Overview

URLouo.io/599QOVX
IP 104.22.23.162 ()
ASN#13335 CLOUDFLARENET
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-11-14 21:53:15 UTC
StatusLoading report..
IDS alerts0
Blocklist alert1
urlquery alerts No alerts detected
Tags None

Domain Summary (52)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
gum.criteo.com (5) 381 2015-01-22 10:58:57 UTC 2020-03-06 00:06:09 UTC 178.250.0.157
r3.o.lencr.org (8) 344 No data No data 23.36.76.226
ocsp.digicert.com (15) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
ouo.press (5) 89754 2016-10-08 20:09:51 UTC 2022-11-14 06:41:03 UTC 172.67.22.15
ocsp.pki.goog (10) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.3
www.google.com (1) 7 2016-03-22 03:56:07 UTC 2022-11-14 06:19:30 UTC 142.250.74.164
ib.adnxs.com (3) 241 2013-11-13 21:17:09 UTC 2020-03-22 02:54:33 UTC 37.252.171.22
c.amazon-adsystem.com (3) 300 2013-12-19 15:10:01 UTC 2020-03-20 03:39:56 UTC 54.230.111.210
ouo.io (2) 50761 2015-02-15 06:06:38 UTC 2022-11-14 06:39:55 UTC 104.22.22.162
cdn.adtrue.com (1) 52823 No data No data 172.67.144.172
cdn.firstimpression.io (1) 18692 2021-01-14 07:12:29 UTC 2022-11-14 17:37:37 UTC 54.230.111.77
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-11-14 06:01:23 UTC 34.102.187.140
ecdn.analysis.fi (1) 22604 2021-04-26 06:44:49 UTC 2022-11-14 17:37:36 UTC 54.230.111.8
widgets.outbrain.com (1) 1272 2012-05-22 16:25:59 UTC 2021-09-19 11:36:18 UTC 23.38.201.81
fastlane.rubiconproject.com (1) 459 2018-06-14 02:15:35 UTC 2019-11-13 04:41:44 UTC 213.19.162.51
ocsp.sectigo.com (3) 487 2019-11-29 11:50:24 UTC 2021-09-17 20:05:40 UTC 104.18.32.68
simage4.pubmatic.com (1) 1129 2013-08-22 13:21:53 UTC 2020-05-04 02:07:07 UTC 198.47.127.20
gem.gbc.criteo.com (1) 6039 2019-02-05 12:48:26 UTC 2019-12-16 15:58:47 UTC 185.235.84.149
itineraryupper.com (1) 280787 2020-07-23 02:40:11 UTC 2022-11-14 17:37:50 UTC 173.233.137.44
fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-11-14 14:35:32 UTC 142.250.74.10
ads.pubmatic.com (3) 469 2012-10-30 07:42:53 UTC 2020-05-06 07:34:52 UTC 23.38.200.201
match.adsrvr.org (1) 349 2014-10-06 17:59:33 UTC 2022-11-14 06:03:29 UTC 15.197.193.217
ocsp.godaddy.com (1) 698 2012-05-20 19:28:57 UTC 2020-05-02 20:58:10 UTC 192.124.249.23
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-14 06:01:12 UTC 34.117.237.239
tv.gourdycortes.com (1) 0 No data No data 23.109.82.38 Unknown ranking
www.googletagmanager.com (2) 75 2013-05-22 02:07:37 UTC 2022-11-14 07:03:23 UTC 142.250.74.168
img-getpocket.cdn.mozilla.net (6) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
id5-sync.com (1) 504 2017-04-26 01:01:49 UTC 2022-11-14 06:05:22 UTC 141.95.98.65
id.crwdcntrl.net (1) 1695 2020-11-30 15:11:25 UTC 2022-11-14 13:36:59 UTC 3.248.87.83
ecdn.firstimpression.io (3) 18146 2021-02-01 12:00:32 UTC 2022-11-14 13:37:02 UTC 54.230.111.77
tag.1rx.io (1) 1330 No data No data 213.19.147.43
aax-dtb-cf.amazon-adsystem.com (1) 0 No data No data 54.230.241.131 Domain (amazon-adsystem.com) ranked at: 3190
dnacdn.net (2) 3760 2019-09-02 15:07:45 UTC 2022-11-14 06:35:25 UTC 178.250.2.146
image6.pubmatic.com (1) 637 2015-10-14 10:06:42 UTC 2020-04-15 04:23:13 UTC 198.47.127.19
ouo.io (2) 50761 2015-02-15 06:06:38 UTC 2022-11-14 06:39:55 UTC 172.67.6.151
ad.doubleclick.net (1) 186 2013-05-06 20:24:43 UTC 2022-11-14 11:18:27 UTC 142.250.74.102
fonts.gstatic.com (1) 0 2014-09-09 00:40:21 UTC 2022-11-14 17:34:36 UTC 216.58.207.195 Domain (gstatic.com) ranked at: 540
cdn.jsdelivr.net (1) 439 2012-09-30 00:15:09 UTC 2020-08-10 12:12:39 UTC 151.101.85.229
ocsp.globalsign.com (2) 2075 2012-07-20 17:46:16 UTC 2020-05-02 20:58:10 UTC 104.18.20.226
bidder.criteo.com (1) 750 2017-01-30 05:01:16 UTC 2020-04-04 21:53:35 UTC 178.250.2.131
ag.gbc.criteo.com (1) 5925 2018-12-17 13:17:41 UTC 2019-12-16 16:26:43 UTC 178.250.6.237
hhklc.com (1) 0 2022-06-12 16:30:56 UTC 2022-11-14 13:59:54 UTC 104.21.70.122 Unknown ranking
api.rlcdn.com (1) 791 2018-09-26 05:12:06 UTC 2022-11-14 06:09:24 UTC 34.120.133.55
static.criteo.net (2) 652 2012-05-22 17:01:05 UTC 2020-04-10 07:40:42 UTC 178.250.2.130
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 34.223.160.237
www.gstatic.com (1) 0 2016-07-26 09:37:06 UTC 2022-11-14 14:38:42 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
status.geotrust.com (2) 3662 2018-06-23 22:14:44 UTC 2020-01-21 11:48:52 UTC 93.184.220.29
fptadtrue-d.openx.net (1) 50626 No data No data 34.98.64.218
hbopenbid.pubmatic.com (1) 455 2018-07-06 23:21:41 UTC 2020-04-30 22:02:20 UTC 185.64.190.77
www.google-analytics.com (1) 40 2012-10-03 01:04:21 UTC 2022-11-14 15:44:56 UTC 142.250.74.174
d3div1mtym39ic.cloudfront.net (1) 0 2022-11-13 23:55:10 UTC 2022-11-14 17:44:21 UTC 54.230.245.70 Unknown ranking

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-11-14 2 itineraryupper.com/ed/36/01/ed36014633829dc70a42dccaefdf3f11.js Malware

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 104.22.23.162
Date UQ / IDS / BL URL IP
2023-02-09 02:07:52 +0000 0 - 0 - 11 ouo.io/I813Wa 104.22.23.162
2023-02-09 00:01:41 +0000 0 - 6 - 0 ouo.io/wzSz6C 104.22.23.162
2023-02-08 19:02:06 +0000 0 - 6 - 0 ouo.io/HoSnA6 104.22.23.162
2023-02-04 23:18:04 +0000 0 - 6 - 0 ouo.io/kfclB0 104.22.23.162
2023-02-04 21:01:04 +0000 0 - 7 - 0 ouo.io/hX3Ybwh 104.22.23.162


Last 5 reports on ASN: CLOUDFLARENET
Date UQ / IDS / BL URL IP
2023-02-09 02:29:17 +0000 0 - 4 - 5 misfortuneedible.top/bodegaaurrera-2023/tb.ph (...) 104.21.24.56
2023-02-09 02:29:18 +0000 2 - 0 - 4 factorytallinn.com/ 172.67.128.108
2023-02-09 02:29:06 +0000 5 - 0 - 2 orange-violet-51c1.jrwzd57q.workers.dev/f9b37 (...) 104.21.76.80
2023-02-09 02:28:58 +0000 0 - 0 - 2 sterancornmunnlity.ru/profiles/70761199043856229 104.21.0.195
2023-02-09 02:28:18 +0000 0 - 0 - 2 videoaaaaaaaaaaaaaaaaaaaa.himchen.cfd/ 172.67.138.229


Last 5 reports on domain: ouo.io
Date UQ / IDS / BL URL IP
2023-02-09 02:08:00 +0000 0 - 6 - 0 ouo.io/8a4l68F 172.67.6.151
2023-02-09 02:07:52 +0000 0 - 0 - 11 ouo.io/I813Wa 104.22.23.162
2023-02-09 00:01:43 +0000 0 - 3 - 0 ouo.io/nlQzyl 172.67.6.151
2023-02-09 00:01:43 +0000 0 - 5 - 0 ouo.io/O3q3uM 172.67.6.151
2023-02-09 00:01:41 +0000 0 - 6 - 0 ouo.io/wzSz6C 104.22.23.162


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2022-11-27 23:09:45 +0000 0 - 0 - 8 ouo.press/rX618eN 104.22.59.251
2022-11-18 00:02:03 +0000 0 - 0 - 1 ouo.io/l6f7zP 104.22.23.162
2022-11-17 23:19:17 +0000 0 - 0 - 1 ouo.press/Y1Mh4my 104.22.59.251
2022-11-15 07:28:20 +0000 0 - 0 - 1 ouo.io/PRvPzF 172.67.6.151
2022-11-14 00:06:18 +0000 0 - 0 - 1 ouo.io/4srK5m 104.22.22.162

JavaScript

Executed Scripts (39)

