URL HTTP/1.1 exchange.adtrue.com/delivery/impress?pzoneid=12953&ref=http%3A%2F%2Fouo.press%2Fct3d85&cb=905118327&timeZone=0&adWidth=300&adHeight=250&loc=http://ouo.press/ct3d85
IP 172.67.144.172:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /delivery/impress?pzoneid=12953&ref=http%3A%2F%2Fouo.press%2Fct3d85&cb=905118327&timeZone=0&adWidth=300&adHeight=250&loc=http://ouo.press/ct3d85 HTTP/1.1
Host: exchange.adtrue.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 301 Moved Permanently
Date: Tue, 29 Nov 2022 15:11:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 29 Nov 2022 16:11:03 GMT
Location: https://exchange.adtrue.com/delivery/impress?pzoneid=12953&ref=http%3A%2F%2Fouo.press%2Fct3d85&cb=905118327&timeZone=0&adWidth=300&adHeight=250&loc=http://ouo.press/ct3d85
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6UvAKCvgQkobKXrb7TRoP%2FaTbArDwzt1G4CvpLW0utQ13FeMAHxurzSMdS9DziMOO%2F%2BczypTKLiQ6hVoB4h4qRucalEpNbEMOTENJqs9GG6myjYK0YfXcSPAsR7monjJCNxIQi%2Bu"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 771c46105ffd1c16-OSL
alt-svc: h2=":443"; ma=60
friendshipmale.com/sfp.js
172.64.162.31200 OK 28 kB URL HTTP/1.1 friendshipmale.com/sfp.js
IP 172.64.162.31:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash b1fa950e77a7db5425f9a5257af02e9c
2d5580451f34ad96218f8b97edf9708f9ee1be87
d999c4320df27dc4a1d3de5aec22bb3ef201560b47a7eff3f28f4133c1997a14
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 15:11:03 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: max-age=14400
X-Request-ID: e5482865e41fc4d1721a28e666dbc6fb
Strict-Transport-Security: max-age=0; includeSubdomains
CF-Cache-Status: EXPIRED
Last-Modified: Tue, 29 Nov 2022 15:11:03 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qiPmFGC9DFYIEFaubvZhqQFtSR4lMTl7icEVurhKqo4qZV0YdptbN9u17OsV4aG6r3NMrQsqXBn%2BOBF0lS26ZAkc8CzbmqgnN9Ejc5MXMTkUur97P5FgbZIOKPUn1SMP%2BeGrp7o%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 771c460fea0374d1-LHR
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 6d4aa81497d78e8890f1833dfd810f3b
1a661b0ea7a2272d32a364d110f8b2525a13a72a
c3127cd2765f7a80a75f4000fbbd0680b93a944448f0260b6c4a1dd6b041bbfa
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 29 Nov 2022 15:11:03 GMT
Last-Modified: Tue, 29 Nov 2022 14:29:33 GMT
Server: ECS (nyb/1D05)
X-Cache: Miss from cloudfront
Via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: SkT67jYWTTi-ZTK3toG9htbSnPSOmHxtkky1m2ENWcMC6HertP9YEA==
Age: 2491
cdn.adtrue.com/rtb/async.js
104.21.81.154200 OK 2.6 kB URL HTTP/2 cdn.adtrue.com/rtb/async.js
IP 104.21.81.154:0
File type HTML document, ASCII text, with very long lines (7327), with no line terminators
Hash 48fd4b3fa284d6616e9dbb4b1d342c3f
24085a17aefe204dc2f3b896fb1d100a607f97c5
e0fbdd3dfef1b3452e004a5c1a5cc43bc76055ef5bd05a29de596b2f2d8108bb
GET /rtb/async.js HTTP/1.1
Host: cdn.adtrue.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ouo.press/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:11:03 GMT
content-type: application/javascript
last-modified: Mon, 16 Nov 2020 01:20:45 GMT
etag: W/"5fb1d3ed-1c9f"
expires: Sun, 24 Sep 2023 03:46:20 GMT
cache-control: max-age=31104000
access-control-allow-origin: *
cf-cache-status: HIT
age: 5311483
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Etmdy6zCfwKWkCCu36t51WbeofY9zOkI1AL1bsbOTRAgcVJUdH9MwZOHoLE%2BTEb4eeaGcDXbmHAAYJg5G2rCLHWDWdphB9UBE1Q1rhqUlv0PThbBMUIa40iIL56Bcqnqw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771c460fea8e0b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
18.185.190.54200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 18.185.190.54:0
File type ASCII text, with no line terminators
Hash 4a135f7811476e3fbb431bc3331d52c2
b532b65c76fc9434fa47821173704e3b4334455c
ad0aac41d6aefc0f63765dde46341f9e314f0de78e8c9773edcd62863d9d89f9
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:11:03 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://ouo.press
access-control-allow-credentials: true
set-cookie: uid_id2=371b7052-2a5f-4903-8526-20b291333994:3:1; expires=Fri, 26 Nov 2032 15:11:03 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
widgets.outbrain.com/images/widgetIcons/achoice.svg
23.38.201.81200 OK 2.7 kB URL HTTP/2 widgets.outbrain.com/images/widgetIcons/achoice.svg
IP 23.38.201.81:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2290)
Hash 9d26fa4e7238ed94f1d0d92afb453b3e
ae18efe7d09337bf2f580b3f5bc912284aad7821
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
GET /images/widgetIcons/achoice.svg HTTP/1.1
Host: widgets.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/svg+xml
etag: "9d26fa4e7238ed94f1d0d92afb453b3e:1662969032.874716"
last-modified: Mon, 12 Sep 2022 07:37:47 GMT
server: AkamaiNetStorage
content-length: 2735
cache-control: max-age=2592000
expires: Thu, 29 Dec 2022 15:11:03 GMT
date: Tue, 29 Nov 2022 15:11:03 GMT
timing-allow-origin: *, *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 100 kB IP 142.250.74.131:0
Size 100 kB (100113 bytes)
Hash 7d8849b78ac9111d07084599f5bfd65f
c18d7d43acfb1a72fed7a37fd9b915e8ac5a53cb
5955ff119e8bea43d3d5d01c5687904515748a046506a246982dc6df87142da0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 15:11:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
23.38.200.201200 OK 80 kB URL HTTP/1.1 ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
IP 23.38.200.201:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 6a4ce36b0d03543974d71b88fa37145d
a5c1750aab7489f287c98bae25f5afff0ed16ce8
30fb02ff951a4220268d02c95e2dbd16adfad28b179a89e9643d75ade8809aaf
GET /AdServer/js/pwt/155495/4202/pwt.js HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 200 OK
Last-Modified: Wed, 27 Oct 2021 05:33:12 GMT
ETag: "1241a12-3fca8-5cf4eee137dd8"
Server: Apache
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Type: text/javascript
Content-Length: 80538
Cache-Control: max-age=91442
Expires: Wed, 30 Nov 2022 16:35:05 GMT
Date: Tue, 29 Nov 2022 15:11:03 GMT
Connection: keep-alive
Vary: Accept-Encoding
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 49eee25f3ccd585a29e34e80cf5bb160
73eca8be91deedd049304862759a3d8084c0b07e
531e5685527861b3ed7e8e3865c5a6a40d3f92f5c9d89df3f385dab72406fb56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 15:11:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
142.250.74.35200 OK 163 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
IP 142.250.74.35:0
File type ASCII text, with very long lines (730)
Size 163 kB (162976 bytes)
Hash 79d18cf4265108d7cecca1bf4ada6109
e51d0285a545381d4c39e9e0292a650ffeeecbb9
59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6
GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 14:58:50 GMT
expires: Wed, 29 Nov 2023 14:58:50 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
age: 733
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 30462b52571c91f089bed4de98462a46
7e2b322ea5b8f97b2fa76751bcffe2a420f872eb
c5403dfefa9d043ac501963ff09a6d3d70e21f6e6a1b9728183a3490060a4bfc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 15:11:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 49eee25f3ccd585a29e34e80cf5bb160
73eca8be91deedd049304862759a3d8084c0b07e
531e5685527861b3ed7e8e3865c5a6a40d3f92f5c9d89df3f385dab72406fb56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 15:11:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
status.geotrust.com/
93.184.220.29200 OK 686 B IP 93.184.220.29:0
Hash 5db64f5c3e5e9ac7c50af6ef31582050
289856eb4f64f2b8122482a23ba2f2b9b839cfdb
c6f7a7fee9105d9d823b1939d85dae2595038f13a14d4a0ac9ab35ee38c18774
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6341
Cache-Control: max-age=91765
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 15:11:04 GMT
Etag: "6384cbb8-1d7"
Expires: Wed, 30 Nov 2022 16:40:29 GMT
Last-Modified: Mon, 28 Nov 2022 14:54:48 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 4ed4504c8b02fc509f234707dc77781f
19acd03459e36691bfe55062056b824e39033cb1
b83b1242e3991a8c4b50fc7218fc5f838baef5281a58f8c4d72409f10e5b9e32
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2350
Cache-Control: max-age=160489
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 15:11:04 GMT
Etag: "6385e7c3-139"
Expires: Thu, 01 Dec 2022 11:45:53 GMT
