Overview

URL ouo.io/tjU7aGu
IP104.22.22.162
ASNCLOUDFLARENET
Location
Report completed2022-10-04 06:59:58 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-10-04 2 itineraryupper.com/ed/36/01/ed36014633829dc70a42dccaefdf3f11.js Malware
mnemonic secure dns  No alerts detected
Quad9 DNS
Scan Date Severity Indicator Comment
2022-10-04 2 unseenreport.com Sinkholed
2022-10-04 2 notifyoutspoken.com Sinkholed
2022-10-04 2 notifyoutspoken.com Sinkholed
2022-10-04 2 notifyoutspoken.com Sinkholed
2022-10-04 2 notifyoutspoken.com Sinkholed


Files

No files detected



Passive DNS (56)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-10-03 08:07:24 UTC 18.164.68.3
mnemonic passive DNS cdn.sb4you1.com (5) 22321 2021-09-16 11:26:58 UTC 2022-10-04 05:39:56 UTC 172.64.200.2
mnemonic passive DNS ads.pubmatic.com (2) 469 2012-10-30 07:42:53 UTC 2022-10-03 12:17:55 UTC 23.38.200.201
mnemonic passive DNS cdn.jsdelivr.net (1) 439 2012-09-30 00:15:09 UTC 2022-10-04 04:19:28 UTC 151.101.85.229
mnemonic passive DNS ocsp.sca1b.amazontrust.com (1) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 108.138.212.135
mnemonic passive DNS widgets.outbrain.com (1) 1272 2012-05-22 16:25:59 UTC 2022-10-04 04:22:53 UTC 23.38.201.81
mnemonic passive DNS id5-sync.com (1) 504 2017-01-25 21:02:34 UTC 2022-10-04 04:55:41 UTC 162.19.138.118
mnemonic passive DNS api.rlcdn.com (1) 791 2018-09-26 05:12:06 UTC 2022-10-03 22:52:27 UTC 34.120.133.55
mnemonic passive DNS fonts.gstatic.com (3) 0 2014-08-29 13:43:22 UTC 2022-10-03 23:48:04 UTC 216.58.207.195 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS ag.gbc.criteo.com (1) 5925 2018-12-17 13:17:41 UTC 2022-10-04 05:34:33 UTC 185.235.84.138
mnemonic passive DNS cdn.adtrue.com (1) 52823 2016-08-12 06:28:31 UTC 2022-10-02 22:54:09 UTC 172.67.144.172
mnemonic passive DNS ouo.io (2) 50761 2015-02-15 06:06:38 UTC 2022-10-04 04:27:22 UTC 104.22.23.162
mnemonic passive DNS cdn.yourwebbars.com (1) 62037 2021-01-29 17:47:27 UTC 2022-10-04 02:43:14 UTC 104.26.6.19
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-10-04 04:18:32 UTC 34.120.237.76
mnemonic passive DNS ecdn.analysis.fi (1) 22604 2021-04-26 06:44:49 UTC 2022-10-04 05:46:50 UTC 108.156.46.8
mnemonic passive DNS itineraryupper.com (1) 280787 2020-07-23 02:40:11 UTC 2022-10-03 23:57:54 UTC 192.243.61.225
mnemonic passive DNS www.googletagmanager.com (1) 75 2012-12-25 14:52:06 UTC 2022-10-03 20:08:49 UTC 142.250.74.168
mnemonic passive DNS fastlane.rubiconproject.com (1) 459 2017-01-30 04:49:40 UTC 2022-10-03 12:00:17 UTC 213.19.162.41
mnemonic passive DNS cdn.firstimpression.io (2) 18692 2021-01-03 16:41:33 UTC 2022-10-04 05:46:51 UTC 143.204.68.68
mnemonic passive DNS c.amazon-adsystem.com (3) 300 2013-12-19 15:10:01 UTC 2022-10-03 09:30:37 UTC 18.164.72.231
mnemonic passive DNS creepingbrings.com (1) 0 2022-05-27 14:56:26 UTC 2022-10-04 05:39:51 UTC 172.64.198.30 Unknown ranking
mnemonic passive DNS www.google-analytics.com (1) 40 2012-10-03 01:04:21 UTC 2022-10-04 05:10:46 UTC 142.250.74.174
mnemonic passive DNS ocsp.godaddy.com (1) 698 2012-05-20 19:28:57 UTC 2022-10-03 06:33:58 UTC 192.124.249.36
mnemonic passive DNS hhklc.com (1) 0 2022-06-12 16:30:56 UTC 2022-10-03 23:57:54 UTC 172.67.223.102 Unknown ranking
mnemonic passive DNS ad.doubleclick.net (1) 186 2013-05-06 20:24:43 UTC 2022-10-04 04:36:45 UTC 216.58.207.198
mnemonic passive DNS ib.adnxs.com (2) 241 2012-05-23 22:36:14 UTC 2022-10-04 04:17:45 UTC 185.89.210.90
mnemonic passive DNS e1.o.lencr.org (4) 6159 2021-08-20 07:36:30 UTC 2022-10-04 04:13:46 UTC 23.36.77.32
mnemonic passive DNS simplewebanalysis.com (1) 0 2022-02-25 04:06:25 UTC 2022-10-04 06:05:39 UTC 3.66.118.16 Unknown ranking
mnemonic passive DNS unseenreport.com (1) 0 2022-03-30 14:33:17 UTC 2022-10-04 05:40:01 UTC 192.243.61.227 Unknown ranking
mnemonic passive DNS ecdn.firstimpression.io (1) 18146 2017-08-11 09:25:19 UTC 2022-10-04 05:46:50 UTC 143.204.68.68
mnemonic passive DNS ouo.press (6) 89754 2016-07-27 01:12:12 UTC 2022-10-04 04:10:21 UTC 104.22.58.251
mnemonic passive DNS ocsp.pki.goog (9) 175 2017-06-14 07:23:31 UTC 2022-10-03 07:14:52 UTC 142.250.74.3
mnemonic passive DNS tag.1rx.io (1) 1330 2016-03-31 02:49:07 UTC 2022-10-04 05:59:04 UTC 213.19.147.43
mnemonic passive DNS static.criteo.net (2) 652 2015-06-24 06:04:54 UTC 2022-10-03 19:31:31 UTC 178.250.2.130
mnemonic passive DNS dnacdn.net (2) 3760 2019-09-02 15:07:45 UTC 2022-10-04 04:41:32 UTC 178.250.0.157
mnemonic passive DNS match.adsrvr.org (1) 349 2012-08-07 19:20:17 UTC 2022-10-03 22:16:21 UTC 3.33.220.150
mnemonic passive DNS r3.o.lencr.org (6) 344 2020-12-02 08:52:13 UTC 2022-10-03 07:33:36 UTC 23.36.76.226
mnemonic passive DNS ocsp.digicert.com (8) 86 2012-05-21 07:02:23 UTC 2022-10-04 02:06:24 UTC 93.184.220.29
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-10-03 09:28:24 UTC 52.13.69.101
mnemonic passive DNS ocsp.sectigo.com (3) 487 2018-12-17 11:31:55 UTC 2022-10-03 22:00:40 UTC 104.18.32.68
mnemonic passive DNS aax-dtb-cf.amazon-adsystem.com (1) 0 2022-06-17 10:06:30 UTC 2022-10-03 09:47:53 UTC 18.172.158.238 Domain (amazon-adsystem.com) ranked at: 3190
mnemonic passive DNS notifyoutspoken.com (5) 0 2022-09-29 01:55:39 UTC 2022-10-04 05:40:25 UTC 192.243.61.225 Unknown ranking
mnemonic passive DNS tv.gourdycortes.com (1) 0 2022-05-16 14:48:14 UTC 2022-10-03 23:57:38 UTC 172.255.6.33 Unknown ranking
mnemonic passive DNS gum.criteo.com (5) 381 2015-01-22 10:58:57 UTC 2022-10-04 00:13:57 UTC 178.250.2.146
mnemonic passive DNS simage4.pubmatic.com (1) 1129 2013-08-22 13:21:53 UTC 2022-10-04 04:45:17 UTC 198.47.127.20
mnemonic passive DNS status.geotrust.com (2) 3662 2017-12-01 08:55:31 UTC 2022-10-03 09:35:04 UTC 93.184.220.29
mnemonic passive DNS fptadtrue-d.openx.net (1) 50626 2017-10-16 10:35:43 UTC 2022-10-02 22:54:10 UTC 35.244.159.8
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-27 20:08:30 UTC 2022-10-04 00:45:50 UTC 18.164.68.6
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-10-03 09:28:24 UTC 34.117.237.239
mnemonic passive DNS ocsp.globalsign.com (2) 2075 2012-05-25 06:20:55 UTC 2022-10-04 04:22:54 UTC 104.18.21.226
mnemonic passive DNS www.gstatic.com (1) 0 2016-07-26 09:37:06 UTC 2022-10-03 04:57:28 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS jsc.adskeeper.com (1) 31191 2020-07-04 10:58:29 UTC 2022-10-04 05:33:26 UTC 104.18.4.42
mnemonic passive DNS id.crwdcntrl.net (1) 1695 2020-11-30 15:11:25 UTC 2022-10-03 19:47:44 UTC 34.251.218.252
mnemonic passive DNS fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-10-04 02:04:45 UTC 142.250.74.10
mnemonic passive DNS bidder.criteo.com (2) 750 2017-01-30 05:01:16 UTC 2022-10-04 04:17:54 UTC 178.250.0.165
mnemonic passive DNS gem.gbc.criteo.com (1) 6039 2019-02-06 06:21:41 UTC 2022-10-04 05:34:33 UTC 178.250.6.228


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 104.22.22.162

Date UQ / IDS / BL URL IP
2022-11-22 05:06:54 +0000
0 - 0 - 8 ouo.io/63G1os 104.22.22.162
2022-11-20 06:08:16 +0000
0 - 0 - 3 ouo.io/QnVMXa 104.22.22.162
2022-11-19 08:28:34 +0000
0 - 0 - 8 ouo.io/9ot4aW 104.22.22.162
2022-11-18 09:32:29 +0000
0 - 0 - 1 ouo.io/npwR6p 104.22.22.162
2022-11-18 05:38:30 +0000
0 - 0 - 1 ouo.io/thFNIG 104.22.22.162

Last 5 reports on ASN: CLOUDFLARENET

Date UQ / IDS / BL URL IP
2022-12-01 21:20:46 +0000
0 - 0 - 5 blockventilaion.cn/hrvatskitelekom/tb.php?ut= (...) 172.67.174.97
2022-12-01 21:20:35 +0000
0 - 0 - 0 canva.com 104.17.114.17
2022-12-01 21:20:13 +0000
0 - 0 - 1 datingnearyou.net/rus/all/fr/ms/10-489390-0/? (...) 188.114.96.1
2022-12-01 21:16:58 +0000
0 - 0 - 2 bq-trk.h1dm.info/ga/click/2-30987-4-5267-1049 (...) 104.21.78.146
2022-12-01 21:14:53 +0000
0 - 0 - 1 runfortification.top/ 188.114.96.1

Last 5 reports on domain: ouo.io

Date UQ / IDS / BL URL IP
2022-12-01 06:00:20 +0000
0 - 0 - 13 ouo.io/mOIL2k 104.22.23.162
2022-11-30 16:14:42 +0000
0 - 0 - 11 ouo.io/tK4WeN 172.67.6.151
2022-11-29 18:01:37 +0000
0 - 0 - 11 ouo.io/p3tQCUw 172.67.6.151
2022-11-29 07:03:35 +0000
0 - 0 - 9 ouo.io/eeonrE 104.22.23.162
2022-11-27 03:28:23 +0000
0 - 0 - 10 ouo.io/1NXtwF 172.67.6.151

No other reports with similar screenshot



JavaScript

Executed Scripts (40)


Executed Evals (35)

#1 JavaScript::Eval (size: 46, repeated: 1) - SHA256: e218a1ac15f252350ef2646dead414bf35db450215962e63da301cb7c3f064eb

                                        this.context['navigator']['webkitGetGamepads']
                                    

#2 JavaScript::Eval (size: 35, repeated: 1) - SHA256: 022ae916a59e1d7cb709a35e757c60e6626bfccd2c1e87c5ad6b432f0f1b1538

                                        this.context['HTMLBaseFontElement']
                                    

#3 JavaScript::Eval (size: 35, repeated: 1) - SHA256: 7013ec5264e02f54f3b42e05b51fd1ad0f180fa3870b71acd2f1a384cc81d601

                                        this.context['document']['prepend']
                                    

#4 JavaScript::Eval (size: 22, repeated: 1) - SHA256: eb3a140c9b84b3b5c69ed2966cf442240e63fc12aaf1e79d0c35aec5b237d9d7

                                        0,
function(C) {
    Lw(C, 1)
}
                                    

#5 JavaScript::Eval (size: 64, repeated: 1) - SHA256: 87c99b9a88a42ee46bbe6ce447b600a1653142b3ebb7b9ed96bc786f7a99d488

                                        0,
function(C, J, r) {
    X((J = (r = (J = S(C), S)(C), C.B[J]) && E(J, C), r), C, J)
}
                                    

#6 JavaScript::Eval (size: 39, repeated: 1) - SHA256: aaa8c0ab87c7070701d0a29a610c65a4c1d29153c2d14623602acef3eea646dd

                                        this.context['EventTarget']['toString']
                                    

#7 JavaScript::Eval (size: 42, repeated: 1) - SHA256: 2fc752a40595d1d6681e6be3ebd8f44cdda99876ff9ee19fe654647a6a11415e

                                        this.context['ApplicationCacheErrorEvent']
                                    

#8 JavaScript::Eval (size: 28, repeated: 1) - SHA256: fca3cd5a7ca3a44b75f81e0c169fe599fb48741835c83b5616e304b3f722522b

                                        this.context['AnalyserNode']
                                    

#9 JavaScript::Eval (size: 154, repeated: 1) - SHA256: 5b74ca7f2f7320a7821eedeecfc6bc9cf4c5b0364ae656e62b66657c227aae7e

                                        apstag.punt({
    "cmp": "https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-LoopMe_n-onetag_pm-db5_rbd_cnv_n-Outbrain",
    "cb": "0"
})
                                    

#10 JavaScript::Eval (size: 25, repeated: 1) - SHA256: cfd8889f26f46323b63c7766e414faf4a4171cc959c4c2b2e6a64c0ec3edf13f

                                        this.context['CryptoKey']
                                    

#11 JavaScript::Eval (size: 35, repeated: 1) - SHA256: 41aae560d6dd4b675e6e45d30c1572db537659e580ac434c4b89b76e4f3dc5ac

                                        this.context['SiteBoundCredential']
                                    

#12 JavaScript::Eval (size: 6482, repeated: 1) - SHA256: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

                                        var amzn_aps_csm = amzn_aps_csm || {};
amzn_aps_csm.errors = [], amzn_aps_csm.reportErrors = function(a) {
        var b, c;
        for (/^https?:\/\//.test(a) === !1 && (a = document.location.protocol + "//" + a), "/" !== a.substr(a.length - 1) && (a += "/"), b = 0; b < amzn_aps_csm.errors.length; b++) c = '{"adViewability":[{"error": {"m": "' + amzn_aps_csm.errors[b] + '"}}], "c": "aps_communicator", "api": "RTB", "error": 1}', "https:" === document.location.protocol && /^http:\/\//.test(a) === !0 && (a = a.replace("http://", "https://")), (new Image).src = a + c + "?cb=" + Math.round(1e7 * Math.random());
        amzn_aps_csm.errors = []
    },
    function(a) {
        function b(a) {
            return a ? a.replace(/^\s+|\s+$/g, "") : a
        }

        function c(a) {
            if (a && a.s) {
                var b, c = a.s.length > 0 ? a.s[0] : "",
                    d = a.s.length > 1 ? a.s[1] : "";
                c && (b = c.match(j)), b && 3 === b.length || !d || (b = d.match(i)), b && 3 === b.length && (a.f = b[1], a.l = b[2])
            }
        }

        function d(a, d) {
            if (d = d || {}, !a) return {};
            a.m && a.m.message && (a = a.m);
            var i, j, k, l, m, n = {
                    m: e(a, d),
                    c: a.c ? "" + a.c : a.c,
                    s: [],
                    l: a.l || a.line || a.lineno || a.lineNumber,
                    name: a.name,
                    type: a.type
                },
                o = 0,
                p = 0;
            if (i = a.stack || (a.err ? a.err.stack : ""), i && i.split)
                for (j = i.split("\n"); o < j.length && n.s.length < g;) k = j[o++], k && n.s.unshift(b(k));
            else
                for (l = f(a.args || arguments, "callee"), o = 0, p = 0; l && g > o;) m = h, l.skipTrace || (k = l.toString(), k && k.substr && (m = 0 === p ? 4 * h : m, m = 1 === p ? 2 * h : m, n.s.unshift(k.substr(0, m)), p++)), l = f(l, "caller"), o++;
            return !n.f && n.s.length > 0 && c(n), n
        }

        function e(a, b) {
            var c = b.m || b.message || "";
            return c += a.m && a.m.message ? a.m.message : a.m && a.m.target && a.m.target.tagName ? "Error handler invoked by " + a.m.target.tagName + " tag" : a.m ? a.m : a.message ? a.message : "Unknown error"
        }

        function f(a, b) {
            try {
                return a[b]
            } catch (c) {
                return ""
            }
        }
        var g = 20,
            h = 256,
            i = /\(?([^\s]*):(\d+):\d+\)?/,
            j = /.*@(.*):(\d*)/;
        a.constructErrorMessage = d
    }(amzn_aps_csm), window.JSON || (window.JSON = {
        parse: function(sJSON) {
            return eval("(" + sJSON + ")")
        },
        stringify: function() {
            var a = Object.prototype.toString,
                b = Array.isArray || function(b) {
                    return "[object Array]" === a.call(b)
                },
                c = {
                    '"': '\\"',
                    "\\": "\\\\",
                    "\b": "\\b",
                    "\f": "\\f",
                    "\n": "\\n",
                    "\r": "\\r",
                    "	": "\\t"
                },
                d = function(a) {
                    return c[a] || "\\u" + (a.charCodeAt(0) + 65536).toString(16).substr(1)
                },
                e = /[\\"\u0000-\u001F\u2028\u2029]/g;
            return function f(c) {
                var g, h, i, j;
                if (null == c) return "null";
                if ("number" == typeof c) return isFinite(c) ? c.toString() : "null";
                if ("boolean" == typeof c) return c.toString();
                if ("object" == typeof c) {
                    if ("function" == typeof c.toJSON) return f(c.toJSON());
                    if (b(c)) {
                        for (g = "[", h = 0; h < c.length; h++) g += (h ? ", " : "") + f(c[h]);
                        return g + "]"
                    }
                    if ("[object Object]" === a.call(c)) {
                        i = [];
                        for (j in c) c.hasOwnProperty(j) && i.push(f(j) + ": " + f(c[j]));
                        return "{" + i.join(", ") + "}"
                    }
                }
                return '"' + c.toString().replace(e, d) + '"'
            }
        }()
    }), amzn_aps_csm = amzn_aps_csm || {}, amzn_aps_csm.log = function(a) {
        try {
            -1 !== window.location.href.indexOf("csm_debug_mode") && window.console && window.console.log(a)
        } catch (b) {
            b.message && amzn_aps_csm.errors.push(b.message)
        }
    }, amzn_aps_csm.loadModules = function(a) {
        var b, c, d;
        try {
            for (b = 0; b < a.length; b++) {
                if (c = a[b].name, d = a[b].params || [], window.performance && window.performance.mark && "function" == typeof window.performance.mark && window.performance.mark("loadStart" + c), "[object Array]" !== Object.prototype.toString.call(d) && amzn_aps_csm.log("Params passed in the amzn_aps_csm.loadModules methods must be an array"), amzn_aps_csm[c]) {
                    if (void 0 === amzn_aps_csm[c].shortName) throw new amzn_aps_csm.invalidModuleException("Module shortName not defined for module " + c + ". ");
                    amzn_aps_csm[c].init.apply(amzn_aps_csm[c], d), amzn_aps_csm.log("Initiated " + c + " module")
                } else amzn_aps_csm.log("Undefined module " + c);
                window.performance && window.performance.mark && "function" == typeof window.performance.mark && (window.performance.mark("loadEnd" + c), window.performance.measure("lt" + amzn_aps_csm[c].shortName, "loadStart" + c, "loadEnd" + c))
            }
        } catch (e) {
            e.message && amzn_aps_csm.errors.push(e.message)
        }
    }, amzn_aps_csm.define = function(a) {
        var b, c, d, e, f, g, h, i;
        try {
            for (b = function(a) {
                    return "string" == typeof a ? amzn_aps_csm[a] : a
                }, c = Array.prototype.slice.call(arguments), d = c[0], e = c.length > 2 ? c[1] : [], f = c[c.length - 1], g = [], h = 0, i = e.length; i > h; h++) g.push(b(e[h]));
            amzn_aps_csm[d] = f.apply(f, g)
        } catch (j) {
            j.message && amzn_aps_csm.errors.push(j.message)
        }
    }, amzn_aps_csm.invalidModuleException = function(a) {
        this.value = a, this.message = "does not conform to the expected format of a module", this.toString = function() {
            return this.value + this.message
        }
    }, amzn_aps_csm = amzn_aps_csm || {}, amzn_aps_csm.define("eventUtils", [], function() {
        var a = {
            shortName: "eu"
        };
        return a.init = function() {
            amzn_aps_csm.log("Initializing eventUtils"), a.eventHandlers = []
        }, a.addEvent = function(b, c, d, e) {
            b.addEventListener ? b.addEventListener(c, d, e) : b.attachEvent && b.attachEvent("on" + c, d);
            var f = {
                elem: b,
                eventName: c,
                cb: d
            };
            a.eventHandlers.push(f)
        }, a.registerPostMessageHandler = function(a) {
            var b = window.addEventListener ? "addEventListener" : "attachEvent",
                c = window[b],
                d = "attachEvent" == b ? "onmessage" : "message";
            c(d, function(b) {
                a(b)
            }, !1)
        }, a
    }), amzn_aps_csm = amzn_aps_csm || {}, amzn_aps_csm.define("pixelQueue", [], function() {
        var a = {
            shortName: "pq"
        };
        return a.init = function() {}, a.firePixel = function(a, b, c) {
            if ("" !== b) {
                /^https?:\/\//.test(b) === !1 && (b = document.location.protocol + "//" + b), "/" != b.substr(b.length - 1) && (b += "/"), "https:" === document.location.protocol && /^http:\/\//.test(b) === !0 && (b = b.replace("http://", "https://"));
                try {
                    var d = JSON.parse(a);
                    d.ver = amzn_aps_csm.version, a = JSON.stringify(d)
                } catch (e) {}
                void 0 !== c && "" !== c && (b += c), (new Image).src = b + a + "?cb=" + Math.round(1e7 * Math.random())
            } else amzn_aps_csm.log("instrURL is empty")
        }, a
    }), amzn_aps_csm = amzn_aps_csm || {},
    function() {
        var a, b;
        amzn_aps_csm.loadModules([{
            name: "eventUtils",
            params: []
        }]);
        for (a in amzn_aps_csm.eventUtils) amzn_aps_csm.eventUtils.hasOwnProperty(a) && (amzn_aps_csm[a] = amzn_aps_csm.eventUtils[a]);
        amzn_aps_csm.loadModules([{
            name: "pixelQueue",
            params: []
        }]), b = 5, amzn_aps_csm.registerPostMessageHandler(function(a) {
            var c, d, e, f, g, h, i, j, k, l, m;
            if (amzn_aps_csm.log("parent received message!: ", a.data), amzn_aps_csm.log(a.origin), /pixelId/.test(a.data)) {
                for (c = a.source, d = 0; c.parent !== top && b > d;) c = c.parent, d++;
                for (e = {}, "object" == typeof apstag && null !== apstag && "function" == typeof apstag._getSlotIdToNameMapping && null !== apstag._getSlotIdToNameMapping() && (e = apstag._getSlotIdToNameMapping()), f = "", g = document.getElementsByTagName("iframe"), h = 0; h < g.length; h++)
                    if (g[h].contentWindow === c) {
                        i = g[h].parentElement;
                        do j = i.id, i = i.parentElement; while (e.hasOwnProperty(j) === !1 && "body" !== i.tagName.toLowerCase());
                        f = e[j] || j
                    }
                k = JSON.parse(a.data), l = decodeURIComponent(k.instrURL), m = {
                    sn: encodeURIComponent(f),
                    pixelId: k.pixelId
                }, /amazon-adsystem\.com/.test(l) && amzn_aps_csm.pixelQueue.firePixel(JSON.stringify(m), l, "")
            }
        })
    }();
                                    