Executed Evals (35)
#1 JavaScript::Eval (size: 19) - SHA256: 631bd9a13534679ce526b007d4fc8352793377d89bcc321392b01ecf075c4101
this.context['Set']
#2 JavaScript::Eval (size: 35) - SHA256: 41aae560d6dd4b675e6e45d30c1572db537659e580ac434c4b89b76e4f3dc5ac
this.context['SiteBoundCredential']
#3 JavaScript::Eval (size: 16285) - SHA256: 765fc05e01641a763d8e095ccce5190fabcf79270c0edc1a8aef4f1e9143b78c
(function() {
    var u = function(A, I, D, n, M, T, e, g, h) {
            if ((D.J += (((g = (M = (e = (h = (A || D.v++, 0 < D.R && D.W && D.FY && 1 >= D.O && !D.D && !D.T && (!A || 1 < D.Y - I)) && 0 == document.hidden, T = 4 == D.v) || h ? D.H() : D.u, e - D.u), M) >> 14, D).I && (D.I ^= g * (M << 2)), D).h = g || D.h, g), T) || h) D.u = e, D.v = 0;
            if (!h || e - D.C < D.R - (n ? 255 : A ? 5 : 2)) return false;
            return (d(D, 411, (n = B(D, (D.Y = I, A ? 415 : 411)), D.A)), D.G).push([DG, n, A ? I + 1 : I]), D.T = p, true
        },
        X, j0 = function(A, I) {
            return A[I] << 24 | A[(I | 0) + 1] << 16 | A[(I | 0) + 2] << 8 | A[(I | 0) + 3]
        },
        B = function(A, I) {
            if (A = A.U[I], void 0 === A) throw [w, 30, I];
            if (A.value) return A.create();
            return A.create(5 * I * I + -98 * I + -22), A.prototype
        },
        I3 = function(A, I) {
            if ((I = q.trustedTypes, A = null, !I) || !I.createPolicy) return A;
            try {
                A = I.createPolicy("bg", {
                    createHTML: Au,
                    createScript: Au,
                    createScriptURL: Au
                })
            } catch (D) {
                q.console && q.console.error(D.message)
            }
            return A
        },
        U = function(A, I, D) {
            D[d(A, I, D), TH] = 2796
        },
        gn = function(A, I, D, n) {
            return B((d(D, ((n = B(D, 411), D.s) && n < D.A ? (d(D, 411, D.A), e0(D, A)) : d(D, 411, A), ng(D, I), 411), n), D), 141)
        },
        hu = function(A, I, D, n, M, T) {
            for (M = ((D = (n = A[sL] || {}, c(A)), n.qK = c(A), n).g = [], A).h == A ? (P(A) | 0) - 1 : 1, I = c(A), T = 0; T < M; T++) n.g.push(c(A));
            for (n.P = B(A, D); M--;) n.g[M] = B(A, n.g[M]);
            return n.UH = B(A, I), n
        },
        MO = function(A, I) {
            (I.push(A[0] << 24 | A[1] << 16 | A[2] << 8 | A[3]), I).push(A[4] << 24 | A[5] << 16 | A[6] << 8 | A[7]), I.push(A[8] << 24 | A[9] << 16 | A[10] << 8 | A[11])
        },
        Bh = function(A, I, D, n) {
            function M() {}
            return n = a3(A, (D = void 0, function(T) {
                M && (I && p(I), D = T, M(), M = void 0)
            }), !!I)[0], {
                invoke: function(T, e, g, h) {
                    function a() {
                        D(function(Y) {
                            p(function() {
                                T(Y)
                            })
                        }, g)
                    }
                    if (!e) return e = n(g), T && T(e), e;
                    D ? a() : (h = M, M = function() {
                        p((h(), a))
                    })
                }
            }
        },
        Y0 = function(A, I, D) {
            if (3 == A.length) {
                for (D = 0; 3 > D; D++) I[D] += A[D];
                for (D = (A = [13, 8, 13, 12, 16, 5, 3, 10, 15], 0); 9 > D; D++) I[3](I, D % 3, A[D])
            }
        },
        e0 = function(A, I) {
            d(((A.fe.push(A.U.slice()), A).U[411] = void 0, A), 411, I)
        },
        pg = function(A, I) {
            return x[A](x.prototype, {
                floor: I,
                call: I,
                pop: I,
                propertyIsEnumerable: I,
                console: I,
                parent: I,
                length: I,
                document: I,
                prototype: I,
                replace: I,
                splice: I,
                stack: I
            })
        },
        E = function(A, I, D) {
            D = this;
            try {
                ul(A, I, this)
            } catch (n) {
                k(this, n), I(function(M) {
                    M(D.F)
                })
            }
        },
        q = this || self,
        o3 = function(A, I) {
            return (I = I.create().shift(), A.D).create().length || A.j.create().length || (A.D = void 0, A.j = void 0), I
        },
        a3 = function(A, I, D, n) {
            return (n = l[A.substring(0, 3) + "_"]) ? n(A.substring(3), I, D) : y1(A, I)
        },
        GH = function(A, I, D) {
            if ((D = typeof A, "object") == D)
                if (A) {
                    if (A instanceof Array) return "array";
                    if (A instanceof Object) return D;
                    if (I = Object.prototype.toString.call(A), "[object Window]" == I) return "object";
                    if ("[object Array]" == I || "number" == typeof A.length && "undefined" != typeof A.splice && "undefined" != typeof A.propertyIsEnumerable && !A.propertyIsEnumerable("splice")) return "array";
                    if ("[object Function]" == I || "undefined" != typeof A.call && "undefined" != typeof A.propertyIsEnumerable && !A.propertyIsEnumerable("call")) return "function"
                } else return "null";
            else if ("function" == D && "undefined" == typeof A.call) return "object";
            return D
        },
        mt = function(A, I) {
            return I = P(A), I & 128 && (I = I & 127 | P(A) << 7), I
        },
        Wh = function(A, I, D, n, M, T) {
            function e() {
                if (D.h == D) {
                    if (D.U) {
                        var g = [r, n, A, void 0, M, T, arguments];
                        if (2 == I) var h = C(D, false, (F(D, g), false));
                        else if (1 == I) {
                            var a = !D.G.length;
                            F(D, g), a && C(D, false, false)
                        } else h = Xy(g, D);
                        return h
                    }
                    M && T && M.removeEventListener(T, e, O)
                }
            }
            return e
        },
        c = function(A, I) {
            if (A.D) return o3(A, A.j);
            return (I = z(A, 8, true), I) & 128 && (I ^= 128, A = z(A, 2, true), I = (I << 2) + (A | 0)), I
        },
        Xy = function(A, I, D, n, M) {
            if ((D = A[0], D) == J) I.X = 25, I.i(A);
            else if (D == v) {
                M = A[1];
                try {
                    n = I.F || I.i(A)
                } catch (T) {
                    k(I, T), n = I.F
                }
                M(n)
            } else if (D == DG) I.i(A);
            else if (D == K) I.i(A);
            else if (D == Q1) {
                try {
                    for (n = 0; n < I.N.length; n++) try {
                        M = I.N[n], M[0][M[1]](M[2])
                    } catch (T) {}
                } catch (T) {}(0, A[1])(function(T, e) {
                    I.o(T, true, e)
                }, (I.N = [], function(T) {
                    F(I, (T = !I.G.length, [wn])), T && C(I, false, true)
                }))
            } else {
                if (D == r) return n = A[2], d(I, 103, A[6]), d(I, 141, n), I.i(A);
                D == wn ? (I.U = null, I.K = [], I.s = []) : D == TH && "loading" === q.document.readyState && (I.T = function(T, e) {
                    function g() {
                        e || (e = true, T())
                    }
                    q.document.addEventListener("DOMContentLoaded", g, (e = false, O)), q.addEventListener("load", g, O)
                })
            }
        },
        P = function(A) {
            return A.D ? o3(A, A.j) : z(A, 8, true)
        },
        ng = function(A, I, D, n, M, T) {
            if (!A.F) {
                A.O++;
                try {
                    for (T = void 0, D = 0, M = A.A; --I;) try {
                        if (n = void 0, A.D) T = o3(A, A.D);
                        else {
                            if (D = B(A, 411), D >= M) break;
                            T = B(A, (n = c((d(A, 415, D), A)), n))
                        }
                        u(false, (T && T[wn] & 2048 ? T(A, I) : V(A, [w, 21, n], 0), I), A, false)
                    } catch (e) {
                        B(A, 27) ? V(A, e, 22) : d(A, 27, e)
                    }
                    if (!I) {
                        if (A.Da) {
                            ng(A, (A.O--, 342722082906));
                            return
                        }
                        V(A, [w, 33], 0)
                    }
                } catch (e) {
                    try {
                        V(A, e, 22)
                    } catch (g) {
                        k(A, g)
                    }
                }
                A.O--
            }
        },
        k = function(A, I) {
            A.F = ((A.F ? A.F + "~" : "E:") + I.message + ":" + I.stack).slice(0, 2048)
        },
        il = function(A, I, D, n, M) {
            for (M = I = (A = A.replace(/\r\n/g, "\n"), 0), n = []; I < A.length; I++) D = A.charCodeAt(I), 128 > D ? n[M++] = D : (2048 > D ? n[M++] = D >> 6 | 192 : (55296 == (D & 64512) && I + 1 < A.length && 56320 == (A.charCodeAt(I + 1) & 64512) ? (D = 65536 + ((D & 1023) << 10) + (A.charCodeAt(++I) & 1023), n[M++] = D >> 18 | 240, n[M++] = D >> 12 & 63 | 128) : n[M++] = D >> 12 | 224, n[M++] = D >> 6 & 63 | 128), n[M++] = D & 63 | 128);
            return n
        },
        Au = function(A) {
            return A
        },
        qO = function(A, I, D) {
            return (D = x[A.V](A.AG), D)[A.V] = function() {
                return I
            }, D.concat = function(n) {
                I = n
            }, D
        },
        UL = function(A, I, D, n) {
            for (n = (D = c(I), 0); 0 < A; A--) n = n << 8 | P(I);
            d(I, D, n)
        },
        ZG = function(A, I, D, n) {
            S(L(A, (n = (D = c(I), c(I)), B(I, D))), I, n)
        },
        Hh = function(A, I, D) {
            return I.o(function(n) {
                D = n
            }, false, A), D
        },
        L = function(A, I, D, n) {
            for (D = (n = (A | 0) - 1, []); 0 <= n; n--) D[(A | 0) - 1 - (n | 0)] = I >> 8 * n & 255;
            return D
        },
        $0 = function(A, I, D, n, M) {
            for (n = 0, M = A[2] | 0, A = A[3] | 0; 14 > n; n++) D = D >>> 8 | D << 24, D += I | 0, D ^= M + 2229, A = A >>> 8 | A << 24, I = I << 3 | I >>> 29, I ^= D, A += M | 0, A ^= n + 2229, M = M << 3 | M >>> 29, M ^= A;
            return [I >>> 24 & 255, I >>> 16 & 255, I >>> 8 & 255, I >>> 0 & 255, D >>> 24 & 255, D >>> 16 & 255, D >>> 8 & 255, D >>> 0 & 255]
        },
        S = function(A, I, D, n, M, T) {
            if (I.h == I)
                for (T = B(I, D), 114 == D ? (D = function(e, g, h, a) {
                        if (T.ne != (h = (a = T.length, (a | 0) - 4 >> 3), h)) {
                            g = (h = (T.ne = h, h << 3) - 4, [0, 0, M[1], M[2]]);
                            try {
                                T.VZ = $0(g, j0(T, h), j0(T, (h | 0) + 4))
                            } catch (Y) {
                                throw Y;
                            }
                        }
                        T.push(T.VZ[a & 7] ^ e)
                    }, M = B(I, 352)) : D = function(e) {
                        T.push(e)
                    }, n && D(n & 255), I = 0, n = A.length; I < n; I++) D(A[I])
        },
        f = function(A, I) {
            for (I = []; A--;) I.push(255 * Math.random() | 0);
            return I
        },
        C = function(A, I, D, n, M, T) {
            if (A.G.length) {
                A.W = !(A.FY = (A.W && 0(), D), 0);
                try {
                    n = A.H(), A.u = n, A.C = n, A.v = 0, T = ch(A, D), M = A.H() - A.C, A.Z += M, M < (I ? 0 : 10) || 0 >= A.X-- || (M = Math.floor(M), A.K.push(254 >= M ? M : 254))
                } finally {
                    A.W = false
                }
                return T
            }
        },
        x0 = function(A, I, D, n, M, T, e, g) {
            return ((T = x[(n = [10, (e = (M = Ph, A & 7), -98), 54, 77, 21, -31, n, 51, -77, 74], I).V](I.hG), T)[I.V] = function(h) {
                e += (g = h, 6 + 7 * A), e &= 7
            }, T).concat = function(h) {
                return (h = (g = (h = +e - -5390 * (h = D % 16 + 1, D) * g + 55 * g * g - 275 * D * D * g - -1210 * g + (M() | 0) * h + n[e + 19 & 7] * D * h - h * g + 5 * D * D * h, void 0), n[h]), n)[(e + 45 & 7) + (A & 2)] = h, n[e + (A & 2)] = -98, h
            }, T
        },
        z = function(A, I, D, n, M, T, e, g, h, a, Y, y, Q, m) {
            if ((h = B(A, 411), h) >= A.A) throw [w, 31];
            for (Q = (m = h, Y = (y = 0, I), A.S5.length); 0 < Y;) n = m % 8, e = m >> 3, T = 8 - (n | 0), T = T < Y ? T : Y, M = A.s[e], D && (g = A, g.S != m >> 6 && (g.S = m >> 6, a = B(g, 394), g.L = $0([0, 0, a[1], a[2]], g.I, g.S)), M ^= A.L[e & Q]), y |= (M >> 8 - (n | 0) - (T | 0) & (1 << T) - 1) << (Y | 0) - (T | 0), Y -= T, m += T;
            return d(A, 411, (h | (D = y, 0)) + (I | 0)), D
        },
        ch = function(A, I, D, n) {
            for (; A.G.length;) {
                D = (A.T = null, A.G.pop());
                try {
                    n = Xy(D, A)
                } catch (M) {
                    k(A, M)
                }
                if (I && A.T) {
                    (I = A.T, I)(function() {
                        C(A, true, true)
                    });
                    break
                }
            }
            return n
        },
        p = q.requestIdleCallback ? function(A) {
            requestIdleCallback(function() {
                A()
            }, {
                timeout: 4
            })
        } : q.setImmediate ? function(A) {
            setImmediate(A)
        } : function(A) {
            setTimeout(A, 0)
        },
        l, y1 = function(A, I) {
            return [(I(function(D) {
                D(A)
            }), function() {
                return A
            })]
        },
        d = function(A, I, D) {
            if (411 == I || 415 == I) A.U[I] ? A.U[I].concat(D) : A.U[I] = qO(A, D);
            else {
                if (A.B && 394 != I) return;
                161 == I || 114 == I || 437 == I || 261 == I || 352 == I ? A.U[I] || (A.U[I] = x0(118, A, I, D)) : A.U[I] = x0(121, A, I, D)
            }
            394 == I && (A.I = z(A, 32, false), A.S = void 0)
        },
        F = function(A, I) {
            A.G.splice(0, 0, I)
        },
        ul = function(A, I, D, n, M) {
            for (n = (M = ((D.hG = pg((D.by = k0, D.kb = (D.S5 = D[v], bl), D.V), {get: function() {
                        return this.concat()
                    }
                }), D).AG = x[D.V](D.hG, {
                    value: {
                        value: {}
                    }
                }), []), 0); 289 > n; n++) M[n] = String.fromCharCode(n);
            C(D, (F(D, (F((F(D, (U(D, (d(D, 239, (U(D, 331, (U(D, (U(D, 144, (U(D, (U(D, 17, (U(D, (U(D, 325, (d(D, 161, [160, (d(D, (U(D, (D.sH = (U(D, (U(D, 223, (d(D, 424, (d(D, 143, (U(D, (d(D, 434, (d(D, 352, (U(D, (U(D, 194, (U(D, 370, (d(D, 437, (U(D, 95, ((U(D, 154, (U((U(D, 21, (U(D, (U(D, 175, (U(D, 129, (U(D, 280, (d((d(D, 100, (D.iy = (d(D, 141, (U((U(D, (D.j5 = (d(D, (d(D, (D.T = (D.FY = false, (D.O = 0, D.G = [], D.D = (D.zX = function(T) {
                this.h = T
            }, D.B = false, D.C = 0, void 0), (D.fe = [], D).j = (D.R = ((D.F = void 0, D).J = 1, 0), n = (D.W = false, D.X = 25, window.performance || {}), D.N = [], (D.h = D, D).L = void 0, (D.QZ = 0, D.Z = 0, D.s = [], D).S = ((D.Y = 8001, D).v = void 0, void 0), D.U = [], void 0), D.A = (D.u = (D.K = [], 0), 0), D).I = void 0, D.Hn = n.timeOrigin || (n.timing || {}).navigationStart || 0, null), 411), 0), 415), 0), 0), U(D, 483, function() {}), 360), function(T, e, g, h) {