Last-Modified: Tue, 29 Nov 2022 11:06:43 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0a7a193b3750d36f0c7200b84287e68c
0deec385bbbae07281c65e6c292e5982dfeedd9b
8eb178c3fdb66956af186d436df4183cab05699565c15bb6eec4b50b90b4870b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3946
Cache-Control: max-age=156685
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 15:11:04 GMT
Etag: "6385d2ab-1d7"
Expires: Thu, 01 Dec 2022 10:42:29 GMT
Last-Modified: Tue, 29 Nov 2022 09:36:43 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash f50fd635895870df33a17fe377a6a038
dd65dfbbc810b095432cfd59f971af04a9e31ab7
ebd9b6c3f67865c297d08802839c940994424000df3bf8a3f1316b8e13666e94
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 15:11:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
hhklc.com/c.js
104.21.70.122200 OK 2.5 kB IP 104.21.70.122:0
File type ASCII text, with very long lines (8728), with no line terminators
Hash edb3a9973af7cf3e8cb70c36a3ae36ff
d3a5482bf69599ae31fb157053d164c7cc9cf9b6
1fd42413261b11fc197bd0440d347fca8b35be0a0eae6cc5729a050332d0882f
GET /c.js HTTP/1.1
Host: hhklc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ouo.press/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:11:03 GMT
content-type: application/javascript
last-modified: Fri, 11 Nov 2022 16:10:23 GMT
etag: W/"636e73ef-2218"
server-asp-net: Asp Net
expires: Tue, 29 Nov 2022 15:23:18 GMT
cache-control: public, max-age=14400
cf-cache-status: HIT
age: 1965
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ck6ILqzFPf5hFZQj2eSP2yaWQRH43%2Buo4FfRxey20LsD51daytO2EFm52u6%2F6HgI88I2F6YfTlZjS0rObLm8W8fL1SnM3O59owuh1fkHfIKkNd%2BLwEAQQjeRTDs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771c460de8560b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bidder.criteo.com/cdb?profileId=207&av=34&wv=7.12.0-pre&cb=41683278588&lsavail=0
178.250.2.131204 No Content 0 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=7.12.0-pre&cb=41683278588&lsavail=0
IP 178.250.2.131:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdb?profileId=207&av=34&wv=7.12.0-pre&cb=41683278588&lsavail=0 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 405
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Tue, 29 Nov 2022 15:11:03 GMT
vary: Origin
server: Finatra
timing-allow-origin: *
access-control-allow-origin: http://ouo.press
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
fptadtrue-d.openx.net/w/1.0/arj?ju=http%3A%2F%2Fouo.press%2Fct3d85&ch=UTF-8&res=1280x1024x24&ifr=true&tz=0&tws=1280x939&be=1&bc=hb_pb_3.0.3&dddid=717a3831-7104-4777-886f-56f53cf381be&nocache=1669734663117&aus=300x250&divids=adtrue_ads_12953_kn9wu0skjalyu5n84nd&aucs=adtrue_ads_12953_kn9wu0skjalyu5n84nd&auid=558223497&aumfs=100
34.98.64.218200 OK 1.8 kB URL HTTP/2 fptadtrue-d.openx.net/w/1.0/arj?ju=http%3A%2F%2Fouo.press%2Fct3d85&ch=UTF-8&res=1280x1024x24&ifr=true&tz=0&tws=1280x939&be=1&bc=hb_pb_3.0.3&dddid=717a3831-7104-4777-886f-56f53cf381be&nocache=1669734663117&aus=300x250&divids=adtrue_ads_12953_kn9wu0skjalyu5n84nd&aucs=adtrue_ads_12953_kn9wu0skjalyu5n84nd&auid=558223497&aumfs=100
IP 34.98.64.218:0
Hash d706560d98a9a568a3324eb2409a2023
e0d84ee653da74b4d472ac442d1c112c98af88c0
3bae58623a3dc0d71a391693f9a7be723b9be2862ef8eeaa59c6e38a86e0c0dc
GET /w/1.0/arj?ju=http%3A%2F%2Fouo.press%2Fct3d85&ch=UTF-8&res=1280x1024x24&ifr=true&tz=0&tws=1280x939&be=1&bc=hb_pb_3.0.3&dddid=717a3831-7104-4777-886f-56f53cf381be&nocache=1669734663117&aus=300x250&divids=adtrue_ads_12953_kn9wu0skjalyu5n84nd&aucs=adtrue_ads_12953_kn9wu0skjalyu5n84nd&auid=558223497&aumfs=100 HTTP/1.1
Host: fptadtrue-d.openx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept, Accept-Encoding
server: OXGW/0.0.0
pragma: no-cache
p3p: CP="CUR ADM OUR NOR STA NID"
expires: Mon, 26 Jul 1997 05:00:00 GMT
date: Tue, 29 Nov 2022 15:11:04 GMT
content-type: application/json
content-length: 79
content-encoding: gzip
cache-control: private, max-age=0, no-cache
access-control-allow-origin: http://ouo.press
access-control-allow-credentials: true
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=GTM-NPLC9ST
142.250.74.40200 OK 47 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=GTM-NPLC9ST
IP 142.250.74.40:0
File type ASCII text, with very long lines (1921)
Hash c66a46879dd4b035920b291fe20c6783
8736f6802a2fd329ef8f2b87102c6d0cc5adc004
fbb8d43716194fbcd473184286b99e2aa6e539fb3c0cd9844779b3a42220ebc3
GET /gtag/js?id=GTM-NPLC9ST HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.adtrue.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 29 Nov 2022 15:11:04 GMT
expires: Tue, 29 Nov 2022 15:11:04 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 47073
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7f5207357ba092496caa356b021e3dcc
6ceaf2b91fa7c6e0b096f72d97a53a91576fd13a
55ecec93b84d2fb4902fcb36a77071128f74f7898b5fa2b96d1db4a5f1bf3b91
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4258
Cache-Control: max-age=89682
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 15:11:04 GMT
Etag: "6384cbb8-1d7"
Expires: Wed, 30 Nov 2022 16:05:46 GMT
Last-Modified: Mon, 28 Nov 2022 14:54:48 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
hbopenbid.pubmatic.com/translator?source=prebid-client
185.64.190.77204 No Content 0 B URL HTTP/2 hbopenbid.pubmatic.com/translator?source=prebid-client
IP 185.64.190.77:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /translator?source=prebid-client HTTP/1.1
Host: hbopenbid.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 972
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: http://ouo.press
cache-control: no-cache, no-store, must-revalidate
date: Tue, 29 Nov 2022 15:11:02 GMT
X-Firefox-Spdy: h2
ecdn.firstimpression.io/static/js/prebidamp.js
54.230.111.73200 OK 99 kB URL HTTP/2 ecdn.firstimpression.io/static/js/prebidamp.js
IP 54.230.111.73:0
Hash 0f46e0c8ffca7f9e4ac0b7693d4a9b64
dcb2cc201c22472f2c0a8b928dd6cb491e65e1b9
653f09d7a70355feee1da0f33685e14d0f358c5c659bbd70b936c379848c65a0
GET /static/js/prebidamp.js HTTP/1.1
Host: ecdn.firstimpression.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
server: nginx/1.20.0
last-modified: Tue, 14 Dec 2021 15:30:51 GMT
access-control-allow-origin: *
content-encoding: gzip
date: Tue, 29 Nov 2022 15:10:31 GMT
expires: Tue, 29 Nov 2022 16:10:31 GMT
cache-control: max-age=3600
etag: W/"61b8b8ab-4e128"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Ee6Qjgwotf1UbcXxqZwsABVB8ZyWJVHYjr1jOaTtHsLI-9H1Mpc42Q==
age: 33
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash f50fd635895870df33a17fe377a6a038
dd65dfbbc810b095432cfd59f971af04a9e31ab7
ebd9b6c3f67865c297d08802839c940994424000df3bf8a3f1316b8e13666e94
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 15:11:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
151.101.1.229200 OK 9.2 kB URL HTTP/2 cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
IP 151.101.1.229:0
File type ASCII text, with very long lines (27677)
Hash be67ba0617660113c8b105b9318d8184
25c33a00dfefa7ba1823017dc3e9c63a17d53459
7a80c6ef8f369f3115b83e5f88aa88e730450fed06466c418a98a5fe2a9988f6
GET /npm/prebid-universal-creative@latest/dist/creative.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.14.2
x-jsd-version-type: version
etag: W/"6c5a-5kbBcMwAuv899TsKizV+K03Rtig"
content-encoding: gzip
accept-ranges: bytes
date: Tue, 29 Nov 2022 15:11:04 GMT
age: 31629
x-served-by: cache-fra-eddf8230118-FRA, cache-bma1625-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 9244
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.20.226:0
Hash 0f1f735b8e92aaf4a6b1b08a137a7f14
508c529ffdaf42cb222b46a4c125c76c3fb08be9
a2a7c35e148022addd34da631734f564c16838162eddd1991ac1b59961b7cb46
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 15:11:04 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "AD3A864477924B95F5FE21415D0713BCBA1ECEC6"
Expires: Wed, 30 Nov 2022 03:00:00 GMT
Last-Modified: Tue, 29 Nov 2022 15:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 71
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 771c4613a9b80b3d-OSL
www.google-analytics.com/analytics.js
216.58.207.206200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 216.58.207.206:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.adtrue.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Tue, 29 Nov 2022 14:41:08 GMT