#13 JavaScript::Eval (size: 41, repeated: 1) - SHA256: e9d851c02746b7bd4d9207264c143f76480b69aa3552b1cdaa79ee537d83f5ac

                                        this.context['navigator']['taintEnabled']
                                    

#14 JavaScript::Eval (size: 33, repeated: 1) - SHA256: 92cc9c48ca7d897742a37b1578ba7c99e9d9c405fced233bb9a3270ef84fddfc

                                        this.context['DeviceMotionEvent']
                                    

#15 JavaScript::Eval (size: 19, repeated: 1) - SHA256: 67909fba812519f6eced963d195970a41923b591290d48f96704719fc6b74ec5

                                        this.context['NaN']
                                    

#16 JavaScript::Eval (size: 17548, repeated: 1) - SHA256: d7ec39fdb2e7727c182455ff73728eaace45d9c8907a17d9a027e8d98b81cc52

                                        (function() {
    var vF = function(U, v) {
            if (!(U = (v = null, n.trustedTypes), U) || !U.createPolicy) return v;
            try {
                v = U.createPolicy("bg", {
                    createHTML: UK,
                    createScript: UK,
                    createScriptURL: UK
                })
            } catch (A) {
                n.console && n.console.error(A.message)
            }
            return v
        },
        oh = function(U, v, A, x, e, C) {
            function J() {
                if (v.P == v) {
                    if (v.B) {
                        var r = [M, x, U, void 0, e, C, arguments];
                        if (2 == A) var N = I(false, false, (L(r, v), v));
                        else if (1 == A) {
                            var O = !v.u.length;
                            L(r, v), O && I(false, false, v)
                        } else N = Cw(v, r);
                        return N
                    }
                    e && C && e.removeEventListener(C, J, q)
                }
            }
            return J
        },
        A4 = function(U, v) {
            return U[v] << 24 | U[(v | 0) + 1] << 16 | U[(v | 0) + 2] << 8 | U[(v | 0) + 3]
        },
        r0 = function(U, v, A, x) {
            return (X(403, A, (xc((x = E(403, A), A.V && x < A.H ? (X(403, A, A.H), J4(v, A)) : X(403, A, v), U), A), x)), E)(368, A)
        },
        Nn = function(U, v, A, x, e, C, J, r) {
            return (v = [60, 32, -94, 21, 71, (J = U & (r = er, 7), 74), v, 90, 56, 20], C = V[A.Z](A.Px), C[A.Z] = function(N) {
                J += 6 + 7 * (e = N, U), J &= 7
            }, C).concat = function(N) {
                return (e = (N = (N = (N = x % 16 + 1, +v[J + 43 & 7] * x * N - 1184 * x * e + J + 37 * e * e + (r() | 0) * N) + 3 * x * x * N - 111 * x * x * e - N * e - 3589 * e, v[N]), void 0), v)[(J + 21 & 7) + (U & 2)] = N, v[J + (U & 2)] = 32, N
            }, C
        },
        kc = function(U, v, A, x, e) {
            for (e = (x = (U.Px = (U.lG = U[U.Mx = (U.pf = nw, OK), W], lX)(U.Z, {get: function() {
                        return this.concat()
                    }
                }), U.Hx = V[U.Z](U.Px, {
                    value: {
                        value: {}
                    }
                }), 0), []); 128 > x; x++) e[x] = String.fromCharCode(x);
            I(true, true, (L((L((F(260, function(C, J, r, N, O, l, z, k, a, m, y, f) {
                function u(D, b) {
                    for (; l < D;) r |= Q(C) << l, l += 8;
                    return b = r & (l -= D, (1 << D) - 1), r >>= D, b
                }
                for (k = ((l = (a = S(C), r = 0), u(3)) | 0) + 1, O = u(5), J = [], z = m = 0; z < O; z++) y = u(1), J.push(y), m += y ? 0 : 1;
                for (z = (m = ((m | 0) - 1).toString(2).length, N = [], 0); z < O; z++) J[z] || (N[z] = u(m));
                for (m = 0; m < O; m++) J[m] && (N[m] = S(C));
                for (f = []; k--;) f.push(E(S(C), C));
                F(a, function(D, b, w, T, t) {
                    for (w = (T = [], 0), b = []; w < O; w++) {
                        if (!J[t = N[w], w]) {
                            for (; t >= T.length;) T.push(S(D));
                            t = T[t]
                        }
                        b.push(t)
                    }
                    D.g = mv((D.i = mv(f.slice(), D), b), D)
                }, C)
            }, (U.zk = (X(39, (F(153, function(C, J) {
                J4((J = E(S(C), C), J), C.P)
            }, (F(76, ((X(23, U, ((F(257, (X(220, (F(203, function(C, J, r, N) {
                J = (r = S(C), N = S(C), S(C)), C.P == C && (J = E(J, C), N = E(N, C), E(r, C)[N] = J, 495 == r && (C.l = void 0, 2 == N && (C.v = Z(C, 32, false), C.l = void 0)))
            }, (F(77, function(C, J, r, N, O, l, z) {
                for (r = (O = (l = E((N = (z = qn((J = S(C), C)), ""), 48), C), l.length), 0); z--;) r = ((r | 0) + (qn(C) | 0)) % O, N += e[l[r]];
                X(J, C, N)
            }, (F(197, function(C, J) {
                (J = S(C), C = E(J, C.P), C[0]).removeEventListener(C[1], C[2], q)
            }, (F(145, function(C, J, r, N, O, l) {
                if (!G(C, true, J, true)) {
                    if ("object" == (r = (l = (r = S((O = S((J = (l = S(C), S(C)), C)), C)), J = E(J, C), E(l, C)), E(r, C)), C = E(O, C), zh(l))) {
                        for (N in O = [], l) O.push(N);
                        l = O
                    }
                    for (O = (N = 0, C = 0 < C ? C : 1, l).length; N < O; N += C) J(l.slice(N, (N | 0) + (C | 0)), r)
                }
            }, (F(204, (X(4, (F(146, (F(319, (F(247, function(C, J, r, N, O) {
                X((J = (O = E((N = E((N = (J = (O = S((r = S(C), C)), S(C)), S(C)), N), C), O), C), E)(J, C), r), C, oh(J, C, N, O))
            }, (X(109, U, ((X(368, U, (F(42, (X(217, (F(486, (F(55, (F(226, function(C, J, r, N) {
                !G(C, true, J, false) && (J = Ih(C), N = J.Bx, r = J.I, C.P == C || r == C.nf && N == C) && (X(J.Al, C, r.apply(N, J.S)), C.Y = C.G())
            }, (F(308, (F(436, (U.Y5 = (F(483, function(C, J, r, N) {
                if (J = C.a1.pop()) {
                    for (N = Q(C); 0 < N; N--) r = S(C), J[r] = C.B[r];
                    C.B = (J[4] = C.B[J[52] = C.B[52], 4], J)
                } else X(403, C, C.H)
            }, (F(405, function(C) {
                jr(4, C)
            }, (F(475, (X(52, (F(64, function(C, J, r) {
                (r = (r = (J = S(C), S)(C), E)(r, C), 0) != E(J, C) && X(403, C, r)
            }, (X(491, U, (F(460, (F(131, (X(51, U, (X(((X(403, (((U.H = 0, U.V8 = (U.o = [], U.B = [], U.g = (U.a1 = [], U.O = (U.D = 0, false), U.N = void 0, void 0), ((U.i = void 0, U).A = (x = window.performance || {}, void 0), U).U = (U.X = ((U.uG = (U.l = void 0, U.j = false, !(U.R = 0, 1)), U).h = (U.P = U, U.V = (U.J = (U.W = 1, null), []), U.F = [], 0), U.C = void 0, 8001), U.K = (U.v = void 0, 25), U.Y = 0, 0), 0), U).nf = function(C) {
                this.P = C
            }, U.u = [], U).Gk = x.timeOrigin || (x.timing || {}).navigationStart || 0, U), 0), X)(105, U, 0), 208), U, U), [])), function(C, J, r, N) {
                (r = E((N = (J = S((r = (N = S(C), S(C)), C)), E(N, C)), r), C), X)(J, C, N[r])
            }), U), function(C, J, r, N) {
                r = E((J = S((N = S(C), r = S(C), C)), r), C), N = E(N, C) == r, X(J, C, +N)
            }), U), R(4))), F(478, function(C, J, r, N) {
                X((r = E((J = E((r = S((J = S(C), C)), N = S(C), J), C), r), C), N), C, J in r | 0)
            }, U), U)), U), []), function(C) {
                Lw(C, 4)
            }), U), U)), U)), 0), function() {}), U), function(C, J, r, N, O, l) {
                G(C, true, J, false) || (l = Ih(C.P), N = l.Bx, O = l.I, J = l.Al, l = l.S, r = l.length, N = 0 == r ? new N[O] : 1 == r ? new N[O](l[0]) : 2 == r ? new N[O](l[0], l[1]) : 3 == r ? new N[O](l[0], l[1], l[2]) : 4 == r ? new N[O](l[0], l[1], l[2], l[3]) : 2(), X(J, C, N))
            }), U), U)), function(C, J, r, N) {
                X((r = S((N = (J = S(C), Q)(C), C)), r), C, E(J, C) >>> N)
            }), U), function(C) {
                jr(1, C)
            }), U), U), [0, 0, 0]), function(C, J, r, N, O) {
                0 !== (J = E((N = (r = E((O = (J = (r = (N = (O = S(C), S(C)), S(C)), S)(C), E(O, C.P)), r), C), E)(N, C), J), C), O) && (J = oh(J, C, 1, r, O, N), O.addEventListener(N, J, q), X(39, C, [O, N, J]))
            }), U), {})), X)(16, U, n), 0)), U)), function(C, J, r, N) {
                r = (J = S(C), N = S(C), S)(C), X(r, C, E(J, C) || E(N, C))
            }), U), function(C, J, r) {
                X((r = (J = (r = S(C), S(C)), r = E(r, C), zh)(r), J), C, r)
            }), U), U), 2048), function(C, J, r) {
                G(C, true, J, false) || (J = S(C), r = S(C), X(r, C, function(N) {
                    return eval(N)
                }(Mn(E(J, C.P)))))
            }), U), U)), U)), U)), U)), U), [160, 0, 0]), function(C) {
                ah(4, C)
            }), U), F)(366, function(C, J, r) {
                X((r = S(C), J = S(C), J), C, "" + E(r, C))
            }, U), 426)), F)(395, function(C, J, r, N, O) {
                for (r = (O = qn((J = S(C), C)), N = 0, []); N < O; N++) r.push(Q(C));
                X(J, C, r)
            }, U), F(341, function(C) {
                ah(3, C)
            }, U), U.dh = 0, function(C, J, r, N) {
                r = (J = E((N = (J = S(C), S(C)), J), C), E)(N, C), X(N, C, r + J)
            }), U), U)), U), 0), 0), U)), [EK]), U), L([c, v], U), [XV, A]), U), U))
        },
        Q = function(U) {
            return U.i ? Vg(U.g, U) : Z(U, 8, true)
        },
        lX = function(U, v) {
            return V[U](V.prototype, {
                call: v,
                floor: v,
                length: v,
                document: v,
                stack: v,
                replace: v,
                console: v,
                splice: v,
                prototype: v,
                pop: v,
                parent: v,
                propertyIsEnumerable: v
            })
        },
        R = function(U, v) {
            for (v = []; U--;) v.push(255 * Math.random() | 0);
            return v
        },
        Cw = function(U, v, A, x, e) {
            if (x = v[0], x == p) U.K = 25, U.T(v);
            else if (x == W) {
                A = v[1];
                try {
                    e = U.A || U.T(v)
                } catch (C) {
                    K(U, C), e = U.A
                }
                A(e)
            } else if (x == fw) U.T(v);
            else if (x == c) U.T(v);
            else if (x == XV) {
                try {
                    for (e = 0; e < U.o.length; e++) try {
                        A = U.o[e], A[0][A[1]](A[2])
                    } catch (C) {}
                } catch (C) {}(0, v[1])(function(C, J) {
                    U.s(C, true, J)
                }, (U.o = [], function(C) {
                    L([(C = !U.u.length, D_)], U), C && I(false, true, U)
                }))
            } else {
                if (x == M) return e = v[2], X(345, U, v[6]), X(368, U, e), U.T(v);
                x == D_ ? (U.F = [], U.B = null, U.V = []) : x == EK && "loading" === n.document.readyState && (U.J = function(C, J) {
                    function r() {
                        J || (J = true, C())
                    }(n.document.addEventListener("DOMContentLoaded", (J = false, r), q), n).addEventListener("load", r, q)
                })
            }
        },
        jr = function(U, v, A, x) {
            h((A = (x = S(v), S(v)), A), v, H(U, E(x, v)))
        },
        I = function(U, v, A, x, e, C) {
            if (A.u.length) {
                A.uG = (A.j = !(A.j && 0(), 0), v);
                try {
                    x = A.G(), A.Y = x, A.N = 0, A.U = x, C = yg(A, v), e = A.G() - A.U, A.R += e, e < (U ? 0 : 10) || 0 >= A.K-- || (e = Math.floor(e), A.F.push(254 >= e ? e : 254))
                } finally {
                    A.j = false
                }
                return C
            }
        },
        g, WF = function(U, v, A) {
            if (3 == U.length) {
                for (A = 0; 3 > A; A++) v[A] += U[A];
                for (A = (U = 0, [13, 8, 13, 12, 16, 5, 3, 10, 15]); 9 > U; U++) v[3](v, U % 3, A[U])
            }
        },
        zh = function(U, v, A) {
            if ("object" == (v = typeof U, v))
                if (U) {
                    if (U instanceof Array) return "array";
                    if (U instanceof Object) return v;
                    if ("[object Window]" == (A = Object.prototype.toString.call(U), A)) return "object";
                    if ("[object Array]" == A || "number" == typeof U.length && "undefined" != typeof U.splice && "undefined" != typeof U.propertyIsEnumerable && !U.propertyIsEnumerable("splice")) return "array";
                    if ("[object Function]" == A || "undefined" != typeof U.call && "undefined" != typeof U.propertyIsEnumerable && !U.propertyIsEnumerable("call")) return "function"
                } else return "null";
            else if ("function" == v && "undefined" == typeof U.call) return "object";
            return v
        },
        Vg = function(U, v) {
            return (U = U.create().shift(), v.i.create()).length || v.g.create().length || (v.g = void 0, v.i = void 0), U
        },
        Lw = function(U, v, A, x) {
            for (A = (x = S(U), 0); 0 < v; v--) A = A << 8 | Q(U);
            X(x, U, A)
        },
        Y = function(U, v, A) {
            A = this;
            try {
                kc(this, U, v)
            } catch (x) {
                K(this, x), v(function(e) {
                    e(A.A)
                })
            }
        },
        F = function(U, v, A) {
            v[X(U, A, v), EK] = 2796
        },
        J4 = function(U, v) {
            X(403, v, (v.a1.push(v.B.slice()), v.B[403] = void 0, U))
        },
        xc = function(U, v, A, x, e, C) {
            if (!v.A) {
                v.h++;
                try {
                    for (x = (e = 0, A = v.H, void 0); --U;) try {
                        if ((C = void 0, v).i) x = Vg(v.i, v);
                        else {
                            if (e = E(403, v), e >= A) break;
                            x = (C = (X(105, v, e), S(v)), E)(C, v)
                        }
                        G(v, (x && x[D_] & 2048 ? x(v, U) : d(0, v, [P, 21, C]), false), U, false)
                    } catch (J) {
                        E(23, v) ? d(22, v, J) : X(23, v, J)
                    }
                    if (!U) {
                        if (v.Zr) {
                            xc(335982656583, (v.h--, v));
                            return
                        }
                        d(0, v, [P, 33])
                    }
                } catch (J) {
                    try {
                        d(22, v, J)
                    } catch (r) {
                        K(v, r)
                    }
                }
                v.h--
            }
        },
        G = function(U, v, A, x, e, C, J, r, N) {
            if (U.W += (U.P = ((e = (r = (J = (C = (N = (v || U.N++, 0 < U.D && U.j && U.uG && 1 >= U.h && !U.i && !U.J && (!v || 1 < U.X - A) && 0 == document.hidden), 4 == U.N)) || N ? U.G() : U.Y, J) - U.Y, r >> 14), U).v && (U.v ^= e * (r << 2)), e) || U.P, e), C || N) U.Y = J, U.N = 0;
            if (!N || J - U.U < U.D - (x ? 255 : v ? 5 : 2)) return false;
            return !(((X(403, (x = E(v ? 105 : 403, (U.X = A, U)), U), U.H), U).u.push([fw, x, v ? A + 1 : A]), U).J = FV, 0)
        },
        Sr = function(U, v, A, x, e) {
            for (v = (e = v[3] | 0, v[2] | 0), x = 0; 14 > x; x++) U = U >>> 8 | U << 24, U += A | 0, U ^= v + 3462, A = A << 3 | A >>> 29, A ^= U, e = e >>> 8 | e << 24, e += v | 0, e ^= x + 3462, v = v << 3 | v >>> 29, v ^= e;
            return [A >>> 24 & 255, A >>> 16 & 255, A >>> 8 & 255, A >>> 0 & 255, U >>> 24 & 255, U >>> 16 & 255, U >>> 8 & 255, U >>> 0 & 255]
        },
        Rh = function(U, v, A, x) {
            try {
                x = U[((v | 0) + 2) % 3], U[v] = (U[v] | 0) - (U[((v | 0) + 1) % 3] | 0) - (x | 0) ^ (1 == v ? x << A : x >>> A)
            } catch (e) {
                throw e;
            }
        },
        Qg = function(U, v) {
            return U(function(A) {
                A(v)
            }), [function() {
                return v
            }]
        },
        K = function(U, v) {
            U.A = ((U.A ? U.A + "~" : "E:") + v.message + ":" + v.stack).slice(0, 2048)
        },
        bX = function(U, v, A, x) {
            function e() {}
            return x = uX(U, function(C) {
                e && (v && FV(v), A = C, e(), e = void 0)
            }, (A = void 0, !!v))[0], {
                invoke: function(C, J, r, N) {
                    function O() {
                        A(function(l) {
                            FV(function() {
                                C(l)
                            })
                        }, r)
                    }
                    if (!J) return J = x(r), C && C(J), J;
                    A ? O() : (N = e, e = function() {
                        (N(), FV)(O)
                    })
                }
            }
        },
        E = function(U, v) {
            if ((v = v.B[U], void 0) === v) throw [P, 30, U];
            if (v.value) return v.create();
            return v.create(3 * U * U + 32 * U + 97), v.prototype
        },
        UK = function(U) {
            return U
        },
        n = this || self,
        Ih = function(U, v, A, x, e, C) {
            for (x = (v = (((A = (C = U[Gh] || {}, S)(U), C).Al = S(U), C).S = [], U.P) == U ? (Q(U) | 0) - 1 : 1, S)(U), e = 0; e < v; e++) C.S.push(S(U));
            for (C.Bx = E(x, U); v--;) C.S[v] = E(C.S[v], U);
            return C.I = E(A, U), C
        },
        Z_ = function(U, v) {
            ((v.push(U[0] << 24 | U[1] << 16 | U[2] << 8 | U[3]), v).push(U[4] << 24 | U[5] << 16 | U[6] << 8 | U[7]), v).push(U[8] << 24 | U[9] << 16 | U[10] << 8 | U[11])
        },
        cF = function(U, v, A) {
            return U.s(function(x) {
                A = x
            }, false, v), A
        },
        h = function(U, v, A, x, e, C) {
            if (v.P == v)
                for (e = E(U, v), 491 == U ? (U = function(J, r, N, O) {
                        if (e.k5 != (r = (O = e.length, (O | 0) - 4 >> 3), r)) {
                            r = (r << (N = [0, 0, C[1], (e.k5 = r, C[2])], 3)) - 4;
                            try {
                                e.Q8 = Sr(A4(e, (r | 0) + 4), N, A4(e, r))
                            } catch (l) {
                                throw l;
                            }
                        }
                        e.push(e.Q8[O & 7] ^ J)
                    }, C = E(217, v)) : U = function(J) {
                        e.push(J)
                    }, x && U(x & 255), v = 0, x = A.length; v < x; v++) U(A[v])
        },
        X = function(U, v, A) {
            if (403 == U || 105 == U) v.B[U] ? v.B[U].concat(A) : v.B[U] = mv(A, v);
            else {
                if (v.O && 495 != U) return;
                220 == U || 491 == U || 51 == U || 52 == U || 217 == U ? v.B[U] || (v.B[U] = Nn(62, A, v, U)) : v.B[U] = Nn(97, A, v, U)
            }
            495 == U && (v.v = Z(v, 32, false), v.l = void 0)
        },
        L = function(U, v) {
            v.u.splice(0, 0, U)
        },
        qn = function(U, v) {
            return (v = Q(U), v) & 128 && (v = v & 127 | Q(U) << 7), v
        },
        FV = n.requestIdleCallback ? function(U) {
            requestIdleCallback(function() {
                U()
            }, {
                timeout: 4
            })
        } : n.setImmediate ? function(U) {
            setImmediate(U)
        } : function(U) {
            setTimeout(U, 0)
        },
        yg = function(U, v, A, x) {
            for (; U.u.length;) {
                U.J = null, x = U.u.pop();
                try {
                    A = Cw(U, x)
                } catch (e) {
                    K(U, e)
                }
                if (v && U.J) {
                    (v = U.J, v)(function() {
                        I(true, true, U)
                    });
                    break
                }
            }
            return A
        },
        B, ah = function(U, v, A, x, e) {
            h(((A = E((A = S((e = U & 4, U &= 3, v)), x = S(v), A), v), e && (A = pw("" + A)), U) && h(x, v, H(2, A.length)), x), v, A)
        },
        d = function(U, v, A, x, e, C) {
            if (!v.O) {
                if ((U = (0 == (x = E(52, ((C = void 0, A) && A[0] === P && (U = A[1], C = A[2], A = void 0), v)), x.length) && (e = E(105, v) >> 3, x.push(U, e >> 8 & 255, e & 255), void 0 != C && x.push(C & 255)), ""), A && (A.message && (U += A.message), A.stack && (U += ":" + A.stack)), A = E(4, v), 3) < A) {
                    v.P = (C = (U = (A -= ((U = U.slice(0, (A | 0) - 3), U).length | 0) + 3, pw)(U), v.P), v);
                    try {
                        h(491, v, H(2, U.length).concat(U), 9)
                    } finally {
                        v.P = C
                    }
                }
                X(4, v, A)
            }
        },
        H = function(U, v, A, x) {
            for (x = (U | 0) - (A = [], 1); 0 <= x; x--) A[(U | 0) - 1 - (x | 0)] = v >> 8 * x & 255;
            return A
        },
        S = function(U, v) {
            if (U.i) return Vg(U.g, U);
            return (v = Z(U, 8, true), v & 128) && (v ^= 128, U = Z(U, 2, true), v = (v << 2) + (U | 0)), v
        },
        q = {
            passive: true,
            capture: true
        },
        uX = function(U, v, A, x) {
            return (x = g[U.substring(0, 3) + "_"]) ? x(U.substring(3), v, A) : Qg(v, U)
        },
        pw = function(U, v, A, x, e) {
            for (e = (U = U.replace(/\r\n/g, "\n"), A = v = 0, []); A < U.length; A++) x = U.charCodeAt(A), 128 > x ? e[v++] = x : (2048 > x ? e[v++] = x >> 6 | 192 : (55296 == (x & 64512) && A + 1 < U.length && 56320 == (U.charCodeAt(A + 1) & 64512) ? (x = 65536 + ((x & 1023) << 10) + (U.charCodeAt(++A) & 1023), e[v++] = x >> 18 | 240, e[v++] = x >> 12 & 63 | 128) : e[v++] = x >> 12 | 224, e[v++] = x >> 6 & 63 | 128), e[v++] = x & 63 | 128);
            return e
        },
        mv = function(U, v, A) {
            return ((A = V[v.Z](v.Hx), A)[v.Z] = function() {
                return U
            }, A).concat = function(x) {
                U = x
            }, A
        },
        Z = function(U, v, A, x, e, C, J, r, N, O, l, z, k, a) {
            if (N = E(403, U), N >= U.H) throw [P, 31];
            for (l = (z = (r = v, x = U.lG.length, 0), N); 0 < r;) J = l % 8, a = 8 - (J | 0), O = l >> 3, a = a < r ? a : r, k = U.V[O], A && (e = U, e.l != l >> 6 && (e.l = l >> 6, C = E(495, e), e.C = Sr(e.l, [0, 0, C[1], C[2]], e.v)), k ^= U.C[O & x]), l += a, z |= (k >> 8 - (J | 0) - (a | 0) & (1 << a) - 1) << (r | 0) - (a | 0), r -= a;
            return X(403, (A = z, U), (N | 0) + (v | 0)), A
        },
        Gh = String.fromCharCode(105, 110, 116, 101, 103, 67, 104, 101, 99, 107, 66, 121, 112, 97, 115, 115),
        p = ((Y.prototype.mN = void 0, Y.prototype).U3 = void 0, Y.prototype.Zr = false, []),
        M = (Y.prototype.L = "toString", []),
        fw = [],
        P = {},
        XV = [],
        EK = [],
        c = [],
        D_ = [],
        W = [],
        er = ((((((((Z_, function() {})(R), Rh, function() {})(WF), B = Y.prototype, B.vx = function(U, v, A) {
            return U ^ ((v = (v ^= v << 13, v ^= v >> 17, (v ^ v << 5) & A)) || (v = 1), v)
        }, B).Tk = function(U, v, A, x, e) {
            for (e = x = 0; x < U.length; x++) e += U.charCodeAt(x), e += e << 10, e ^= e >> 6;
            return (U = (e += e << 3, e ^= e >> 11, e + (e << 15)) >>> 0, x = new Number(U & (1 << v) - 1), x)[0] = (U >>> v) % A, x
        }, Y.prototype).Z = "create", B.s = function(U, v, A, x, e) {
            if ((A = "array" === zh(A) ? A : [A], this).A) U(this.A);
            else try {
                x = [], e = !this.u.length, L([p, x, A], this), L([W, U, x], this), v && !e || I(true, v, this)
            } catch (C) {
                K(this, C), U(this.A)
            }
        }, B).y8 = function() {
            return Math.floor(this.R + (this.G() - this.U))
        }, B).ff = function(U, v, A, x, e, C) {
            for (A = (e = C = 0, []); C < U.length; C++)
                for (x = x << v | U[C], e += v; 7 < e;) e -= 8, A.push(x >> e & 255);
            return A
        }, B).G = (window.performance || {}).now ? function() {
            return this.Gk + window.performance.now()
        } : function() {
            return +new Date
        }, void 0),
        V = P.constructor;
    (B.gh = function() {
        return Math.floor(this.G())
    }, Y.prototype).T = function(U, v) {
        return U = {}, er = function() {
                return v == U ? 97 : 61
            }, v = {},
            function(A, x, e, C, J, r, N, O, l, z, k, a, m, y, f) {
                v = (C = v, U);
                try {
                    if (f = A[0], f == c) {
                        a = A[1];
                        try {
                            for (r = atob((x = [], a)), l = O = 0; O < r.length; O++) y = r.charCodeAt(O), 255 < y && (x[l++] = y & 255, y >>= 8), x[l++] = y;
                            X(495, (this.H = (this.V = x, this.V.length << 3), this), [0, 0, 0])
                        } catch (u) {
                            d(17, this, u);
                            return
                        }
                        xc(8001, this)
                    } else if (f == p) A[1].push(E(220, this).length, E(51, this).length, E(4, this), E(491, this).length), X(368, this, A[2]), this.B[458] && r0(8001, E(458, this), this);
                    else {
                        if (f == W) {
                            this.P = (m = H(2, (E(220, (O = A[2], this)).length | 0) + 2), J = this.P, this);
                            try {
                                N = E(52, this), 0 < N.length && h(220, this, H(2, N.length).concat(N), 10), h(220, this, H(1, this.W), 109), h(220, this, H(1, this[W].length)), r = 0, r -= (E(220, this).length | 0) + 5, r += E(109, this) & 2047, z = E(491, this), 4 < z.length && (r -= (z.length | 0) + 3), 0 < r && h(220, this, H(2, r).concat(R(r)), 15), 4 < z.length && h(220, this, H(2, z.length).concat(z), 156)
                            } finally {
                                this.P = J
                            }
                            if (e = (l = R(2).concat(E(220, this)), l[1] = l[0] ^ 6, l[3] = l[1] ^ m[0], l[4] = l[1] ^ m[1], this).iG(l)) e = "!" + e;
                            else
                                for (r = 0, e = ""; r < l.length; r++) k = l[r][this.L](16), 1 == k.length && (k = "0" + k), e += k;
                            return E(491, (E((x = e, 220), this).length = O.shift(), E(51, this).length = O.shift(), X(4, this, O.shift()), this)).length = O.shift(), x
                        }
                        if (f == fw) r0(A[2], A[1], this);
                        else if (f == M) return r0(8001, A[1], this)
                    }
                } finally {
                    v = C
                }
            }
    }();
    var nw, OK = (Y.prototype.hl = (Y.prototype[XV] = [0, 0, 1, 1, 0, 1, 1], Y.prototype.iG = function(U, v, A, x) {
            if (x = window.btoa) {
                for (A = (v = 0, ""); v < U.length; v += 8192) A += String.fromCharCode.apply(null, U.slice(v, v + 8192));
                U = x(A).replace(/\+/g, "-").replace(/\//g, "_").replace(/=/g, "")
            } else U = void 0;
            return U
        }, Y.prototype.Jl = 0, 0), /./),
        Kw = c.pop.bind(Y.prototype[p]),
        Mn = (nw = lX(Y.prototype.Z, {get: (OK[Y.prototype.L] = Kw, Kw)
        }), Y.prototype.Su = void 0, function(U, v) {
            return (v = vF()) && 1 === U.eval(v.createScript("1")) ? function(A) {
                return v.createScript(A)
            } : function(A) {
                return "" + A
            }
        })(n);
    40 < (g = n.botguard || (n.botguard = {}), g.m) || (g.m = 41, g.bg = bX, g.a = uX), g.qBf_ = function(U, v, A) {
        return A = new Y(U, v), [function(x) {
            return cF(A, x)
        }]
    };
}).call(this);
                                    