                h = (e = B(T, (g = (h = (e = c(T), c(T)), c(T)), e)), B(T, h)), d(T, g, e in h | 0)
            }), D), 202, function(T, e, g, h) {
                d(T, (g = B(T, (h = B(T, (e = (h = c((g = c(T), T)), c(T)), h)), g)) == h, e), +g)
            }), {})), 0), 0)), D), 27, 438), function(T, e, g, h, a) {
                for (h = c(T), g = mt(T), a = [], e = 0; e < g; e++) a.push(P(T));
                d(T, h, a)
            })), function(T, e, g, h, a, Y) {
                u(true, e, T, false) || (g = hu(T.h), e = g.qK, h = g.UH, Y = g.g, a = Y.length, g = g.P, h = 0 == a ? new h[g] : 1 == a ? new h[g](Y[0]) : 2 == a ? new h[g](Y[0], Y[1]) : 3 == a ? new h[g](Y[0], Y[1], Y[2]) : 4 == a ? new h[g](Y[0], Y[1], Y[2], Y[3]) : 2(), d(T, e, h))
            })), function(T, e, g, h) {
                if (e = T.fe.pop()) {
                    for (g = P(T); 0 < g; g--) h = c(T), e[h] = T.U[h];
                    T.U = (e[424] = (e[261] = T.U[261], T.U)[424], e)
                } else d(T, 411, T.A)
            })), 127), function(T, e, g, h) {
                !u(true, e, T, false) && (e = hu(T), g = e.P, h = e.UH, T.h == T || g == T.zX && h == T) && (d(T, e.qK, g.apply(h, e.g)), T.u = T.H())
            }), function(T, e, g, h, a, Y, y) {
                for (Y = (h = (g = mt((e = c(T), T)), a = "", y = B(T, 322), y.length), 0); g--;) Y = ((Y | 0) + (mt(T) | 0)) % h, a += M[y[Y]];
                d(T, e, a)
            })), D), 336, function(T) {
                ll(4, T)
            }), function(T, e) {
                e0((e = B(T, c(T)), T.h), e)
            })), U(D, 69, function(T) {
                ll(3, T)
            }), U)(D, 6, function(T, e, g) {
                d(T, (g = GH((g = B(T, (g = c(T), e = c(T), g)), g)), e), g)
            }), function(T, e, g, h, a) {
                d(T, (e = B(T, (h = B((a = B(T, (a = (e = c((h = c((g = c(T), T)), T)), c(T)), a)), T), h), e)), g), Wh(e, a, T, h))
            })), [])), function(T) {
                ZG(1, T)
            })), function(T, e, g, h) {
                (h = c((e = (g = c(T), P(T)), T)), d)(T, h, B(T, g) >>> e)
            })), 201), function(T, e, g, h) {
                d(T, (g = B(T, (e = B(T, (e = c(T), h = c(T), e)), h)), h), g + e)
            }), [0, 0, 0])), 0)), 151), function(T, e, g, h) {
                (h = (e = c(T), c)(T), g = c(T), T).h == T && (g = B(T, g), h = B(T, h), B(T, e)[h] = g, 394 == e && (T.S = void 0, 2 == h && (T.I = z(T, 32, false), T.S = void 0)))
            }), q)), 2048)), function(T, e, g, h) {
                d(T, (e = (h = c((g = c(T), T)), c(T)), e), B(T, g) || B(T, h))
            })), 215), function(T, e, g) {
                u(true, e, T, false) || (e = c(T), g = c(T), d(T, g, function(h) {
                    return eval(h)
                }(EL(B(T.h, e)))))
            }), 0), 86), function(T, e, g, h) {
                g = B(T, (e = c((g = c(T), T)), h = c(T), g)), e = B(T, e), d(T, h, g[e])
            }), 261), []), 0), 0]), function(T, e) {
                T = B((e = c(T), T).h, e), T[0].removeEventListener(T[1], T[2], O)
            })), 145), function(T) {
                UL(4, T)
            }), function(T, e, g, h, a, Y) {
                if (!u(true, e, T, true)) {
                    if ("object" == GH((T = (g = B((Y = (e = (e = (Y = c(T), g = c(T), c(T)), a = c(T), B(T, e)), B(T, Y)), T), g), B(T, a)), Y))) {
                        for (h in a = [], Y) a.push(h);
                        Y = a
                    }
                    for (a = (e = 0 < e ? e : 1, h = 0, Y).length; h < a; h += e) g(Y.slice(h, (h | 0) + (e | 0)), T)
                }
            })), 171), function(T, e, g, h, a, Y, y, Q, m, Z, W, G) {
                function N(H, b) {
                    for (; y < H;) m |= P(T) << y, y += 8;
                    return b = m & (y -= H, (1 << H) - 1), m >>= H, b
                }
                for (G = (W = (Z = (h = (y = (g = c(T), m = 0), (N(3) | 0) + 1), N)(5), 0), Q = [], 0); G < Z; G++) Y = N(1), Q.push(Y), W += Y ? 0 : 1;
                for (G = (e = (W = ((W | 0) - 1).toString(2).length, []), 0); G < Z; G++) Q[G] || (e[G] = N(W));
                for (W = 0; W < Z; W++) Q[W] && (e[W] = c(T));
                for (a = []; h--;) a.push(B(T, c(T)));
                U(T, g, function(H, b, t, R, dn) {
                    for (b = (dn = (t = [], []), 0); b < Z; b++) {
                        if (!Q[R = e[b], b]) {
                            for (; R >= t.length;) t.push(c(H));
                            R = t[R]
                        }
                        dn.push(R)
                    }
                    H.j = qO(H, (H.D = qO(H, a.slice()), dn))
                })
            }), function(T, e, g, h, a) {
                (h = (e = B(T, (a = (h = c((g = c(T), T)), e = c(T), c)(T), g = B(T.h, g), a = B(T, a), e)), B(T, h)), 0 !== g) && (e = Wh(a, 1, T, e, g, h), g.addEventListener(h, e, O), d(T, 434, [g, h, e]))
            })), 102), function(T, e, g) {
                (g = B(T, (g = c((e = c(T), T)), g)), 0 != B(T, e)) && d(T, 411, g)
            }), d(D, 114, f(4)), function(T, e, g) {
                d(T, (e = c((g = c(T), T)), e), "" + B(T, g))
            })), D)), 15), function(T) {
                ZG(4, T)
            }), [TH])), D), [K, A]), [Q1, I])), true), true)
        },
        V = function(A, I, D, n, M, T) {
            if (!A.B) {
                if (3 < (I = B(A, (D = (M = B((n = void 0, I && I[0] === w && (D = I[1], n = I[2], I = void 0), A), 261), 0 == M.length && (T = B(A, 415) >> 3, M.push(D, T >> 8 & 255, T & 255), void 0 != n && M.push(n & 255)), ""), I && (I.message && (D += I.message), I.stack && (D += ":" + I.stack)), 424)), I)) {
                    A.h = (n = (D = il((I -= (D = D.slice(0, (I | 0) - 3), (D.length | 0) + 3), D)), A).h, A);
                    try {
                        S(L(2, D.length).concat(D), A, 114, 9)
                    } finally {
                        A.h = n
                    }
                }
                d(A, 424, I)
            }
        },
        ll = function(A, I, D, n, M) {
            (n = (D = c((M = A & 3, A &= 4, I)), c(I)), D = B(I, D), A) && (D = il("" + D)), M && S(L(2, D.length), I, n), S(D, I, n)
        },
        NO = function(A, I, D, n) {
            try {
                n = A[((I | 0) + 2) % 3], A[I] = (A[I] | 0) - (A[((I | 0) + 1) % 3] | 0) - (n | 0) ^ (1 == I ? n << D : n >>> D)
            } catch (M) {
                throw M;
            }
        },
        O = {
            passive: true,
            capture: true
        },
        sL = String.fromCharCode(105, 110, 116, 101, 103, 67, 104, 101, 99, 107, 66, 121, 112, 97, 115, 115),
        K = [],
        r = [],
        DG = ((E.prototype.uy = void 0, E.prototype).l = "toString", []),
        J = [],
        v = [],
        TH = [],
        w = (E.prototype.Ce = void 0, {}),
        Q1 = (E.prototype.Da = false, []),
        wn = [],
        Ph = (((((MO, function() {})(f), function() {})(NO), function() {})(Y0), E).prototype.V = "create", void 0),
        x = w.constructor,
        bl = (((((((X = E.prototype, X.Iz = function() {
            return Math.floor(this.Z + (this.H() - this.C))
        }, X.yZ = function(A, I, D, n, M, T) {
            for (T = [], D = n = 0; n < A.length; n++)
                for (M = M << I | A[n], D += I; 7 < D;) D -= 8, T.push(M >> D & 255);
            return T
        }, X).H = (window.performance || {}).now ? function() {
            return this.Hn + window.performance.now()
        } : function() {
            return +new Date
        }, X).gd = function(A, I, D, n, M) {
            for (M = n = 0; n < A.length; n++) M += A.charCodeAt(n), M += M << 10, M ^= M >> 6;
            return n = (A = (M += M << 3, M ^= M >> 11, M) + (M << 15) >>> 0, new Number(A & (1 << I) - 1)), n[0] = (A >>> I) % D, n
        }, X).o = function(A, I, D, n, M) {
            if (D = "array" === GH(D) ? D : [D], this.F) A(this.F);
            else try {
                M = !this.G.length, n = [], F(this, [J, n, D]), F(this, [v, A, n]), I && !M || C(this, true, I)
            } catch (T) {
                k(this, T), A(this.F)
            }
        }, X.TX = function() {
            return Math.floor(this.H())
        }, X.MK = function(A, I, D) {
            return ((I ^= I << 13, I ^= I >> 17, I = (I ^ I << 5) & D) || (I = 1), A) ^ I
        }, E).prototype.i = function(A, I) {
            return Ph = (A = (I = {}, {}), function() {
                    return I == A ? -22 : -12
                }),
                function(D, n, M, T, e, g, h, a, Y, y, Q, m, Z, W, G) {
                    I = (T = I, A);
                    try {
                        if (a = D[0], a == K) {
                            g = D[1];
                            try {
                                for (G = Q = (e = (m = [], atob)(g), 0); G < e.length; G++) W = e.charCodeAt(G), 255 < W && (m[Q++] = W & 255, W >>= 8), m[Q++] = W;
                                (this.A = (this.s = m, this).s.length << 3, d)(this, 394, [0, 0, 0])
                            } catch (N) {
                                V(this, N, 17);
                                return
                            }
                            ng(this, 8001)
                        } else if (a == J) D[1].push(B(this, 161).length, B(this, 437).length, B(this, 114).length, B(this, 424)), d(this, 141, D[2]), this.U[307] && gn(B(this, 307), 8001, this);
                        else {
                            if (a == v) {
                                M = L(2, ((m = D[2], B(this, 161).length) | 0) + 2), y = this.h, this.h = this;
                                try {
                                    h = B(this, 261), 0 < h.length && S(L(2, h.length).concat(h), this, 161, 10), S(L(1, this.J), this, 161, 109), S(L(1, this[v].length), this, 161), e = 0, n = B(this, 114), e -= (B(this, 161).length | 0) + 5, e += B(this, 100) & 2047, 4 < n.length && (e -= (n.length | 0) + 3), 0 < e && S(L(2, e).concat(f(e)), this, 161, 15), 4 < n.length && S(L(2, n.length).concat(n), this, 161, 156)
                                } finally {
                                    this.h = y
                                }
                                if (((G = f(2).concat(B(this, 161)), G)[1] = G[0] ^ 6, G)[3] = G[1] ^ M[0], G[4] = G[1] ^ M[1], Z = this.GX(G)) Z = "!" + Z;
                                else
                                    for (e = 0, Z = ""; e < G.length; e++) Y = G[e][this.l](16), 1 == Y.length && (Y = "0" + Y), Z += Y;
                                return d(this, 424, (B(this, (B(((Q = Z, B)(this, 161).length = m.shift(), this), 437).length = m.shift(), 114)).length = m.shift(), m.shift())), Q
                            }
                            if (a == DG) gn(D[1], D[2], this);
                            else if (a == r) return gn(D[1], 8001, this)
                        }
                    } finally {
                        I = T
                    }
                }
        }(), E.prototype).OH = 0, E.prototype.EH = 0, E.prototype).GX = function(A, I, D, n) {
            if (D = window.btoa) {
                for (I = "", n = 0; n < A.length; n += 8192) I += String.fromCharCode.apply(null, A.slice(n, n + 8192));
                A = D(I).replace(/\+/g, "-").replace(/\//g, "_").replace(/=/g, "")
            } else A = void 0;
            return A
        }, /./),
        k0, rn = K.pop.bind((E.prototype[Q1] = [0, 0, 1, 1, 0, 1, 1], E.prototype[J])),
        EL = ((k0 = pg(E.prototype.V, (bl[E.prototype.l] = rn, {get: rn
        })), E.prototype).e5 = void 0, function(A, I) {
            return (I = I3()) && 1 === A.eval(I.createScript("1")) ? function(D) {
                return I.createScript(D)
            } : function(D) {
                return "" + D
            }
        })(q);
    40 < (l = q.botguard || (q.botguard = {}), l.m) || (l.m = 41, l.bg = Bh, l.a = a3), l.yDq_ = function(A, I, D) {
        return [(D = new E(A, I), function(n) {
            return Hh(n, D)
        })]
    };
}).call(this);
#4 JavaScript::Eval (size: 60) - SHA256: dcbc8087c9f3488411409f0a3c9069e6a40b27851598c7a72361e97785aa874d
0,
function(T, e, g) {
    d(T, (g = c(T), e = c(T), g = T.U[g] && B(T, g), e), g)
}
#5 JavaScript::Eval (size: 25) - SHA256: cfd8889f26f46323b63c7766e414faf4a4171cc959c4c2b2e6a64c0ec3edf13f
this.context['CryptoKey']
#6 JavaScript::Eval (size: 26) - SHA256: 59d45abada49f5b514521b527330402a2d826ae3f0dab2199c58c38f1e511777
this.context['TouchEvent']
#7 JavaScript::Eval (size: 45) - SHA256: e44d38f746ee1fa3b3ef03ed6ea3f298c25e173b6daea3c4505afce8bb869508
this.context['CanvasCaptureMediaStreamTrack']
#8 JavaScript::Eval (size: 15598) - SHA256: 5e98214e0abbdd815117694f4ba8fa352052ada859b5f327e5d5f65a3166d9a4
/* Anti-spam. Want to say hello? Contact (base64) Ym90Z3VhcmQtY29udGFjdEBnb29nbGUuY29t */
(function() {
    var T = this || self,
        n = function(D, A) {
            if ((A = (D = null, T.trustedTypes), !A) || !A.createPolicy) return D;
            try {
                D = A.createPolicy("bg", {
                    createHTML: e,
                    createScript: e,
                    createScriptURL: e
                })
            } catch (I) {
                T.console && T.console.error(I.message)
            }
            return D
        },
        e = function(D) {
            return D
        };
    (0, eval)(function(D, A) {
        return (A = n()) && 1 === D.eval(A.createScript("1")) ? function(I) {
            return A.createScript(I)
        } : function(I) {
            return "" + I
        }