expires: Tue, 29 Nov 2022 16:41:08 GMT
cache-control: public, max-age=7200
age: 1796
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.adtrue.com/rtb/passback.js
104.21.81.154301 Moved Permanently 0 B URL HTTP/1.1 cdn.adtrue.com/rtb/passback.js
IP 104.21.81.154:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rtb/passback.js HTTP/1.1
Host: cdn.adtrue.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 301 Moved Permanently
Date: Tue, 29 Nov 2022 15:11:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 29 Nov 2022 16:11:04 GMT
Location: https://cdn.adtrue.com/rtb/passback.js
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xyqVYEvOqO5l7Dts1RqQamLbSZ8ljqGgaGEVMEsclJa%2FdZ2kTBeMg2C7cTR8MTc850uOuVE4PmKr3w5Fhia4Ssb7xot3kpsFryCgXJ3CjBhEhURqsFTiKJfNsLj2O%2FV%2Fag%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 771c46144cf00b69-OSL
alt-svc: h2=":443"; ma=60
bidder.criteo.com/cdb?profileId=207&av=34&wv=6.2.0&cb=15107269449
178.250.2.131200 OK 44 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=6.2.0&cb=15107269449
IP 178.250.2.131:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5f1dcf53824ce88cdb7941d34db3f19d
4164a13e3f53e1f002606a807d64a92620720fb0
3a803b7520764b5266cfac90aa9f9b2ff931109f489d9a1deb24aa686c239a74
POST /cdb?profileId=207&av=34&wv=6.2.0&cb=15107269449 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 484
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:11:03 GMT
vary: Origin
server: Finatra
content-type: application/json; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: http://ouo.press
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-encoding: gzip
content-length: 44
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
37.252.171.84200 OK 139 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 37.252.171.84:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 3025e3057380452b8354c986b1dacd2b
2d832f747433cd8387ff8b3302f48e8ddb9fc64a
5e8076d4f5547ee3ebb84f9fc7c618c98a04ed25d84a9526f0bee61bbb10e1ce
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 679
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Tue, 29 Nov 2022 15:11:04 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 139
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://ouo.press
AN-X-Request-Uuid: 35df4bee-eb1a-468e-a97c-a229382e0d8b
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9be5b512530985c94942b01c36d95397
dbd8767a356e21d7c6ebfb32fe46a6d7e945d47f
abc1a723d9039dfc20718f4f50b771a28f608848961a7298ec1c0a48b25e64b9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2836
Cache-Control: max-age=124988
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 15:11:04 GMT
Etag: "63855b30-1d7"
Expires: Thu, 01 Dec 2022 01:54:12 GMT
Last-Modified: Tue, 29 Nov 2022 01:06:56 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash ea101f7e711eb66ba76f9e395ce3b919
5be1c6a23b5e6059f4d882148c84eb941c7068ec
0f874cf2a25b7f913badd906ae5deb8429f8eb135973275ed5314162b37c7b31
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 15:11:04 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 26 Nov 2022 13:55:55 GMT
Expires: Sat, 03 Dec 2022 13:55:54 GMT
Etag: "5be1c6a23b5e6059f4d882148c84eb941c7068ec"
Cache-Control: max-age=340489,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 771c461579d21c0a-OSL
exchange.adtrue.com/tag/passback?adtrue_pzoneid=12953&divid=876240386&ref=undefined
172.67.144.172301 Moved Permanently 0 B URL HTTP/1.1 exchange.adtrue.com/tag/passback?adtrue_pzoneid=12953&divid=876240386&ref=undefined
IP 172.67.144.172:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tag/passback?adtrue_pzoneid=12953&divid=876240386&ref=undefined HTTP/1.1
Host: exchange.adtrue.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 301 Moved Permanently
Date: Tue, 29 Nov 2022 15:11:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 29 Nov 2022 16:11:04 GMT
Location: https://exchange.adtrue.com/tag/passback?adtrue_pzoneid=12953&divid=876240386&ref=undefined
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KcpOh5zYiIjMvqxOq4J71lGf97cXTnGPoBM515DWxRkuxL8HIqZhMORfFuezY4qPM5i3KPbohmO1XRg5XcvtK08niEei9xC8JW6LFwl%2Fs3EXELrD6hd24LE8YSrgLPmZvYzAI5in"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 771c4615dd441c16-OSL
alt-svc: h2=":443"; ma=60
gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1
178.250.0.157200 OK 399 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1
IP 178.250.0.157:0
File type JSON data\012- , ASCII text, with very long lines (483), with no line terminators
Hash 25e87338b22bddbb9ce0d5bb66058a2e
dcb8a45bbaca00dc65a09d46571b68cf79fe4a6a
4f43219915e5aaa452614a98030aeca9798d961e2558008721bcfa29daf6543e
GET /sid/json?origin=prebid&topUrl=http%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:11:04 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: http://ouo.press
server-processing-duration-in-ticks: 1324099
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18438&site_id=202928&zone_id=1317174&size_id=2&rp_schain=1.0,1!firstimpression.io,7419,1,,,&rf=http%3A%2F%2Fouo.press%2Fct3d85&kw=ouo.press%2Cshortlinks%2Clinkshortener%2CfreeURLshortener&tg_i.ref=http%3A%2F%2Fouo.press%2Fct3d85&tg_i.page=http%3A%2F%2Fouo.press%2Fct3d85&tg_i.domain=ouo.press&tg_i.figroup=a9&tk_flint=pbjs_lite_v6.2.0&x_source.tid=370290d2-9bcb-482e-a77d-78a76ef69b0a&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.39181098735408204
213.19.162.41200 OK 346 B URL HTTP/2 fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18438&site_id=202928&zone_id=1317174&size_id=2&rp_schain=1.0,1!firstimpression.io,7419,1,,,&rf=http%3A%2F%2Fouo.press%2Fct3d85&kw=ouo.press%2Cshortlinks%2Clinkshortener%2CfreeURLshortener&tg_i.ref=http%3A%2F%2Fouo.press%2Fct3d85&tg_i.page=http%3A%2F%2Fouo.press%2Fct3d85&tg_i.domain=ouo.press&tg_i.figroup=a9&tk_flint=pbjs_lite_v6.2.0&x_source.tid=370290d2-9bcb-482e-a77d-78a76ef69b0a&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.39181098735408204
IP 213.19.162.41:0
File type JSON data\012- , ASCII text, with very long lines (346), with no line terminators
Hash ffee9d6bed678e183d05dd1b6a230855
3bf0abf2cd395bf4cd0045315ae5e3844bd7b942
5d6a99a36cb4f0ef1bc2a085ec37c6d07319cc4f10d9a09695b3eb24b9fb94a0
GET /a/api/fastlane.json?account_id=18438&site_id=202928&zone_id=1317174&size_id=2&rp_schain=1.0,1!firstimpression.io,7419,1,,,&rf=http%3A%2F%2Fouo.press%2Fct3d85&kw=ouo.press%2Cshortlinks%2Clinkshortener%2CfreeURLshortener&tg_i.ref=http%3A%2F%2Fouo.press%2Fct3d85&tg_i.page=http%3A%2F%2Fouo.press%2Fct3d85&tg_i.domain=ouo.press&tg_i.figroup=a9&tk_flint=pbjs_lite_v6.2.0&x_source.tid=370290d2-9bcb-482e-a77d-78a76ef69b0a&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.39181098735408204 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.21.4
date: Tue, 29 Nov 2022 15:11:04 GMT
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-credentials: true
access-control-allow-origin: http://ouo.press
pragma: no-cache
vary: Accept-Encoding
set-cookie: khaos=LB2CWOTL-1S-AKF2; Domain=.rubiconproject.com; Path=/; Expires=Wed, 29-Nov-2023 15:11:04 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|naVuGyos1qqUa+OnIuAvD+9DtVM30fCgWfwF83iE8fozQxlIlBnwW5ZjSCqH74hcJhsHlJbldDdJwe9iGXKQTKZr5ZVxLWDe; Domain=.rubiconproject.com; Path=/; Expires=Wed, 29-Nov-2023 15:11:04 GMT; Max-Age=31536000; SameSite=None; Secure
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 346
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash c0c4ba11382c44ef7989b0ae89cc90d1
fea338ae0cfc0af3e0abd94c19885e3684438291
a98c38149cc9961696ec21c53a8b70fcaeaacdb45be764163e3058bb943b1091
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6566
Cache-Control: max-age=142379
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 15:11:04 GMT
Etag: "6385908d-117"
Expires: Thu, 01 Dec 2022 06:44:03 GMT
Last-Modified: Tue, 29 Nov 2022 04:54:37 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279
jsc.adskeeper.com/a/d/adtrue.ouo.press.991771.js
172.64.151.192200 OK 921 B URL HTTP/2 jsc.adskeeper.com/a/d/adtrue.ouo.press.991771.js
IP 172.64.151.192:0
File type ASCII text, with very long lines (2361)