#17 JavaScript::Eval (size: 22, repeated: 1) - SHA256: ba41c5348d38a6ebd3399d0378ae76921f287d04f94ff5d93d6709e7f2a962b7

                                        0,
function(C) {
    Lw(C, 2)
}
                                    

#18 JavaScript::Eval (size: 39, repeated: 1) - SHA256: 04f881dff1163e4e36943700ddbcf25667dfe7e0b154d21e181a771955264d60

                                        this.context['document']['createTouch']
                                    

#19 JavaScript::Eval (size: 15548, repeated: 1) - SHA256: 1bf232e3afa032afeeb821804dac4bdcfae32c16178d33975a668df67e9d0841

                                        /* Anti-spam. Want to say hello? Contact (base64) Ym90Z3VhcmQtY29udGFjdEBnb29nbGUuY29t */
(function() {
    var x = function(U, v) {
            if (!(U = (v = null, A.trustedTypes), U) || !U.createPolicy) return v;
            try {
                v = U.createPolicy("bg", {
                    createHTML: J,
                    createScript: J,
                    createScriptURL: J
                })
            } catch (C) {
                A.console && A.console.error(C.message)
            }
            return v
        },
        A = this || self,
        J = function(U) {
            return U
        };
    (0, eval)(function(U, v) {
        return (v = x()) && 1 === U.eval(v.createScript("1")) ? function(C) {
            return v.createScript(C)
        } : function(C) {
            return "" + C
        }
    }(A)(Array(7824 * Math.random() | 0).join("\n") + '(function(){var vF=function(U,v){if(!(U=(v=null,n.trustedTypes),U)||!U.createPolicy)return v;try{v=U.createPolicy("bg",{createHTML:UK,createScript:UK,createScriptURL:UK})}catch(A){n.console&&n.console.error(A.message)}return v},oh=function(U,v,A,x,e,C){function J(){if(v.P==v){if(v.B){var r=[M,x,U,void 0,e,C,arguments];if(2==A)var N=I(false,false,(L(r,v),v));else if(1==A){var O=!v.u.length;L(r,v),O&&I(false,false,v)}else N=Cw(v,r);return N}e&&C&&e.removeEventListener(C,J,q)}}return J},A4=function(U,v){return U[v]<<24|U[(v|0)+1]<<16|U[(v|0)+2]<<8|U[(v|0)+3]},r0=function(U,v,A,x){return(X(403,A,(xc((x=E(403,A),A.V&&x<A.H?(X(403,A,A.H),J4(v,A)):X(403,A,v),U),A),x)),E)(368,A)},Nn=function(U,v,A,x,e,C,J,r){return(v=[60,32,-94,21,71,(J=U&(r=er,7),74),v,90,56,20],C=V[A.Z](A.Px),C[A.Z]=function(N){J+=6+7*(e=N,U),J&=7},C).concat=function(N){return(e=(N=(N=(N=x%16+1,+v[J+43&7]*x*N-1184*x*e+J+37*e*e+(r()|0)*N)+3*x*x*N-111*x*x*e-N*e-3589*e,v[N]),void 0),v)[(J+21&7)+(U&2)]=N,v[J+(U&2)]=32,N},C},kc=function(U,v,A,x,e){for(e=(x=(U.Px=(U.lG=U[U.Mx=(U.pf=nw,OK),W],lX)(U.Z,{get:function(){return this.concat()}}),U.Hx=V[U.Z](U.Px,{value:{value:{}}}),0),[]);128>x;x++)e[x]=String.fromCharCode(x);I(true,true,(L((L((F(260,function(C,J,r,N,O,l,z,k,a,m,y,f){function u(D,b){for(;l<D;)r|=Q(C)<<l,l+=8;return b=r&(l-=D,(1<<D)-1),r>>=D,b}for(k=((l=(a=S(C),r=0),u(3))|0)+1,O=u(5),J=[],z=m=0;z<O;z++)y=u(1),J.push(y),m+=y?0:1;for(z=(m=((m|0)-1).toString(2).length,N=[],0);z<O;z++)J[z]||(N[z]=u(m));for(m=0;m<O;m++)J[m]&&(N[m]=S(C));for(f=[];k--;)f.push(E(S(C),C));F(a,function(D,b,w,T,t){for(w=(T=[],0),b=[];w<O;w++){if(!J[t=N[w],w]){for(;t>=T.length;)T.push(S(D));t=T[t]}b.push(t)}D.g=mv((D.i=mv(f.slice(),D),b),D)},C)},(U.zk=(X(39,(F(153,function(C,J){J4((J=E(S(C),C),J),C.P)},(F(76,((X(23,U,((F(257,(X(220,(F(203,function(C,J,r,N){J=(r=S(C),N=S(C),S(C)),C.P==C&&(J=E(J,C),N=E(N,C),E(r,C)[N]=J,495==r&&(C.l=void 0,2==N&&(C.v=Z(C,32,false),C.l=void 0)))},(F(77,function(C,J,r,N,O,l,z){for(r=(O=(l=E((N=(z=qn((J=S(C),C)),""),48),C),l.length),0);z--;)r=((r|0)+(qn(C)|0))%O,N+=e[l[r]];X(J,C,N)},(F(197,function(C,J){(J=S(C),C=E(J,C.P),C[0]).removeEventListener(C[1],C[2],q)},(F(145,function(C,J,r,N,O,l){if(!G(C,true,J,true)){if("object"==(r=(l=(r=S((O=S((J=(l=S(C),S(C)),C)),C)),J=E(J,C),E(l,C)),E(r,C)),C=E(O,C),zh(l))){for(N in O=[],l)O.push(N);l=O}for(O=(N=0,C=0<C?C:1,l).length;N<O;N+=C)J(l.slice(N,(N|0)+(C|0)),r)}},(F(204,(X(4,(F(146,(F(319,(F(247,function(C,J,r,N,O){X((J=(O=E((N=E((N=(J=(O=S((r=S(C),C)),S(C)),S(C)),N),C),O),C),E)(J,C),r),C,oh(J,C,N,O))},(X(109,U,((X(368,U,(F(42,(X(217,(F(486,(F(55,(F(226,function(C,J,r,N){!G(C,true,J,false)&&(J=Ih(C),N=J.Bx,r=J.I,C.P==C||r==C.nf&&N==C)&&(X(J.Al,C,r.apply(N,J.S)),C.Y=C.G())},(F(308,(F(436,(U.Y5=(F(483,function(C,J,r,N){if(J=C.a1.pop()){for(N=Q(C);0<N;N--)r=S(C),J[r]=C.B[r];C.B=(J[4]=C.B[J[52]=C.B[52],4],J)}else X(403,C,C.H)},(F(405,function(C){jr(4,C)},(F(475,(X(52,(F(64,function(C,J,r){(r=(r=(J=S(C),S)(C),E)(r,C),0)!=E(J,C)&&X(403,C,r)},(X(491,U,(F(460,(F(131,(X(51,U,(X(((X(403,(((U.H=0,U.V8=(U.o=[],U.B=[],U.g=(U.a1=[],U.O=(U.D=0,false),U.N=void 0,void 0),((U.i=void 0,U).A=(x=window.performance||{},void 0),U).U=(U.X=((U.uG=(U.l=void 0,U.j=false,!(U.R=0,1)),U).h=(U.P=U,U.V=(U.J=(U.W=1,null),[]),U.F=[],0),U.C=void 0,8001),U.K=(U.v=void 0,25),U.Y=0,0),0),U).nf=function(C){this.P=C},U.u=[],U).Gk=x.timeOrigin||(x.timing||{}).navigationStart||0,U),0),X)(105,U,0),208),U,U),[])),function(C,J,r,N){(r=E((N=(J=S((r=(N=S(C),S(C)),C)),E(N,C)),r),C),X)(J,C,N[r])}),U),function(C,J,r,N){r=E((J=S((N=S(C),r=S(C),C)),r),C),N=E(N,C)==r,X(J,C,+N)}),U),R(4))),F(478,function(C,J,r,N){X((r=E((J=E((r=S((J=S(C),C)),N=S(C),J),C),r),C),N),C,J in r|0)},U),U)),U),[]),function(C){Lw(C,4)}),U),U)),U)),0),function(){}),U),function(C,J,r,N,O,l){G(C,true,J,false)||(l=Ih(C.P),N=l.Bx,O=l.I,J=l.Al,l=l.S,r=l.length,N=0==r?new N[O]:1==r?new N[O](l[0]):2==r?new N[O](l[0],l[1]):3==r?new N[O](l[0],l[1],l[2]):4==r?new N[O](l[0],l[1],l[2],l[3]):2(),X(J,C,N))}),U),U)),function(C,J,r,N){X((r=S((N=(J=S(C),Q)(C),C)),r),C,E(J,C)>>>N)}),U),function(C){jr(1,C)}),U),U),[0,0,0]),function(C,J,r,N,O){0!==(J=E((N=(r=E((O=(J=(r=(N=(O=S(C),S(C)),S(C)),S)(C),E(O,C.P)),r),C),E)(N,C),J),C),O)&&(J=oh(J,C,1,r,O,N),O.addEventListener(N,J,q),X(39,C,[O,N,J]))}),U),{})),X)(16,U,n),0)),U)),function(C,J,r,N){r=(J=S(C),N=S(C),S)(C),X(r,C,E(J,C)||E(N,C))}),U),function(C,J,r){X((r=(J=(r=S(C),S(C)),r=E(r,C),zh)(r),J),C,r)}),U),U),2048),function(C,J,r){G(C,true,J,false)||(J=S(C),r=S(C),X(r,C,function(N){return eval(N)}(Mn(E(J,C.P)))))}),U),U)),U)),U)),U)),U),[160,0,0]),function(C){ah(4,C)}),U),F)(366,function(C,J,r){X((r=S(C),J=S(C),J),C,""+E(r,C))},U),426)),F)(395,function(C,J,r,N,O){for(r=(O=qn((J=S(C),C)),N=0,[]);N<O;N++)r.push(Q(C));X(J,C,r)},U),F(341,function(C){ah(3,C)},U),U.dh=0,function(C,J,r,N){r=(J=E((N=(J=S(C),S(C)),J),C),E)(N,C),X(N,C,r+J)}),U),U)),U),0),0),U)),[EK]),U),L([c,v],U),[XV,A]),U),U))},Q=function(U){return U.i?Vg(U.g,U):Z(U,8,true)},lX=function(U,v){return V[U](V.prototype,{call:v,floor:v,length:v,document:v,stack:v,replace:v,console:v,splice:v,prototype:v,pop:v,parent:v,propertyIsEnumerable:v})},R=function(U,v){for(v=[];U--;)v.push(255*Math.random()|0);return v},Cw=function(U,v,A,x,e){if(x=v[0],x==p)U.K=25,U.T(v);else if(x==W){A=v[1];try{e=U.A||U.T(v)}catch(C){K(U,C),e=U.A}A(e)}else if(x==fw)U.T(v);else if(x==c)U.T(v);else if(x==XV){try{for(e=0;e<U.o.length;e++)try{A=U.o[e],A[0][A[1]](A[2])}catch(C){}}catch(C){}(0,v[1])(function(C,J){U.s(C,true,J)},(U.o=[],function(C){L([(C=!U.u.length,D_)],U),C&&I(false,true,U)}))}else{if(x==M)return e=v[2],X(345,U,v[6]),X(368,U,e),U.T(v);x==D_?(U.F=[],U.B=null,U.V=[]):x==EK&&"loading"===n.document.readyState&&(U.J=function(C,J){function r(){J||(J=true,C())}(n.document.addEventListener("DOMContentLoaded",(J=false,r),q),n).addEventListener("load",r,q)})}},jr=function(U,v,A,x){h((A=(x=S(v),S(v)),A),v,H(U,E(x,v)))},I=function(U,v,A,x,e,C){if(A.u.length){A.uG=(A.j=!(A.j&&0(),0),v);try{x=A.G(),A.Y=x,A.N=0,A.U=x,C=yg(A,v),e=A.G()-A.U,A.R+=e,e<(U?0:10)||0>=A.K--||(e=Math.floor(e),A.F.push(254>=e?e:254))}finally{A.j=false}return C}},g,WF=function(U,v,A){if(3==U.length){for(A=0;3>A;A++)v[A]+=U[A];for(A=(U=0,[13,8,13,12,16,5,3,10,15]);9>U;U++)v[3](v,U%3,A[U])}},zh=function(U,v,A){if("object"==(v=typeof U,v))if(U){if(U instanceof Array)return"array";if(U instanceof Object)return v;if("[object Window]"==(A=Object.prototype.toString.call(U),A))return"object";if("[object Array]"==A||"number"==typeof U.length&&"undefined"!=typeof U.splice&&"undefined"!=typeof U.propertyIsEnumerable&&!U.propertyIsEnumerable("splice"))return"array";if("[object Function]"==A||"undefined"!=typeof U.call&&"undefined"!=typeof U.propertyIsEnumerable&&!U.propertyIsEnumerable("call"))return"function"}else return"null";else if("function"==v&&"undefined"==typeof U.call)return"object";return v},Vg=function(U,v){return(U=U.create().shift(),v.i.create()).length||v.g.create().length||(v.g=void 0,v.i=void 0),U},Lw=function(U,v,A,x){for(A=(x=S(U),0);0<v;v--)A=A<<8|Q(U);X(x,U,A)},Y=function(U,v,A){A=this;try{kc(this,U,v)}catch(x){K(this,x),v(function(e){e(A.A)})}},F=function(U,v,A){v[X(U,A,v),EK]=2796},J4=function(U,v){X(403,v,(v.a1.push(v.B.slice()),v.B[403]=void 0,U))},xc=function(U,v,A,x,e,C){if(!v.A){v.h++;try{for(x=(e=0,A=v.H,void 0);--U;)try{if((C=void 0,v).i)x=Vg(v.i,v);else{if(e=E(403,v),e>=A)break;x=(C=(X(105,v,e),S(v)),E)(C,v)}G(v,(x&&x[D_]&2048?x(v,U):d(0,v,[P,21,C]),false),U,false)}catch(J){E(23,v)?d(22,v,J):X(23,v,J)}if(!U){if(v.Zr){xc(335982656583,(v.h--,v));return}d(0,v,[P,33])}}catch(J){try{d(22,v,J)}catch(r){K(v,r)}}v.h--}},G=function(U,v,A,x,e,C,J,r,N){if(U.W+=(U.P=((e=(r=(J=(C=(N=(v||U.N++,0<U.D&&U.j&&U.uG&&1>=U.h&&!U.i&&!U.J&&(!v||1<U.X-A)&&0==document.hidden),4==U.N))||N?U.G():U.Y,J)-U.Y,r>>14),U).v&&(U.v^=e*(r<<2)),e)||U.P,e),C||N)U.Y=J,U.N=0;if(!N||J-U.U<U.D-(x?255:v?5:2))return false;return!(((X(403,(x=E(v?105:403,(U.X=A,U)),U),U.H),U).u.push([fw,x,v?A+1:A]),U).J=FV,0)},Sr=function(U,v,A,x,e){for(v=(e=v[3]|0,v[2]|0),x=0;14>x;x++)U=U>>>8|U<<24,U+=A|0,U^=v+3462,A=A<<3|A>>>29,A^=U,e=e>>>8|e<<24,e+=v|0,e^=x+3462,v=v<<3|v>>>29,v^=e;return[A>>>24&255,A>>>16&255,A>>>8&255,A>>>0&255,U>>>24&255,U>>>16&255,U>>>8&255,U>>>0&255]},Rh=function(U,v,A,x){try{x=U[((v|0)+2)%3],U[v]=(U[v]|0)-(U[((v|0)+1)%3]|0)-(x|0)^(1==v?x<<A:x>>>A)}catch(e){throw e;}},Qg=function(U,v){return U(function(A){A(v)}),[function(){return v}]},K=function(U,v){U.A=((U.A?U.A+"~":"E:")+v.message+":"+v.stack).slice(0,2048)},bX=function(U,v,A,x){function e(){}return x=uX(U,function(C){e&&(v&&FV(v),A=C,e(),e=void 0)},(A=void 0,!!v))[0],{invoke:function(C,J,r,N){function O(){A(function(l){FV(function(){C(l)})},r)}if(!J)return J=x(r),C&&C(J),J;A?O():(N=e,e=function(){(N(),FV)(O)})}}},E=function(U,v){if((v=v.B[U],void 0)===v)throw[P,30,U];if(v.value)return v.create();return v.create(3*U*U+32*U+97),v.prototype},UK=function(U){return U},n=this||self,Ih=function(U,v,A,x,e,C){for(x=(v=(((A=(C=U[Gh]||{},S)(U),C).Al=S(U),C).S=[],U.P)==U?(Q(U)|0)-1:1,S)(U),e=0;e<v;e++)C.S.push(S(U));for(C.Bx=E(x,U);v--;)C.S[v]=E(C.S[v],U);return C.I=E(A,U),C},Z_=function(U,v){((v.push(U[0]<<24|U[1]<<16|U[2]<<8|U[3]),v).push(U[4]<<24|U[5]<<16|U[6]<<8|U[7]),v).push(U[8]<<24|U[9]<<16|U[10]<<8|U[11])},cF=function(U,v,A){return U.s(function(x){A=x},false,v),A},h=function(U,v,A,x,e,C){if(v.P==v)for(e=E(U,v),491==U?(U=function(J,r,N,O){if(e.k5!=(r=(O=e.length,(O|0)-4>>3),r)){r=(r<<(N=[0,0,C[1],(e.k5=r,C[2])],3))-4;try{e.Q8=Sr(A4(e,(r|0)+4),N,A4(e,r))}catch(l){throw l;}}e.push(e.Q8[O&7]^J)},C=E(217,v)):U=function(J){e.push(J)},x&&U(x&255),v=0,x=A.length;v<x;v++)U(A[v])},X=function(U,v,A){if(403==U||105==U)v.B[U]?v.B[U].concat(A):v.B[U]=mv(A,v);else{if(v.O&&495!=U)return;220==U||491==U||51==U||52==U||217==U?v.B[U]||(v.B[U]=Nn(62,A,v,U)):v.B[U]=Nn(97,A,v,U)}495==U&&(v.v=Z(v,32,false),v.l=void 0)},L=function(U,v){v.u.splice(0,0,U)},qn=function(U,v){return(v=Q(U),v)&128&&(v=v&127|Q(U)<<7),v},FV=n.requestIdleCallback?function(U){requestIdleCallback(function(){U()},{timeout:4})}:n.setImmediate?function(U){setImmediate(U)}:function(U){setTimeout(U,0)},yg=function(U,v,A,x){for(;U.u.length;){U.J=null,x=U.u.pop();try{A=Cw(U,x)}catch(e){K(U,e)}if(v&&U.J){(v=U.J,v)(function(){I(true,true,U)});break}}return A},B,ah=function(U,v,A,x,e){h(((A=E((A=S((e=U&4,U&=3,v)),x=S(v),A),v),e&&(A=pw(""+A)),U)&&h(x,v,H(2,A.length)),x),v,A)},d=function(U,v,A,x,e,C){if(!v.O){if((U=(0==(x=E(52,((C=void 0,A)&&A[0]===P&&(U=A[1],C=A[2],A=void 0),v)),x.length)&&(e=E(105,v)>>3,x.push(U,e>>8&255,e&255),void 0!=C&&x.push(C&255)),""),A&&(A.message&&(U+=A.message),A.stack&&(U+=":"+A.stack)),A=E(4,v),3)<A){v.P=(C=(U=(A-=((U=U.slice(0,(A|0)-3),U).length|0)+3,pw)(U),v.P),v);try{h(491,v,H(2,U.length).concat(U),9)}finally{v.P=C}}X(4,v,A)}},H=function(U,v,A,x){for(x=(U|0)-(A=[],1);0<=x;x--)A[(U|0)-1-(x|0)]=v>>8*x&255;return A},S=function(U,v){if(U.i)return Vg(U.g,U);return(v=Z(U,8,true),v&128)&&(v^=128,U=Z(U,2,true),v=(v<<2)+(U|0)),v},q={passive:true,capture:true},uX=function(U,v,A,x){return(x=g[U.substring(0,3)+"_"])?x(U.substring(3),v,A):Qg(v,U)},pw=function(U,v,A,x,e){for(e=(U=U.replace(/\\r\\n/g,"\\n"),A=v=0,[]);A<U.length;A++)x=U.charCodeAt(A),128>x?e[v++]=x:(2048>x?e[v++]=x>>6|192:(55296==(x&64512)&&A+1<U.length&&56320==(U.charCodeAt(A+1)&64512)?(x=65536+((x&1023)<<10)+(U.charCodeAt(++A)&1023),e[v++]=x>>18|240,e[v++]=x>>12&63|128):e[v++]=x>>12|224,e[v++]=x>>6&63|128),e[v++]=x&63|128);return e},mv=function(U,v,A){return((A=V[v.Z](v.Hx),A)[v.Z]=function(){return U},A).concat=function(x){U=x},A},Z=function(U,v,A,x,e,C,J,r,N,O,l,z,k,a){if(N=E(403,U),N>=U.H)throw[P,31];for(l=(z=(r=v,x=U.lG.length,0),N);0<r;)J=l%8,a=8-(J|0),O=l>>3,a=a<r?a:r,k=U.V[O],A&&(e=U,e.l!=l>>6&&(e.l=l>>6,C=E(495,e),e.C=Sr(e.l,[0,0,C[1],C[2]],e.v)),k^=U.C[O&x]),l+=a,z|=(k>>8-(J|0)-(a|0)&(1<<a)-1)<<(r|0)-(a|0),r-=a;return X(403,(A=z,U),(N|0)+(v|0)),A},Gh=String.fromCharCode(105,110,116,101,103,67,104,101,99,107,66,121,112,97,115,115),p=((Y.prototype.mN=void 0,Y.prototype).U3=void 0,Y.prototype.Zr=false,[]),M=(Y.prototype.L="toString",[]),fw=[],P={},XV=[],EK=[],c=[],D_=[],W=[],er=((((((((Z_,function(){})(R),Rh,function(){})(WF),B=Y.prototype,B.vx=function(U,v,A){return U^((v=(v^=v<<13,v^=v>>17,(v^v<<5)&A))||(v=1),v)},B).Tk=function(U,v,A,x,e){for(e=x=0;x<U.length;x++)e+=U.charCodeAt(x),e+=e<<10,e^=e>>6;return(U=(e+=e<<3,e^=e>>11,e+(e<<15))>>>0,x=new Number(U&(1<<v)-1),x)[0]=(U>>>v)%A,x},Y.prototype).Z="create",B.s=function(U,v,A,x,e){if((A="array"===zh(A)?A:[A],this).A)U(this.A);else try{x=[],e=!this.u.length,L([p,x,A],this),L([W,U,x],this),v&&!e||I(true,v,this)}catch(C){K(this,C),U(this.A)}},B).y8=function(){return Math.floor(this.R+(this.G()-this.U))},B).ff=function(U,v,A,x,e,C){for(A=(e=C=0,[]);C<U.length;C++)for(x=x<<v|U[C],e+=v;7<e;)e-=8,A.push(x>>e&255);return A},B).G=(window.performance||{}).now?function(){return this.Gk+window.performance.now()}:function(){return+new Date},void 0),V=P.constructor;(B.gh=function(){return Math.floor(this.G())},Y.prototype).T=function(U,v){return U={},er=function(){return v==U?97:61},v={},function(A,x,e,C,J,r,N,O,l,z,k,a,m,y,f){v=(C=v,U);try{if(f=A[0],f==c){a=A[1];try{for(r=atob((x=[],a)),l=O=0;O<r.length;O++)y=r.charCodeAt(O),255<y&&(x[l++]=y&255,y>>=8),x[l++]=y;X(495,(this.H=(this.V=x,this.V.length<<3),this),[0,0,0])}catch(u){d(17,this,u);return}xc(8001,this)}else if(f==p)A[1].push(E(220,this).length,E(51,this).length,E(4,this),E(491,this).length),X(368,this,A[2]),this.B[458]&&r0(8001,E(458,this),this);else{if(f==W){this.P=(m=H(2,(E(220,(O=A[2],this)).length|0)+2),J=this.P,this);try{N=E(52,this),0<N.length&&h(220,this,H(2,N.length).concat(N),10),h(220,this,H(1,this.W),109),h(220,this,H(1,this[W].length)),r=0,r-=(E(220,this).length|0)+5,r+=E(109,this)&2047,z=E(491,this),4<z.length&&(r-=(z.length|0)+3),0<r&&h(220,this,H(2,r).concat(R(r)),15),4<z.length&&h(220,this,H(2,z.length).concat(z),156)}finally{this.P=J}if(e=(l=R(2).concat(E(220,this)),l[1]=l[0]^6,l[3]=l[1]^m[0],l[4]=l[1]^m[1],this).iG(l))e="!"+e;else for(r=0,e="";r<l.length;r++)k=l[r][this.L](16),1==k.length&&(k="0"+k),e+=k;return E(491,(E((x=e,220),this).length=O.shift(),E(51,this).length=O.shift(),X(4,this,O.shift()),this)).length=O.shift(),x}if(f==fw)r0(A[2],A[1],this);else if(f==M)return r0(8001,A[1],this)}}finally{v=C}}}();var nw,OK=(Y.prototype.hl=(Y.prototype[XV]=[0,0,1,1,0,1,1],Y.prototype.iG=function(U,v,A,x){if(x=window.btoa){for(A=(v=0,"");v<U.length;v+=8192)A+=String.fromCharCode.apply(null,U.slice(v,v+8192));U=x(A).replace(/\\+/g,"-").replace(/\\//g,"_").replace(/=/g,"")}else U=void 0;return U},Y.prototype.Jl=0,0),/./),Kw=c.pop.bind(Y.prototype[p]),Mn=(nw=lX(Y.prototype.Z,{get:(OK[Y.prototype.L]=Kw,Kw)}),Y.prototype.Su=void 0,function(U,v){return(v=vF())&&1===U.eval(v.createScript("1"))?function(A){return v.createScript(A)}:function(A){return""+A}})(n);40<(g=n.botguard||(n.botguard={}),g.m)||(g.m=41,g.bg=bX,g.a=uX),g.qBf_=function(U,v,A){return A=new Y(U,v),[function(x){return cF(A,x)}]};}).call(this);'));
}).call(this);
                                    