    }(T)(Array(7824 * Math.random() | 0).join("\n") + '(function(){var u=function(A,I,D,n,M,T,e,g,h){if((D.J+=(((g=(M=(e=(h=(A||D.v++,0<D.R&&D.W&&D.FY&&1>=D.O&&!D.D&&!D.T&&(!A||1<D.Y-I))&&0==document.hidden,T=4==D.v)||h?D.H():D.u,e-D.u),M)>>14,D).I&&(D.I^=g*(M<<2)),D).h=g||D.h,g),T)||h)D.u=e,D.v=0;if(!h||e-D.C<D.R-(n?255:A?5:2))return false;return(d(D,411,(n=B(D,(D.Y=I,A?415:411)),D.A)),D.G).push([DG,n,A?I+1:I]),D.T=p,true},X,j0=function(A,I){return A[I]<<24|A[(I|0)+1]<<16|A[(I|0)+2]<<8|A[(I|0)+3]},B=function(A,I){if(A=A.U[I],void 0===A)throw[w,30,I];if(A.value)return A.create();return A.create(5*I*I+-98*I+-22),A.prototype},I3=function(A,I){if((I=q.trustedTypes,A=null,!I)||!I.createPolicy)return A;try{A=I.createPolicy("bg",{createHTML:Au,createScript:Au,createScriptURL:Au})}catch(D){q.console&&q.console.error(D.message)}return A},U=function(A,I,D){D[d(A,I,D),TH]=2796},gn=function(A,I,D,n){return B((d(D,((n=B(D,411),D.s)&&n<D.A?(d(D,411,D.A),e0(D,A)):d(D,411,A),ng(D,I),411),n),D),141)},hu=function(A,I,D,n,M,T){for(M=((D=(n=A[sL]||{},c(A)),n.qK=c(A),n).g=[],A).h==A?(P(A)|0)-1:1,I=c(A),T=0;T<M;T++)n.g.push(c(A));for(n.P=B(A,D);M--;)n.g[M]=B(A,n.g[M]);return n.UH=B(A,I),n},MO=function(A,I){(I.push(A[0]<<24|A[1]<<16|A[2]<<8|A[3]),I).push(A[4]<<24|A[5]<<16|A[6]<<8|A[7]),I.push(A[8]<<24|A[9]<<16|A[10]<<8|A[11])},Bh=function(A,I,D,n){function M(){}return n=a3(A,(D=void 0,function(T){M&&(I&&p(I),D=T,M(),M=void 0)}),!!I)[0],{invoke:function(T,e,g,h){function a(){D(function(Y){p(function(){T(Y)})},g)}if(!e)return e=n(g),T&&T(e),e;D?a():(h=M,M=function(){p((h(),a))})}}},Y0=function(A,I,D){if(3==A.length){for(D=0;3>D;D++)I[D]+=A[D];for(D=(A=[13,8,13,12,16,5,3,10,15],0);9>D;D++)I[3](I,D%3,A[D])}},e0=function(A,I){d(((A.fe.push(A.U.slice()),A).U[411]=void 0,A),411,I)},pg=function(A,I){return x[A](x.prototype,{floor:I,call:I,pop:I,propertyIsEnumerable:I,console:I,parent:I,length:I,document:I,prototype:I,replace:I,splice:I,stack:I})},E=function(A,I,D){D=this;try{ul(A,I,this)}catch(n){k(this,n),I(function(M){M(D.F)})}},q=this||self,o3=function(A,I){return(I=I.create().shift(),A.D).create().length||A.j.create().length||(A.D=void 0,A.j=void 0),I},a3=function(A,I,D,n){return(n=l[A.substring(0,3)+"_"])?n(A.substring(3),I,D):y1(A,I)},GH=function(A,I,D){if((D=typeof A,"object")==D)if(A){if(A instanceof Array)return"array";if(A instanceof Object)return D;if(I=Object.prototype.toString.call(A),"[object Window]"==I)return"object";if("[object Array]"==I||"number"==typeof A.length&&"undefined"!=typeof A.splice&&"undefined"!=typeof A.propertyIsEnumerable&&!A.propertyIsEnumerable("splice"))return"array";if("[object Function]"==I||"undefined"!=typeof A.call&&"undefined"!=typeof A.propertyIsEnumerable&&!A.propertyIsEnumerable("call"))return"function"}else return"null";else if("function"==D&&"undefined"==typeof A.call)return"object";return D},mt=function(A,I){return I=P(A),I&128&&(I=I&127|P(A)<<7),I},Wh=function(A,I,D,n,M,T){function e(){if(D.h==D){if(D.U){var g=[r,n,A,void 0,M,T,arguments];if(2==I)var h=C(D,false,(F(D,g),false));else if(1==I){var a=!D.G.length;F(D,g),a&&C(D,false,false)}else h=Xy(g,D);return h}M&&T&&M.removeEventListener(T,e,O)}}return e},c=function(A,I){if(A.D)return o3(A,A.j);return(I=z(A,8,true),I)&128&&(I^=128,A=z(A,2,true),I=(I<<2)+(A|0)),I},Xy=function(A,I,D,n,M){if((D=A[0],D)==J)I.X=25,I.i(A);else if(D==v){M=A[1];try{n=I.F||I.i(A)}catch(T){k(I,T),n=I.F}M(n)}else if(D==DG)I.i(A);else if(D==K)I.i(A);else if(D==Q1){try{for(n=0;n<I.N.length;n++)try{M=I.N[n],M[0][M[1]](M[2])}catch(T){}}catch(T){}(0,A[1])(function(T,e){I.o(T,true,e)},(I.N=[],function(T){F(I,(T=!I.G.length,[wn])),T&&C(I,false,true)}))}else{if(D==r)return n=A[2],d(I,103,A[6]),d(I,141,n),I.i(A);D==wn?(I.U=null,I.K=[],I.s=[]):D==TH&&"loading"===q.document.readyState&&(I.T=function(T,e){function g(){e||(e=true,T())}q.document.addEventListener("DOMContentLoaded",g,(e=false,O)),q.addEventListener("load",g,O)})}},P=function(A){return A.D?o3(A,A.j):z(A,8,true)},ng=function(A,I,D,n,M,T){if(!A.F){A.O++;try{for(T=void 0,D=0,M=A.A;--I;)try{if(n=void 0,A.D)T=o3(A,A.D);else{if(D=B(A,411),D>=M)break;T=B(A,(n=c((d(A,415,D),A)),n))}u(false,(T&&T[wn]&2048?T(A,I):V(A,[w,21,n],0),I),A,false)}catch(e){B(A,27)?V(A,e,22):d(A,27,e)}if(!I){if(A.Da){ng(A,(A.O--,342722082906));return}V(A,[w,33],0)}}catch(e){try{V(A,e,22)}catch(g){k(A,g)}}A.O--}},k=function(A,I){A.F=((A.F?A.F+"~":"E:")+I.message+":"+I.stack).slice(0,2048)},il=function(A,I,D,n,M){for(M=I=(A=A.replace(/\\r\\n/g,"\\n"),0),n=[];I<A.length;I++)D=A.charCodeAt(I),128>D?n[M++]=D:(2048>D?n[M++]=D>>6|192:(55296==(D&64512)&&I+1<A.length&&56320==(A.charCodeAt(I+1)&64512)?(D=65536+((D&1023)<<10)+(A.charCodeAt(++I)&1023),n[M++]=D>>18|240,n[M++]=D>>12&63|128):n[M++]=D>>12|224,n[M++]=D>>6&63|128),n[M++]=D&63|128);return n},Au=function(A){return A},qO=function(A,I,D){return(D=x[A.V](A.AG),D)[A.V]=function(){return I},D.concat=function(n){I=n},D},UL=function(A,I,D,n){for(n=(D=c(I),0);0<A;A--)n=n<<8|P(I);d(I,D,n)},ZG=function(A,I,D,n){S(L(A,(n=(D=c(I),c(I)),B(I,D))),I,n)},Hh=function(A,I,D){return I.o(function(n){D=n},false,A),D},L=function(A,I,D,n){for(D=(n=(A|0)-1,[]);0<=n;n--)D[(A|0)-1-(n|0)]=I>>8*n&255;return D},$0=function(A,I,D,n,M){for(n=0,M=A[2]|0,A=A[3]|0;14>n;n++)D=D>>>8|D<<24,D+=I|0,D^=M+2229,A=A>>>8|A<<24,I=I<<3|I>>>29,I^=D,A+=M|0,A^=n+2229,M=M<<3|M>>>29,M^=A;return[I>>>24&255,I>>>16&255,I>>>8&255,I>>>0&255,D>>>24&255,D>>>16&255,D>>>8&255,D>>>0&255]},S=function(A,I,D,n,M,T){if(I.h==I)for(T=B(I,D),114==D?(D=function(e,g,h,a){if(T.ne!=(h=(a=T.length,(a|0)-4>>3),h)){g=(h=(T.ne=h,h<<3)-4,[0,0,M[1],M[2]]);try{T.VZ=$0(g,j0(T,h),j0(T,(h|0)+4))}catch(Y){throw Y;}}T.push(T.VZ[a&7]^e)},M=B(I,352)):D=function(e){T.push(e)},n&&D(n&255),I=0,n=A.length;I<n;I++)D(A[I])},f=function(A,I){for(I=[];A--;)I.push(255*Math.random()|0);return I},C=function(A,I,D,n,M,T){if(A.G.length){A.W=!(A.FY=(A.W&&0(),D),0);try{n=A.H(),A.u=n,A.C=n,A.v=0,T=ch(A,D),M=A.H()-A.C,A.Z+=M,M<(I?0:10)||0>=A.X--||(M=Math.floor(M),A.K.push(254>=M?M:254))}finally{A.W=false}return T}},x0=function(A,I,D,n,M,T,e,g){return((T=x[(n=[10,(e=(M=Ph,A&7),-98),54,77,21,-31,n,51,-77,74],I).V](I.hG),T)[I.V]=function(h){e+=(g=h,6+7*A),e&=7},T).concat=function(h){return(h=(g=(h=+e- -5390*(h=D%16+1,D)*g+55*g*g-275*D*D*g- -1210*g+(M()|0)*h+n[e+19&7]*D*h-h*g+5*D*D*h,void 0),n[h]),n)[(e+45&7)+(A&2)]=h,n[e+(A&2)]=-98,h},T},z=function(A,I,D,n,M,T,e,g,h,a,Y,y,Q,m){if((h=B(A,411),h)>=A.A)throw[w,31];for(Q=(m=h,Y=(y=0,I),A.S5.length);0<Y;)n=m%8,e=m>>3,T=8-(n|0),T=T<Y?T:Y,M=A.s[e],D&&(g=A,g.S!=m>>6&&(g.S=m>>6,a=B(g,394),g.L=$0([0,0,a[1],a[2]],g.I,g.S)),M^=A.L[e&Q]),y|=(M>>8-(n|0)-(T|0)&(1<<T)-1)<<(Y|0)-(T|0),Y-=T,m+=T;return d(A,411,(h|(D=y,0))+(I|0)),D},ch=function(A,I,D,n){for(;A.G.length;){D=(A.T=null,A.G.pop());try{n=Xy(D,A)}catch(M){k(A,M)}if(I&&A.T){(I=A.T,I)(function(){C(A,true,true)});break}}return n},p=q.requestIdleCallback?function(A){requestIdleCallback(function(){A()},{timeout:4})}:q.setImmediate?function(A){setImmediate(A)}:function(A){setTimeout(A,0)},l,y1=function(A,I){return[(I(function(D){D(A)}),function(){return A})]},d=function(A,I,D){if(411==I||415==I)A.U[I]?A.U[I].concat(D):A.U[I]=qO(A,D);else{if(A.B&&394!=I)return;161==I||114==I||437==I||261==I||352==I?A.U[I]||(A.U[I]=x0(118,A,I,D)):A.U[I]=x0(121,A,I,D)}394==I&&(A.I=z(A,32,false),A.S=void 0)},F=function(A,I){A.G.splice(0,0,I)},ul=function(A,I,D,n,M){for(n=(M=((D.hG=pg((D.by=k0,D.kb=(D.S5=D[v],bl),D.V),{get:function(){return this.concat()}}),D).AG=x[D.V](D.hG,{value:{value:{}}}),[]),0);289>n;n++)M[n]=String.fromCharCode(n);C(D,(F(D,(F((F(D,(U(D,(d(D,239,(U(D,331,(U(D,(U(D,144,(U(D,(U(D,17,(U(D,(U(D,325,(d(D,161,[160,(d(D,(U(D,(D.sH=(U(D,(U(D,223,(d(D,424,(d(D,143,(U(D,(d(D,434,(d(D,352,(U(D,(U(D,194,(U(D,370,(d(D,437,(U(D,95,((U(D,154,(U((U(D,21,(U(D,(U(D,175,(U(D,129,(U(D,280,(d((d(D,100,(D.iy=(d(D,141,(U((U(D,(D.j5=(d(D,(d(D,(D.T=(D.FY=false,(D.O=0,D.G=[],D.D=(D.zX=function(T){this.h=T},D.B=false,D.C=0,void 0),(D.fe=[],D).j=(D.R=((D.F=void 0,D).J=1,0),n=(D.W=false,D.X=25,window.performance||{}),D.N=[],(D.h=D,D).L=void 0,(D.QZ=0,D.Z=0,D.s=[],D).S=((D.Y=8001,D).v=void 0,void 0),D.U=[],void 0),D.A=(D.u=(D.K=[],0),0),D).I=void 0,D.Hn=n.timeOrigin||(n.timing||{}).navigationStart||0,null),411),0),415),0),0),U(D,483,function(){}),360),function(T,e,g,h){h=(e=B(T,(g=(h=(e=c(T),c(T)),c(T)),e)),B(T,h)),d(T,g,e in h|0)}),D),202,function(T,e,g,h){d(T,(g=B(T,(h=B(T,(e=(h=c((g=c(T),T)),c(T)),h)),g))==h,e),+g)}),{})),0),0)),D),27,438),function(T,e,g,h,a){for(h=c(T),g=mt(T),a=[],e=0;e<g;e++)a.push(P(T));d(T,h,a)})),function(T,e,g,h,a,Y){u(true,e,T,false)||(g=hu(T.h),e=g.qK,h=g.UH,Y=g.g,a=Y.length,g=g.P,h=0==a?new h[g]:1==a?new h[g](Y[0]):2==a?new h[g](Y[0],Y[1]):3==a?new h[g](Y[0],Y[1],Y[2]):4==a?new h[g](Y[0],Y[1],Y[2],Y[3]):2(),d(T,e,h))})),function(T,e,g,h){if(e=T.fe.pop()){for(g=P(T);0<g;g--)h=c(T),e[h]=T.U[h];T.U=(e[424]=(e[261]=T.U[261],T.U)[424],e)}else d(T,411,T.A)})),127),function(T,e,g,h){!u(true,e,T,false)&&(e=hu(T),g=e.P,h=e.UH,T.h==T||g==T.zX&&h==T)&&(d(T,e.qK,g.apply(h,e.g)),T.u=T.H())}),function(T,e,g,h,a,Y,y){for(Y=(h=(g=mt((e=c(T),T)),a="",y=B(T,322),y.length),0);g--;)Y=((Y|0)+(mt(T)|0))%h,a+=M[y[Y]];d(T,e,a)})),D),336,function(T){ll(4,T)}),function(T,e){e0((e=B(T,c(T)),T.h),e)})),U(D,69,function(T){ll(3,T)}),U)(D,6,function(T,e,g){d(T,(g=GH((g=B(T,(g=c(T),e=c(T),g)),g)),e),g)}),function(T,e,g,h,a){d(T,(e=B(T,(h=B((a=B(T,(a=(e=c((h=c((g=c(T),T)),T)),c(T)),a)),T),h),e)),g),Wh(e,a,T,h))})),[])),function(T){ZG(1,T)})),function(T,e,g,h){(h=c((e=(g=c(T),P(T)),T)),d)(T,h,B(T,g)>>>e)})),201),function(T,e,g,h){d(T,(g=B(T,(e=B(T,(e=c(T),h=c(T),e)),h)),h),g+e)}),[0,0,0])),0)),151),function(T,e,g,h){(h=(e=c(T),c)(T),g=c(T),T).h==T&&(g=B(T,g),h=B(T,h),B(T,e)[h]=g,394==e&&(T.S=void 0,2==h&&(T.I=z(T,32,false),T.S=void 0)))}),q)),2048)),function(T,e,g,h){d(T,(e=(h=c((g=c(T),T)),c(T)),e),B(T,g)||B(T,h))})),215),function(T,e,g){u(true,e,T,false)||(e=c(T),g=c(T),d(T,g,function(h){return eval(h)}(EL(B(T.h,e)))))}),0),86),function(T,e,g,h){g=B(T,(e=c((g=c(T),T)),h=c(T),g)),e=B(T,e),d(T,h,g[e])}),261),[]),0),0]),function(T,e){T=B((e=c(T),T).h,e),T[0].removeEventListener(T[1],T[2],O)})),145),function(T){UL(4,T)}),function(T,e,g,h,a,Y){if(!u(true,e,T,true)){if("object"==GH((T=(g=B((Y=(e=(e=(Y=c(T),g=c(T),c(T)),a=c(T),B(T,e)),B(T,Y)),T),g),B(T,a)),Y))){for(h in a=[],Y)a.push(h);Y=a}for(a=(e=0<e?e:1,h=0,Y).length;h<a;h+=e)g(Y.slice(h,(h|0)+(e|0)),T)}})),171),function(T,e,g,h,a,Y,y,Q,m,Z,W,G){function N(H,b){for(;y<H;)m|=P(T)<<y,y+=8;return b=m&(y-=H,(1<<H)-1),m>>=H,b}for(G=(W=(Z=(h=(y=(g=c(T),m=0),(N(3)|0)+1),N)(5),0),Q=[],0);G<Z;G++)Y=N(1),Q.push(Y),W+=Y?0:1;for(G=(e=(W=((W|0)-1).toString(2).length,[]),0);G<Z;G++)Q[G]||(e[G]=N(W));for(W=0;W<Z;W++)Q[W]&&(e[W]=c(T));for(a=[];h--;)a.push(B(T,c(T)));U(T,g,function(H,b,t,R,dn){for(b=(dn=(t=[],[]),0);b<Z;b++){if(!Q[R=e[b],b]){for(;R>=t.length;)t.push(c(H));R=t[R]}dn.push(R)}H.j=qO(H,(H.D=qO(H,a.slice()),dn))})}),function(T,e,g,h,a){(h=(e=B(T,(a=(h=c((g=c(T),T)),e=c(T),c)(T),g=B(T.h,g),a=B(T,a),e)),B(T,h)),0!==g)&&(e=Wh(a,1,T,e,g,h),g.addEventListener(h,e,O),d(T,434,[g,h,e]))})),102),function(T,e,g){(g=B(T,(g=c((e=c(T),T)),g)),0!=B(T,e))&&d(T,411,g)}),d(D,114,f(4)),function(T,e,g){d(T,(e=c((g=c(T),T)),e),""+B(T,g))})),D)),15),function(T){ZG(4,T)}),[TH])),D),[K,A]),[Q1,I])),true),true)},V=function(A,I,D,n,M,T){if(!A.B){if(3<(I=B(A,(D=(M=B((n=void 0,I&&I[0]===w&&(D=I[1],n=I[2],I=void 0),A),261),0==M.length&&(T=B(A,415)>>3,M.push(D,T>>8&255,T&255),void 0!=n&&M.push(n&255)),""),I&&(I.message&&(D+=I.message),I.stack&&(D+=":"+I.stack)),424)),I)){A.h=(n=(D=il((I-=(D=D.slice(0,(I|0)-3),(D.length|0)+3),D)),A).h,A);try{S(L(2,D.length).concat(D),A,114,9)}finally{A.h=n}}d(A,424,I)}},ll=function(A,I,D,n,M){(n=(D=c((M=A&3,A&=4,I)),c(I)),D=B(I,D),A)&&(D=il(""+D)),M&&S(L(2,D.length),I,n),S(D,I,n)},NO=function(A,I,D,n){try{n=A[((I|0)+2)%3],A[I]=(A[I]|0)-(A[((I|0)+1)%3]|0)-(n|0)^(1==I?n<<D:n>>>D)}catch(M){throw M;}},O={passive:true,capture:true},sL=String.fromCharCode(105,110,116,101,103,67,104,101,99,107,66,121,112,97,115,115),K=[],r=[],DG=((E.prototype.uy=void 0,E.prototype).l="toString",[]),J=[],v=[],TH=[],w=(E.prototype.Ce=void 0,{}),Q1=(E.prototype.Da=false,[]),wn=[],Ph=(((((MO,function(){})(f),function(){})(NO),function(){})(Y0),E).prototype.V="create",void 0),x=w.constructor,bl=(((((((X=E.prototype,X.Iz=function(){return Math.floor(this.Z+(this.H()-this.C))},X.yZ=function(A,I,D,n,M,T){for(T=[],D=n=0;n<A.length;n++)for(M=M<<I|A[n],D+=I;7<D;)D-=8,T.push(M>>D&255);return T},X).H=(window.performance||{}).now?function(){return this.Hn+window.performance.now()}:function(){return+new Date},X).gd=function(A,I,D,n,M){for(M=n=0;n<A.length;n++)M+=A.charCodeAt(n),M+=M<<10,M^=M>>6;return n=(A=(M+=M<<3,M^=M>>11,M)+(M<<15)>>>0,new Number(A&(1<<I)-1)),n[0]=(A>>>I)%D,n},X).o=function(A,I,D,n,M){if(D="array"===GH(D)?D:[D],this.F)A(this.F);else try{M=!this.G.length,n=[],F(this,[J,n,D]),F(this,[v,A,n]),I&&!M||C(this,true,I)}catch(T){k(this,T),A(this.F)}},X.TX=function(){return Math.floor(this.H())},X.MK=function(A,I,D){return((I^=I<<13,I^=I>>17,I=(I^I<<5)&D)||(I=1),A)^I},E).prototype.i=function(A,I){return Ph=(A=(I={},{}),function(){return I==A?-22:-12}),function(D,n,M,T,e,g,h,a,Y,y,Q,m,Z,W,G){I=(T=I,A);try{if(a=D[0],a==K){g=D[1];try{for(G=Q=(e=(m=[],atob)(g),0);G<e.length;G++)W=e.charCodeAt(G),255<W&&(m[Q++]=W&255,W>>=8),m[Q++]=W;(this.A=(this.s=m,this).s.length<<3,d)(this,394,[0,0,0])}catch(N){V(this,N,17);return}ng(this,8001)}else if(a==J)D[1].push(B(this,161).length,B(this,437).length,B(this,114).length,B(this,424)),d(this,141,D[2]),this.U[307]&&gn(B(this,307),8001,this);else{if(a==v){M=L(2,((m=D[2],B(this,161).length)|0)+2),y=this.h,this.h=this;try{h=B(this,261),0<h.length&&S(L(2,h.length).concat(h),this,161,10),S(L(1,this.J),this,161,109),S(L(1,this[v].length),this,161),e=0,n=B(this,114),e-=(B(this,161).length|0)+5,e+=B(this,100)&2047,4<n.length&&(e-=(n.length|0)+3),0<e&&S(L(2,e).concat(f(e)),this,161,15),4<n.length&&S(L(2,n.length).concat(n),this,161,156)}finally{this.h=y}if(((G=f(2).concat(B(this,161)),G)[1]=G[0]^6,G)[3]=G[1]^M[0],G[4]=G[1]^M[1],Z=this.GX(G))Z="!"+Z;else for(e=0,Z="";e<G.length;e++)Y=G[e][this.l](16),1==Y.length&&(Y="0"+Y),Z+=Y;return d(this,424,(B(this,(B(((Q=Z,B)(this,161).length=m.shift(),this),437).length=m.shift(),114)).length=m.shift(),m.shift())),Q}if(a==DG)gn(D[1],D[2],this);else if(a==r)return gn(D[1],8001,this)}}finally{I=T}}}(),E.prototype).OH=0,E.prototype.EH=0,E.prototype).GX=function(A,I,D,n){if(D=window.btoa){for(I="",n=0;n<A.length;n+=8192)I+=String.fromCharCode.apply(null,A.slice(n,n+8192));A=D(I).replace(/\\+/g,"-").replace(/\\//g,"_").replace(/=/g,"")}else A=void 0;return A},/./),k0,rn=K.pop.bind((E.prototype[Q1]=[0,0,1,1,0,1,1],E.prototype[J])),EL=((k0=pg(E.prototype.V,(bl[E.prototype.l]=rn,{get:rn})),E.prototype).e5=void 0,function(A,I){return(I=I3())&&1===A.eval(I.createScript("1"))?function(D){return I.createScript(D)}:function(D){return""+D}})(q);40<(l=q.botguard||(q.botguard={}),l.m)||(l.m=41,l.bg=Bh,l.a=a3),l.yDq_=function(A,I,D){return[(D=new E(A,I),function(n){return Hh(n,D)})]};}).call(this);'));
}).call(this);
#9 JavaScript::Eval (size: 45) - SHA256: d7fff9897aaa9675a3652e7cac1a8c2a3427b896b5cc0ab5ffd628f9bb106e34
this.context['external']['AddSearchProvider']
#10 JavaScript::Eval (size: 33) - SHA256: 92cc9c48ca7d897742a37b1578ba7c99e9d9c405fced233bb9a3270ef84fddfc
this.context['DeviceMotionEvent']
#11 JavaScript::Eval (size: 35) - SHA256: 022ae916a59e1d7cb709a35e757c60e6626bfccd2c1e87c5ad6b432f0f1b1538
this.context['HTMLBaseFontElement']
#12 JavaScript::Eval (size: 36) - SHA256: a612f8985aebacd5c5fa6b17d16982a29983ae9131bae94403ff9abe1ce2ded2
this.context['navigator']['appName']
#13 JavaScript::Eval (size: 42) - SHA256: 2fc752a40595d1d6681e6be3ebd8f44cdda99876ff9ee19fe654647a6a11415e
this.context['ApplicationCacheErrorEvent']
#14 JavaScript::Eval (size: 28) - SHA256: 4f6a557989f79654728dcb244539b604c5329db30b964d6e8c524c72517b9fa6
this.context['Notification']
#15 JavaScript::Eval (size: 22) - SHA256: c624a79f9c72c617d0ed1ad3207a67a39f6243071e14c4ebeace5dcff97313a3
this.context['Entity']
#16 JavaScript::Eval (size: 21) - SHA256: 37ceb2a749341c51c7b8c25daaa71dc167b4aba7485c9b398b8ab004b685e492
this.context['Touch']
#17 JavaScript::Eval (size: 39) - SHA256: 04f881dff1163e4e36943700ddbcf25667dfe7e0b154d21e181a771955264d60
this.context['document']['createTouch']
#18 JavaScript::Eval (size: 28) - SHA256: fca3cd5a7ca3a44b75f81e0c169fe599fb48741835c83b5616e304b3f722522b
this.context['AnalyserNode']
#19 JavaScript::Eval (size: 31) - SHA256: 0408d20a8555f96ab5cced9f89880c477f78d4ade576e5618b04094f034fb081
this.context['ArrayBufferView']
#20 JavaScript::Eval (size: 35) - SHA256: 7013ec5264e02f54f3b42e05b51fd1ad0f180fa3870b71acd2f1a384cc81d601
this.context['document']['prepend']
#21 JavaScript::Eval (size: 22) - SHA256: 76fa5194b42930d151e7569cc0b9f77ea02344fef8104bda49d4318b5b438698
0,
function(T) {
    UL(1, T)
}
#22 JavaScript::Eval (size: 41) - SHA256: e9d851c02746b7bd4d9207264c143f76480b69aa3552b1cdaa79ee537d83f5ac
this.context['navigator']['taintEnabled']
#23 JavaScript::Eval (size: 32) - SHA256: a535a9a97ed5a801419c63a6e764dd3b24c8456f177155717caf9ba3411ef756
this.context['chrome']['search']
#24 JavaScript::Eval (size: 6482) - SHA256: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
var amzn_aps_csm = amzn_aps_csm || {};
amzn_aps_csm.errors = [], amzn_aps_csm.reportErrors = function(a) {
        var b, c;
        for (/^https?:\/\//.test(a) === !1 && (a = document.location.protocol + "//" + a), "/" !== a.substr(a.length - 1) && (a += "/"), b = 0; b < amzn_aps_csm.errors.length; b++) c = '{"adViewability":[{"error": {"m": "' + amzn_aps_csm.errors[b] + '"}}], "c": "aps_communicator", "api": "RTB", "error": 1}', "https:" === document.location.protocol && /^http:\/\//.test(a) === !0 && (a = a.replace("http://", "https://")), (new Image).src = a + c + "?cb=" + Math.round(1e7 * Math.random());
        amzn_aps_csm.errors = []
    },
    function(a) {
        function b(a) {
            return a ? a.replace(/^\s+|\s+$/g, "") : a
        }