Hash dc406d72b5d7cb505ff0f720a76f333c
e848a1e516384718b9319acc891ff2f7d5d707b6
e92fc567697445a7896a332abf07536107c7b96112d287748ef9234292c80c58
GET /a/d/adtrue.ouo.press.991771.js HTTP/1.1
Host: jsc.adskeeper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:11:04 GMT
content-type: text/javascript
content-length: 921
x-amz-id-2: feXPNfpFaacSm8lt6RhzCbec1+gHhzZ+DriZQVNyKgZogPAFPtddKynKrrt3LGH5NtYxJR+TKjM=
x-amz-request-id: BSY1ZH442MF2G462
last-modified: Wed, 23 Nov 2022 08:34:07 GMT
etag: "dc406d72b5d7cb505ff0f720a76f333c"
content-encoding: gzip
x-amz-version-id: Nv3tnKsQJJFloLFD8ccmmePhVOX9ZV_J
cf-cache-status: HIT
age: 4881
expires: Tue, 29 Nov 2022 19:11:04 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 771c46172df8b512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash c0c4ba11382c44ef7989b0ae89cc90d1
fea338ae0cfc0af3e0abd94c19885e3684438291
a98c38149cc9961696ec21c53a8b70fcaeaacdb45be764163e3058bb943b1091
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6566
Cache-Control: max-age=142379
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 15:11:04 GMT
Etag: "6385908d-117"
Expires: Thu, 01 Dec 2022 06:44:03 GMT
Last-Modified: Tue, 29 Nov 2022 04:54:37 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279
jsc.adskeeper.com/a/d/adtrue.ouo.press.991771.es6.js
172.64.151.192200 OK 77 kB URL HTTP/2 jsc.adskeeper.com/a/d/adtrue.ouo.press.991771.es6.js
IP 172.64.151.192:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (33528)
Hash 685f1f92759cc00748247886fb65f456
415e063c765193a8144631d233cd65b19b385c01
6921a9a9cae5cb537f07548e9d5ef79f7b319786beda6c59a02978f8cd1d8d2e
GET /a/d/adtrue.ouo.press.991771.es6.js HTTP/1.1
Host: jsc.adskeeper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:11:04 GMT
content-type: text/javascript
content-length: 77357
x-amz-id-2: SdLATQQUj9V5MUL8GJ1mTs1+1df/fMAy3HfVNeruF7ESTW9dZob57qxzjdeDGW+pl5U+kkPACRY=
x-amz-request-id: SQNX5CVNZKKQ3B6M
last-modified: Wed, 23 Nov 2022 11:42:34 GMT
etag: "685f1f92759cc00748247886fb65f456"
content-encoding: gzip
x-amz-version-id: dd1Oy8DoTdUVgoS4j2prex4kOlpjN63N
cf-cache-status: HIT
age: 4881
expires: Tue, 29 Nov 2022 19:11:04 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 771c46177e6eb512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
143.204.46.73200 OK 2.7 kB URL HTTP/1.1 c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
IP 143.204.46.73:0
File type ASCII text, with very long lines (6482), with no line terminators
Hash e26591496813b1e661ad45d97ac4a7fa
d8c83c994fe29cddcd62130120b6ba8209092aca
5646a1eee3561c62ad4c6a14b51d95272e215373313e73d9c4680e465cf3d61a
GET /bao-csm/aps-comm/aps_csm.js HTTP/1.1
Host: c.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Max-Age: 3000
Last-Modified: Fri, 18 Nov 2022 03:05:15 GMT
x-amz-version-id: vkCJAv2LVCiDvkjoOZrS5s9fefeFFUOq
Server: AmazonS3
Content-Encoding: gzip
Date: Mon, 28 Nov 2022 19:13:37 GMT
Cache-Control: public, max-age=86400
ETag: W/"a4d296427fc806b21335359e398c025c"
Vary: Accept-Encoding,Origin
X-Cache: Hit from cloudfront
Via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: mW0eH-2w1_RG6zdFcTqzooEMRxR5mJoDDSQAloaIra60co-WXpjyuw==
Age: 71848
c.amazon-adsystem.com/cdn/prod/config?src=600&u=http%3A%2F%2Fouo.press&pubid=4cd01fd0-0780-4b33-a4da-c39467660185
143.204.46.73204 No Content 0 B URL HTTP/2 c.amazon-adsystem.com/cdn/prod/config?src=600&u=http%3A%2F%2Fouo.press&pubid=4cd01fd0-0780-4b33-a4da-c39467660185
IP 143.204.46.73:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cdn/prod/config?src=600&u=http%3A%2F%2Fouo.press&pubid=4cd01fd0-0780-4b33-a4da-c39467660185 HTTP/1.1
Host: c.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
access-control-allow-origin: http://ouo.press
access-control-allow-credentials: true
cache-control: max-age=21550, s-maxage=21600
date: Tue, 29 Nov 2022 15:10:58 GMT
server: Server
x-cache: Hit from cloudfront
via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: FHkR857Dlc10tSLnL5Hwec1pArYjAmj0xe9gBEG9OYBpPZeNxcMiUw==
age: 5
X-Firefox-Spdy: h2
aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=http%3A%2F%2Fouo.press%2Fct3d85&pr=http%3A%2F%2Fouo.press%2Fct3d85%3F__cf_chl_tk%3DL9z14DPJqOcGuGsXz5HvhzMnTq0VMUrbMc_nC7lzEyo-1669734659-0-gaNycGzNAxE&pid=mYcmU61CjJndD&cb=0&ws=728x90&v=22.1107.1609&t=2000&slots=%5B%7B%22sd%22%3A%2293863%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%5D&schain=1.0%2C1!firstimpression.io%2C7419%2C1%2C%2C%2C&pubid=4cd01fd0-0780-4b33-a4da-c39467660185&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
143.204.52.189200 OK 165 B URL HTTP/2 aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=http%3A%2F%2Fouo.press%2Fct3d85&pr=http%3A%2F%2Fouo.press%2Fct3d85%3F__cf_chl_tk%3DL9z14DPJqOcGuGsXz5HvhzMnTq0VMUrbMc_nC7lzEyo-1669734659-0-gaNycGzNAxE&pid=mYcmU61CjJndD&cb=0&ws=728x90&v=22.1107.1609&t=2000&slots=%5B%7B%22sd%22%3A%2293863%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%5D&schain=1.0%2C1!firstimpression.io%2C7419%2C1%2C%2C%2C&pubid=4cd01fd0-0780-4b33-a4da-c39467660185&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
IP 143.204.52.189:0
File type ASCII text, with no line terminators
Hash 524702d9c4ac8c61e27c3d850412f10f
199d4d5b602799e1a01577115d249b9707dbf37a
7e4302335da0ce23c817a82d8d34836aef6ef7fb136f731d4ba29a7e4d762a7b
GET /e/dtb/bid?src=600&u=http%3A%2F%2Fouo.press%2Fct3d85&pr=http%3A%2F%2Fouo.press%2Fct3d85%3F__cf_chl_tk%3DL9z14DPJqOcGuGsXz5HvhzMnTq0VMUrbMc_nC7lzEyo-1669734659-0-gaNycGzNAxE&pid=mYcmU61CjJndD&cb=0&ws=728x90&v=22.1107.1609&t=2000&slots=%5B%7B%22sd%22%3A%2293863%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%5D&schain=1.0%2C1!firstimpression.io%2C7419%2C1%2C%2C%2C&pubid=4cd01fd0-0780-4b33-a4da-c39467660185&gdprl=%7B%22status%22%3A%22no-cmp%22%7D HTTP/1.1
Host: aax-dtb-cf.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
content-length: 165
server: Server
date: Tue, 29 Nov 2022 15:11:05 GMT
x-amz-rid: YSY9V597THXMADVPF12N
access-control-allow-origin: http://ouo.press
access-control-allow-credentials: true
timing-allow-origin: *
strict-transport-security: max-age=47474747; includeSubDomains; preload
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: k_8RiEc7qlj4B5mkBiMT-UPXUSE6ZnXbommKJ1w_eXc4xk_nSgoiIQ==
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash 6229b3523e932f0dae9e09fd61fd3f7c
6ab0df761999419be58da825ff24c06129bf4709
b84a7407dd6ccdecb0d5045a4c51e65947b59a5d7fa1058854e128ee62598ece
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4147
Cache-Control: max-age=114081
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 15:11:05 GMT
Etag: "63852b78-138"
Expires: Wed, 30 Nov 2022 22:52:26 GMT
Last-Modified: Mon, 28 Nov 2022 21:43:20 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 312
unseenreport.com/pxf.gif?uuid=371b7052-2a5f-4903-8526-20b291333994&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=ed36014633829dc70a42dccaefdf3f11&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=15
192.243.59.12200 OK 409 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=371b7052-2a5f-4903-8526-20b291333994&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=ed36014633829dc70a42dccaefdf3f11&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=15
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
Hash c6093d0b9324536d72b8a5a799a4a640
98e1cd1804ca81fdecf09e38c4b1cbd1b749fa7d
6a2cdae311eb786874c694eba16ec49b30e94137550d69805de04dc7dd08ef63
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=371b7052-2a5f-4903-8526-20b291333994&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=ed36014633829dc70a42dccaefdf3f11&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=15 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 29 Nov 2022 15:11:05 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 70b60981d186f8f3b6d07af275938faa
Strict-Transport-Security: max-age=0; includeSubdomains
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 60b34924b7fe935aac7bf44c7f7959bd
3a263cf142bed28e88df7d234ce1f7489da87ee0
f38d443a678a3b89470e9fb6e4b6ce0f506ff63e7de60e3cfa72ddddfa78e023
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4146
Cache-Control: max-age=158335
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 15:11:05 GMT
Etag: "6385d856-139"