#20 JavaScript::Eval (size: 45, repeated: 1) - SHA256: d7fff9897aaa9675a3652e7cac1a8c2a3427b896b5cc0ab5ffd628f9bb106e34

                                        this.context['external']['AddSearchProvider']
                                    

#21 JavaScript::Eval (size: 26, repeated: 1) - SHA256: 59d45abada49f5b514521b527330402a2d826ae3f0dab2199c58c38f1e511777

                                        this.context['TouchEvent']
                                    

#22 JavaScript::Eval (size: 28, repeated: 1) - SHA256: 4f6a557989f79654728dcb244539b604c5329db30b964d6e8c524c72517b9fa6

                                        this.context['Notification']
                                    

#23 JavaScript::Eval (size: 31, repeated: 1) - SHA256: fb71685befff6e5c6fb9e2dd5f9bea6c71a2a162b39920f3927ef5ebfcf0134d

                                        this.context['BeforeLoadEvent']
                                    

#24 JavaScript::Eval (size: 41, repeated: 1) - SHA256: 25fde17ee6ee622be6ebf83118c8802af55f2721a375a4017d6dec6edaf3b37b

                                        this.context['DOMException']['ABORT_ERR']
                                    

#25 JavaScript::Eval (size: 36, repeated: 1) - SHA256: a612f8985aebacd5c5fa6b17d16982a29983ae9131bae94403ff9abe1ce2ded2

                                        this.context['navigator']['appName']
                                    

#26 JavaScript::Eval (size: 30, repeated: 1) - SHA256: 7ceacb36606d6f6599d3ed5454c31152cb4417fb3c02ebb66431c4227a653726

                                        this.context['clearImmediate']
                                    

#27 JavaScript::Eval (size: 32, repeated: 1) - SHA256: a535a9a97ed5a801419c63a6e764dd3b24c8456f177155717caf9ba3411ef756

                                        this.context['chrome']['search']
                                    

#28 JavaScript::Eval (size: 43, repeated: 1) - SHA256: 0220aceb9c3413632235ce2598b94dd7a130a95558114c04ad41f9386b69777b

                                        this.context['clientInformation']['vendor']
                                    

#29 JavaScript::Eval (size: 19, repeated: 1) - SHA256: 631bd9a13534679ce526b007d4fc8352793377d89bcc321392b01ecf075c4101

                                        this.context['Set']
                                    

#30 JavaScript::Eval (size: 45, repeated: 1) - SHA256: e44d38f746ee1fa3b3ef03ed6ea3f298c25e173b6daea3c4505afce8bb869508

                                        this.context['CanvasCaptureMediaStreamTrack']
                                    

#31 JavaScript::Eval (size: 21, repeated: 1) - SHA256: 5f7d79033f82e1d81e2e6490b1fe43f241e2889aae35ea6d5f968ca697f5a577

                                        this.context['close']
                                    

#32 JavaScript::Eval (size: 22, repeated: 1) - SHA256: c624a79f9c72c617d0ed1ad3207a67a39f6243071e14c4ebeace5dcff97313a3

                                        this.context['Entity']
                                    

#33 JavaScript::Eval (size: 31, repeated: 1) - SHA256: 0408d20a8555f96ab5cced9f89880c477f78d4ade576e5618b04094f034fb081

                                        this.context['ArrayBufferView']
                                    

#34 JavaScript::Eval (size: 36, repeated: 1) - SHA256: 2d498779a32244d72a8a7d953918ce95c00fab9d3b129b2a1c3125fb263ccb45

                                        this.context['self']['SharedWorker']
                                    

#35 JavaScript::Eval (size: 21, repeated: 1) - SHA256: 37ceb2a749341c51c7b8c25daaa71dc167b4aba7485c9b398b8ab004b685e492

                                        this.context['Touch']
                                    

Executed Writes (8)

#1 JavaScript::Write (size: 217, repeated: 1) - SHA256: f7c287e9218b11fb161671e0c469e233f798ff097875ead4a42476c8c6ce3d82

                                        < script type = "text/javascript"
src = "//exchange.adtrue.com/delivery/impress?pzoneid=12953&ref=https%3A%2F%2Fouo.press%2FtjU7aGu&cb=1902060841&timeZone=0&adWidth=300&adHeight=250&loc=https://ouo.press/tjU7aGu" > < /script>
                                    

#2 JavaScript::Write (size: 3384, repeated: 1) - SHA256: 7788e2f65bea7ca17c53e42a6f16a3a41ef12b66ccc1d1c440f9e1ae8514fcb9

                                        < script async src = "//cdn.adtrue.com/pb/prebid.js" > < /script><script>var zoneId = 12953;var sizes = [[300, 250]];var REFRESH = 60000;var REFRESH_TIMES = 3;var generateRandomString = Math.random().toString(36).substring(2, 15) + Math.random().toString(36).substring(2, 10);var adTagId = "adtrue_ads_" + zoneId + "_" + generateRandomString;var PREBID_TIMEOUT = 1000;var adUnits = [{code: adTagId,mediaTypes: {banner: {sizes: sizes,},},bids: [{bidder: 'pubmatic',params: {publisherId: '155495',adSlot: 'ouo.press_300x250_direct@300x250'}}, {bidder: 'openx',params: {unit: '557936314',delDomain: 'fptadtrue-d.openx.net',customFloor: 0.1}}, {bidder: 'criteo',params: {networkId: 10692,publisherSubId: zoneId}}, {bidder: 'oftmedia',params: {placementId: 27389997,reserve: 0.03}}],}, ];var pbjs = pbjs || {};pbjs.que = pbjs.que || [];pbjs.que.push(function() {pbjs.addAdUnits(adUnits);pbjs.requestBids({timeout: PREBID_TIMEOUT,bidsBackHandler: handlerPassback,});pbjs.setConfig({"schain": {"validation": "strict","config": {"ver": "1.0","complete": 1,"nodes": [{"asi": "adtruesyndication.com","sid": "3363","hp": 1}]}}});pbjs.setConfig({"bidders": ["oftmedia"],"schain": {"validation": "relaxed","config": {"ver": "1.0","complete": 1,"nodes": [{"asi": "152media.info","sid": "152M351","hp": 1}]}}});pbjs.setConfig({userSync: {filterSettings: {iframe: {bidders: "*",filter: "include",},},userIds: [{name: "criteo",}, ],},});pbjs.enableAnalytics({provider: 'adtrue',options: {"zoneId": 12953,"publisherId": 3363}});});function refreshBid() {pbjs.que.push(function() {pbjs.requestBids({timeout: PREBID_TIMEOUT,bidsBackHandler: handlerPassback,});});}var ntimes = 0;var intervalID = setInterval(function() {ntimes++;if (ntimes > REFRESH_TIMES) {window.clearInterval(intervalID);}refreshBid();}, REFRESH);function handlerPassback() {var iframe = document.getElementById(adTagId);var iframeDoc = iframe.contentWindow.document;var adServerTargeting = pbjs.getAdserverTargetingForAdUnitCode(adTagId);/ * If any bidders
return any creatives * /if (adServerTargeting && adServerTargeting["hb_adid"]) {pbjs.renderAd(iframeDoc, adServerTargeting["hb_adid"]);} else {iframe.width = sizes[0][0];iframe.height = sizes[0][1];iframeDoc.write("<head></head > < body > " + passbackTagHtml + " < /body>");iframeDoc.close();}}var passbackTagHtml = '<script type="text\/javascript">' + "var adtrue_passback = {adtrue_pzoneid:'" + zoneId + "'};" + "<\/script>" + '<script type="text\/javascript" src="/ / cdn.adtrue.com / rtb / passback.js "><\/script>';</script><iframe id="
pb_iframe " frameborder="
0 " scrolling="
no " marginheight="
0 " marginwidth="
0 " TOPMARGIN="
0 " LEFTMARGIN="
0 " ALLOWTRANSPARENCY="
true " width="
0 " height="
0 "></iframe><script>var iframe = document.getElementById("
pb_iframe ");iframe.setAttribute("
id ", adTagId);</script><script type="
text / javascript ">(function() {var purl = window.location.href;var url = '//ads.pubmatic.com/AdServer/js/pwt/155495/4202';var profileVersionId = '';if (purl.indexOf('pwtv=') > 0) {var regexp = /pwtv=(.*?)(&|$)/g;var matches = regexp.exec(purl);if (matches.length >= 2 && matches[1].length > 0) {profileVersionId = '/' + matches[1];}}var wtads = document.createElement('script');wtads.async = true;wtads.type = 'text/javascript';wtads.src = url + profileVersionId + '/pwt.js';var node = document.getElementsByTagName('script')[0];node.parentNode.insertBefore(wtads, node);})();</script>
                                    

#3 JavaScript::Write (size: 351, repeated: 1) - SHA256: 6b49510af2d52ade64dca189499c8d78d27eaefa38256ce34a9f28f55a7ab65c

                                        < iframe name = "pbeacon"
frameborder = "0"
allowtransparency = "true"
hspace = "0"
vspace = "0"
marginheight = "0"
marginwidth = "0"
scrolling = "no"
width = "0"
height = "0"
style = "position:absolute;top:-20000px;"
src = "//track.adtrue.com/track/request?pzoneid=12953&domain=ouo.press&ref=https%3A%2F%2Fouo.press%2FtjU7aGu&loc=https%3A%2F%2Fouo.press%2FtjU7aGu" > < /iframe>
                                    

#4 JavaScript::Write (size: 192, repeated: 1) - SHA256: df9913e17da94cf021a5cf7de21a12683e6020ed3b2cbeb6dca1f3169fdf87a4

                                        < head > < /head><body><script type="text/javascript
">var adtrue_passback = {adtrue_pzoneid:'12953'};</script><script type="
text / javascript " src=" //cdn.adtrue.com/rtb/passback.js"></script></body>
                                    

#5 JavaScript::Write (size: 132, repeated: 1) - SHA256: 2c9654b668020c23108ff637a9b11bb1c11cba4f1b6172ac8c82ec18c4c78c2b

                                        < script type = "text/javascript"
src = "//exchange.adtrue.com/tag/passback?adtrue_pzoneid=12953&divid=485278481&ref=undefined" > < /script>
                                    

#6 JavaScript::Write (size: 249, repeated: 1) - SHA256: d69309a446845fa51459fb0bf23ba7e57d8cbdfd2833b544627e64ec727a2102

                                        <!-- Composite Start -->
< style >
    .mgbox.mgheader {
        display: none!important;
    } < /style> < div id = "M624865ScriptRootC991771" >
    < /div> < script src = "https://jsc.adskeeper.com/a/d/adtrue.ouo.press.991771.js"
async >
    < /script>
    <!-- Composite End -->
                                    

#7 JavaScript::Write (size: 173, repeated: 1) - SHA256: 642f9705ec7d8c7b0f907d5fecc582d31d93a78c244f05c938e36bf016fe9d3c

                                        < body style = "background-color:white;margin:0px;padding:0px;" > < div id = "c" > < /div><script src="https:/ / ecdn.firstimpression.io / static / js / fiamp.js "></script></body>
                                    

#8 JavaScript::Write (size: 3270, repeated: 1) - SHA256: 54aa8da2e61900ec1fb432c3b74f8e3859c4cd9521c9d40f5f0c7d70b62f8858