        function c(a) {
            if (a && a.s) {
                var b, c = a.s.length > 0 ? a.s[0] : "",
                    d = a.s.length > 1 ? a.s[1] : "";
                c && (b = c.match(j)), b && 3 === b.length || !d || (b = d.match(i)), b && 3 === b.length && (a.f = b[1], a.l = b[2])
            }
        }

        function d(a, d) {
            if (d = d || {}, !a) return {};
            a.m && a.m.message && (a = a.m);
            var i, j, k, l, m, n = {
                    m: e(a, d),
                    c: a.c ? "" + a.c : a.c,
                    s: [],
                    l: a.l || a.line || a.lineno || a.lineNumber,
                    name: a.name,
                    type: a.type
                },
                o = 0,
                p = 0;
            if (i = a.stack || (a.err ? a.err.stack : ""), i && i.split)
                for (j = i.split("\n"); o < j.length && n.s.length < g;) k = j[o++], k && n.s.unshift(b(k));
            else
                for (l = f(a.args || arguments, "callee"), o = 0, p = 0; l && g > o;) m = h, l.skipTrace || (k = l.toString(), k && k.substr && (m = 0 === p ? 4 * h : m, m = 1 === p ? 2 * h : m, n.s.unshift(k.substr(0, m)), p++)), l = f(l, "caller"), o++;
            return !n.f && n.s.length > 0 && c(n), n
        }