Expires: Thu, 01 Dec 2022 11:10:00 GMT
Last-Modified: Tue, 29 Nov 2022 10:00:54 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 313
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 19b80a71a969eb1653f9851c5b8c817b
2a3a0d2d8024d5c14bb55bd7c9deb733262d82c6
65ad49c20655deb663808a9fd88509a632a31b25b88d99a16067ca7ab745705b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65AD49C20655DEB663808A9FD88509A632A31B25B88D99A16067CA7AB745705B"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4025
Expires: Tue, 29 Nov 2022 16:18:10 GMT
Date: Tue, 29 Nov 2022 15:11:05 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 60b34924b7fe935aac7bf44c7f7959bd
3a263cf142bed28e88df7d234ce1f7489da87ee0
f38d443a678a3b89470e9fb6e4b6ce0f506ff63e7de60e3cfa72ddddfa78e023
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4146
Cache-Control: max-age=158335
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 15:11:05 GMT
Etag: "6385d856-139"
Expires: Thu, 01 Dec 2022 11:10:00 GMT
Last-Modified: Tue, 29 Nov 2022 10:00:54 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash 755842c4015cdf23ce448636e32277fb
ddb14148163258686b5a6c025fe97d3c35317c9a
593d877e82d7a28ad48561c84375e6dae5363877df5c70bd823dac6c39bbd385
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2294
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 15:11:05 GMT
Last-Modified: Tue, 29 Nov 2022 14:32:51 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 312
dnacdn.net/dna
178.250.2.146200 OK 0 B IP 178.250.2.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:11:04 GMT
server: Kestrel
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=DmeIUF80M0RITmhlJTJCZkMwOUJGQlhaMUN2czh5QnVERVNaRGtIUzAwb2tYb1klMkJ2WWxqQ1lnc2p0S2JOVVdjY2xsNyUyQnlW; expires=Sun, 24 Dec 2023 15:11:05 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 305607
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/js/ld/publishertag.prebid.123.js
178.250.2.130200 OK 33 kB URL HTTP/2 static.criteo.net/js/ld/publishertag.prebid.123.js
IP 178.250.2.130:0
File type ASCII text, with very long lines (65354)
Hash d7133daa1500d20b81e52af175df627a
cf716646acf2b7d2e2dca2e33ccd4b53c15066c0
9b70ca69da0f35c4df951e0871d456b4004356a4cd3652457540e5961c73a9bf
GET /js/ld/publishertag.prebid.123.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 15:11:05 GMT
content-type: text/javascript
last-modified: Tue, 03 May 2022 11:21:03 GMT
etag: W/"6271101f-15b58"
expires: Wed, 30 Nov 2022 15:11:05 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.2.146200 OK 633 B IP 178.250.2.146:0
Hash 1654505734d23eb37f6ed0a9c7d658d6
7094381bf1bd7d512317b71a78536de7745051b1
271de3b056aac8c80003f15bc6446c6db40e4c11cde65cedf1bdc1d7fc2b0c6e
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=DmeIUF80M0RITmhlJTJCZkMwOUJGQlhaMUN2czh5QnVERVNaRGtIUzAwb2tYb1klMkJ2WWxqQ1lnc2p0S2JOVVdjY2xsNyUyQnlW
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:11:05 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=wWyrhV80M0RITmhlJTJCZkMwOUJGQlhaMUN2czh5QnVERVNaRGtIUzAwb2tYb1klMkJ2YWJ3SkpGcHlXJTJGYXFaenpNWUZWd0VZ; expires=Sun, 24 Dec 2023 15:11:05 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 271956
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9023f7c58094afb6679b8203371347f2
e4e0913494d8ef22785d0ac1ea37a6ccd07e7814
d8b439484d97223421026fbf662741696bb6e573273bfd2cff066b1c1e08e871
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "D8B439484D97223421026FBF662741696BB6E573273BFD2CFF066B1C1E08E871"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5073
Expires: Tue, 29 Nov 2022 16:35:39 GMT
Date: Tue, 29 Nov 2022 15:11:06 GMT
Connection: keep-alive
gum.criteo.com/sid/json?origin=publishertag&domain=ouo.press&sn=FirefoxSyncframe&so=3&topUrl=ouo.press&bundle=HCbdg19mSmNadEh6d0pVQUJ0eVBzRXdES3VKWWVXamY4S2lZU3BWWjBYSVRmOXUzJTJCTG1wSlZGRiUyRjd4cjU0bmJsSkNNbSUyQkdDVUNYS0tycTN0UHJvaUR4N0N1VlR0RzF4UTAlMkYwc2hESXRkMkdMVlNEMm16RTEwS3lVeDF1YTZlb1ZYUnhk&info=wWyrhV80M0RITmhlJTJCZkMwOUJGQlhaMUN2czh5QnVERVNaRGtIUzAwb2tYb1klMkJ2YWJ3SkpGcHlXJTJGYXFaenpNWUZWd0VZ&idsd=1949332626,-355574402&cw=1&lsw=1
178.250.0.157200 OK 326 B URL HTTP/2 gum.criteo.com/sid/json?origin=publishertag&domain=ouo.press&sn=FirefoxSyncframe&so=3&topUrl=ouo.press&bundle=HCbdg19mSmNadEh6d0pVQUJ0eVBzRXdES3VKWWVXamY4S2lZU3BWWjBYSVRmOXUzJTJCTG1wSlZGRiUyRjd4cjU0bmJsSkNNbSUyQkdDVUNYS0tycTN0UHJvaUR4N0N1VlR0RzF4UTAlMkYwc2hESXRkMkdMVlNEMm16RTEwS3lVeDF1YTZlb1ZYUnhk&info=wWyrhV80M0RITmhlJTJCZkMwOUJGQlhaMUN2czh5QnVERVNaRGtIUzAwb2tYb1klMkJ2YWJ3SkpGcHlXJTJGYXFaenpNWUZWd0VZ&idsd=1949332626,-355574402&cw=1&lsw=1
IP 178.250.0.157:0
Hash 64dd9a16b5527713cf5128634921965c
aaa973cefdb424bf7c8433691cf6fa39bc188ea2
8d6166cf3e0e0676e1c54260f3bb8b572421efdfa4e27bacdc315866585466a3
GET /sid/json?origin=publishertag&domain=ouo.press&sn=FirefoxSyncframe&so=3&topUrl=ouo.press&bundle=HCbdg19mSmNadEh6d0pVQUJ0eVBzRXdES3VKWWVXamY4S2lZU3BWWjBYSVRmOXUzJTJCTG1wSlZGRiUyRjd4cjU0bmJsSkNNbSUyQkdDVUNYS0tycTN0UHJvaUR4N0N1VlR0RzF4UTAlMkYwc2hESXRkMkdMVlNEMm16RTEwS3lVeDF1YTZlb1ZYUnhk&info=wWyrhV80M0RITmhlJTJCZkMwOUJGQlhaMUN2czh5QnVERVNaRGtIUzAwb2tYb1klMkJ2YWJ3SkpGcHlXJTJGYXFaenpNWUZWd0VZ&idsd=1949332626,-355574402&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ouo.press
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:11:05 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 1285339
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
142.250.74.106200 OK 660 B URL HTTP/1.1 fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP 142.250.74.106:0
Hash 55130bf120bd75a4bba7d678be617cdf
77b172c0cc1d15e60ab95edccf3ac1e640d16812
262b9e8c2eeba18bdc3dd53ac7bbacdbbec713a9443ff5dc34e359de56ea040d
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Tue, 29 Nov 2022 15:11:06 GMT
Date: Tue, 29 Nov 2022 15:11:06 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
static.criteo.net/js/ld/publishertag.prebid.js
178.250.2.130200 OK 36 kB URL HTTP/2 static.criteo.net/js/ld/publishertag.prebid.js
IP 178.250.2.130:0
Hash 4b0b6cb2aec8c5a6375afb391c1dd4c8
7176153f0e1d3b228674d2c601472ec355be7ecc
a62e8f2a617d45e16c79600d2bd0aeab1a7e11a1b69a58ee6c371c08ba125b6b
GET /js/ld/publishertag.prebid.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 15:11:05 GMT
content-type: text/javascript
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
etag: W/"6356752f-16294"
expires: Wed, 30 Nov 2022 15:11:05 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/ssp/sweep/social-box/white-small/js/jquery.min.js
172.64.109.13200 OK 31 kB URL HTTP/2 cdn.creative-bars1.com/sb/ssp/sweep/social-box/white-small/js/jquery.min.js
IP 172.64.109.13:0
File type ASCII text, with very long lines (32025)
Hash 41feef9cb75305cb050933f3d00df11e
36cf5fd6376e3ca01f301e1ee42b318dd9d7dbdc
554c85def579627dbe1cc7c83a25948e5b4ad0f61b15b760453105e96f534115
GET /sb/ssp/sweep/social-box/white-small/js/jquery.min.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:11:06 GMT
content-type: application/javascript
last-modified: Tue, 21 Sep 2021 12:02:04 GMT
etag: W/"6149c9bc-1499c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1214394
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zLBXcL%2BkAV7Y1D5U20qg2zUMqu6z451Whifa1hGombfZBWNLXANZIZwFT4%2BNabn2D%2BIKK75PBAO%2Fnk8%2BN6%2BkVlFwdrjVwJjjd0bvPjd2HRW%2FAWwOyDMhaAYu6w419XoP30Yixr1mntsY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771c461eed9876c5-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
35.71.131.137301 Moved Permanently 134 B URL HTTP/1.1 match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
IP 35.71.131.137:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4aa7a432bb447f094408f1bd6229c605
1965c4952cc8c082a6307ed67061a57aab6632fa
34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a
GET /track/rid?ttd_pid=pubmatic&fmt=json HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: text/plain
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 301 Moved Permanently
Server: awselb/2.0
Date: Tue, 29 Nov 2022 15:11:06 GMT
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Location: https://match.adsrvr.org:443/track/rid?ttd_pid=pubmatic&fmt=json
specialistinsensitive.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F29%2Fa4%2F96%2F29a4965e1015f036b834d9da1d4a5e6c%2F1632399618.html&l=1379&fd=98