                                        < !DOCTYPE HTML > < html > < head > < /head><body><script type="text/javascript
">function showAdsByAdtrue(){document.getElementById("
adtrue_gc ").style.width = '105px';document.getElementById("
adtrue_gb ").style.display = 'none';document.getElementById("
adtrue_gs ").style.display = 'block';}function hideAdsByAdtrue(cb){setTimeout(function() {document.getElementById("
adtrue_gc ").style.width = '15px';document.getElementById("
adtrue_gb ").style.display = 'block';document.getElementById("
adtrue_gs ").style.display = 'none';}, 500);}</script><style>#block_adexchange svg:not(:root) {overflow: auto;!important}</style><div id="
block_adexchange " style="
width: 300 px;
height: 250 px;
position: relative;
font: 15 px / 1.2e m Arial, sans - serif!important;
">            <div dir="
ltr " id="
adtrue_gc " class="
adtrue_gc_12953 " style="
display: none;
width: 15 px;
height: 15 px;
height: 15 px;
position: absolute;
left: 0;
text - rendering: geometricprecision;
bottom: 0;
width: 15 px;
z - index: 9020;
">                <div id="
adtrue_gb " style="
display: block;
height: 100 % ;
" onmouseover="
showAdsByAdtrue()
"><svg width="
100 % " height="
100 % "><rect width="
100 % " height="
100 % " fill="
whitesmoke "/><svg stroke="
#000000" fill= "#000000"
x = "0px"
y = "0px" > < circle cx = "7.5px"
cy = "7.5px"
r = "5.5px"
fill = "none"
stroke - width = "1.1px" / > < circle cx = "7.5px"
cy = "4.75px"
r = "1px"
stroke = "none" / > < line x1 = "7.5px"
x2 = "7.5px"
y1 = "6.5px"
y2 = "11px"
fill = "none"
stroke - width = "1.75px" / > < /svg>                    </svg > < /div>                <div id="adtrue_gs" style="display: none;height: 100%;" onmouseleave="hideAdsByAdtrue()">                    <a target="_blank" href="https:/ / adtrue.com " style="
text - decoration: none;
" id="
abgl ">                        <svg height="
100 % " width="
100 % ">                        <path transform="
matrix(-1.18971, -0.00136069, 0.00161882, -0.999999, 105, 15)
" d="
M0, 0 l96, 0 l0, 15 l - 92, 0 s - 4, 0, -4, -4 Z " fill="
whitesmoke "/>                        <svg width="
34 px " y="
11 px " x="
17 px " overflow="
visible ">                        <text transform="
scale(0.11121408415723971)
" font-size="
100 px " font-family="
Arial " fill="
dimgray ">Ads by</text>                        </svg>                        <svg width="
38 px " y="
11 px " x="
53 px " overflow="
visible ">                        <text transform="
scale(0.11784163440459683)
" font-weight="
bold " font-size="
100 px " font-family="
Arial " fill="
black ">Adtrue</text>                        </svg>                        <svg y="
0 px " x="
0 px " fill="
#000000" stroke= "#000000" > < circle stroke - width = "1.1px"
fill = "none"
r = "5.5px"
cy = "7.5px"
cx = "7.5px" / > < circle stroke = "none"
r = "1px"
cy = "4.75px"
cx = "7.5px" / > < line stroke - width = "1.75px"
fill = "none"
y2 = "11px"
y1 = "6.5px"
x2 = "7.5px"
x1 = "7.5px" / > < /svg>                        </svg > < /a>                </div > < /div><script type="text/javascript
">document.write('<script type="
text / javascript " src=" //exchange.adtrue.com/delivery/impress?pzoneid=12953&ref=https%3A%2F%2Fouo.press%2FtjU7aGu&cb=1902060841&timeZone=0&adWidth=300&adHeight=250&loc=https://ouo.press/tjU7aGu"></'+'script>');</script>        </div></body></html>
                                    


HTTP Transactions (117)


Request Response
                                        
                                            GET /tjU7aGu HTTP/1.1 
Host: ouo.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         104.22.23.162
HTTP/1.1 301 Moved Permanently
                                        
Date: Tue, 04 Oct 2022 06:59:47 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 04 Oct 2022 07:59:47 GMT
Location: https://ouo.io/tjU7aGu
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754c096b296ab50c-OSL

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         18.164.68.6
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 04 Oct 2022 06:04:12 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 86897b9f074001e33ff5cbec58c4bc02.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P4
X-Amz-Cf-Id: vPYSrXhxLATGvtDmfwGTNmhuJoUi8ApoakKKV7mxYNEezTRAKthdwQ==
Age: 3335


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    2d12f67fe57a87e7366b662d153a5582
Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1
Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1F611155394FAC39439B8EC8217D8CD493D6B588D372D264E0D66C03129C50C6"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6548
Expires: Tue, 04 Oct 2022 08:48:55 GMT
Date: Tue, 04 Oct 2022 06:59:47 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         18.164.68.3
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 04 Oct 2022 04:12:30 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 6e05560e2a116f10e93777df92ea6478.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P4
x-amz-cf-id: 6WgqqRmuNPdl8869axHFlf1IgJhcKMvSi_U75Y7fSJMWnyk-iNiFOQ==
age: 16939
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Tue, 04 Oct 2022 06:59:47 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         18.164.68.6
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Tue, 04 Oct 2022 06:32:53 GMT
Expires: Tue, 04 Oct 2022 07:12:21 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 dec2a929e38abcba29053b59369dd9c4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P4
X-Amz-Cf-Id: LQvqIbA0jfO0eElkFVWV5pV1rChMHZkbdEIPxnPZqZlU2f2Alfi9Dg==
Age: 1614


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4835
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 06:59:47 GMT
Last-Modified: Tue, 04 Oct 2022 05:39:12 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /images/world.png HTTP/1.1 
Host: ouo.press
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/tjU7aGu
Cookie: ouoio_session=eyJpdiI6ImllcTcwcjh0QXhZOUpmaWhOUXhScXpYVkhCWnVqbExLdnFyTzJDbzg2dDg9IiwidmFsdWUiOiJPWkcxRkUyenRod1puUnVMcWY3eWR0WkdxUkpiOFFPd2taOERwNEdHQzRiKytzREoxc2VqTUZFU0VybXRKXC9xRHpQS2dKcUk5aUMzXC9qRFF1bllwaE1nPT0iLCJtYWMiOiIzOTQ0ZWYyY2E5MWVhYTFlY2Y2MTIxNzBhNzYxMDM1NmFjYjI0M2QxMzAzMjU2MTc0MThlMWMyNjIzMzRmYmRhIn0%3D; language=eyJpdiI6IjB4NGtrVk9oOVwvRk5LNTQ5emFLVE5LR0s0RndFZ3BEdHBGd3c0MWxHMFc4PSIsInZhbHVlIjoiU1FpRkVKd2g4WEdLTVFIc2U2cWZYRnVjSWxmSjh1VDBQR0hOa25VTXR1WT0iLCJtYWMiOiJmNzIxMzc4MjA0NTBmM2IzMmQ5MTI4NGM0ODVjZmEwOTQzYzFlZWVjMDQyYjYxMjc4ZThkNDVmMWMzOGY0NTFiIn0%3D; 45996c036d28f90eefb50aa20e354e733d202718=eyJpdiI6Ikw5WkhKQnRURnJiRjZUUzZLTklqcTVnc1FVQTdsMzM0azdFaE5rcERVWlU9IiwidmFsdWUiOiJJY0tMXC9KZktaV1YrQzZ0a0JxOElsZ0VxY2h4RThscUpCM29YSkdmS2h5N1IxZTlJQkVYVTNqNHlxU281UkN1am1idzk1eXpUd01QUkkreHJndkJSaDkzYmhQVDY4eFR6NUdmY05LUHliUEcydGx3VzE4UWNYRzl5QnFDK1ZDcEZoN0ptbWh3RTJKam0rRTU1N0JpQUFBdDVNWEJ2SWFNYXVlXC9ZM0RDaFhTRm43aFc0YnZRNnppZnBpcWZBOXNYXC9XaldObEFYbkZzVGlYSlFtczNcL3h0V1lDR1hrZVlmQTJlT0VCanllVks5TzhqMHZGK0JkTit1SUtLVm1OTFJ6TUtRYjQyRVVMRUJ3aUdvV3k5N2g5YjJ1ZHgwemR2ejdNNzlaR0dqVVwvMGFHanFlT3BmKzB3aytnQ3VybWpUS2plRDJrcFIycDNaRHhoTDlUS2xtS3RSVGdaZytmeVROcG50ektOaEV0TmpvZmxwUkFkTmwycThrOStrUDU2akdCdSIsIm1hYyI6IjgzZmViZTMwZDMyNjZiZTg3ZTY3OWY0ZjY5ZTQyOWIyOWVmMzVkOWVkZmJhZjU2ODEyZTg5MDNkMGNiMzZhNDIifQ%3D%3D; __cf_bm=Ap_jthfqAHh1KxfXiu3USgcSjzVXCQD2grOnmz4YtSE-1664866787-0-AX43a1L1TG2h8GnlwI5j42qcZ83/PJc9the1qCtI3AdqIrFv0CoeLUOi932Kr/J1AJZP33rwBGc6FxYWYrD5Xrk=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.22.58.251
HTTP/2 200 OK
content-type: image/png
                                        
date: Tue, 04 Oct 2022 06:59:48 GMT
content-length: 5692
cache-control: max-age=2592000
cf-bgj: imgq:85,h2pri
cf-polished: status=not_needed
etag: "5549a07c-163c"
expires: Tue, 04 Oct 2022 22:31:44 GMT
last-modified: Wed, 06 May 2015 05:02:52 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 2536084
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 754c09719b0cb505-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Size:   5692
Md5:    4eea420a8830a6d695114427bf52b556
Sha1:   35579e7f1a656beb3a07a7093166ff37c634bade
Sha256: 70f03c74cc197cf154af36fa552a448d9ffebb55081c96e55ef4cf469123fe22
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 06:59:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 06:59:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /tjU7aGu HTTP/1.1 
Host: ouo.press
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         104.22.58.251
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Tue, 04 Oct 2022 06:59:47 GMT
cache-control: no-cache
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
set-cookie: ouoio_session=eyJpdiI6ImllcTcwcjh0QXhZOUpmaWhOUXhScXpYVkhCWnVqbExLdnFyTzJDbzg2dDg9IiwidmFsdWUiOiJPWkcxRkUyenRod1puUnVMcWY3eWR0WkdxUkpiOFFPd2taOERwNEdHQzRiKytzREoxc2VqTUZFU0VybXRKXC9xRHpQS2dKcUk5aUMzXC9qRFF1bllwaE1nPT0iLCJtYWMiOiIzOTQ0ZWYyY2E5MWVhYTFlY2Y2MTIxNzBhNzYxMDM1NmFjYjI0M2QxMzAzMjU2MTc0MThlMWMyNjIzMzRmYmRhIn0%3D; path=/; httponly language=eyJpdiI6IjB4NGtrVk9oOVwvRk5LNTQ5emFLVE5LR0s0RndFZ3BEdHBGd3c0MWxHMFc4PSIsInZhbHVlIjoiU1FpRkVKd2g4WEdLTVFIc2U2cWZYRnVjSWxmSjh1VDBQR0hOa25VTXR1WT0iLCJtYWMiOiJmNzIxMzc4MjA0NTBmM2IzMmQ5MTI4NGM0ODVjZmEwOTQzYzFlZWVjMDQyYjYxMjc4ZThkNDVmMWMzOGY0NTFiIn0%3D; expires=Sun, 03-Oct-2027 06:59:47 GMT; Max-Age=157680000; path=/; httponly 45996c036d28f90eefb50aa20e354e733d202718=eyJpdiI6Ikw5WkhKQnRURnJiRjZUUzZLTklqcTVnc1FVQTdsMzM0azdFaE5rcERVWlU9IiwidmFsdWUiOiJJY0tMXC9KZktaV1YrQzZ0a0JxOElsZ0VxY2h4RThscUpCM29YSkdmS2h5N1IxZTlJQkVYVTNqNHlxU281UkN1am1idzk1eXpUd01QUkkreHJndkJSaDkzYmhQVDY4eFR6NUdmY05LUHliUEcydGx3VzE4UWNYRzl5QnFDK1ZDcEZoN0ptbWh3RTJKam0rRTU1N0JpQUFBdDVNWEJ2SWFNYXVlXC9ZM0RDaFhTRm43aFc0YnZRNnppZnBpcWZBOXNYXC9XaldObEFYbkZzVGlYSlFtczNcL3h0V1lDR1hrZVlmQTJlT0VCanllVks5TzhqMHZGK0JkTit1SUtLVm1OTFJ6TUtRYjQyRVVMRUJ3aUdvV3k5N2g5YjJ1ZHgwemR2ejdNNzlaR0dqVVwvMGFHanFlT3BmKzB3aytnQ3VybWpUS2plRDJrcFIycDNaRHhoTDlUS2xtS3RSVGdaZytmeVROcG50ektOaEV0TmpvZmxwUkFkTmwycThrOStrUDU2akdCdSIsIm1hYyI6IjgzZmViZTMwZDMyNjZiZTg3ZTY3OWY0ZjY5ZTQyOWIyOWVmMzVkOWVkZmJhZjU2ODEyZTg5MDNkMGNiMzZhNDIifQ%3D%3D; expires=Tue, 04-Oct-2022 08:59:47 GMT; Max-Age=7200; path=/; httponly __cf_bm=Ap_jthfqAHh1KxfXiu3USgcSjzVXCQD2grOnmz4YtSE-1664866787-0-AX43a1L1TG2h8GnlwI5j42qcZ83/PJc9the1qCtI3AdqIrFv0CoeLUOi932Kr/J1AJZP33rwBGc6FxYWYrD5Xrk=; path=/; expires=Tue, 04-Oct-22 07:29:47 GMT; domain=.ouo.press; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 754c096e9f82b505-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1938)
Size:   3985
Md5:    c9acff8314efadad28f16120a950f921
Sha1:   27b5995d9be9597f97b211045dfd1e09fa86c149
Sha256: ce23010cbbe3c07fd40d0fe04567c5ab9fb7bfa16393fa455888c011a206dd5a
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "69C10E6FFCD0EF9BED97E13462240E33025A7A4667D857DC17762FBC1CD424D4"
Last-Modified: Sun, 02 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7108
Expires: Tue, 04 Oct 2022 08:58:16 GMT
Date: Tue, 04 Oct 2022 06:59:48 GMT
Connection: keep-alive

                                        
                                            GET /css?family=Questrial HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 04 Oct 2022 06:59:48 GMT
date: Tue, 04 Oct 2022 06:59:48 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 06:59:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /1clkn/16562 HTTP/1.1 
Host: tv.gourdycortes.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.255.6.33
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Server: nginx
Date: Tue, 04 Oct 2022 06:59:48 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Set-Cookie: GL_UI4=eJw9jUtOwzAYhPMOVUnESDkAR2gi0rRLNqy4Q%2BTYf4Jp4r9y3Ae3xyDBbh6fZoIgiKoS4TWLEV9Ei%2BejGru9pJrkoW6a%2BuXQyLEdRDfWqunqdoeNXnsnhplcgseJDFkte8mKCjz56i85Gb6ZBOlghVEF0sUTc4F8sHxbyVYxEiMWQv6mLY1894T4ZIvouPdSGy%2FDHSJeq7jcIH3X5nIvt1lQFlmA7XkWbmS79Fp5m05WKEL4igcpHE1sv5ArWk%2BOzwDPqv%2Fnfz%2FT%2BWcNmaKrlt6y%2ByD7DTb9Sx8%3D; expires=Wed, 05-Oct-2022 06:59:48 GMT; Max-Age=86400; path=/; secure; SameSite=None GL_GI10=eJxNjMFqg0AURXXSTCOK5UI%2FID9Qk7R2kW3TZdGFHzBY8xIGzDxxJm0mX181ULK5HA6cGwSBeE4hdIdku8m26yx%2FzTbvOWZHYoiiRNLw2bjeK1OfCLLg%2Frf2kD0dNRuI9RviG6uG94R5Ub7cuSmKS9vycjf%2BeDw0etxRIRr51j0O3eRm2nZIP1p9WVbcnt3wYhEZcsp2RHtEu%2Fq7pdVn9YX0304fMsRCW9X1fPEDPzl9oisbUnw4WHJSIPyR4g8Mt0dW; expires=Wed, 05-Oct-2022 06:59:48 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   26
Md5:    414a242a6fee8464282857e475d3ef61
Sha1:   f669890350347f53aa9bd19c1a355692e8d17d2f
Sha256: d4914e81dd0b4c1d8ee8e789f6b369d107b93ac886f862930e1a98580e79aafa
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: HyRn8bQq26lfXk1hTLexPg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         52.13.69.101
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: RzjXWsRDKfBImQZMsMjCmPp3zn8=

                                        
                                            GET /static/js/fab.js HTTP/1.1 
Host: ecdn.analysis.fi
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         108.156.46.8
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 4240
server: nginx/1.20.0
last-modified: Tue, 14 Dec 2021 15:30:51 GMT
access-control-allow-origin: *
accept-ranges: bytes
date: Tue, 04 Oct 2022 06:53:55 GMT
expires: Tue, 04 Oct 2022 07:53:55 GMT
cache-control: max-age=3600
etag: "61b8b8ab-1090"
x-cache: Hit from cloudfront
via: 1.1 71cbe01df9e5102d886edc4f5a32c1ea.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P2
x-amz-cf-id: er2_qRiqQvgg0fQRUe9WNZ-aDRZqQLBuc-T-ByEh7JNbyz6JrS0BtQ==
age: 353
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (574)
Size:   4240
Md5:    28a0bef1ecb63168106f97b637ab3414
Sha1:   e577575dd115f6a95aea8c2ae87d2c30c8464728
Sha256: d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "98D206A72279FC20BE234F99A3D7DE17017E7ED0F49B5818FC986616F9A7A737"
Last-Modified: Sun, 02 Oct 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12208
Expires: Tue, 04 Oct 2022 10:23:16 GMT
Date: Tue, 04 Oct 2022 06:59:48 GMT
Connection: keep-alive

                                        
                                            GET /ed/36/01/ed36014633829dc70a42dccaefdf3f11.js HTTP/1.1 
Host: itineraryupper.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.61.225
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.22.0
Date: Tue, 04 Oct 2022 06:59:48 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7121b1e929c7dfd2cc4cb9f23f9358df
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (37155), with no line terminators
Size:   13429
Md5:    f7adb644c69e45ede6f4b264ed3ad386
Sha1:   813ea22768a084d31c45b44708392d2d8349c712
Sha256: 61c62d2537164da66b8fd811c6928e221104323efd86cb4eb6efcb14da8a0a62

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /npm/prebid-universal-creative@latest/dist/creative.js HTTP/1.1 
Host: cdn.jsdelivr.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.229
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 1.13.0
x-jsd-version-type: version
etag: W/"682b-2ihEYwqesMldd0dS8BiHEV2ELiA"
content-encoding: gzip
accept-ranges: bytes
date: Tue, 04 Oct 2022 06:59:49 GMT
age: 35370
x-served-by: cache-fra19167-FRA, cache-bma1657-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 8874
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (26606)
Size:   8874
Md5:    77019dfea792351eb58beb264f808970
Sha1:   106d35ea53f5a6e4024ba9bfafe6b0bd0551771f
Sha256: ca2b0e50ed967336aea35965d7a99b4986429c5c5984f8de96d92b2c573b7bef
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 06:59:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ouo.press
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19292
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 03 Oct 2022 20:03:19 GMT
expires: Tue, 03 Oct 2023 20:03:19 GMT
cache-control: public, max-age=31536000
age: 39390
last-modified: Wed, 27 Apr 2022 16:12:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 19292, version 1.0\012- data
Size:   19292
Md5:    19007b17e56daa60133bce9e9b352a95
Sha1:   bac1384caeae5762e7a1d8c18037f69c8cd21bc4
Sha256: fd88a03358ba14440b78c6329717bdf6ed1a9fe97c3ad4e0a0a39d31fb1ac546
                                        
                                            POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 06:59:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "7E8D9C62251D6149BF2DEC1F3C8FC3D9DDC2341B"
Expires: Tue, 04 Oct 2022 18:00:00 GMT
Last-Modified: Tue, 04 Oct 2022 06:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 234
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754c0977bc19b500-OSL


--- Additional Info ---
Magic:  data
Size:   1462
Md5:    39f2fadd1d0aec8955dbe5c8ac5f404c
Sha1:   c47ed2e6ac2575c35b7d40e5aac38f2a1892822c
Sha256: e8bae709512658280c8d9851a10634c03c87e7ec416d98bd0f8154b1bcaac08b
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 06:59:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         108.138.212.135
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 06:59:49 GMT
Last-Modified: Tue, 04 Oct 2022 05:36:45 GMT
Server: ECS (nyb/1D17)
X-Cache: Miss from cloudfront
Via: 1.1 dd14c137c3edcb7d91394cbb3ac93a7a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR61-P3
X-Amz-Cf-Id: 6_9lnMjjREeOxq9PKaD4YnZ7JRt4DJQCgD76vTIOInIVjGtoKQPVvw==
Age: 4984

                                        
                                            GET /stats HTTP/1.1 
Host: simplewebanalysis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         3.66.118.16
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Tue, 04 Oct 2022 06:59:49 GMT
content-length: 40
server: fasthttp
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
set-cookie: uid_id2=3179ca33-2069-4bd5-b953-f7391aa8ed45:1:1; expires=Fri, 01 Oct 2032 06:59:49 GMT; secure; SameSite=None
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   40
Md5:    43b9e10f5b9481199ce816598dc76204
Sha1:   9d8ac9a1151cb48690e4118d16f812b60a45ce91
Sha256: b8153a7349181ed380c9a08899a9a09e3b1b1b1fa8c7dcfaa30a7df7ca4a0388
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 06:59:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /gtag/js?id=GTM-NPLC9ST HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.adtrue.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.168
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 04 Oct 2022 06:59:49 GMT
expires: Tue, 04 Oct 2022 06:59:49 GMT
cache-control: private, max-age=900
last-modified: Tue, 04 Oct 2022 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 45640
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2039)
Size:   45640
Md5:    bdfefd35d345e1330003b626e2dbd8d6
Sha1:   f2d6e085653b72fcb40e48b3085ca338f4a9ca4b
Sha256: 847475e51d3d8e2381d5fdde4bddc38809eafb1dcd0206b8edf6d304f725f4bf
                                        
                                            GET /images/widgetIcons/achoice.svg HTTP/1.1 
Host: widgets.outbrain.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.38.201.81
HTTP/2 200 OK
content-type: image/svg+xml
                                        
accept-ranges: bytes
etag: "9d26fa4e7238ed94f1d0d92afb453b3e:1662969032.874716"
last-modified: Mon, 12 Sep 2022 07:37:47 GMT
server: AkamaiNetStorage
content-length: 2735
cache-control: max-age=2592000
expires: Thu, 03 Nov 2022 06:59:49 GMT
date: Tue, 04 Oct 2022 06:59:49 GMT
timing-allow-origin: *, *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2290)
Size:   2735
Md5:    9d26fa4e7238ed94f1d0d92afb453b3e
Sha1:   ae18efe7d09337bf2f580b3f5bc912284aad7821
Sha256: 2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 06:59:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250 HTTP/1.1 
Host: ad.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.198
HTTP/2 200 OK
content-type: image/x-icon
                                        
accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 104
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Mon, 03 Oct 2022 11:25:17 GMT
expires: Tue, 04 Oct 2022 11:25:17 GMT
cache-control: public, max-age=86400
age: 70472
last-modified: Tue, 08 May 2012 13:08:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  MS Windows icon resource - 2 icons, 16x16, 16 colors, 32x32, 16 colors\012- data
Size:   104
Md5:    32ac8a9b81788b981a3a7e13c14082d4
Sha1:   fbfd48a2bfe8d4247a975176f88d18c3c2ad1952
Sha256: 00cc7617e054596ff0aaabd8a93a9214dc5304bfe317316022dbf4fb3ea073d2
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 06:59:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__en.js HTTP/1.1 
Host: www.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: text/javascript
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 158844
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 01:05:31 GMT
expires: Sun, 01 Oct 2023 01:05:31 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 26 Sep 2022 04:02:34 GMT
age: 280458
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (711)
Size:   158844
Md5:    b4ed95d4318e3b78b936c9c0f1ffa96e
Sha1:   b53c9376b1459afb07fb4b5c2e8d8dad776d3a02
Sha256: 3c21880cb7be6bec40f9d40c23ad39c9758999cf950cec07b86c83b21fde175f
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 06:59:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: status.geotrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2385
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 06:59:49 GMT
Last-Modified: Tue, 04 Oct 2022 06:20:04 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /sfp.js HTTP/1.1 
Host: creepingbrings.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.64.198.30
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Tue, 04 Oct 2022 06:59:49 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 2a79d37a7866b0908daf352b570fcaa6
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Tue, 04 Oct 2022 06:59:48 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7JwXdtjsMPbqW7txbF7aWiB58lcen8KXTA7qGB3Vrg4kYYnj937kpVJrAh3FT%2FbZxblwsRaiDIdc5CEwXVBvwT3sncaWjKoLjNId8cFeiXKAwdVFLK5m6qybvubEZGqJUkJQ9YY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754c0977caa971e7-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size:   27257
Md5:    8cce45f326d141c872f5481bfa4db4cc
Sha1:   875e4f165e6959efba6fbbe5d2d9ca76071faad3
Sha256: 920a2312e8cc69ace91869c7892ddad74dc34da7d8f72651a0ff0737783db334
                                        