        function e(a, b) {
            var c = b.m || b.message || "";
            return c += a.m && a.m.message ? a.m.message : a.m && a.m.target && a.m.target.tagName ? "Error handler invoked by " + a.m.target.tagName + " tag" : a.m ? a.m : a.message ? a.message : "Unknown error"
        }

        function f(a, b) {
            try {
                return a[b]
            } catch (c) {
                return ""
            }
        }
        var g = 20,
            h = 256,
            i = /\(?([^\s]*):(\d+):\d+\)?/,
            j = /.*@(.*):(\d*)/;
        a.constructErrorMessage = d
    }(amzn_aps_csm), window.JSON || (window.JSON = {
        parse: function(sJSON) {
            return eval("(" + sJSON + ")")
        },
        stringify: function() {
            var a = Object.prototype.toString,
                b = Array.isArray || function(b) {
                    return "[object Array]" === a.call(b)
                },
                c = {
                    '"': '\\"',
                    "\\": "\\\\",
                    "\b": "\\b",
                    "\f": "\\f",
                    "\n": "\\n",
                    "\r": "\\r",
                    "	": "\\t"
                },
                d = function(a) {
                    return c[a] || "\\u" + (a.charCodeAt(0) + 65536).toString(16).substr(1)
                },
                e = /[\\"\u0000-\u001F\u2028\u2029]/g;
            return function f(c) {
                var g, h, i, j;
                if (null == c) return "null";
                if ("number" == typeof c) return isFinite(c) ? c.toString() : "null";
                if ("boolean" == typeof c) return c.toString();
                if ("object" == typeof c) {
                    if ("function" == typeof c.toJSON) return f(c.toJSON());
                    if (b(c)) {
                        for (g = "[", h = 0; h < c.length; h++) g += (h ? ", " : "") + f(c[h]);
                        return g + "]"
                    }
                    if ("[object Object]" === a.call(c)) {
                        i = [];
                        for (j in c) c.hasOwnProperty(j) && i.push(f(j) + ": " + f(c[j]));
                        return "{" + i.join(", ") + "}"
                    }
                }
                return '"' + c.toString().replace(e, d) + '"'
            }
        }()
    }), amzn_aps_csm = amzn_aps_csm || {}, amzn_aps_csm.log = function(a) {
        try {
            -1 !== window.location.href.indexOf("csm_debug_mode") && window.console && window.console.log(a)
        } catch (b) {
            b.message && amzn_aps_csm.errors.push(b.message)
        }
    }, amzn_aps_csm.loadModules = function(a) {
        var b, c, d;
        try {
            for (b = 0; b < a.length; b++) {
                if (c = a[b].name, d = a[b].params || [], window.performance && window.performance.mark && "function" == typeof window.performance.mark && window.performance.mark("loadStart" + c), "[object Array]" !== Object.prototype.toString.call(d) && amzn_aps_csm.log("Params passed in the amzn_aps_csm.loadModules methods must be an array"), amzn_aps_csm[c]) {
                    if (void 0 === amzn_aps_csm[c].shortName) throw new amzn_aps_csm.invalidModuleException("Module shortName not defined for module " + c + ". ");
                    amzn_aps_csm[c].init.apply(amzn_aps_csm[c], d), amzn_aps_csm.log("Initiated " + c + " module")
                } else amzn_aps_csm.log("Undefined module " + c);
                window.performance && window.performance.mark && "function" == typeof window.performance.mark && (window.performance.mark("loadEnd" + c), window.performance.measure("lt" + amzn_aps_csm[c].shortName, "loadStart" + c, "loadEnd" + c))
            }
        } catch (e) {
            e.message && amzn_aps_csm.errors.push(e.message)
        }
    }, amzn_aps_csm.define = function(a) {
        var b, c, d, e, f, g, h, i;
        try {
            for (b = function(a) {
                    return "string" == typeof a ? amzn_aps_csm[a] : a
                }, c = Array.prototype.slice.call(arguments), d = c[0], e = c.length > 2 ? c[1] : [], f = c[c.length - 1], g = [], h = 0, i = e.length; i > h; h++) g.push(b(e[h]));
            amzn_aps_csm[d] = f.apply(f, g)
        } catch (j) {
            j.message && amzn_aps_csm.errors.push(j.message)
        }
    }, amzn_aps_csm.invalidModuleException = function(a) {
        this.value = a, this.message = "does not conform to the expected format of a module", this.toString = function() {
            return this.value + this.message
        }
    }, amzn_aps_csm = amzn_aps_csm || {}, amzn_aps_csm.define("eventUtils", [], function() {
        var a = {
            shortName: "eu"
        };
        return a.init = function() {
            amzn_aps_csm.log("Initializing eventUtils"), a.eventHandlers = []
        }, a.addEvent = function(b, c, d, e) {
            b.addEventListener ? b.addEventListener(c, d, e) : b.attachEvent && b.attachEvent("on" + c, d);
            var f = {
                elem: b,
                eventName: c,
                cb: d
            };
            a.eventHandlers.push(f)
        }, a.registerPostMessageHandler = function(a) {
            var b = window.addEventListener ? "addEventListener" : "attachEvent",
                c = window[b],
                d = "attachEvent" == b ? "onmessage" : "message";
            c(d, function(b) {
                a(b)
            }, !1)
        }, a
    }), amzn_aps_csm = amzn_aps_csm || {}, amzn_aps_csm.define("pixelQueue", [], function() {
        var a = {
            shortName: "pq"
        };
        return a.init = function() {}, a.firePixel = function(a, b, c) {
            if ("" !== b) {
                /^https?:\/\//.test(b) === !1 && (b = document.location.protocol + "//" + b), "/" != b.substr(b.length - 1) && (b += "/"), "https:" === document.location.protocol && /^http:\/\//.test(b) === !0 && (b = b.replace("http://", "https://"));
                try {
                    var d = JSON.parse(a);
                    d.ver = amzn_aps_csm.version, a = JSON.stringify(d)
                } catch (e) {}
                void 0 !== c && "" !== c && (b += c), (new Image).src = b + a + "?cb=" + Math.round(1e7 * Math.random())
            } else amzn_aps_csm.log("instrURL is empty")
        }, a
    }), amzn_aps_csm = amzn_aps_csm || {},
    function() {
        var a, b;
        amzn_aps_csm.loadModules([{
            name: "eventUtils",
            params: []
        }]);
        for (a in amzn_aps_csm.eventUtils) amzn_aps_csm.eventUtils.hasOwnProperty(a) && (amzn_aps_csm[a] = amzn_aps_csm.eventUtils[a]);
        amzn_aps_csm.loadModules([{
            name: "pixelQueue",
            params: []
        }]), b = 5, amzn_aps_csm.registerPostMessageHandler(function(a) {
            var c, d, e, f, g, h, i, j, k, l, m;
            if (amzn_aps_csm.log("parent received message!: ", a.data), amzn_aps_csm.log(a.origin), /pixelId/.test(a.data)) {
                for (c = a.source, d = 0; c.parent !== top && b > d;) c = c.parent, d++;
                for (e = {}, "object" == typeof apstag && null !== apstag && "function" == typeof apstag._getSlotIdToNameMapping && null !== apstag._getSlotIdToNameMapping() && (e = apstag._getSlotIdToNameMapping()), f = "", g = document.getElementsByTagName("iframe"), h = 0; h < g.length; h++)
                    if (g[h].contentWindow === c) {
                        i = g[h].parentElement;
                        do j = i.id, i = i.parentElement; while (e.hasOwnProperty(j) === !1 && "body" !== i.tagName.toLowerCase());
                        f = e[j] || j
                    }
                k = JSON.parse(a.data), l = decodeURIComponent(k.instrURL), m = {
                    sn: encodeURIComponent(f),
                    pixelId: k.pixelId
                }, /amazon-adsystem\.com/.test(l) && amzn_aps_csm.pixelQueue.firePixel(JSON.stringify(m), l, "")
            }
        })
    }();
#25 JavaScript::Eval (size: 39) - SHA256: aaa8c0ab87c7070701d0a29a610c65a4c1d29153c2d14623602acef3eea646dd
this.context['EventTarget']['toString']
#26 JavaScript::Eval (size: 41) - SHA256: 25fde17ee6ee622be6ebf83118c8802af55f2721a375a4017d6dec6edaf3b37b
this.context['DOMException']['ABORT_ERR']
#27 JavaScript::Eval (size: 21) - SHA256: 5f7d79033f82e1d81e2e6490b1fe43f241e2889aae35ea6d5f968ca697f5a577
this.context['close']
#28 JavaScript::Eval (size: 43) - SHA256: 0220aceb9c3413632235ce2598b94dd7a130a95558114c04ad41f9386b69777b
this.context['clientInformation']['vendor']
#29 JavaScript::Eval (size: 36) - SHA256: 2d498779a32244d72a8a7d953918ce95c00fab9d3b129b2a1c3125fb263ccb45
this.context['self']['SharedWorker']
#30 JavaScript::Eval (size: 165) - SHA256: 7e4302335da0ce23c817a82d8d34836aef6ef7fb136f731d4ba29a7e4d762a7b
apstag.punt({
    "cmp": "https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-LoopMe_n-onetag_pm-db5_rbd_n-MediaNet_cnv_n-Outbrain",
    "cb": "0"
})
#31 JavaScript::Eval (size: 22) - SHA256: 94ad18c1a336e08a4bfce57073e3f008391b324ebf524e0e7069827f300b075d
0,
function(T) {
    UL(2, T)
}
#32 JavaScript::Eval (size: 30) - SHA256: 7ceacb36606d6f6599d3ed5454c31152cb4417fb3c02ebb66431c4227a653726
this.context['clearImmediate']
#33 JavaScript::Eval (size: 46) - SHA256: e218a1ac15f252350ef2646dead414bf35db450215962e63da301cb7c3f064eb
this.context['navigator']['webkitGetGamepads']
#34 JavaScript::Eval (size: 31) - SHA256: fb71685befff6e5c6fb9e2dd5f9bea6c71a2a162b39920f3927ef5ebfcf0134d
this.context['BeforeLoadEvent']
#35 JavaScript::Eval (size: 19) - SHA256: 67909fba812519f6eced963d195970a41923b591290d48f96704719fc6b74ec5
this.context['NaN']

Executed Writes (8)
#1 JavaScript::Write (size: 249) - SHA256: d69309a446845fa51459fb0bf23ba7e57d8cbdfd2833b544627e64ec727a2102
<!-- Composite Start -->
< style >
    .mgbox.mgheader {
        display: none!important;
    } < /style> < div id = "M624865ScriptRootC991771" >
    < /div> < script src = "https://jsc.adskeeper.com/a/d/adtrue.ouo.press.991771.js"
async >
    < /script>
    <!-- Composite End -->
#2 JavaScript::Write (size: 3269) - SHA256: 9ea534669d7a1f4add6f723b6f0641f6a6ce49354bae4af493e996bb13e5e19b
< !DOCTYPE HTML > < html > < head > < /head><body><script type="text/javascript
">function showAdsByAdtrue(){document.getElementById("
adtrue_gc ").style.width = '105px';document.getElementById("
adtrue_gb ").style.display = 'none';document.getElementById("
adtrue_gs ").style.display = 'block';}function hideAdsByAdtrue(cb){setTimeout(function() {document.getElementById("
adtrue_gc ").style.width = '15px';document.getElementById("
adtrue_gb ").style.display = 'block';document.getElementById("
adtrue_gs ").style.display = 'none';}, 500);}</script><style>#block_adexchange svg:not(:root) {overflow: auto;!important}</style><div id="
block_adexchange " style="
width: 300 px;
height: 250 px;
position: relative;
font: 15 px / 1.2e m Arial, sans - serif!important;
">            <div dir="
ltr " id="
adtrue_gc " class="
adtrue_gc_12953 " style="
display: none;
width: 15 px;
height: 15 px;
height: 15 px;
position: absolute;
left: 0;
text - rendering: geometricprecision;
bottom: 0;
width: 15 px;
z - index: 9020;
">                <div id="
adtrue_gb " style="
display: block;
height: 100 % ;
" onmouseover="
showAdsByAdtrue()
"><svg width="
100 % " height="
100 % "><rect width="
100 % " height="
100 % " fill="
whitesmoke "/><svg stroke="
#000000" fill= "#000000"
x = "0px"
y = "0px" > < circle cx = "7.5px"
cy = "7.5px"
r = "5.5px"
fill = "none"
stroke - width = "1.1px" / > < circle cx = "7.5px"
cy = "4.75px"
r = "1px"
stroke = "none" / > < line x1 = "7.5px"
x2 = "7.5px"
y1 = "6.5px"
y2 = "11px"
fill = "none"
stroke - width = "1.75px" / > < /svg>                    </svg > < /div>                <div id="adtrue_gs" style="display: none;height: 100%;" onmouseleave="hideAdsByAdtrue()">                    <a target="_blank" href="https:/ / adtrue.com " style="
text - decoration: none;
" id="
abgl ">                        <svg height="
100 % " width="
100 % ">                        <path transform="
matrix(-1.18971, -0.00136069, 0.00161882, -0.999999, 105, 15)
" d="
M0, 0 l96, 0 l0, 15 l - 92, 0 s - 4, 0, -4, -4 Z " fill="
whitesmoke "/>                        <svg width="
34 px " y="
11 px " x="
17 px " overflow="
visible ">                        <text transform="
scale(0.11121408415723971)
" font-size="
100 px " font-family="
Arial " fill="
dimgray ">Ads by</text>                        </svg>                        <svg width="
38 px " y="
11 px " x="
53 px " overflow="
visible ">                        <text transform="
scale(0.11784163440459683)
" font-weight="
bold " font-size="
100 px " font-family="
Arial " fill="
black ">Adtrue</text>                        </svg>                        <svg y="
0 px " x="
0 px " fill="
#000000" stroke= "#000000" > < circle stroke - width = "1.1px"
fill = "none"
r = "5.5px"
cy = "7.5px"
cx = "7.5px" / > < circle stroke = "none"
r = "1px"
cy = "4.75px"
cx = "7.5px" / > < line stroke - width = "1.75px"
fill = "none"
y2 = "11px"
y1 = "6.5px"
x2 = "7.5px"
x1 = "7.5px" / > < /svg>                        </svg > < /a>                </div > < /div><script type="text/javascript
">document.write('<script type="
text / javascript " src=" //exchange.adtrue.com/delivery/impress?pzoneid=12953&ref=https%3A%2F%2Fouo.press%2F599QOVX&cb=256337203&timeZone=0&adWidth=300&adHeight=250&loc=https://ouo.press/599QOVX"></'+'script>');</script>        </div></body></html>
#3 JavaScript::Write (size: 216) - SHA256: ac534fbd94d131be8a2dc81ac6656cd8aabead15127ba3523879579e5d966a08
< script type = "text/javascript"
src = "//exchange.adtrue.com/delivery/impress?pzoneid=12953&ref=https%3A%2F%2Fouo.press%2F599QOVX&cb=256337203&timeZone=0&adWidth=300&adHeight=250&loc=https://ouo.press/599QOVX" > < /script>
#4 JavaScript::Write (size: 3384) - SHA256: ed7ca95a5ef57501bb0f1bdb3b35bdfd68d026942a6f2a7de907b43ca6bd1782
< script async src = "//cdn.adtrue.com/pb/prebid.js" > < /script><script>var zoneId = 12953;var sizes = [[300, 250]];var REFRESH = 60000;var REFRESH_TIMES = 3;var generateRandomString = Math.random().toString(36).substring(2, 15) + Math.random().toString(36).substring(2, 10);var adTagId = "adtrue_ads_" + zoneId + "_" + generateRandomString;var PREBID_TIMEOUT = 1000;var adUnits = [{code: adTagId,mediaTypes: {banner: {sizes: sizes,},},bids: [{bidder: 'pubmatic',params: {publisherId: '155495',adSlot: 'ouo.press_300x250_direct@300x250'}}, {bidder: 'openx',params: {unit: '558223497',delDomain: 'fptadtrue-d.openx.net',customFloor: 0.1}}, {bidder: 'criteo',params: {networkId: 10692,publisherSubId: zoneId}}, {bidder: 'oftmedia',params: {placementId: 27389997,reserve: 0.03}}],}, ];var pbjs = pbjs || {};pbjs.que = pbjs.que || [];pbjs.que.push(function() {pbjs.addAdUnits(adUnits);pbjs.requestBids({timeout: PREBID_TIMEOUT,bidsBackHandler: handlerPassback,});pbjs.setConfig({"schain": {"validation": "strict","config": {"ver": "1.0","complete": 1,"nodes": [{"asi": "adtruesyndication.com","sid": "3363","hp": 1}]}}});pbjs.setConfig({"bidders": ["oftmedia"],"schain": {"validation": "relaxed","config": {"ver": "1.0","complete": 1,"nodes": [{"asi": "152media.info","sid": "152M351","hp": 1}]}}});pbjs.setConfig({userSync: {filterSettings: {iframe: {bidders: "*",filter: "include",},},userIds: [{name: "criteo",}, ],},});pbjs.enableAnalytics({provider: 'adtrue',options: {"zoneId": 12953,"publisherId": 3363}});});function refreshBid() {pbjs.que.push(function() {pbjs.requestBids({timeout: PREBID_TIMEOUT,bidsBackHandler: handlerPassback,});});}var ntimes = 0;var intervalID = setInterval(function() {ntimes++;if (ntimes > REFRESH_TIMES) {window.clearInterval(intervalID);}refreshBid();}, REFRESH);function handlerPassback() {var iframe = document.getElementById(adTagId);var iframeDoc = iframe.contentWindow.document;var adServerTargeting = pbjs.getAdserverTargetingForAdUnitCode(adTagId);/ * If any bidders
return any creatives * /if (adServerTargeting && adServerTargeting["hb_adid"]) {pbjs.renderAd(iframeDoc, adServerTargeting["hb_adid"]);} else {iframe.width = sizes[0][0];iframe.height = sizes[0][1];iframeDoc.write("<head></head > < body > " + passbackTagHtml + " < /body>");iframeDoc.close();}}var passbackTagHtml = '<script type="text\/javascript">' + "var adtrue_passback = {adtrue_pzoneid:'" + zoneId + "'};" + "<\/script>" + '<script type="text\/javascript" src="/ / cdn.adtrue.com / rtb / passback.js "><\/script>';</script><iframe id="
pb_iframe " frameborder="
0 " scrolling="
no " marginheight="
0 " marginwidth="
0 " TOPMARGIN="
0 " LEFTMARGIN="
0 " ALLOWTRANSPARENCY="
true " width="
0 " height="
0 "></iframe><script>var iframe = document.getElementById("
pb_iframe ");iframe.setAttribute("
id ", adTagId);</script><script type="
text / javascript ">(function() {var purl = window.location.href;var url = '//ads.pubmatic.com/AdServer/js/pwt/155495/4202';var profileVersionId = '';if (purl.indexOf('pwtv=') > 0) {var regexp = /pwtv=(.*?)(&|$)/g;var matches = regexp.exec(purl);if (matches.length >= 2 && matches[1].length > 0) {profileVersionId = '/' + matches[1];}}var wtads = document.createElement('script');wtads.async = true;wtads.type = 'text/javascript';wtads.src = url + profileVersionId + '/pwt.js';var node = document.getElementsByTagName('script')[0];node.parentNode.insertBefore(wtads, node);})();</script>
#5 JavaScript::Write (size: 351) - SHA256: fff63840da920357d917cb320aac2e312b942efd616788e7a4faf10f4d861f6a
< iframe name = "pbeacon"
frameborder = "0"
allowtransparency = "true"
hspace = "0"
vspace = "0"
marginheight = "0"
marginwidth = "0"
scrolling = "no"
width = "0"
height = "0"
style = "position:absolute;top:-20000px;"
src = "//track.adtrue.com/track/request?pzoneid=12953&domain=ouo.press&ref=https%3A%2F%2Fouo.press%2F599QOVX&loc=https%3A%2F%2Fouo.press%2F599QOVX" > < /iframe>
#6 JavaScript::Write (size: 173) - SHA256: 642f9705ec7d8c7b0f907d5fecc582d31d93a78c244f05c938e36bf016fe9d3c
< body style = "background-color:white;margin:0px;padding:0px;" > < div id = "c" > < /div><script src="https:/ / ecdn.firstimpression.io / static / js / fiamp.js "></script></body>
#7 JavaScript::Write (size: 192) - SHA256: df9913e17da94cf021a5cf7de21a12683e6020ed3b2cbeb6dca1f3169fdf87a4
< head > < /head><body><script type="text/javascript
">var adtrue_passback = {adtrue_pzoneid:'12953'};</script><script type="
text / javascript " src=" //cdn.adtrue.com/rtb/passback.js"></script></body>
#8 JavaScript::Write (size: 132) - SHA256: 4a5a1492eb73b9f00c7f1acb311c87a8b805950ff8184c0ad1f311cdba331e9b
< script type = "text/javascript"
src = "//exchange.adtrue.com/tag/passback?adtrue_pzoneid=12953&divid=836192025&ref=undefined" > < /script>