192.243.61.225200 OK 0 B URL HTTP/1.1 specialistinsensitive.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F29%2Fa4%2F96%2F29a4965e1015f036b834d9da1d4a5e6c%2F1632399618.html&l=1379&fd=98
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F29%2Fa4%2F96%2F29a4965e1015f036b834d9da1d4a5e6c%2F1632399618.html&l=1379&fd=98 HTTP/1.1
Host: specialistinsensitive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ouo.press/
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Tue, 29 Nov 2022 15:11:06 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c98063a5875a4153829eaa80be458262
9522070e97907c1f147c44284e4d7d9591518fb5
ad8607d475238f00a7328e41f35d5f50595455bef11db64d45ead1a64bc261a2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AD8607D475238F00A7328E41F35D5F50595455BEF11DB64D45EAD1A64BC261A2"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3210
Expires: Tue, 29 Nov 2022 16:04:36 GMT
Date: Tue, 29 Nov 2022 15:11:06 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9023f7c58094afb6679b8203371347f2
e4e0913494d8ef22785d0ac1ea37a6ccd07e7814
d8b439484d97223421026fbf662741696bb6e573273bfd2cff066b1c1e08e871
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "D8B439484D97223421026FBF662741696BB6E573273BFD2CFF066B1C1E08E871"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5073
Expires: Tue, 29 Nov 2022 16:35:39 GMT
Date: Tue, 29 Nov 2022 15:11:06 GMT
Connection: keep-alive
cdn.cloudimagesb.com/si/97/1b/94/971b94f609762e18222a7efa0ac567cc/1667590869.png
45.133.44.9200 OK 33 kB URL HTTP/2 cdn.cloudimagesb.com/si/97/1b/94/971b94f609762e18222a7efa0ac567cc/1667590869.png
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 99620d5e4f1ae93546c6dd31a58b5dd2
9dbe4c1e192890c3ddf47e7d1b7ba083b6c81aa6
8bb431af545d60f16b55862430b4876b8443d4d2969eaa49be045d414864b3f2
GET /si/97/1b/94/971b94f609762e18222a7efa0ac567cc/1667590869.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:11:06 GMT
content-type: image/png
content-length: 32558
server: nginx/1.17.6
last-modified: Fri, 04 Nov 2022 19:41:17 GMT
etag: "63656add-7f2e"
expires: Thu, 01 Dec 2022 15:11:06 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
id5-sync.com/g/v2/806.json
162.19.138.119200 216 B URL HTTP/1.1 id5-sync.com/g/v2/806.json
IP 162.19.138.119:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 377a25c198ac0737dbd11da3169bc845
8b2fd0070d02b3c753817a1c985d6534fc570f08
63761fa596ffb5cc2b2f3a83954e080ae7d7be19d2bf36ebbf509512c8ca8fd9
POST /g/v2/806.json HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 191
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: http://ouo.press
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Tue, 29 Nov 2022 15:11:05 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash ca2206b6f7cbdb64d7f538591385ed32
597c7ea3483bd3a6e65716106fde158e03d55970
43c26ba30720e9537cc189beefe7dc98f9c847fc4007372bbd45a7083127d207
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 15:11:06 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 27 Nov 2022 01:42:56 GMT
Expires: Sun, 04 Dec 2022 01:42:55 GMT
Etag: "597c7ea3483bd3a6e65716106fde158e03d55970"
Cache-Control: max-age=382908,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 771c461f7c0e1c0a-OSL
api.rlcdn.com/api/identity/envelope?pid=1258
34.120.133.55401 Unauthorized 19 B URL HTTP/2 api.rlcdn.com/api/identity/envelope?pid=1258
IP 34.120.133.55:0
Hash 63dfbd2b39fe4f536a04e7b32ada47b4
207298c4a215ad5d97d888522927910ae772ba48
26e51290d12b4fea0bb98da3ed118837b744555ba723061771ab3df30000b6b7
GET /api/identity/envelope?pid=1258 HTTP/1.1
Host: api.rlcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 401 Unauthorized
content-type: text/plain; charset=utf-8
x-content-type-options: nosniff
date: Tue, 29 Nov 2022 15:11:06 GMT
content-length: 19
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.22200 OK 1.8 kB IP 192.124.249.22:0
Hash 98a935348577b4737ea60191e5b48be1
761ccb1b3072229dfa74d0196235eb89fef2426d
4f8654a419a7212055d07339a47517037b6ac30f189b86530d0be3bbd586a7f3
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 29 Nov 2022 15:11:06 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 28 Nov 2022 21:56:56 GMT
Expires: Tue, 29 Nov 2022 21:56:56 GMT
ETag: "761ccb1b3072229dfa74d0196235eb89fef2426d"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
id.crwdcntrl.net/id
63.32.97.75200 OK 43 B IP 63.32.97.75:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 90eeff5111bbbdce769d4130cc3cca3c
d62886c1a85d51814cb7f124761c5e6aca6d8933
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
GET /id HTTP/1.1
Host: id.crwdcntrl.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:11:06 GMT
content-type: application/json;charset=utf-8
content-length: 43
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.28.169
access-control-allow-credentials: true
access-control-allow-origin: http://ouo.press
server: Jetty(9.4.38.v20210224)
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/ssp/sweep/social-box/white-small/js/script.js
172.64.109.13200 OK 312 B URL HTTP/2 cdn.creative-bars1.com/sb/ssp/sweep/social-box/white-small/js/script.js
IP 172.64.109.13:0
Hash 17f246d5039f5650e96c39fb97d715a2
47641977d2e8179a4249a9c07c400a3bfe6fb25d
84ddcf5fdf872fc2b217f2b3720aebec0b97f3b746fd577585cd931008dac239
GET /sb/ssp/sweep/social-box/white-small/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:11:06 GMT
content-type: application/javascript
last-modified: Tue, 21 Sep 2021 12:02:04 GMT
etag: W/"6149c9bc-306"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=trAVcUq2hKdkjUiRvPhkV39sAOoATJaSQZ8%2B6K8ECJSzeozT%2Bkawab6UCA93NYO3LNPuevzNqfQnkTUADsh9BdQt4m8sdjr4qI2HZ69ydBZsnTGMbVkNtJ1cQAVn%2BOMqhkUmHWJG9zmp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771c461f6e6576c5-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash ca2206b6f7cbdb64d7f538591385ed32
597c7ea3483bd3a6e65716106fde158e03d55970
43c26ba30720e9537cc189beefe7dc98f9c847fc4007372bbd45a7083127d207
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 15:11:06 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 27 Nov 2022 01:42:56 GMT
Expires: Sun, 04 Dec 2022 01:42:55 GMT
Etag: "597c7ea3483bd3a6e65716106fde158e03d55970"
Cache-Control: max-age=382908,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 771c46202c9d1c0a-OSL
cdn.barscreative1.com/sb/au/29/a4/96/29a4965e1015f036b834d9da1d4a5e6c/1632399618.html
45.133.44.3200 OK 16 kB URL HTTP/2 cdn.barscreative1.com/sb/au/29/a4/96/29a4965e1015f036b834d9da1d4a5e6c/1632399618.html
IP 45.133.44.3:0
ASN #39572 DataWeb Global Group B.V.
Hash eeb387cbb25d662ca524ca8aff0af33f
7fb4dd55cde52e4faf9278ca4a6c88c2cd60e4d7
c458100530a6e8b62204afc1720e0ca3a702f7c752a70d4dfc2d2b451e1db122
Analyzer Verdict Alert fortinet Phishing
GET /sb/au/29/a4/96/29a4965e1015f036b834d9da1d4a5e6c/1632399618.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:11:05 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Thu, 23 Sep 2021 12:20:22 GMT
etag: W/"614c7106-563"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Tue, 29 Nov 2022 16:11:05 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/1.1 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://ouo.press
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15860
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 23 Nov 2022 21:12:34 GMT
Expires: Thu, 23 Nov 2023 21:12:34 GMT
Cache-Control: public, max-age=31536000
Age: 496712
Last-Modified: Wed, 11 May 2022 19:24:42 GMT
Content-Type: font/woff2
cdn.creative-bars1.com/sb/ssp/sweep/social-box/white-small/css/style.css
172.64.109.13200 OK 1.2 kB URL HTTP/2 cdn.creative-bars1.com/sb/ssp/sweep/social-box/white-small/css/style.css
IP 172.64.109.13:0
Hash e8c2344398b3bd0f75f57671d4dac2ce
76d40dc555fc8ec819b715004eda3546d73ddddd
93bd4aa7aff935eac97d613f87175743227d49482bbf0cea4596cbf605f5620a
GET /sb/ssp/sweep/social-box/white-small/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:11:06 GMT
content-type: text/css
last-modified: Mon, 24 Jan 2022 10:39:40 GMT
etag: W/"61ee81ec-123b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HVqxO808WW4xzhQgYoVsTbqruUYR23kbYPHgokqNefj2ixwTGMqZkLVeUvGayn1rve%2BZn0BM8ZgD%2BQWHLwp3PBuDb7nAB6LalimtFHxJlokzAen93QZc2agBI%2B4CvBCJbXL1fHF1aOvn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771c461edd5b76c5-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/ssp/sweep/social-box/white-small/css/animate.css