                                            POST /ut/v3/prebid HTTP/1.1 
Host: ib.adnxs.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 685
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         185.89.210.90
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
                                        
Server: nginx/1.21.3
Date: Tue, 04 Oct 2022 06:59:49 GMT
Content-Length: 139
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://ouo.press
AN-X-Request-Uuid: 629fd85a-8e98-432f-853a-59e40d3fb90c
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   139
Md5:    08fe10d5cecc1c3d9b1a3331564eb550
Sha1:   39f4725108a87461739baddb00796628aecd5278
Sha256: 4409fe4f784f5d0adc27d6f1ccb107ff8ce5a52065c29fffccf95891ae179ade
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5312
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 06:59:49 GMT
Last-Modified: Tue, 04 Oct 2022 05:31:17 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /w/1.0/arj?ju=https%3A%2F%2Fouo.press%2FtjU7aGu&ch=UTF-8&res=1280x1024x24&ifr=true&tz=0&tws=1152x836&be=1&bc=hb_pb_3.0.3&dddid=c18b954d-d738-4d15-9062-a1742e9decba&nocache=1664866788957&aus=300x250&divids=adtrue_ads_12953_fwjc3197cgykccweqb&aucs=adtrue_ads_12953_fwjc3197cgykccweqb&auid=557936314&aumfs=100 HTTP/1.1 
Host: fptadtrue-d.openx.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         35.244.159.8
HTTP/2 200 OK
content-type: application/json
                                        
vary: Accept, Accept-Encoding
server: OXGW/0.0.0
pragma: no-cache
p3p: CP="CUR ADM OUR NOR STA NID"
expires: Mon, 26 Jul 1997 05:00:00 GMT
date: Tue, 04 Oct 2022 06:59:49 GMT
content-length: 79
content-encoding: gzip
cache-control: private, max-age=0, no-cache
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   79
Md5:    6a94f82a8805d12514330352302cc014
Sha1:   e8ab98b443df66ca9a27f1b7530c0c959051bd85
Sha256: fb4d6c9389a8616bdd8035f1cd8b529a6b6aaab2c299bf505a74a6ea1a732d20
                                        
                                            GET /a/api/fastlane.json?account_id=18438&site_id=202928&zone_id=1317174&size_id=2&rp_schain=1.0,1!firstimpression.io,7419,1,,,&rf=https%3A%2F%2Fouo.press%2FtjU7aGu&kw=ouo.press%2Cshortlinks%2Clinkshortener%2CfreeURLshortener&tg_i.ref=https%3A%2F%2Fouo.press%2FtjU7aGu&tg_i.page=https%3A%2F%2Fouo.press%2FtjU7aGu&tg_i.domain=ouo.press&tg_i.figroup=a9&tk_flint=pbjs_lite_v6.2.0&x_source.tid=8a715faf-19b5-40ea-b7c7-b790ce812c2e&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.36239466271531284 HTTP/1.1 
Host: fastlane.rubiconproject.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         213.19.162.41
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Server: nginx/1.21.4
Date: Tue, 04 Oct 2022 06:59:49 GMT
Content-Length: 350
Connection: keep-alive
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Expires: Wed, 17 Sep 1975 21:32:10 GMT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://ouo.press
Pragma: no-cache
Vary: Accept-Encoding
Set-Cookie: khaos=L8TUP8AJ-25-ATYG; Domain=.rubiconproject.com; Path=/; Expires=Wed, 04-Oct-2023 06:59:49 GMT; Max-Age=31536000; SameSite=None; Secure audit=1|naVuGyos1qr87zCjI5Ui7O9DtVM30fCg5AuOp81iN6IxFFKl3eqcspZjSCqH74hcJhsHlJbldDdJwe9iGXKQTKZr5ZVxLWDe; Domain=.rubiconproject.com; Path=/; Expires=Wed, 04-Oct-2023 06:59:49 GMT; Max-Age=31536000; SameSite=None; Secure
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (350), with no line terminators
Size:   350
Md5:    4f9154d7e214751263aa29007d7e2355
Sha1:   1327b3b23c10f7dd322ed1c99e24e34cee4d7a70
Sha256: 021ac5f20a3a37815ed33670c363ee76c0e72daf1d973f80a63912043e0114d9
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5704
Expires: Tue, 04 Oct 2022 08:34:53 GMT
Date: Tue, 04 Oct 2022 06:59:49 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5704
Expires: Tue, 04 Oct 2022 08:34:53 GMT
Date: Tue, 04 Oct 2022 06:59:49 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5704
Expires: Tue, 04 Oct 2022 08:34:53 GMT
Date: Tue, 04 Oct 2022 06:59:49 GMT
Connection: keep-alive

                                        
                                            POST /delivery/lg.php?bannerid=65637%7C65638%7C65639%7C83411%7C93863%7C100721&campaignid=18%7C15%7C9%7C44%7C43%7C22&zoneid=110459%7C110459%7C110459%7C110459%7C110459%7C110459 HTTP/1.1 
Host: cdn.firstimpression.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Cookie: OAID=GDPR
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         143.204.68.68
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Tue, 04 Oct 2022 06:59:49 GMT
server: nginx/1.20.0
vary: Accept-Encoding
x-powered-by: PHP/8.0.14
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
expires: 0
access-control-allow-origin: https://ouo.press
p3p: CP="CUR ADM OUR NOR STA NID"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 9a9edb00220c3ef50c1919f84fea4888.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P1
x-amz-cf-id: hBl_LXsvXL4k1_GQ9OtVQRgyaEHxWxmBbzz9kjn0-PQn3HOqcLzPRg==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  very short file (no magic)
Size:   21
Md5:    2793f659087fed6a6c71efe62625fdab
Sha1:   6b40887d8b55314b057c3ea28e84a899a5e998cc
Sha256: 49835d7ac4b53fab922d54f8e59f6f53fda7becdcfb3e8887855bd6f7e8704fb
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92f8209d-8dc3-45f5-bfb8-151edb23e30c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4996
x-amzn-requestid: 2f13b6ea-4426-4b3f-81be-5d8ca0278ce7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcrokFkroAMF0XA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5969-421b4993676a68df2b43ad65;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:51:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 0s9K75q7TzjbFBJ3vviHLcItPRb6CP2URJRYs2k9JmppyWHKvzv5hg==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 22:10:59 GMT
age: 31730
etag: "16f2fe758de4ebf7d654cb9669c73f030eb1fdef"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4996
Md5:    126f1f4538e5e4228a4f36d3b02e9d62
Sha1:   16f2fe758de4ebf7d654cb9669c73f030eb1fdef
Sha256: 594210beaabbc35a37d5d648836277f950e46b2d4c2eab2abde2d33beafdff37
                                        
                                            POST / HTTP/1.1 
Host: status.geotrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4183
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 06:59:49 GMT
Last-Modified: Tue, 04 Oct 2022 05:50:06 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F481896f6-cdf2-442f-aea2-dfa2c7c45f77.png HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8738
x-amzn-requestid: ede4db78-f2ab-4226-a855-dc7373978dfb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTFrBoAMFR3w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-2776543e774f0016329ddade;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: c9bu34_KooZB6Z4d8xXGnsd9jZ7lPl3yIo9II1Dm_2YVId3l9-7n-w==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:55:46 GMT
age: 32643
etag: "d830b94bea3b5698e5192a7ea05f90b25b2f9cc9"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8738
Md5:    d5745f8e3528f481ae2acf05b4abd3d0
Sha1:   d830b94bea3b5698e5192a7ea05f90b25b2f9cc9
Sha256: 313e11915f0869a608c830637b9dfd236ff28a8fb3354c3cc8748816b0ee18b0
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F840ae91d-bdbe-4236-ad14-27b04e390b6a.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 2761
x-amzn-requestid: 00090151-da40-48e8-98f0-a0c579fe6d1c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpI_EgdIAMFc0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b556c-06ceb1750213c44130848bf2;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:36 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: -VI34uA9q6D2_lYs0LtkmZOKZrBKQsYX9plMuw8zwnCt_3b2ZZ1Uxg==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:55:46 GMT
age: 32643
etag: "0f0c8f45a22563c3c87ab7ec6279fabc96cdfb1f"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   2761
Md5:    fb7d0bdcd7cf60e39ee64d92f5694384
Sha1:   0f0c8f45a22563c3c87ab7ec6279fabc96cdfb1f
Sha256: a6dd1fade6b47e539dd42ed07d2cf58179db10fe946809f201889a1f9c4ef282
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9917
x-amzn-requestid: 2dff93d9-795d-4885-9b82-610b0d235a82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTGEnIAMF1zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-117afa703663ada75627792c;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: p5nOqBojKO6S-c_DxIu8B3p-NK0pzRHkz0DOPeyv7PQt9h0x1jdtoQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:55:54 GMT
age: 32635
etag: "22aab05208a01ae5def4d63dc145085630f57bcb"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9917
Md5:    d8c08f8066cc732de8befd6ccd629a95
Sha1:   22aab05208a01ae5def4d63dc145085630f57bcb
Sha256: f8a560a0563518d992d0bd2655d2b5c406435a18e874ca00b51374d2ff901770
                                        
                                            POST /ut/v3/prebid HTTP/1.1 
Host: ib.adnxs.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 564
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         185.89.210.90
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
                                        
Server: nginx/1.21.3
Date: Tue, 04 Oct 2022 06:59:49 GMT
Content-Length: 144
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://ouo.press
AN-X-Request-Uuid: c43ab13c-a7d9-42a9-9167-b9050181944e
Set-Cookie: icu=ChgIw6tREAoYASABKAEw5bPvmQY4AUABSAEQ5bPvmQYYAA..; SameSite=None; Path=/; Max-Age=7776000; Expires=Mon, 02-Jan-2023 06:59:49 GMT; Domain=.adnxs.com; Secure; HttpOnly uuid2=6114164211697545458; SameSite=None; Path=/; Max-Age=7776000; Expires=Mon, 02-Jan-2023 06:59:49 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   144
Md5:    ea7966762e39e6a3410f38f370f7f75d
Sha1:   b0dfd4d3b52291ee69c993501663f137ad1492be
Sha256: 75bfe8755d984b888694a6fc027b1ff84f41eb114e43454f2809f0b925ee4e29
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4fcdf5f2-fb82-429f-a6f0-8f79d8aa9106.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9455
x-amzn-requestid: c7e1aa21-0afd-4329-a886-ca52e1a30c7e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcqJXHLUIAMFU1g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5708-1905710834041431314b11be;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:41:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: D-2NszpZ31D2YAbZRcPdqN3zZ2ScANt6bokfSbANgnsXBoTF2d__AQ==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 22:08:09 GMT
age: 31900
etag: "cf021352d993967e78552b275424ff139e4ef66c"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9455
Md5:    50556325e5a38a5dd7802b1391815bcb
Sha1:   cf021352d993967e78552b275424ff139e4ef66c
Sha256: 96fd2e848a45d071e334a8d08c8b89215f80f01f947af6da2efaee72dd16914c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5sAzc5Ewv4g6Wqq6JJiLylG3Jyy_nlWrr5Oteeo6ebEgq7Rvss4XaQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 04:42:53 GMT
age: 8216
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6315
Md5:    206fb65e75dbadf119512f71e0b78402
Sha1:   58ff0bf8ce7528b303d28bab01a80ad721705569
Sha256: 56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.adtrue.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Tue, 04 Oct 2022 06:41:09 GMT
expires: Tue, 04 Oct 2022 08:41:09 GMT
cache-control: public, max-age=7200
age: 1120
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   20039
Md5:    47e6f374ca946fddd5b59871b325736c
Sha1:   baa9282efc8785e84d247c3bff518eaa45f101c4
Sha256: 16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 06:59:49 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 01 Oct 2022 13:55:55 GMT
Expires: Sat, 08 Oct 2022 13:55:54 GMT
Etag: "209763b03185e92cb57d08b63ed6cccffcadd5d1"
Cache-Control: max-age=369964,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 754c0979eba9b506-OSL

                                        
                                            POST /rmp/212927/0/mvo?z=1r&hbv=6.2,2.1 HTTP/1.1 
Host: tag.1rx.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 607
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         213.19.147.43
HTTP/2 204 No Content
                                        
date: Tue, 04 Oct 2022 06:59:49 GMT
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
pragma: no-cache
cache-control: private, max-age=0, no-cache, no-store
X-Firefox-Spdy: h2

                                        
                                            GET /favicon.ico HTTP/1.1 
Host: ouo.press
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/tjU7aGu
Cookie: ouoio_session=eyJpdiI6ImllcTcwcjh0QXhZOUpmaWhOUXhScXpYVkhCWnVqbExLdnFyTzJDbzg2dDg9IiwidmFsdWUiOiJPWkcxRkUyenRod1puUnVMcWY3eWR0WkdxUkpiOFFPd2taOERwNEdHQzRiKytzREoxc2VqTUZFU0VybXRKXC9xRHpQS2dKcUk5aUMzXC9qRFF1bllwaE1nPT0iLCJtYWMiOiIzOTQ0ZWYyY2E5MWVhYTFlY2Y2MTIxNzBhNzYxMDM1NmFjYjI0M2QxMzAzMjU2MTc0MThlMWMyNjIzMzRmYmRhIn0%3D; language=eyJpdiI6IjB4NGtrVk9oOVwvRk5LNTQ5emFLVE5LR0s0RndFZ3BEdHBGd3c0MWxHMFc4PSIsInZhbHVlIjoiU1FpRkVKd2g4WEdLTVFIc2U2cWZYRnVjSWxmSjh1VDBQR0hOa25VTXR1WT0iLCJtYWMiOiJmNzIxMzc4MjA0NTBmM2IzMmQ5MTI4NGM0ODVjZmEwOTQzYzFlZWVjMDQyYjYxMjc4ZThkNDVmMWMzOGY0NTFiIn0%3D; 45996c036d28f90eefb50aa20e354e733d202718=eyJpdiI6Ikw5WkhKQnRURnJiRjZUUzZLTklqcTVnc1FVQTdsMzM0azdFaE5rcERVWlU9IiwidmFsdWUiOiJJY0tMXC9KZktaV1YrQzZ0a0JxOElsZ0VxY2h4RThscUpCM29YSkdmS2h5N1IxZTlJQkVYVTNqNHlxU281UkN1am1idzk1eXpUd01QUkkreHJndkJSaDkzYmhQVDY4eFR6NUdmY05LUHliUEcydGx3VzE4UWNYRzl5QnFDK1ZDcEZoN0ptbWh3RTJKam0rRTU1N0JpQUFBdDVNWEJ2SWFNYXVlXC9ZM0RDaFhTRm43aFc0YnZRNnppZnBpcWZBOXNYXC9XaldObEFYbkZzVGlYSlFtczNcL3h0V1lDR1hrZVlmQTJlT0VCanllVks5TzhqMHZGK0JkTit1SUtLVm1OTFJ6TUtRYjQyRVVMRUJ3aUdvV3k5N2g5YjJ1ZHgwemR2ejdNNzlaR0dqVVwvMGFHanFlT3BmKzB3aytnQ3VybWpUS2plRDJrcFIycDNaRHhoTDlUS2xtS3RSVGdaZytmeVROcG50ektOaEV0TmpvZmxwUkFkTmwycThrOStrUDU2akdCdSIsIm1hYyI6IjgzZmViZTMwZDMyNjZiZTg3ZTY3OWY0ZjY5ZTQyOWIyOWVmMzVkOWVkZmJhZjU2ODEyZTg5MDNkMGNiMzZhNDIifQ%3D%3D; __cf_bm=Ap_jthfqAHh1KxfXiu3USgcSjzVXCQD2grOnmz4YtSE-1664866787-0-AX43a1L1TG2h8GnlwI5j42qcZ83/PJc9the1qCtI3AdqIrFv0CoeLUOi932Kr/J1AJZP33rwBGc6FxYWYrD5Xrk=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.22.58.251
HTTP/2 200 OK
content-type: image/x-icon
                                        
date: Tue, 04 Oct 2022 06:59:49 GMT
content-length: 0
last-modified: Sat, 14 Feb 2015 06:41:24 GMT
etag: "54deee14-0"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=86400
cf-cache-status: REVALIDATED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 754c09792bf9b505-OSL
X-Firefox-Spdy: h2

                                        
                                            GET /cdn/prod/config?src=600&u=https%3A%2F%2Fouo.press&pubid=4cd01fd0-0780-4b33-a4da-c39467660185 HTTP/1.1 
Host: c.amazon-adsystem.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         18.164.72.231
HTTP/2 204 No Content
                                        
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
cache-control: max-age=21550, s-maxage=21600
date: Tue, 04 Oct 2022 01:59:23 GMT
server: Server
x-cache: Hit from cloudfront
via: 1.1 a455b0542ae02d17ddbe081579777502.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P4
x-amz-cf-id: Ogz9u3DkR_gMxp1PpKhj4zmPdAJOi4VFxX12Nf2hfz4tUh5Buve4iQ==
age: 18026
X-Firefox-Spdy: h2

                                        
                                            GET /e/dtb/bid?src=600&u=https%3A%2F%2Fouo.press%2FtjU7aGu&pid=ztbudqkPdJJg1&cb=0&ws=728x90&v=22.9.81452&t=2000&slots=%5B%7B%22sd%22%3A%2293863%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%5D&schain=1.0%2C1!firstimpression.io%2C7419%2C1%2C%2C%2C&pubid=4cd01fd0-0780-4b33-a4da-c39467660185&gdprl=%7B%22status%22%3A%22no-cmp%22%7D HTTP/1.1 
Host: aax-dtb-cf.amazon-adsystem.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         18.172.158.238
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
                                        
content-length: 154
server: Server
date: Tue, 04 Oct 2022 06:59:50 GMT
x-amz-rid: KKDQGYY50KEXDXCKA7XW
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
timing-allow-origin: *
strict-transport-security: max-age=47474747; includeSubDomains; preload
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
via: 1.1 b0e9d8f8b32a56e2c7dd6fb83988fcce.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P5
x-amz-cf-id: _fgtQQ5MAbUdVAWbsCL7fpkROsTkiasgivW4MwLitSqmLxCt9Fi84Q==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   154
Md5:    bb7b4ee21d41485b3c8d171a7bf8b853
Sha1:   04fdbd451ad2cf3aceb697a99ea093fa4c7b4522
Sha256: 5b74ca7f2f7320a7821eedeecfc6bc9cf4c5b0364ae656e62b66657c227aae7e
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4038
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 06:59:50 GMT
Last-Modified: Tue, 04 Oct 2022 05:52:32 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 314

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4060
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 06:59:50 GMT
Last-Modified: Tue, 04 Oct 2022 05:52:10 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 314

                                        
                                            POST /cdb?profileId=207&av=34&wv=6.2.0&cb=77150069011 HTTP/1.1 
Host: bidder.criteo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 490
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         178.250.0.165
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Tue, 04 Oct 2022 06:59:49 GMT
vary: Origin
server: Finatra
timing-allow-origin: *
access-control-allow-origin: https://ouo.press
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-encoding: gzip
content-length: 44
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   44
Md5:    5f1dcf53824ce88cdb7941d34db3f19d
Sha1:   4164a13e3f53e1f002606a807d64a92620720fb0
Sha256: 3a803b7520764b5266cfac90aa9f9b2ff931109f489d9a1deb24aa686c239a74
                                        
                                            POST /cdb?profileId=207&av=34&wv=7.12.0-pre&cb=78217149348&lsavail=0 HTTP/1.1 
Host: bidder.criteo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 405
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         178.250.0.165
HTTP/2 204 No Content
                                        
date: Tue, 04 Oct 2022 06:59:49 GMT
vary: Origin
server: Finatra
timing-allow-origin: *
access-control-allow-origin: https://ouo.press
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2

                                        
                                            GET /bao-csm/aps-comm/aps_csm.js HTTP/1.1 
Host: c.amazon-adsystem.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         18.164.72.231
HTTP/2 200 OK
content-type: application/javascript
                                        
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Mon, 19 Sep 2022 09:37:07 GMT
x-amz-version-id: I95TjGhhrR3O7F99m0mjPLrSrnJRj9o4
server: AmazonS3
content-encoding: gzip
date: Tue, 04 Oct 2022 06:12:04 GMT
cache-control: public, max-age=86400
etag: W/"a4d296427fc806b21335359e398c025c"
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
via: 1.1 a455b0542ae02d17ddbe081579777502.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P4
x-amz-cf-id: cf_xLpt0lHkRYWFoW1pgcQeS9J0YxRJI60EC8c98RScDImycFpQzxQ==
age: 24775
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32788)
Size:   21417
Md5:    cb6f338a4ad1211a433cd8ec5c91a495
Sha1:   87a8b93cf20a7288cc68e365bdcf77b44ab250cf
Sha256: 817f39703c0fb86b9139d1ea285dd03f6a0f3b0f1e92c866570c6a07cf8db0c2
                                        
                                            OPTIONS /sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1 HTTP/1.1 
Host: gum.criteo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://ouo.press/
Origin: https://ouo.press
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         178.250.2.146
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Tue, 04 Oct 2022 06:59:49 GMT
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://ouo.press
server-processing-duration-in-ticks: 443243
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (2339)
Size:   936
Md5:    1915119c533d781e147cb8aa5075a453
Sha1:   812715c6d4242bad4c219f5a8f3bec1c6df7f970
Sha256: cf76fed60b51b9c58c748f1c4ae57e4f1a9a76eafbb84ae4449cd63961ee4892
                                        