HTTP Transactions (111)


Request Response
                                        
                                            GET /599QOVX HTTP/1.1 
Host: ouo.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         172.67.6.151
HTTP/1.1 301 Moved Permanently
                                        
Date: Mon, 14 Nov 2022 21:50:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 14 Nov 2022 22:50:32 GMT
Location: https://ouo.io/599QOVX
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76a2f69b7fd00b4d-OSL

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "9C297CCFD178EEC7E472FB64A6B2E34D4C7A6DEC32870F49982353E590196BA0"
Last-Modified: Mon, 14 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10314
Expires: Tue, 15 Nov 2022 00:42:26 GMT
Date: Mon, 14 Nov 2022 21:50:32 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5538
Cache-Control: max-age=137583
Date: Mon, 14 Nov 2022 21:50:32 GMT
Etag: "637218f5-1d7"
Expires: Wed, 16 Nov 2022 12:03:35 GMT
Last-Modified: Mon, 14 Nov 2022 10:31:17 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "DB1A82D8A2BACC0257B87EFEC0C365C1B769700FA27CE928321E082505F1D72A"
Last-Modified: Sun, 13 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14201
Expires: Tue, 15 Nov 2022 01:47:13 GMT
Date: Mon, 14 Nov 2022 21:50:32 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1600
Cache-Control: max-age=86077
Date: Mon, 14 Nov 2022 21:50:32 GMT
Etag: "63715f25-117"
Expires: Tue, 15 Nov 2022 21:45:09 GMT
Last-Modified: Sun, 13 Nov 2022 21:18:29 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: pNG2/x9d4fIOn5ay72MeSNDFjBYSsgNlIKq3RGmJYdaXSkQFhAXaY8ksz69tQhV1Im2sEdQhVuw=
x-amz-request-id: 2WHCWK64ANSXT4YH
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 14 Nov 2022 20:51:15 GMT
age: 3557
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    67d5a988edcda47bc3b3b3f65d32b4b6
Sha1:   d4f0e0da8b3690cc7da925026d3414b68c7d954f
Sha256: 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Backoff, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 14 Nov 2022 21:44:35 GMT
cache-control: public,max-age=3600
age: 357
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    d130218d0e2841f39c99610fe1a2ab90
Sha1:   29fbe1e177ee55c7a61ae0a206afff271cf5f945
Sha256: 6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Mon, 14 Nov 2022 21:50:32 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3735
Cache-Control: max-age=163090
Date: Mon, 14 Nov 2022 21:50:33 GMT
Etag: "637283a4-116"
Expires: Wed, 16 Nov 2022 19:08:43 GMT
Last-Modified: Mon, 14 Nov 2022 18:06:28 GMT
Server: ECS (amb/6BC6)
X-Cache: HIT
Content-Length: 278

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Cache-Control, Retry-After, Content-Length, Expires, ETag, Pragma, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 14 Nov 2022 21:25:01 GMT
cache-control: public,max-age=3600
age: 1532
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3406
Cache-Control: max-age=130394
Date: Mon, 14 Nov 2022 21:50:33 GMT
Etag: "63720535-1d7"
Expires: Wed, 16 Nov 2022 10:03:47 GMT
Last-Modified: Mon, 14 Nov 2022 09:07:01 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: zqHXxVl8XxIRzXOun/An4A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         34.223.160.237
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: rAsbLFi5Fnv1KEMai4WY1z9yjYg=

                                        
                                            GET /images/world.png HTTP/1.1 
Host: ouo.press
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/599QOVX
Cookie: ouoio_session=eyJpdiI6Imh2cU1FV1E1UzZkXC9BTkkrVFhsMTQrWVY4M1FJTzE1N1BPSDErWmczWVlVPSIsInZhbHVlIjoicGp1S3BNRGtWM3dGMk11Y2lPUWprTGhQREdTSlEzbTRmYnRLTXFwMzZSK0lraXNQRmp3Q1wveFhncjJTa0xlbjFaRnRjYXFjQTA2c2YxRG9pSHp0c1wvUT09IiwibWFjIjoiMTQzMjRkMDZjM2QzNmJkNDg2YzE4YTI0NzhlNDE2OWYzNjQ5ZGU2ZWZhYjAyYmM5NWIwYmYzMTBmZjYyODgxNSJ9; language=eyJpdiI6IlFMZmtNck5PMGc4dnVRZGEwWGlQcmpYUnhMTjJnTnNxd3AzcTk5enExaW89IiwidmFsdWUiOiIrc1l6UStydGd6Q0R2THA5K3ZvVnJQV0pRakJHWllVbzI5bmNKQWJyais4PSIsIm1hYyI6ImJlNzZkODE5MDIyM2M0NmIxMDhjOTY2OWM1Nzg4NjcwM2ViNDMzMjFkZjdhNzZmYzkwNjJhNmE0YTdlMjZkMzQifQ%3D%3D; 4d7629e91c7ced43a05241f90a078681f28dc2ac=eyJpdiI6IkExeGxIV2VFV01vZnFNUmhEeHJjRmdWWW9vS1U1RjRQdEpXc29HbVNcL1gwPSIsInZhbHVlIjoiRzlkZ2o4WStBRHRDNUVMZ0EzSjBDVlZiaGtLQnZPXC9FdzRUOVIzK09qaE82dTFxZW5tWjR2WThSeVRaYjhwQlhrK2Q3NU1yVVpyS05NQ2JIVVVYa3hncGlRWit0OGRsUnZrQ0lZSHAxamRBcFNyTFwvMnFtcjFzZWcwVTUxZFRld3ZkY3dmSHRzNWFTVG0yYThiVnhKVDRaYmlXbGlcL0dQQnVxaVd3T3diTytRNEkrdmRCWjR0TUtzdjdBZ0JhWGVRNm1zVTdXa2dicXdmVjkyNFZCVHBkT1pOaDgrQlliNldJTTZQNDN3cCtcL1NZT2ZmeEl6UnI3dzJ6QzdJSmtBWWp0VmJFTHk2ZlRCZXA5TVNYanNoWmdFdXZLeHdHcFB0OXFoZjRMbURNQnF5VEFKb1VFVmFGQXpjN0dUV0RjWEt5Smx6dys5ZlRNQllzajVvZnh2SGpQdnQ3VHUrWlppTkZjeDVieFU1Z3NZb1hFZ1RcL3o1YnpVSEdqcG9cL2NCUEFrIiwibWFjIjoiZWI2MGEwYmQxNmY4MWY2MWIwYTgxMmJlNWU1YjQzN2NjZjc2YzM4YjQxYTU1OGE0NDc5YmU2NjNkMWFmMGM5YSJ9; __cf_bm=m1VhDvahQ2aL3Nc3chd3GBPA3KVmCQKhzfKjoVZc6jo-1668462633-0-AVNZRmNOoF3xzmV68neLcSPl5U2wUHuvbDrxCuyTTEeHAUUl5WpBj35kQLIt51X4tvVT6sVu/LnvEmHeROOe3pg=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         172.67.22.15
HTTP/2 200 OK
content-type: image/png
                                        
date: Mon, 14 Nov 2022 21:50:33 GMT
content-length: 5692
cache-control: max-age=2592000
cf-bgj: imgq:85,h2pri
cf-polished: status=not_needed
etag: "5549a07c-163c"
expires: Sat, 03 Dec 2022 22:33:44 GMT
last-modified: Wed, 06 May 2015 05:02:52 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 947809
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a2f6a499d1fab8-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Size:   5692
Md5:    4eea420a8830a6d695114427bf52b556
Sha1:   35579e7f1a656beb3a07a7093166ff37c634bade
Sha256: 70f03c74cc197cf154af36fa552a448d9ffebb55081c96e55ef4cf469123fe22
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3336
Cache-Control: max-age=104043
Date: Mon, 14 Nov 2022 21:50:33 GMT
Etag: "63719e8c-118"
Expires: Wed, 16 Nov 2022 02:44:36 GMT
Last-Modified: Mon, 14 Nov 2022 01:49:00 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 280

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 14 Nov 2022 21:50:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 14 Nov 2022 21:50:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3336
Cache-Control: max-age=104043
Date: Mon, 14 Nov 2022 21:50:33 GMT
Etag: "63719e8c-118"
Expires: Wed, 16 Nov 2022 02:44:36 GMT
Last-Modified: Mon, 14 Nov 2022 01:49:00 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 280

                                        
                                            GET /recaptcha/api.js?render=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.164
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
expires: Mon, 14 Nov 2022 21:50:33 GMT
date: Mon, 14 Nov 2022 21:50:33 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 585
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (884), with no line terminators
Size:   585
Md5:    d36fbadc19583158e0e17f2600407814
Sha1:   e99295beaa7c52e0b1f42759c67b40aebe4bab10
Sha256: dbf530370a0136951085663be32f33ad5e3a01e1a2883eebbd518fbee9816f50
                                        
                                            GET /static/js/fab.js HTTP/1.1 
Host: ecdn.analysis.fi
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         54.230.111.8
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 4240
server: nginx/1.20.0
last-modified: Tue, 14 Dec 2021 15:30:51 GMT
access-control-allow-origin: *
accept-ranges: bytes
date: Mon, 14 Nov 2022 21:23:10 GMT
expires: Mon, 14 Nov 2022 22:23:10 GMT
cache-control: max-age=3600
etag: "61b8b8ab-1090"
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: bw0HLSHWQn9cgt5ULaRy_X-oc8taH3Spb-xtpJjLJIibo2L2J5ovtg==
age: 1643
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (574)
Size:   4240
Md5:    28a0bef1ecb63168106f97b637ab3414
Sha1:   e577575dd115f6a95aea8c2ae87d2c30c8464728
Sha256: d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 14 Nov 2022 21:50:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 14 Nov 2022 21:50:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "8FC87491C7123547D40904B193D58AABDDDB4746E268E3569AD9B9E4B52CC029"
Last-Modified: Sun, 13 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9307
Expires: Tue, 15 Nov 2022 00:25:40 GMT
Date: Mon, 14 Nov 2022 21:50:33 GMT
Connection: keep-alive