172.64.109.13200 OK 4.8 kB URL HTTP/2 cdn.creative-bars1.com/sb/ssp/sweep/social-box/white-small/css/animate.css
IP 172.64.109.13:0
Hash c91016401e0a0b7b3d7572de48c76597
12fb634abb5e708b4f55d1489055b4f626d3cdd1
2472e286e0bf6f54cef9d99e9c63301c873fa02bc4e3979e1a18587a6d973120
GET /sb/ssp/sweep/social-box/white-small/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:11:06 GMT
content-type: text/css
last-modified: Tue, 21 Sep 2021 12:02:02 GMT
etag: W/"6149c9ba-13591"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nsI7IXC6JPy%2Fh%2BqBQc%2Fegg6LCKWaZ44JBz%2BiezpGtp86yPAtDyylNg%2Fs4kFx14Nv9%2Bx7IXknZO52znfofWvhq5lWtURndysAZgPixn1wwwxhFYey7ZmfpdbXcTHYU%2BBvks6oERFwTGM%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771c461ecd4e76c5-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
specialistinsensitive.com/impr.gif?sid=H4sIAAAAAAAC%2F1RST2hcRRye17SHWhAULx6UVTwomM37t9ldcyjGGgmNSWirAfEyb2beZtzZN4%2BZ9%2FZtgodgofQirCc9vnybNFSLWDwLsvEiASHroeRgvIngUehZdrOw9neY3%2B%2Bb73f4vm%2Fm3n5%2BTlzk9GzzQ70rlaILtapbeXNLJlwXtrJ%2Bp%2BK5VXepsiWTxXCp0hsfpvuO59aq7luVDwRr6wXf9VzXc73KijQi1r2FCQuZPmp61aZbDf2qVwvRM89imzuw1AHvnpMXIfnoyvavjyHZEEnnhxvCtjOdvv1%2BJ1c00wZdfvRR0k50kaAzG2PjIE6OptvQdkTIN5egk6OpA%2BjuwdgBIjkizhMPUXI0lYmoe3ihNFIQCSJ%2BDUV3CKGGkHQIpu9C8lMCMI71DSSdB%2BvaFHTngqVjdkQuP%2F0XshiRy3%2B8hKTz%2FbKSvcptrfJM6sSiF5eQvSFka4g0P0a260AWx2DZF5D8N7LwdA1J52DDKg3Jz94I6l5Ud2v%2BvE9r8XzYdIP5Rs1fnPfdyG96QRA0m%2BEkIimHkPEQSvRB7Rxy6yCXDvLYQZ466PCzCq01Y9etx1EcBI2QMRYEjNUai7zGg7ARu8jZ2EMfWdoHU30ws4fU7KEt%2BzD5z7DbJSx3YDOCLi9RCILCEhSUoJAERUZQdMtDrqxvywdc2Tzypt2f9qAc6Ky1Tw911hIJ2U%2FPyQuT4P759Ee0xVlF8GDR9cLFIGj4Tc7qLg19zhgVMY%2BD2PNgZQlpL4FaB7vy9PknSOXp1RIRPYZVx2DyddD8FdBiUPdd0O1B2HCxmzzUua6mRlgLrkuk2RVkO86%2BOicvTwQ0%2F7oGwU6uf%2F3lxp9L%2FBMwUyI1JT6TvxC01P3BLV2Qg1u6sOTxRprJjtyl41e9ndFMzH17U%2BwU2vDVG7b%2F8F02JsbjozvCZms04TJpWfLdsuRcmBVtmCA%2FrdotEW3mdns5N0merm2%2Bt7LamQiUOhmCytOPPweTI%2FKcaU%2F%2B66t%2F34Q0Q5i8RCc%2FIdOC1EOwdA82nam3msCo2U6UOijycmD8aHapJIESM0yjEvZ%2FOJrN%2B%2FY%2BWsYBze4i6ZTomhJdVYKqPmw%2BN8hSc3L992BSiJQziJRxDiJl1FcX0Vp5Vql5oWhEjTrjPBKMe3U%2FaASu63Me1pvCayKzI3bvtav%2FAQAA%2F%2F8BAAD%2F%2F8w7AOeHBAAA
192.243.61.225200 OK 7 B URL HTTP/1.1 specialistinsensitive.com/impr.gif?sid=H4sIAAAAAAAC%2F1RST2hcRRye17SHWhAULx6UVTwomM37t9ldcyjGGgmNSWirAfEyb2beZtzZN4%2BZ9%2FZtgodgofQirCc9vnybNFSLWDwLsvEiASHroeRgvIngUehZdrOw9neY3%2B%2Bb73f4vm%2Fm3n5%2BTlzk9GzzQ70rlaILtapbeXNLJlwXtrJ%2Bp%2BK5VXepsiWTxXCp0hsfpvuO59aq7luVDwRr6wXf9VzXc73KijQi1r2FCQuZPmp61aZbDf2qVwvRM89imzuw1AHvnpMXIfnoyvavjyHZEEnnhxvCtjOdvv1%2BJ1c00wZdfvRR0k50kaAzG2PjIE6OptvQdkTIN5egk6OpA%2BjuwdgBIjkizhMPUXI0lYmoe3ihNFIQCSJ%2BDUV3CKGGkHQIpu9C8lMCMI71DSSdB%2BvaFHTngqVjdkQuP%2F0XshiRy3%2B8hKTz%2FbKSvcptrfJM6sSiF5eQvSFka4g0P0a260AWx2DZF5D8N7LwdA1J52DDKg3Jz94I6l5Ud2v%2BvE9r8XzYdIP5Rs1fnPfdyG96QRA0m%2BEkIimHkPEQSvRB7Rxy6yCXDvLYQZ466PCzCq01Y9etx1EcBI2QMRYEjNUai7zGg7ARu8jZ2EMfWdoHU30ws4fU7KEt%2BzD5z7DbJSx3YDOCLi9RCILCEhSUoJAERUZQdMtDrqxvywdc2Tzypt2f9qAc6Ky1Tw911hIJ2U%2FPyQuT4P759Ee0xVlF8GDR9cLFIGj4Tc7qLg19zhgVMY%2BD2PNgZQlpL4FaB7vy9PknSOXp1RIRPYZVx2DyddD8FdBiUPdd0O1B2HCxmzzUua6mRlgLrkuk2RVkO86%2BOicvTwQ0%2F7oGwU6uf%2F3lxp9L%2FBMwUyI1JT6TvxC01P3BLV2Qg1u6sOTxRprJjtyl41e9ndFMzH17U%2BwU2vDVG7b%2F8F02JsbjozvCZms04TJpWfLdsuRcmBVtmCA%2FrdotEW3mdns5N0merm2%2Bt7LamQiUOhmCytOPPweTI%2FKcaU%2F%2B66t%2F34Q0Q5i8RCc%2FIdOC1EOwdA82nam3msCo2U6UOijycmD8aHapJIESM0yjEvZ%2FOJrN%2B%2FY%2BWsYBze4i6ZTomhJdVYKqPmw%2BN8hSc3L992BSiJQziJRxDiJl1FcX0Vp5Vql5oWhEjTrjPBKMe3U%2FaASu63Me1pvCayKzI3bvtav%2FAQAA%2F%2F8BAAD%2F%2F8w7AOeHBAAA
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RST2hcRRye17SHWhAULx6UVTwomM37t9ldcyjGGgmNSWirAfEyb2beZtzZN4%2BZ9%2FZtgodgofQirCc9vnybNFSLWDwLsvEiASHroeRgvIngUehZdrOw9neY3%2B%2Bb73f4vm%2Fm3n5%2BTlzk9GzzQ70rlaILtapbeXNLJlwXtrJ%2Bp%2BK5VXepsiWTxXCp0hsfpvuO59aq7luVDwRr6wXf9VzXc73KijQi1r2FCQuZPmp61aZbDf2qVwvRM89imzuw1AHvnpMXIfnoyvavjyHZEEnnhxvCtjOdvv1%2BJ1c00wZdfvRR0k50kaAzG2PjIE6OptvQdkTIN5egk6OpA%2BjuwdgBIjkizhMPUXI0lYmoe3ihNFIQCSJ%2BDUV3CKGGkHQIpu9C8lMCMI71DSSdB%2BvaFHTngqVjdkQuP%2F0XshiRy3%2B8hKTz%2FbKSvcptrfJM6sSiF5eQvSFka4g0P0a260AWx2DZF5D8N7LwdA1J52DDKg3Jz94I6l5Ud2v%2BvE9r8XzYdIP5Rs1fnPfdyG96QRA0m%2BEkIimHkPEQSvRB7Rxy6yCXDvLYQZ466PCzCq01Y9etx1EcBI2QMRYEjNUai7zGg7ARu8jZ2EMfWdoHU30ws4fU7KEt%2BzD5z7DbJSx3YDOCLi9RCILCEhSUoJAERUZQdMtDrqxvywdc2Tzypt2f9qAc6Ky1Tw911hIJ2U%2FPyQuT4P759Ee0xVlF8GDR9cLFIGj4Tc7qLg19zhgVMY%2BD2PNgZQlpL4FaB7vy9PknSOXp1RIRPYZVx2DyddD8FdBiUPdd0O1B2HCxmzzUua6mRlgLrkuk2RVkO86%2BOicvTwQ0%2F7oGwU6uf%2F3lxp9L%2FBMwUyI1JT6TvxC01P3BLV2Qg1u6sOTxRprJjtyl41e9ndFMzH17U%2BwU2vDVG7b%2F8F02JsbjozvCZms04TJpWfLdsuRcmBVtmCA%2FrdotEW3mdns5N0merm2%2Bt7LamQiUOhmCytOPPweTI%2FKcaU%2F%2B66t%2F34Q0Q5i8RCc%2FIdOC1EOwdA82nam3msCo2U6UOijycmD8aHapJIESM0yjEvZ%2FOJrN%2B%2FY%2BWsYBze4i6ZTomhJdVYKqPmw%2BN8hSc3L992BSiJQziJRxDiJl1FcX0Vp5Vql5oWhEjTrjPBKMe3U%2FaASu63Me1pvCayKzI3bvtav%2FAQAA%2F%2F8BAAD%2F%2F8w7AOeHBAAA HTTP/1.1
Host: specialistinsensitive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ouo.press/
Cookie: u_pl=15424691; uid_id2=371b7052-2a5f-4903-8526-20b291333994:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Tue, 29 Nov 2022 15:11:06 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9bc2a4a559116a32a58832139ee2d83b
Strict-Transport-Security: max-age=0; includeSubdomains
specialistinsensitive.com/pixel/sbs?c=1
192.243.61.225200 OK 0 B URL HTTP/1.1 specialistinsensitive.com/pixel/sbs?c=1
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: specialistinsensitive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ouo.press/
Cookie: u_pl=15424691; uid_id2=371b7052-2a5f-4903-8526-20b291333994:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Tue, 29 Nov 2022 15:11:06 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155495
23.38.200.201200 OK 5.5 kB URL HTTP/2 ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155495
IP 23.38.200.201:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (15844), with no line terminators
Hash 7725e8e949141c8ded449d86975d4c04
8cd8c314a2002cc26f821d331ab9512f52a551a2
a0c49aacf6f552bce544eb8516404f696918253cd934a6404ebeafd71f8780ae
GET /AdServer/js/user_sync.html?kdntuid=1&p=155495 HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ouo.press/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5549
content-type: text/html; charset=UTF-8
cache-control: max-age=55014
expires: Wed, 30 Nov 2022 06:28:01 GMT
date: Tue, 29 Nov 2022 15:11:07 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
image6.pubmatic.com/AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB
198.47.127.19200 OK 60 B URL HTTP/2 image6.pubmatic.com/AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB
IP 198.47.127.19:0
File type ASCII text, with no line terminators
Hash 4ad4279d0207970cf803107727bc7a23
3b63511d45dcee451d59afefb6cfcc4bd8bef14e
8a5533505c8255ea1b3bc7bb3a2511f4b62fea47aceadbe115b6f6f7e78eaafa
GET /AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB HTTP/1.1
Host: image6.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.pubmatic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
cache-control: private
content-type: text/html; charset=UTF-8
expires: Mon, 27 Feb 2023 06:22:46 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Tue, 29 Nov 2022 15:11:07 GMT
content-length: 60
X-Firefox-Spdy: h2
ads.pubmatic.com/AdServer/js/cl_partner.html?pid=2&gdpr=0&gdpr_consent=&rdu=https%3A%2F%2Fsimage4.pubmatic.com%2FAdServer%2FSPug%3Fo%3D3%26u%3D309FD0E7-831D-464C-B719-EF8AE363BC9D%26vcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%23%23P_UID
23.38.200.201200 OK 953 B URL HTTP/2 ads.pubmatic.com/AdServer/js/cl_partner.html?pid=2&gdpr=0&gdpr_consent=&rdu=https%3A%2F%2Fsimage4.pubmatic.com%2FAdServer%2FSPug%3Fo%3D3%26u%3D309FD0E7-831D-464C-B719-EF8AE363BC9D%26vcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%23%23P_UID
IP 23.38.200.201:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (1720), with no line terminators
Hash 499546dec064c08e4c7c354bab138f7f
f155d071d071e4e7c1d45e22943915df9d9f2b75
1a9219bc3962479cfa6ff0ca64e2f810aab8b816ae4f937b252d0ca044d693b4