                                            GET /a/d/adtrue.ouo.press.991771.es6.js HTTP/1.1 
Host: jsc.adskeeper.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.18.4.42
HTTP/2 200 OK
content-type: text/javascript
                                        
date: Tue, 04 Oct 2022 06:59:50 GMT
content-length: 76738
x-amz-id-2: PnJDZztMxmjTDXtgyAPj/PBR6CL5E6pRM2TrRTb+odsStliOy2V1CJgPRRW6/2lFOUgjvNBOdso=
x-amz-request-id: P8WQNC29BTQYTDWP
last-modified: Wed, 24 Aug 2022 10:09:52 GMT
etag: "e559caae45cb818b6896845671336a3b"
content-encoding: gzip
x-amz-version-id: NX7wQXc7.FGN_u6PGufKW0wdpyDY_3AN
cf-cache-status: HIT
expires: Tue, 04 Oct 2022 10:59:50 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 754c097fd834b50c-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document, ASCII text, with very long lines (32897)
Size:   76738
Md5:    e559caae45cb818b6896845671336a3b
Sha1:   3ce9fd0ad9284532bd6b75814d851ddaa2ed63a3
Sha256: 1fcadff5f97dce2a2bb1e11a2d579b84656d4416e50171bae0d2013a8dc9c3ff
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 843
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 06:59:50 GMT
Last-Modified: Tue, 04 Oct 2022 06:45:47 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 312

                                        
                                            GET /delivery/spc_fi.php?id=7419&url=%2FtjU7aGu&charset=UTF-8&ch=6&ref=ouo.press&viewerId=null&referer=&_firid=13842239 HTTP/1.1 
Host: cdn.firstimpression.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         143.204.68.68
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
                                        
date: Tue, 04 Oct 2022 06:59:48 GMT
server: nginx/1.20.0
vary: Accept-Encoding
x-powered-by: PHP/8.0.14
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
expires: 0
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
p3p: CP="CUR ADM OUR NOR STA NID"
set-cookie: OAID=GDPR; expires=Wed, 04-Oct-2023 06:59:48 GMT; Max-Age=31536000; path=/; secure; SameSite=none
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 9a9edb00220c3ef50c1919f84fea4888.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P1
x-amz-cf-id: kWrqgwEisiXZhNnqb1RFg9ZDyD6eATWZzXYdj9RNqhz7WM29KGAJFw==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   140979
Md5:    4702f82d4bcf46f202902041d623bbe4
Sha1:   347d48c28a5a6baad228bee300d2c664e97bfc88
Sha256: 11f86d393219ea27eba4498efe87ac215ae501482ed877c732f8d00b0b2f3127
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2681
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 06:59:50 GMT
Last-Modified: Tue, 04 Oct 2022 06:15:09 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 314

                                        
                                            GET /dna HTTP/1.1 
Host: dnacdn.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         178.250.0.157
HTTP/2 200 OK
                                        
date: Tue, 04 Oct 2022 06:59:50 GMT
server: Kestrel
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=kzJQ7180M0RITmhlJTJCZkMwOUJGQlhaMUN2czE0YzNtSzJZcUU3N1glMkJnb3Y4JTJCcmliSHdxUEslMkJHZUFydHhGdXBZejhySzQ; expires=Sun, 29 Oct 2023 06:59:50 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 258785
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2020
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 06:59:50 GMT
Last-Modified: Tue, 04 Oct 2022 06:26:10 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 314

                                        
                                            GET /dna HTTP/1.1 
Host: dnacdn.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=kzJQ7180M0RITmhlJTJCZkMwOUJGQlhaMUN2czE0YzNtSzJZcUU3N1glMkJnb3Y4JTJCcmliSHdxUEslMkJHZUFydHhGdXBZejhySzQ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         178.250.0.157
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Tue, 04 Oct 2022 06:59:49 GMT
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=wIpDOF80M0RITmhlJTJCZkMwOUJGQlhaMUN2czE0YzNtSzJZcUU3N1glMkJnb3Y4JTJCcmlZWnBTMERMcWNmaDR0YnQ1ZjNTc2tm; expires=Sun, 29 Oct 2023 06:59:50 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 358974
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2

                                        
                                            GET /pxf.gif?uuid=3179ca33-2069-4bd5-b953-f7391aa8ed45&eb=10f387f87b313393a6d69bc0ef8596f8&te=8a361a1ceecdc6c0004ea425d91e176f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=ed36014633829dc70a42dccaefdf3f11&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=6 HTTP/1.1 
Host: unseenreport.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.61.227
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.22.0
Date: Tue, 04 Oct 2022 06:59:50 GMT
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9965dbf78cffa5495e506d1941101da1
Strict-Transport-Security: max-age=0; includeSubdomains


--- Additional Info ---
Magic:  very short file (no magic)
Size:   1
Md5:    93b885adfe0da089cdf634904fd59f71
Sha1:   5ba93c9db0cff93f52b521d7420e43f6eda2784f
Sha256: 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /newidsd HTTP/1.1 
Host: ag.gbc.criteo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

                                         
                                         185.235.84.138
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Tue, 04 Oct 2022 06:59:50 GMT
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 112461
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2

                                        
                                            GET /syncframe?origin=publishertag&topUrl=ouo.press HTTP/1.1 
Host: gum.criteo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         178.250.2.146
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
date: Tue, 04 Oct 2022 06:59:50 GMT
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=87978d0b-c109-4072-9b03-c12bba5b2766; expires=Sun, 29 Oct 2023 06:59:49 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 660094
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   5575
Md5:    24920ffce791411433d2b19361eceb87
Sha1:   32d1adc7320c805e9f6e9158c602a201b98469a6
Sha256: 138d4538ad20eab95031ebb83bcec9df8400ac720c255fdae64464800357781b
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 06:59:51 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 02 Oct 2022 01:42:55 GMT
Expires: Sun, 09 Oct 2022 01:42:54 GMT
Etag: "12094e4f75e6d03415180d178cfc097ef2aeffd6"
Cache-Control: max-age=412382,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 754c098649b7b506-OSL

                                        
                                            POST /g/v2/806.json HTTP/1.1 
Host: id5-sync.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 195
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         162.19.138.118
HTTP/1.1 200
content-type: application/json;charset=UTF-8
                                        
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
transfer-encoding: chunked
date: Tue, 04 Oct 2022 06:59:50 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   216
Md5:    f763c25bc02f599581863edd8def4741
Sha1:   b8166fa8dea02a4cf263bf82223f0812ac992359
Sha256: 68c3aca88cb10261ed7a630f46843230098dc8496539d24b517575ce5fd60b13
                                        
                                            GET /js/ld/publishertag.prebid.123.js HTTP/1.1 
Host: static.criteo.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         178.250.2.130
HTTP/2 200 OK
content-type: text/javascript
                                        
server: nginx
date: Tue, 04 Oct 2022 06:59:50 GMT
last-modified: Tue, 03 May 2022 11:21:03 GMT
etag: W/"6271101f-15b58"
expires: Wed, 05 Oct 2022 06:59:50 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65354)
Size:   32075
Md5:    47f3e968559c0d4b4644b8509a161ce7
Sha1:   0c5f71ff1e08f212a792356a644ac05cadbafa80
Sha256: 01859a69899c025bf682285bb7a80bb54560a5a772c660c0d0b9e7b33a5e10af
                                        
                                            POST /gsgccr3dvtlsca2020 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 06:59:51 GMT
Content-Length: 1414
Connection: keep-alive
Expires: Sat, 08 Oct 2022 04:12:42 GMT
ETag: "6af5d8d87a800a79133c2b556c08b758f9c2aea9"
Last-Modified: Tue, 04 Oct 2022 04:12:43 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1579
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754c0986ad1ab500-OSL


--- Additional Info ---
Magic:  data
Size:   1414
Md5:    0cfaddc2afe0bc70b11c76c78dc81515
Sha1:   6af5d8d87a800a79133c2b556c08b758f9c2aea9
Sha256: 59b8c395e110b1b59133647a157406d3403ed48e35a953e76c7f192d106909c9
                                        
                                            GET /api/identity/envelope?pid=1258 HTTP/1.1 
Host: api.rlcdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.133.55
HTTP/2 401 Unauthorized
content-type: text/plain; charset=utf-8
                                        
x-content-type-options: nosniff
date: Tue, 04 Oct 2022 06:59:51 GMT
content-length: 19
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   19
Md5:    63dfbd2b39fe4f536a04e7b32ada47b4
Sha1:   207298c4a215ad5d97d888522927910ae772ba48
Sha256: 26e51290d12b4fea0bb98da3ed118837b744555ba723061771ab3df30000b6b7
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1964
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 06:59:51 GMT
Last-Modified: Tue, 04 Oct 2022 06:27:08 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 280

                                        
                                            GET /track/rid?ttd_pid=pubmatic&fmt=json HTTP/1.1 
Host: match.adsrvr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         3.33.220.150
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Tue, 04 Oct 2022 06:59:51 GMT
content-length: 63
cache-control: private
expires: Thu, 03 Nov 2022 06:59:51 GMT
vary: Origin
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
x-aspnet-version: 4.0.30319
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   63
Md5:    06328d623c30296e41465abbf5aea489
Sha1:   3028bd3f9e99a296922ffa2b4451522a5ff892ca
Sha256: d824efe0428734b81f7e4556977bc8905507191922ebb4a47e51b80a5f169193
                                        
                                            POST / HTTP/1.1 
Host: ocsp.godaddy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         192.124.249.36
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Sucuri/Cloudproxy
Date: Tue, 04 Oct 2022 06:59:51 GMT
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 04 Oct 2022 00:03:09 GMT
Expires: Wed, 05 Oct 2022 00:03:09 GMT
ETag: "9cfa652eba045068a02f3c28b3b997008b9e60b1"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"


--- Additional Info ---
Magic:  data
Size:   1777
Md5:    4494c48ad536470e1ebf712280d3b648
Sha1:   9cfa652eba045068a02f3c28b3b997008b9e60b1
Sha256: 85cdbfde960efde478e82c1234f3f0be5127fe0ca03ad1465526824f27d92e72
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 06:59:51 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 02 Oct 2022 01:42:55 GMT
Expires: Sun, 09 Oct 2022 01:42:54 GMT
Etag: "12094e4f75e6d03415180d178cfc097ef2aeffd6"
Cache-Control: max-age=412382,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 754c09872afcb506-OSL

                                        
                                            GET /ren.gif?sid=H4sIAAAAAAAC%2F1SSz2skRRTHq3dXUARB2YuCMoiIgpn0j5meGfewGGMkmN0su4p7ELS6qnpSprqrqeqenuQUXJQcx%2F%2Bg851kQ3QRRa8uMlnYQ0DIeJA5mKsHTyLsyYPMbHD0QfHeq%2B87fN636ou94oy4KOhk%2BZrelkrRxWbdrb122%2FOu1NZkWvRr%2FXb4cdi4UjO9Nzth3X299q5gm3rRdz3X9VyvtiKNiHV%2FcSpCZvc6Xr3j1ht%2B3Ws20Df%2F723hwFIHvHdGnoPk40sPnMuQbIQ0%2BXZZ2M1cZ2%2B8kxSK5tqgxw8%2FSDdTXaZI5mVsHMTp4fk0tD1duQ%2BdHsxwoXv%2FDkZyTJyH9xGlh%2BeQiHr7M85IQaSI%2BNMoeyMINYKkIzB9B5KfEoBxXF9Hmty9rk1Jtx6rdKqOyaVHf0GWY3Lpt8tIk2%2BWlOzXbmlV5FKnFv24guyPILsjZMUx8u0LkOUxWP4ZJP%2BZLD5aQ5rsr1ulIfnklcBrdRgNggXfDTsLjYg3F6JOM1iIW0HHo7QteKM5M0jKEWQ8ghIDUOugmB7poIgdFJmDhE9qzPO8lssZddsdxgLeElHIXY%2B2Yo96bthGwaY7DJBnAzA1ADM7yMwONuUApvgJdqOC5Q5sTtDjFUpBUFqCkhKUkqDMCcpedcCV9W11lytbRN559s9zUA113t2jBzrvipTsZWfk2Zlxf3z0PTbFpCZ4ELpeIwyCtt%2FhrOXShs8ZoyLmcRB7HqysIO2F2Zrb8vSZX5HJ06cqRPQYVh2DyZdBixdBy2HLd0E3ho22i%2B30SBe6nhlhLbiukOVPIN9y9tQZeX4GENx%2BFYKdXP0kujb%2B8%2BhvMFMhMxU%2BlQ8Iump3eFOXZP%2BmLi35bj3LZSK36fRVb%2BU0Fxe%2Fek9sldrw1WU7OHqLTYVpee99YfM1mnKZdi35eklyLsyKNkyQH1fthyK6UdiNpcKkRbZ24%2B2V1WQGKHU6ApVjQh6egMkxefKHg9mHfeHzXUgzgikqJMUJOQ9IfQyW7cBmc36rL8Ko%2BUyUOSiLamj8aH6pJIES855GFex%2F%2Bmhe79lddM1LoPkdpEmFnqnQUxWoGsAWF4d5Zk6u%2FhLMApFyhpEyzn6kjPrysblWTmqtIHBp2Gl6rRYVrajht%2BPQ45T6jdAPQxogt2N2ZfL7PwAAAP%2F%2FAQAA%2F%2F97Aj46ewQAAA%3D%3D HTTP/1.1 
Host: notifyoutspoken.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Cookie: u_pl=15424691; uid_id2=3179ca33-2069-4bd5-b953-f7391aa8ed45:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleced36014633829dc70a42dccaefdf3f11=[3364902]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.61.225
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.22.0
Date: Tue, 04 Oct 2022 06:59:51 GMT
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6e2bb97b4a0321698a4a3d729583b586
Strict-Transport-Security: max-age=0; includeSubdomains


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   7
Md5:    132d6af1b46048b45cf86cdee7991d31
Sha1:   eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
Sha256: ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /id HTTP/1.1 
Host: id.crwdcntrl.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.251.218.252
HTTP/2 200 OK
content-type: application/json;charset=utf-8
                                        
date: Tue, 04 Oct 2022 06:59:51 GMT
content-length: 63
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.17.226
access-control-allow-credentials: true
access-control-allow-origin: https://ouo.press
server: Jetty(9.4.38.v20210224)
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   63
Md5:    5ef099191f13db7a11366ffff68748f1
Sha1:   2b773b375e7b220e334eef4ef4516dacb39d067f
Sha256: 555c014a04ec8279de27eccdc4fd9a5fb29489d431fa01a1aab1d7ccba709095
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "B525DB57340AC0C9AC960F9E711431B1992008B5B1506D72E8260AD3743B8F3B"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3570
Expires: Tue, 04 Oct 2022 07:59:21 GMT
Date: Tue, 04 Oct 2022 06:59:51 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "B525DB57340AC0C9AC960F9E711431B1992008B5B1506D72E8260AD3743B8F3B"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3570
Expires: Tue, 04 Oct 2022 07:59:21 GMT
Date: Tue, 04 Oct 2022 06:59:51 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "B525DB57340AC0C9AC960F9E711431B1992008B5B1506D72E8260AD3743B8F3B"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3570
Expires: Tue, 04 Oct 2022 07:59:21 GMT
Date: Tue, 04 Oct 2022 06:59:51 GMT
Connection: keep-alive

                                        
                                            GET /sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/index.html HTTP/1.1 
Host: cdn.yourwebbars.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.26.6.19
HTTP/2 200 OK
content-type: text/html
                                        
date: Tue, 04 Oct 2022 06:59:51 GMT
last-modified: Wed, 09 Feb 2022 11:16:34 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1622175
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6XsPcNAz7lvGZ4%2FBsBwXatEYW4gv%2F5njqHFZ50jTw3%2BbwDJsamsFof%2Fgp7CGYqg19Nhaf%2Fo3hnM81kVk6C0fuNMZdI9HXeuD4z4BxYiip25LNRXib5HfYGi2We7iZf1VTwS%2BHe8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754c09872fb9b4fd-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document, ASCII text
Size:   434
Md5:    8dd0779b677efc86a3488d0790838e91
Sha1:   560f0fa9d4255edf27277fe8d6a1388f508b52a2
Sha256: 825d8f663dabe4e191f9a2fd620984190467385ed30b425615dc2391df8a249a
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "B525DB57340AC0C9AC960F9E711431B1992008B5B1506D72E8260AD3743B8F3B"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3570
Expires: Tue, 04 Oct 2022 07:59:21 GMT
Date: Tue, 04 Oct 2022 06:59:51 GMT
Connection: keep-alive

                                        
                                            GET /sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/img/icon.jpg HTTP/1.1 
Host: cdn.sb4you1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.64.200.2
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Tue, 04 Oct 2022 06:59:51 GMT
content-length: 59931
last-modified: Tue, 08 Feb 2022 14:18:00 GMT
etag: "62027b98-ea1b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 5345730
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AqHVaH2G4PP0j1ELgVc5drZp%2Fja5MOrjRp8RhUCmAHMl9GwGY2gZd1Jhmvx4iHc034AUbsoMYT7weVqSIjESgszHxaZ6WRqJhcqCC8Q9t%2FB1s6bZx%2FxOhnSwKs%2B79Y7OjrI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754c098868bf8e0c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=821, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1232], progressive, precision 8, 281x290, components 3\012- data
Size:   59931
Md5:    9337eb4f9526f6d16e6d1602d8fee3ae
Sha1:   203c7272c5a60a752db43857b2d337d644f690f5
Sha256: 1e803197ccab280a9285cdae1adbea170504d59ef0bbf02aab3d9785c0871422
                                        
                                            GET /sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/js/script.js HTTP/1.1 
Host: cdn.sb4you1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         172.64.200.2
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 04 Oct 2022 06:59:51 GMT
last-modified: Mon, 17 Jan 2022 14:40:54 GMT
etag: W/"61e57ff6-1e8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4778800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PvX0zPXKXjzgwwL3N5r5lwx9e%2BBCQOuPrB5Hkt30xrtz4tRAneACnEBTXPCm41fpNVxKDGKQ9h%2Bl5QiD%2FMBmp5UTOEKOeZw3MJdjScbiJym%2BigIBoMkWcHByX1TfJjWljZI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754c09880d530079-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text
Size:   257
Md5:    8e903260935524c1f5eb8e07417fc653
Sha1:   2eba6224960e767d7d9ceb5641fa06204551f668
Sha256: b7a9e40afd034f0fe6d1fce20d4e469416b5ca9208593096fe2cc61dd441e44f
                                        
                                            GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fflip_icon%2F13%2Fjs%2Fscript.js&l=468&fd=148 HTTP/1.1 
Host: notifyoutspoken.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Cookie: u_pl=15424691; uid_id2=3179ca33-2069-4bd5-b953-f7391aa8ed45:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleced36014633829dc70a42dccaefdf3f11=[3364902]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.61.225
HTTP/1.1 200 OK
                                        
Server: nginx/1.22.0
Date: Tue, 04 Oct 2022 06:59:51 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

                                        
                                            GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fflip_icon%2F13%2Fcss%2Fstyle.css&l=10065&fd=150 HTTP/1.1 
Host: notifyoutspoken.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Cookie: u_pl=15424691; uid_id2=3179ca33-2069-4bd5-b953-f7391aa8ed45:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleced36014633829dc70a42dccaefdf3f11=[3364902]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.61.225
HTTP/1.1 200 OK
                                        
Server: nginx/1.22.0
Date: Tue, 04 Oct 2022 06:59:51 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ouo.press
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:34:08 GMT
expires: Thu, 28 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 473144
last-modified: Wed, 11 May 2022 19:24:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size:   15744
Md5:    15d9f621c3bd1599f0169dcf0bd5e63e
Sha1:   7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
Sha256: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ouo.press
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:34:08 GMT
expires: Thu, 28 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 473144
last-modified: Wed, 11 May 2022 19:24:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size:   15860
Md5:    e9f5aaf547f165386cd313b995dddd8e
Sha1:   acdef5603c2387b0e5bffd744b679a24a8bc1968
Sha256: f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
                                        
                                            GET /impr.gif?sid=H4sIAAAAAAAC%2F1SSz2skRRTHq3dXUARB2YuCMoiIgpl0T89P97AYYySY3Sy7insQtH71pEx1V1PVPT3JKbgoOY7%2FQec7yYboIopeXWSysIeAkPEgczBXD55E2JMHmdng6IPivVffd%2Fi8b9UXe%2FkZ8ZHTyfI1s620pouNql957XYQXKmsqSTvV%2Frt5sfN%2BpWK7b3ZaVb91yvvSr5pFmt%2B4PuBH1RWlJWR6S9ORaj0XieodvxqvVYNGnX07f97l3tw1IPonZHnoMT40gPvMhQfIYm%2FXZZuMzPpG%2B%2FEuaaZseiJww%2BSzcQUCeJ5GVkPUXJ4Pg3jTlfuwyQHM1yY3r%2BDTI2J9%2FA%2BWHJ4DgnW259xMg2ZgImnUfRGkHoERUfg5g6UOCUAF7i%2BjiS%2Be93Ygm49VulUHZNLj%2F6CKsbk0m%2BXkcTfLGnVr9wyOs%2BUSRz6UQnVH0F1R0jzY2TbF6CKY%2FDsMyjxM1l8tIYk3l932kCJySth0OpwGoYLNb%2FZWagz0VhgnUa4ELXCTkBpW4p6Y2aQUiOoaAQtB6DOQz49ykMeechTD7GYVHgQBC1fcOq3O5yHoiVZU%2FgBbUUBDfxmGzmf7jBAlg7A9QDc7iC1O9hUA9j8J7iNEk54cBlBT5QoJEHhCApKUCiCIiMoeuWB0K7myrtCu5wF57l2nsNyaLLuHj0wWVcmZC89I8%2FOjPvjo%2B%2BxKScVKcKmH9SbYdiudQRv%2BbReE5xTGYkojIIATpVQ7sJszW11%2BsyvSNXpUyUYPYbTx%2BDqZdD8RdBi2Kr5oBvDetvHdnJkclNNrXQOwpRIsyeQbXl7%2Bow8PwMIb78KyU%2BufsKujf88%2BhvclkhtiU%2FVA4Ku3h3eNAXZv2kKR75bTzMVq206fdVbGc3kxa%2Fek1uFsWJ12Q2O3uJTYVree1%2B6bI0mQiVdR75eUkJIu2Isl%2BTHVfehZDdyt7GU2yRP1268vbIazwCVSUagakzIwxNwNSZP%2FnAw%2B7AvfL4LZUeweYk4PyHnAWWOwdMduHTO78xFWD2fYamHIi%2BHtsbml1oRaDnvKSvh%2FtOzeb3ndtG1L4Fmd5DEJXq2RE%2BXoHoAl18cZqk9ufpLOAsw7Q2Ztt4%2B01Z%2F%2BdhcpyaV0BctJiPZYrLeqEeSC9ZoMJ9HnIWi3ebI3Jhfmfz%2BDwAAAP%2F%2FAQAA%2F%2F%2F71uvSewQAAA%3D%3D HTTP/1.1 
Host: notifyoutspoken.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Cookie: u_pl=15424691; uid_id2=3179ca33-2069-4bd5-b953-f7391aa8ed45:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleced36014633829dc70a42dccaefdf3f11=[3364902]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.61.225
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.22.0
Date: Tue, 04 Oct 2022 06:59:52 GMT
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c2f7ec3c6092afe73d322a7ebf4be13f
Strict-Transport-Security: max-age=0; includeSubdomains