GET /AdServer/js/cl_partner.html?pid=2&gdpr=0&gdpr_consent=&rdu=https%3A%2F%2Fsimage4.pubmatic.com%2FAdServer%2FSPug%3Fo%3D3%26u%3D309FD0E7-831D-464C-B719-EF8AE363BC9D%26vcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%23%23P_UID HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simage4.pubmatic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 17 Aug 2016 09:36:32 GMT
etag: "fa18f0-6b8-53a413358bd01"
server: Apache
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 953
content-type: text/html; charset=UTF-8
cache-control: max-age=139096
expires: Thu, 01 Dec 2022 05:49:23 GMT
date: Tue, 29 Nov 2022 15:11:07 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ag.gbc.criteo.com/newidsd
178.250.6.199200 OK 0 B URL HTTP/2 ag.gbc.criteo.com/newidsd
IP 178.250.6.199:0
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:11:05 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 93127
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
simage4.pubmatic.com/AdServer/SPug?o=1&p=155495&sc=1&u=309FD0E7-831D-464C-B719-EF8AE363BC9D&rs=3&gdpr=0&gdpr_consent=&us_privacy=
185.64.190.81200 OK 0 B URL HTTP/2 simage4.pubmatic.com/AdServer/SPug?o=1&p=155495&sc=1&u=309FD0E7-831D-464C-B719-EF8AE363BC9D&rs=3&gdpr=0&gdpr_consent=&us_privacy=
IP 185.64.190.81:0
GET /AdServer/SPug?o=1&p=155495&sc=1&u=309FD0E7-831D-464C-B719-EF8AE363BC9D&rs=3&gdpr=0&gdpr_consent=&us_privacy= HTTP/1.1
Host: simage4.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 15:11:06 GMT
content-type: text/html; charset=utf-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
content-encoding: gzip
X-Firefox-Spdy: h2
cloudflare.hcaptcha.com/1/api.js?endpoint=https%3A%2F%2Fcloudflare.hcaptcha.com&assethost=https%3A%2F%2Fcf-assets.hcaptcha.com&imghost=https%3A%2F%2Fcf-imgs.hcaptcha.com&render=explicit&recaptchacompat=off&onload=_cf_chl_hload
104.18.18.132200 OK 0 B URL HTTP/2 cloudflare.hcaptcha.com/1/api.js?endpoint=https%3A%2F%2Fcloudflare.hcaptcha.com&assethost=https%3A%2F%2Fcf-assets.hcaptcha.com&imghost=https%3A%2F%2Fcf-imgs.hcaptcha.com&render=explicit&recaptchacompat=off&onload=_cf_chl_hload
IP 104.18.18.132:0
GET /1/api.js?endpoint=https%3A%2F%2Fcloudflare.hcaptcha.com&assethost=https%3A%2F%2Fcf-assets.hcaptcha.com&imghost=https%3A%2F%2Fcf-imgs.hcaptcha.com&render=explicit&recaptchacompat=off&onload=_cf_chl_hload HTTP/1.1
Host: cloudflare.hcaptcha.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:10:59 GMT
content-type: application/javascript
cf-ray: 771c45f6ebd1b500-OSL
access-control-allow-origin: *
age: 0
cache-control: max-age=120
etag: W/"4a87133d7cfb9f9797187d43ffdd5417"
last-modified: Fri, 25 Nov 2022 11:46:32 GMT
strict-transport-security: max-age=0
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-id: e-vtjjiTuJNWqympaO3s7V_aWlOK4yXOIyZWB7ZnvSo2w49xVfwmGQ==
x-amz-cf-pop: OSL50-P1
x-cache: Hit from cloudfront
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.firstimpression.io/delivery/spc_fi.php?id=7419&url=%2Fct3d85&charset=UTF-8&ch=15&ref=ouo.press&viewerId=null&referer=http://ouo.press/ct3d85?__cf_chl_tk=L9z14DPJqOcGuGsXz5HvhzMnTq0VMUrbMc_nC7lzEyo-1669734659-0-gaNycGzNAxE&_firid=17753455
54.230.111.77200 OK 0 B URL HTTP/2 cdn.firstimpression.io/delivery/spc_fi.php?id=7419&url=%2Fct3d85&charset=UTF-8&ch=15&ref=ouo.press&viewerId=null&referer=http://ouo.press/ct3d85?__cf_chl_tk=L9z14DPJqOcGuGsXz5HvhzMnTq0VMUrbMc_nC7lzEyo-1669734659-0-gaNycGzNAxE&_firid=17753455
IP 54.230.111.77:0
GET /delivery/spc_fi.php?id=7419&url=%2Fct3d85&charset=UTF-8&ch=15&ref=ouo.press&viewerId=null&referer=http://ouo.press/ct3d85?__cf_chl_tk=L9z14DPJqOcGuGsXz5HvhzMnTq0VMUrbMc_nC7lzEyo-1669734659-0-gaNycGzNAxE&_firid=17753455 HTTP/1.1
Host: cdn.firstimpression.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
date: Tue, 29 Nov 2022 15:11:04 GMT
server: nginx/1.20.0
vary: Accept-Encoding
x-powered-by: PHP/8.0.14
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
expires: 0
access-control-allow-origin: http://ouo.press
access-control-allow-credentials: true
p3p: CP="CUR ADM OUR NOR STA NID"
set-cookie: OAID=GDPR; expires=Wed, 29-Nov-2023 15:11:04 GMT; Max-Age=31536000; path=/; secure; SameSite=none
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 8kDxWHvUEPsY0WO6-ssXyZDzuUsyiSg1VmvSJC2T5XAu8owZSV0WNA==
X-Firefox-Spdy: h2
challenges.cloudflare.com/turnstile/v0/b/75e640aa/api.js?onload=_cf_chl_turnstile_l&render=explicit
104.18.7.185200 OK 0 B URL HTTP/2 challenges.cloudflare.com/turnstile/v0/b/75e640aa/api.js?onload=_cf_chl_turnstile_l&render=explicit
IP 104.18.7.185:0
GET /turnstile/v0/b/75e640aa/api.js?onload=_cf_chl_turnstile_l&render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:11:00 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000
vary: Accept-Encoding
server: cloudflare
cf-ray: 771c45fe4d2eb4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&pbt=1&lsw=1
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&pbt=1&lsw=1
IP 178.250.0.157:0
OPTIONS /sid/json?origin=prebid&topUrl=http%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&pbt=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: http://ouo.press/
Origin: http://ouo.press
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:11:07 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: http://ouo.press
server-processing-duration-in-ticks: 451430
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.2.146200 OK 0 B IP 178.250.2.146:0
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Cookie: browser_data=wWyrhV80M0RITmhlJTJCZkMwOUJGQlhaMUN2czh5QnVERVNaRGtIUzAwb2tYb1klMkJ2YWJ3SkpGcHlXJTJGYXFaenpNWUZWd0VZ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:11:07 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=VEq9Ml80M0RITmhlJTJCZkMwOUJGQlhaMUN2czh5QnVERVNaRGtIUzAwb2tYb1klMkJ2WmxYb3JsVmV2ejMzdWU3TWxwdjdkTg; expires=Sun, 24 Dec 2023 15:11:07 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: http://ouo.press
server-processing-duration-in-ticks: 441626
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
d3div1mtym39ic.cloudfront.net/aax2/apstag.js
54.230.245.217200 OK 0 B URL HTTP/2 d3div1mtym39ic.cloudfront.net/aax2/apstag.js
IP 54.230.245.217:0
GET /aax2/apstag.js HTTP/1.1
Host: d3div1mtym39ic.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ouo.press/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 09 Nov 2022 20:51:50 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Tue, 29 Nov 2022 15:04:52 GMT
cache-control: public, max-age=3600
etag: W/"fa24fe2b94a2fc864b1ec67f32e8db32"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: m7315PQxW95QPomwQgMaC7RI9KBh0GxD22WTpp-ohit-KTtYkJScjA==
age: 373
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1
IP 178.250.0.157:0
OPTIONS /sid/json?origin=prebid&topUrl=http%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: http://ouo.press/
Origin: http://ouo.press
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:11:04 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: http://ouo.press
server-processing-duration-in-ticks: 297508
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&pbt=1&lsw=1
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&pbt=1&lsw=1
IP 178.250.0.157:0
GET /sid/json?origin=prebid&topUrl=http%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&pbt=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: http://ouo.press
Connection: keep-alive
Referer: http://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:11:06 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: http://ouo.press
server-processing-duration-in-ticks: 1128143
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
gum.criteo.com/syncframe?origin=publishertag&topUrl=ouo.press
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/syncframe?origin=publishertag&topUrl=ouo.press
IP 178.250.0.157:0
GET /syncframe?origin=publishertag&topUrl=ouo.press HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ouo.press/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:11:04 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=bb5e75ae-ddd1-4e66-860c-e7195af7e163; expires=Sun, 24 Dec 2023 15:11:04 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 564305
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2