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   7
Md5:    132d6af1b46048b45cf86cdee7991d31
Sha1:   eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
Sha256: ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /pixel/sbs?c=1 HTTP/1.1 
Host: notifyoutspoken.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Cookie: u_pl=15424691; uid_id2=3179ca33-2069-4bd5-b953-f7391aa8ed45:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleced36014633829dc70a42dccaefdf3f11=[3364902]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.61.225
HTTP/1.1 200 OK
                                        
Server: nginx/1.22.0
Date: Tue, 04 Oct 2022 06:59:52 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /AdServer/js/user_sync.html?kdntuid=1&p=155495 HTTP/1.1 
Host: ads.pubmatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.38.200.201
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
server: Apache
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5549
cache-control: max-age=68812
expires: Wed, 05 Oct 2022 02:06:45 GMT
date: Tue, 04 Oct 2022 06:59:53 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document, ASCII text, with very long lines (15844), with no line terminators
Size:   5549
Md5:    7725e8e949141c8ded449d86975d4c04
Sha1:   8cd8c314a2002cc26f821d331ab9512f52a551a2
Sha256: a0c49aacf6f552bce544eb8516404f696918253cd934a6404ebeafd71f8780ae
                                        
                                            OPTIONS /sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&pbt=1&lsw=1 HTTP/1.1 
Host: gum.criteo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://ouo.press/
Origin: https://ouo.press
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         178.250.2.146
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Tue, 04 Oct 2022 06:59:52 GMT
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://ouo.press
server-processing-duration-in-ticks: 429194
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2

                                        
                                            GET /tjU7aGu HTTP/1.1 
Host: ouo.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         104.22.23.162
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
                                        
date: Tue, 04 Oct 2022 06:59:47 GMT
location: https://ouo.press/tjU7aGu
cache-control: no-cache
set-cookie: ouoio_session=eyJpdiI6ImlwcjZqYzdUM3o1OE1Hd0t5T1BabkFxMlZ3RzA5MHlXUE4xaHAyZExPdEU9IiwidmFsdWUiOiI2bExLXC84WXdUSkFhRjZFYVM2U1FHTlwvZG85M0hHejZ6QWdhd0ZHQ1o1ZkQ4M3BIV2pWb283b2Y5XC9ieHVUdjNiTDZ4RVkxdklEVEN5RmNHUkpLUUZWQT09IiwibWFjIjoiZWI2NWVjNjQyZWJkNTY3NWUzYjJmNDRiMmYwNjcyMDYyNGRlZDIyZWRjMjAwYjcxMmZkYjU5NWQyNjE3YzEwNCJ9; path=/; httponly language=eyJpdiI6IkNYTjM3SEFNc1JwdVZaY3hPQlduNHNHUlZoSHlwY1VMZnZMOWt5c2M2cFE9IiwidmFsdWUiOiJtS0N3S21Pb0tUd21jYVVmT3hmVXpZMXVsTzZjUEY4N3NkTExxTjJMMDhJPSIsIm1hYyI6ImZmNzE1YWEyZjMwNjgwN2RkOTUzOTMxZDg0YmE0MmNlZjVjNGYzMDNiZDg0MjYxYWNmYzJkM2M5YTA4NWI1ZjIifQ%3D%3D; expires=Sun, 03-Oct-2027 06:59:47 GMT; Max-Age=157680000; path=/; httponly 213faa73c20879882c0c222d1e56b17ad3b45225=eyJpdiI6Ino4OHBFZHBcL3pLUlc2dmNhQVBOWGtnRnEyMFNINGRZK2ZLUys3SEROQ3VVPSIsInZhbHVlIjoieVwvMTh5Uk0wUUFFZFhmc2F2WEZtV05sS3JUb3gyaVJkR2pTZWl4VUdvbDZIb041dndjbzE3SVk3WEZCMHZ6eDZsVVVTUlJDSlwvMmlLVDhyekdDd3lpUnMyRVllaGExc1lCT1IzY3UyVE9TSzdJeklyRlwvYThXRjJyQ0FJdnlcL3NIZnkrNzRuV0FkWHQzWVdSUjRObGR1bGx3YkZLN0Z6eTJJTW5JNUZyajhzbk9NOWhqNmtETlpOOFVuMHl0bWcyR1pLZVptXC9OdnlCcUtTSUszbUN6cFdkdXFnMlp1dkRxZzBPMjBVSjBRXC9cLzByWmxsMEpiMEtRNGk2ekVOSSs2OW1kSlUzR1BRRk5VbWpUR1lEWWY3WnNqSFRPWWpPdExDUGlCXC82S0NqbDRsOWppeU4wdEVJc2prRlJWM3VjWlNucU51NXdwc3ZwSWpURDQ0SjZ3dFNiTFE9PSIsIm1hYyI6IjZmNTdkMzE1NmI5MWU5ZGRkY2Y2YWQ5ZGE0MTA5ZWVmYjA1NWZjNTU5YTk5ODFlMjY3ZTQwMGRjOGQ0YWMxNDQifQ%3D%3D; expires=Tue, 04-Oct-2022 08:59:47 GMT; Max-Age=7200; path=/; httponly
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 754c096c7d19b505-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /css/link-safe.css HTTP/1.1 
Host: ouo.press
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/tjU7aGu
Cookie: ouoio_session=eyJpdiI6ImllcTcwcjh0QXhZOUpmaWhOUXhScXpYVkhCWnVqbExLdnFyTzJDbzg2dDg9IiwidmFsdWUiOiJPWkcxRkUyenRod1puUnVMcWY3eWR0WkdxUkpiOFFPd2taOERwNEdHQzRiKytzREoxc2VqTUZFU0VybXRKXC9xRHpQS2dKcUk5aUMzXC9qRFF1bllwaE1nPT0iLCJtYWMiOiIzOTQ0ZWYyY2E5MWVhYTFlY2Y2MTIxNzBhNzYxMDM1NmFjYjI0M2QxMzAzMjU2MTc0MThlMWMyNjIzMzRmYmRhIn0%3D; language=eyJpdiI6IjB4NGtrVk9oOVwvRk5LNTQ5emFLVE5LR0s0RndFZ3BEdHBGd3c0MWxHMFc4PSIsInZhbHVlIjoiU1FpRkVKd2g4WEdLTVFIc2U2cWZYRnVjSWxmSjh1VDBQR0hOa25VTXR1WT0iLCJtYWMiOiJmNzIxMzc4MjA0NTBmM2IzMmQ5MTI4NGM0ODVjZmEwOTQzYzFlZWVjMDQyYjYxMjc4ZThkNDVmMWMzOGY0NTFiIn0%3D; 45996c036d28f90eefb50aa20e354e733d202718=eyJpdiI6Ikw5WkhKQnRURnJiRjZUUzZLTklqcTVnc1FVQTdsMzM0azdFaE5rcERVWlU9IiwidmFsdWUiOiJJY0tMXC9KZktaV1YrQzZ0a0JxOElsZ0VxY2h4RThscUpCM29YSkdmS2h5N1IxZTlJQkVYVTNqNHlxU281UkN1am1idzk1eXpUd01QUkkreHJndkJSaDkzYmhQVDY4eFR6NUdmY05LUHliUEcydGx3VzE4UWNYRzl5QnFDK1ZDcEZoN0ptbWh3RTJKam0rRTU1N0JpQUFBdDVNWEJ2SWFNYXVlXC9ZM0RDaFhTRm43aFc0YnZRNnppZnBpcWZBOXNYXC9XaldObEFYbkZzVGlYSlFtczNcL3h0V1lDR1hrZVlmQTJlT0VCanllVks5TzhqMHZGK0JkTit1SUtLVm1OTFJ6TUtRYjQyRVVMRUJ3aUdvV3k5N2g5YjJ1ZHgwemR2ejdNNzlaR0dqVVwvMGFHanFlT3BmKzB3aytnQ3VybWpUS2plRDJrcFIycDNaRHhoTDlUS2xtS3RSVGdaZytmeVROcG50ektOaEV0TmpvZmxwUkFkTmwycThrOStrUDU2akdCdSIsIm1hYyI6IjgzZmViZTMwZDMyNjZiZTg3ZTY3OWY0ZjY5ZTQyOWIyOWVmMzVkOWVkZmJhZjU2ODEyZTg5MDNkMGNiMzZhNDIifQ%3D%3D; __cf_bm=Ap_jthfqAHh1KxfXiu3USgcSjzVXCQD2grOnmz4YtSE-1664866787-0-AX43a1L1TG2h8GnlwI5j42qcZ83/PJc9the1qCtI3AdqIrFv0CoeLUOi932Kr/J1AJZP33rwBGc6FxYWYrD5Xrk=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.22.58.251
HTTP/2 200 OK
content-type: text/css
                                        
date: Tue, 04 Oct 2022 06:59:48 GMT
cache-control: max-age=86400
cf-bgj: minify
cf-polished: status=cannot_optimize
etag: W/"5d951ace-1830"
expires: Tue, 04 Oct 2022 15:32:15 GMT
last-modified: Wed, 02 Oct 2019 21:46:54 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 12453
vary: Accept-Encoding
server: cloudflare
cf-ray: 754c09719b02b505-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /css/bootstrap.css HTTP/1.1 
Host: ouo.press
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/tjU7aGu
Cookie: ouoio_session=eyJpdiI6ImllcTcwcjh0QXhZOUpmaWhOUXhScXpYVkhCWnVqbExLdnFyTzJDbzg2dDg9IiwidmFsdWUiOiJPWkcxRkUyenRod1puUnVMcWY3eWR0WkdxUkpiOFFPd2taOERwNEdHQzRiKytzREoxc2VqTUZFU0VybXRKXC9xRHpQS2dKcUk5aUMzXC9qRFF1bllwaE1nPT0iLCJtYWMiOiIzOTQ0ZWYyY2E5MWVhYTFlY2Y2MTIxNzBhNzYxMDM1NmFjYjI0M2QxMzAzMjU2MTc0MThlMWMyNjIzMzRmYmRhIn0%3D; language=eyJpdiI6IjB4NGtrVk9oOVwvRk5LNTQ5emFLVE5LR0s0RndFZ3BEdHBGd3c0MWxHMFc4PSIsInZhbHVlIjoiU1FpRkVKd2g4WEdLTVFIc2U2cWZYRnVjSWxmSjh1VDBQR0hOa25VTXR1WT0iLCJtYWMiOiJmNzIxMzc4MjA0NTBmM2IzMmQ5MTI4NGM0ODVjZmEwOTQzYzFlZWVjMDQyYjYxMjc4ZThkNDVmMWMzOGY0NTFiIn0%3D; 45996c036d28f90eefb50aa20e354e733d202718=eyJpdiI6Ikw5WkhKQnRURnJiRjZUUzZLTklqcTVnc1FVQTdsMzM0azdFaE5rcERVWlU9IiwidmFsdWUiOiJJY0tMXC9KZktaV1YrQzZ0a0JxOElsZ0VxY2h4RThscUpCM29YSkdmS2h5N1IxZTlJQkVYVTNqNHlxU281UkN1am1idzk1eXpUd01QUkkreHJndkJSaDkzYmhQVDY4eFR6NUdmY05LUHliUEcydGx3VzE4UWNYRzl5QnFDK1ZDcEZoN0ptbWh3RTJKam0rRTU1N0JpQUFBdDVNWEJ2SWFNYXVlXC9ZM0RDaFhTRm43aFc0YnZRNnppZnBpcWZBOXNYXC9XaldObEFYbkZzVGlYSlFtczNcL3h0V1lDR1hrZVlmQTJlT0VCanllVks5TzhqMHZGK0JkTit1SUtLVm1OTFJ6TUtRYjQyRVVMRUJ3aUdvV3k5N2g5YjJ1ZHgwemR2ejdNNzlaR0dqVVwvMGFHanFlT3BmKzB3aytnQ3VybWpUS2plRDJrcFIycDNaRHhoTDlUS2xtS3RSVGdaZytmeVROcG50ektOaEV0TmpvZmxwUkFkTmwycThrOStrUDU2akdCdSIsIm1hYyI6IjgzZmViZTMwZDMyNjZiZTg3ZTY3OWY0ZjY5ZTQyOWIyOWVmMzVkOWVkZmJhZjU2ODEyZTg5MDNkMGNiMzZhNDIifQ%3D%3D; __cf_bm=Ap_jthfqAHh1KxfXiu3USgcSjzVXCQD2grOnmz4YtSE-1664866787-0-AX43a1L1TG2h8GnlwI5j42qcZ83/PJc9the1qCtI3AdqIrFv0CoeLUOi932Kr/J1AJZP33rwBGc6FxYWYrD5Xrk=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.22.58.251
HTTP/2 200 OK
content-type: text/css
                                        
date: Tue, 04 Oct 2022 06:59:48 GMT
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=109522
etag: W/"54def1fc-1abd2"
expires: Tue, 04 Oct 2022 11:23:16 GMT
last-modified: Sat, 14 Feb 2015 06:58:04 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 27392
vary: Accept-Encoding
server: cloudflare
cf-ray: 754c09719affb505-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /aax2/apstag.js HTTP/1.1 
Host: c.amazon-adsystem.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         18.164.72.231
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 04 Oct 2022 06:39:55 GMT
last-modified: Mon, 03 Oct 2022 17:29:38 GMT
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600
server: AmazonS3
content-encoding: gzip
via: 1.1 86897b9f074001e33ff5cbec58c4bc02.cloudfront.net (CloudFront), 1.1 a455b0542ae02d17ddbe081579777502.cloudfront.net (CloudFront)
etag: W/"0b4d277527066dd35dd7c0288cb596b4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: LHR50-P4, LHR50-P4
x-amz-cf-id: JpYxvRSgxOdXPWWN4jm99E4H5coh4vEMwt8UJzh7Myal7TaU8Q5d6w==
age: 1195
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&pbt=1&lsw=1 HTTP/1.1 
Host: gum.criteo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         178.250.2.146
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Tue, 04 Oct 2022 06:59:52 GMT
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://ouo.press
server-processing-duration-in-ticks: 937135
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /js/ld/publishertag.prebid.js HTTP/1.1 
Host: static.criteo.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         178.250.2.130
HTTP/2 200 OK
content-type: text/javascript
                                        
server: nginx
date: Tue, 04 Oct 2022 06:59:50 GMT
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
etag: W/"6326273b-16120"
expires: Wed, 05 Oct 2022 06:59:50 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1 
Host: ouo.press
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/tjU7aGu
Cookie: ouoio_session=eyJpdiI6ImllcTcwcjh0QXhZOUpmaWhOUXhScXpYVkhCWnVqbExLdnFyTzJDbzg2dDg9IiwidmFsdWUiOiJPWkcxRkUyenRod1puUnVMcWY3eWR0WkdxUkpiOFFPd2taOERwNEdHQzRiKytzREoxc2VqTUZFU0VybXRKXC9xRHpQS2dKcUk5aUMzXC9qRFF1bllwaE1nPT0iLCJtYWMiOiIzOTQ0ZWYyY2E5MWVhYTFlY2Y2MTIxNzBhNzYxMDM1NmFjYjI0M2QxMzAzMjU2MTc0MThlMWMyNjIzMzRmYmRhIn0%3D; language=eyJpdiI6IjB4NGtrVk9oOVwvRk5LNTQ5emFLVE5LR0s0RndFZ3BEdHBGd3c0MWxHMFc4PSIsInZhbHVlIjoiU1FpRkVKd2g4WEdLTVFIc2U2cWZYRnVjSWxmSjh1VDBQR0hOa25VTXR1WT0iLCJtYWMiOiJmNzIxMzc4MjA0NTBmM2IzMmQ5MTI4NGM0ODVjZmEwOTQzYzFlZWVjMDQyYjYxMjc4ZThkNDVmMWMzOGY0NTFiIn0%3D; 45996c036d28f90eefb50aa20e354e733d202718=eyJpdiI6Ikw5WkhKQnRURnJiRjZUUzZLTklqcTVnc1FVQTdsMzM0azdFaE5rcERVWlU9IiwidmFsdWUiOiJJY0tMXC9KZktaV1YrQzZ0a0JxOElsZ0VxY2h4RThscUpCM29YSkdmS2h5N1IxZTlJQkVYVTNqNHlxU281UkN1am1idzk1eXpUd01QUkkreHJndkJSaDkzYmhQVDY4eFR6NUdmY05LUHliUEcydGx3VzE4UWNYRzl5QnFDK1ZDcEZoN0ptbWh3RTJKam0rRTU1N0JpQUFBdDVNWEJ2SWFNYXVlXC9ZM0RDaFhTRm43aFc0YnZRNnppZnBpcWZBOXNYXC9XaldObEFYbkZzVGlYSlFtczNcL3h0V1lDR1hrZVlmQTJlT0VCanllVks5TzhqMHZGK0JkTit1SUtLVm1OTFJ6TUtRYjQyRVVMRUJ3aUdvV3k5N2g5YjJ1ZHgwemR2ejdNNzlaR0dqVVwvMGFHanFlT3BmKzB3aytnQ3VybWpUS2plRDJrcFIycDNaRHhoTDlUS2xtS3RSVGdaZytmeVROcG50ektOaEV0TmpvZmxwUkFkTmwycThrOStrUDU2akdCdSIsIm1hYyI6IjgzZmViZTMwZDMyNjZiZTg3ZTY3OWY0ZjY5ZTQyOWIyOWVmMzVkOWVkZmJhZjU2ODEyZTg5MDNkMGNiMzZhNDIifQ%3D%3D; __cf_bm=Ap_jthfqAHh1KxfXiu3USgcSjzVXCQD2grOnmz4YtSE-1664866787-0-AX43a1L1TG2h8GnlwI5j42qcZ83/PJc9the1qCtI3AdqIrFv0CoeLUOi932Kr/J1AJZP33rwBGc6FxYWYrD5Xrk=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.22.58.251
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 04 Oct 2022 06:59:48 GMT
last-modified: Mon, 26 Sep 2022 11:11:52 GMT
etag: W/"633188f8-4d7"
vary: Accept-Encoding
server: cloudflare
cf-ray: 754c0971ab0db505-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Thu, 06 Oct 2022 06:59:48 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /rtb/async.js HTTP/1.1 
Host: cdn.adtrue.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.144.172
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 04 Oct 2022 06:59:48 GMT
last-modified: Mon, 16 Nov 2020 01:20:45 GMT
etag: W/"5fb1d3ed-1c9f"
expires: Sun, 24 Sep 2023 03:46:20 GMT
cache-control: max-age=31104000
access-control-allow-origin: *
cf-cache-status: HIT
age: 443608
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6xK%2BjaymsoYtqAxTrhJ96AUVCNukkIySJepmP5Q7RjIorKRhqFKJgu8D7E4IoKPoT%2FT8CtAtDS6nWvFXtUEOP666gjIwXSBpYnBaL0USNArqK5LruEwof1FUO1YHXONGPg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754c0971de10b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /c.js HTTP/1.1 
Host: hhklc.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.223.102
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 04 Oct 2022 06:59:48 GMT
last-modified: Tue, 27 Sep 2022 15:56:01 GMT
etag: W/"63331d11-21a9"
server-asp-net: Asp Net
expires: Tue, 04 Oct 2022 07:30:40 GMT
cache-control: public, max-age=14400
cf-cache-status: HIT
age: 848
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KuGZaGSpkqcDq18J78Wt3FKWl9dpNJocZpsCHkzl8RYioi7jXuV9ctoQTXYne1sL4SbInsZWuonRxbo2brd3y1NywXb3Cs65HN0%2F%2BsF67o6ktWmVlaz1nUZPWBo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754c0971dbc6b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1 HTTP/1.1 
Host: gum.criteo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         178.250.2.146
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Tue, 04 Oct 2022 06:59:49 GMT
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://ouo.press
server-processing-duration-in-ticks: 1403204
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /newidsd HTTP/1.1 
Host: gem.gbc.criteo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

                                         
                                         178.250.6.228
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Tue, 04 Oct 2022 06:59:50 GMT
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 95927
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /AdServer/js/pwt/155495/4202/pwt.js HTTP/1.1 
Host: ads.pubmatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.38.200.201
HTTP/2 200 OK
content-type: application/javascript
                                        
server: Apache
last-modified: Wed, 27 Oct 2021 05:33:12 GMT
etag: "1241a12-3fca8-5cf4eee137dd8"
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: https://ci-va2qa-mgmt.pubmatic.com
x-xss-protection: 1; mode=block
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 80538
cache-control: max-age=92229
expires: Wed, 05 Oct 2022 08:36:58 GMT
date: Tue, 04 Oct 2022 06:59:49 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/css/animate.css HTTP/1.1 
Host: cdn.sb4you1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         172.64.200.2
HTTP/2 200 OK
content-type: text/css
                                        
date: Tue, 04 Oct 2022 06:59:51 GMT
last-modified: Mon, 17 Jan 2022 14:25:59 GMT
etag: W/"61e57c77-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 2075236
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wtMr7nB9RU9A83%2FFQVXP8lj4f60%2Fy3gRAXtScanEdnDpOvjbeGRHTxGYOGGMQZUlXepU2JfeAQOV1wllwaXu0CSp%2B5ovVJ72ueOA24Y7P%2BVbPNYe1TApedTFpxktQNCatR0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754c09880d4b0079-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /fi_client.js HTTP/1.1 
Host: ecdn.firstimpression.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.68.68
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 04 Oct 2022 06:48:05 GMT
server: nginx/1.20.0
x-powered-by: PHP/8.0.14
x-xss-protection: 0
last-modified: Tue, 04 Oct 2022 06:48:05 UTC
etag: W/"a95c475f3eaf96d73656e6be39a76ea0"
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9a9edb00220c3ef50c1919f84fea4888.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P1
x-amz-cf-id: i4eS4XSMAKPcTYzg1qBXiIA8hfLKt1NxN7ww2VlH4ODviF2Aq3rP1Q==
age: 703
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/css/style.css HTTP/1.1 
Host: cdn.sb4you1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         172.64.200.2
HTTP/2 200 OK
content-type: text/css
                                        
date: Tue, 04 Oct 2022 06:59:51 GMT
last-modified: Wed, 09 Feb 2022 11:16:21 GMT
etag: W/"6203a285-2751"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 5345621
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZdEfeBasj6H1W8nOuvln4avPjC0U1z%2BhltWwKdaWomjFrY1gXRK3dCd6CSnsf2X2LPlC0nRobAkjBN6FIieG%2FxuVd9xVx9FIe03nQROegzQvzz0D1PYUA2gcfdw5Kap%2Fh7w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754c09880d540079-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /AdServer/SPug?o=1&p=155495&sc=1&u=2C09F577-335D-42F9-9215-E3643E379C98&rs=3&gdpr=0&gdpr_consent=&us_privacy= HTTP/1.1 
Host: simage4.pubmatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site

                                         
                                         198.47.127.20
HTTP/2 200 OK
                                        
server: nginx
date: Tue, 04 Oct 2022 06:59:51 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/img/close.svg HTTP/1.1 
Host: cdn.sb4you1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.64.200.2
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Tue, 04 Oct 2022 06:59:51 GMT
last-modified: Mon, 17 Jan 2022 14:26:00 GMT
etag: W/"61e57c78-415"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 5345730
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uAesunDzckdVLU2Hc85ofNbbrB61Kbe99vWqirRobJPqB%2BugkNtUcm4n8jOKk19Dtr3fcx%2FRrMwfr%2Fsji404M3OIrEWqmF1n9uCy3gzE1%2FC33VF3YK6rNobvNdZkvbZj0Bo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754c098878d78e0c-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---