                                        
                                            GET /1clkn/48786 HTTP/1.1 
Host: tv.gourdycortes.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         23.109.82.38
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Server: nginx
Date: Mon, 14 Nov 2022 21:50:33 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Set-Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; expires=Tue, 15-Nov-2022 21:50:33 GMT; Max-Age=86400; path=/; secure; SameSite=None GL_GI10=eJxNjM0KgkAYRW0qSwrjQg%2FQC2T%2Fi7bVMnThAwxmXzFg84kz%2FdjTpwbR5nI4cK7jOGLsQ6gcw%2B0i2M6D9TJYbNZoX4khwgjDlO%2FaFqXUyY3ghlw8kxJuQVfFGmK%2BwuDLMuUzoRtG0z%2FXRIPIZDzZ1z8lOqmqt1bwav52vaprXFuZHP4uU69JzNndVi8GniYrTU50hrdPThnNDvER%2Fs82H24LfWVkXvCrrHhk1Y3erEny5WLIVqr1cMUHDLFHVQ%3D%3D; expires=Tue, 15-Nov-2022 21:50:33 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   26
Md5:    414a242a6fee8464282857e475d3ef61
Sha1:   f669890350347f53aa9bd19c1a355692e8d17d2f
Sha256: d4914e81dd0b4c1d8ee8e789f6b369d107b93ac886f862930e1a98580e79aafa
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "54933E6FA9DA70F7366531C2B36A4DEE2C83AB31AACB74C893A524CA4B97CEB9"
Last-Modified: Mon, 14 Nov 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12496
Expires: Tue, 15 Nov 2022 01:18:50 GMT
Date: Mon, 14 Nov 2022 21:50:34 GMT
Connection: keep-alive

                                        
                                            GET /ed/36/01/ed36014633829dc70a42dccaefdf3f11.js HTTP/1.1 
Host: itineraryupper.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         173.233.137.44
HTTP/1.1 403 Forbidden
Content-Type: application/javascript
                                        
Server: nginx/1.19.5
Date: Mon, 14 Nov 2022 21:50:34 GMT
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /images/widgetIcons/achoice.svg HTTP/1.1 
Host: widgets.outbrain.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         23.38.201.81
HTTP/2 200 OK
content-type: image/svg+xml
                                        
accept-ranges: bytes
etag: "9d26fa4e7238ed94f1d0d92afb453b3e:1662969032.874716"
last-modified: Mon, 12 Sep 2022 07:37:47 GMT
server: AkamaiNetStorage
content-length: 2735
cache-control: max-age=2592000
expires: Wed, 14 Dec 2022 21:50:34 GMT
date: Mon, 14 Nov 2022 21:50:34 GMT
timing-allow-origin: *, *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2290)
Size:   2735
Md5:    9d26fa4e7238ed94f1d0d92afb453b3e
Sha1:   ae18efe7d09337bf2f580b3f5bc912284aad7821
Sha256: 2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: ouo.press
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/599QOVX
Cookie: ouoio_session=eyJpdiI6Imh2cU1FV1E1UzZkXC9BTkkrVFhsMTQrWVY4M1FJTzE1N1BPSDErWmczWVlVPSIsInZhbHVlIjoicGp1S3BNRGtWM3dGMk11Y2lPUWprTGhQREdTSlEzbTRmYnRLTXFwMzZSK0lraXNQRmp3Q1wveFhncjJTa0xlbjFaRnRjYXFjQTA2c2YxRG9pSHp0c1wvUT09IiwibWFjIjoiMTQzMjRkMDZjM2QzNmJkNDg2YzE4YTI0NzhlNDE2OWYzNjQ5ZGU2ZWZhYjAyYmM5NWIwYmYzMTBmZjYyODgxNSJ9; language=eyJpdiI6IlFMZmtNck5PMGc4dnVRZGEwWGlQcmpYUnhMTjJnTnNxd3AzcTk5enExaW89IiwidmFsdWUiOiIrc1l6UStydGd6Q0R2THA5K3ZvVnJQV0pRakJHWllVbzI5bmNKQWJyais4PSIsIm1hYyI6ImJlNzZkODE5MDIyM2M0NmIxMDhjOTY2OWM1Nzg4NjcwM2ViNDMzMjFkZjdhNzZmYzkwNjJhNmE0YTdlMjZkMzQifQ%3D%3D; 4d7629e91c7ced43a05241f90a078681f28dc2ac=eyJpdiI6IkExeGxIV2VFV01vZnFNUmhEeHJjRmdWWW9vS1U1RjRQdEpXc29HbVNcL1gwPSIsInZhbHVlIjoiRzlkZ2o4WStBRHRDNUVMZ0EzSjBDVlZiaGtLQnZPXC9FdzRUOVIzK09qaE82dTFxZW5tWjR2WThSeVRaYjhwQlhrK2Q3NU1yVVpyS05NQ2JIVVVYa3hncGlRWit0OGRsUnZrQ0lZSHAxamRBcFNyTFwvMnFtcjFzZWcwVTUxZFRld3ZkY3dmSHRzNWFTVG0yYThiVnhKVDRaYmlXbGlcL0dQQnVxaVd3T3diTytRNEkrdmRCWjR0TUtzdjdBZ0JhWGVRNm1zVTdXa2dicXdmVjkyNFZCVHBkT1pOaDgrQlliNldJTTZQNDN3cCtcL1NZT2ZmeEl6UnI3dzJ6QzdJSmtBWWp0VmJFTHk2ZlRCZXA5TVNYanNoWmdFdXZLeHdHcFB0OXFoZjRMbURNQnF5VEFKb1VFVmFGQXpjN0dUV0RjWEt5Smx6dys5ZlRNQllzajVvZnh2SGpQdnQ3VHUrWlppTkZjeDVieFU1Z3NZb1hFZ1RcL3o1YnpVSEdqcG9cL2NCUEFrIiwibWFjIjoiZWI2MGEwYmQxNmY4MWY2MWIwYTgxMmJlNWU1YjQzN2NjZjc2YzM4YjQxYTU1OGE0NDc5YmU2NjNkMWFmMGM5YSJ9; __cf_bm=m1VhDvahQ2aL3Nc3chd3GBPA3KVmCQKhzfKjoVZc6jo-1668462633-0-AVNZRmNOoF3xzmV68neLcSPl5U2wUHuvbDrxCuyTTEeHAUUl5WpBj35kQLIt51X4tvVT6sVu/LnvEmHeROOe3pg=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         172.67.22.15
HTTP/2 200 OK
content-type: image/x-icon
                                        
date: Mon, 14 Nov 2022 21:50:34 GMT
content-length: 0
last-modified: Sat, 14 Feb 2015 06:41:24 GMT
etag: "54deee14-0"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=86400
cf-cache-status: HIT
age: 6868
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a2f6a89c33fab8-OSL
X-Firefox-Spdy: h2

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 14 Nov 2022 21:50:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 14 Nov 2022 21:50:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250 HTTP/1.1 
Host: ad.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.102
HTTP/2 200 OK
content-type: image/x-icon
                                        
accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 104
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Mon, 14 Nov 2022 12:36:02 GMT
expires: Tue, 15 Nov 2022 12:36:02 GMT
cache-control: public, max-age=86400
age: 33272
last-modified: Tue, 08 May 2012 13:08:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  MS Windows icon resource - 2 icons, 16x16, 16 colors, 32x32, 16 colors\012- data
Size:   104
Md5:    32ac8a9b81788b981a3a7e13c14082d4
Sha1:   fbfd48a2bfe8d4247a975176f88d18c3c2ad1952
Sha256: 00cc7617e054596ff0aaabd8a93a9214dc5304bfe317316022dbf4fb3ea073d2
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 14 Nov 2022 21:50:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ouo.press
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19292
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 14 Nov 2022 20:03:35 GMT
expires: Tue, 14 Nov 2023 20:03:35 GMT
cache-control: public, max-age=31536000
age: 6419
last-modified: Wed, 27 Apr 2022 16:12:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 19292, version 1.0\012- data
Size:   19292
Md5:    19007b17e56daa60133bce9e9b352a95
Sha1:   bac1384caeae5762e7a1d8c18037f69c8cd21bc4
Sha256: fd88a03358ba14440b78c6329717bdf6ed1a9fe97c3ad4e0a0a39d31fb1ac546
                                        
                                            GET /recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/recaptcha__en.js HTTP/1.1 
Host: www.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.163
HTTP/2 200 OK
content-type: text/javascript
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162590
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 13 Nov 2022 09:37:41 GMT
expires: Mon, 13 Nov 2023 09:37:41 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 07 Nov 2022 23:32:29 GMT
age: 130373
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (668)
Size:   162590
Md5:    70dc760a0efad09d703883a39f7683b2
Sha1:   2bc70f2a100ff27d27a89d563dfe279590c8336b
Sha256: 2bc59eab94309c59fba62afa40dfd841fb83760714e9ec7248ce3e10ae05fd19
                                        
                                            GET /css?family=Questrial HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 14 Nov 2022 21:50:33 GMT
date: Mon, 14 Nov 2022 21:50:33 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 14 Nov 2022 21:50:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /AdServer/js/pwt/155495/4202/pwt.js HTTP/1.1 
Host: ads.pubmatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         23.38.200.201
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Wed, 27 Oct 2021 05:33:12 GMT
etag: "1241a12-3fca8-5cf4eee137dd8"
server: Apache
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: https://ci-va2qa-mgmt.pubmatic.com
x-xss-protection: 1; mode=block
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 80538
cache-control: max-age=158790
expires: Wed, 16 Nov 2022 17:57:04 GMT
date: Mon, 14 Nov 2022 21:50:34 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   80538
Md5:    6a4ce36b0d03543974d71b88fa37145d
Sha1:   a5c1750aab7489f287c98bae25f5afff0ed16ce8
Sha256: 30fb02ff951a4220268d02c95e2dbd16adfad28b179a89e9643d75ade8809aaf
                                        
                                            GET /css/bootstrap.css HTTP/1.1 
Host: ouo.press
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/599QOVX
Cookie: ouoio_session=eyJpdiI6Imh2cU1FV1E1UzZkXC9BTkkrVFhsMTQrWVY4M1FJTzE1N1BPSDErWmczWVlVPSIsInZhbHVlIjoicGp1S3BNRGtWM3dGMk11Y2lPUWprTGhQREdTSlEzbTRmYnRLTXFwMzZSK0lraXNQRmp3Q1wveFhncjJTa0xlbjFaRnRjYXFjQTA2c2YxRG9pSHp0c1wvUT09IiwibWFjIjoiMTQzMjRkMDZjM2QzNmJkNDg2YzE4YTI0NzhlNDE2OWYzNjQ5ZGU2ZWZhYjAyYmM5NWIwYmYzMTBmZjYyODgxNSJ9; language=eyJpdiI6IlFMZmtNck5PMGc4dnVRZGEwWGlQcmpYUnhMTjJnTnNxd3AzcTk5enExaW89IiwidmFsdWUiOiIrc1l6UStydGd6Q0R2THA5K3ZvVnJQV0pRakJHWllVbzI5bmNKQWJyais4PSIsIm1hYyI6ImJlNzZkODE5MDIyM2M0NmIxMDhjOTY2OWM1Nzg4NjcwM2ViNDMzMjFkZjdhNzZmYzkwNjJhNmE0YTdlMjZkMzQifQ%3D%3D; 4d7629e91c7ced43a05241f90a078681f28dc2ac=eyJpdiI6IkExeGxIV2VFV01vZnFNUmhEeHJjRmdWWW9vS1U1RjRQdEpXc29HbVNcL1gwPSIsInZhbHVlIjoiRzlkZ2o4WStBRHRDNUVMZ0EzSjBDVlZiaGtLQnZPXC9FdzRUOVIzK09qaE82dTFxZW5tWjR2WThSeVRaYjhwQlhrK2Q3NU1yVVpyS05NQ2JIVVVYa3hncGlRWit0OGRsUnZrQ0lZSHAxamRBcFNyTFwvMnFtcjFzZWcwVTUxZFRld3ZkY3dmSHRzNWFTVG0yYThiVnhKVDRaYmlXbGlcL0dQQnVxaVd3T3diTytRNEkrdmRCWjR0TUtzdjdBZ0JhWGVRNm1zVTdXa2dicXdmVjkyNFZCVHBkT1pOaDgrQlliNldJTTZQNDN3cCtcL1NZT2ZmeEl6UnI3dzJ6QzdJSmtBWWp0VmJFTHk2ZlRCZXA5TVNYanNoWmdFdXZLeHdHcFB0OXFoZjRMbURNQnF5VEFKb1VFVmFGQXpjN0dUV0RjWEt5Smx6dys5ZlRNQllzajVvZnh2SGpQdnQ3VHUrWlppTkZjeDVieFU1Z3NZb1hFZ1RcL3o1YnpVSEdqcG9cL2NCUEFrIiwibWFjIjoiZWI2MGEwYmQxNmY4MWY2MWIwYTgxMmJlNWU1YjQzN2NjZjc2YzM4YjQxYTU1OGE0NDc5YmU2NjNkMWFmMGM5YSJ9; __cf_bm=m1VhDvahQ2aL3Nc3chd3GBPA3KVmCQKhzfKjoVZc6jo-1668462633-0-AVNZRmNOoF3xzmV68neLcSPl5U2wUHuvbDrxCuyTTEeHAUUl5WpBj35kQLIt51X4tvVT6sVu/LnvEmHeROOe3pg=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         172.67.22.15
HTTP/2 200 OK
content-type: text/css
                                        
date: Mon, 14 Nov 2022 21:50:33 GMT
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=109522
etag: W/"54def1fc-1abd2"
expires: Tue, 15 Nov 2022 08:55:54 GMT
last-modified: Sat, 14 Feb 2015 06:58:04 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 3279
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a2f6a489bdfab8-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65452)
Size:   41000
Md5:    49d5bb7174977b56b8759031a5bb4fe7
Sha1:   f94960ed8240338fde76ec8c33ed589e083bd12c
Sha256: 16ef2a1c83e27ca186c9469aa4786556cfa3f0ca5288bd88203d7b4a356896d8
                                        
                                            POST / HTTP/1.1 
Host: status.geotrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5426
Cache-Control: max-age=153279
Date: Mon, 14 Nov 2022 21:50:34 GMT
Etag: "637256b7-1d7"
Expires: Wed, 16 Nov 2022 16:25:13 GMT
Last-Modified: Mon, 14 Nov 2022 14:54:47 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4657
Cache-Control: max-age=138836
Date: Mon, 14 Nov 2022 21:50:34 GMT
Etag: "6372214d-139"
Expires: Wed, 16 Nov 2022 12:24:30 GMT
Last-Modified: Mon, 14 Nov 2022 11:06:53 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 313

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 14 Nov 2022 21:50:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /c.js HTTP/1.1 
Host: hhklc.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.21.70.122
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Mon, 14 Nov 2022 21:50:33 GMT
last-modified: Fri, 11 Nov 2022 16:10:23 GMT
etag: W/"636e73ef-2218"
server-asp-net: Asp Net
expires: Mon, 14 Nov 2022 22:01:54 GMT
cache-control: public, max-age=14400
cf-cache-status: HIT
age: 2019
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FwIu0zDeVo3ehR32iHcxdHQIlpa2lEXD%2BeqR6afiK%2FtzbKyaYu8xbyun4z0OYnU5zcdGSVfQ%2BnwmwcJLZ6M4nuvo3yZp83AL1e76l4dmvrkzH4A9ufuEIk5TUW8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a2f6a4d90db4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (8728), with no line terminators
Size:   2376
Md5:    481eefb00300e5d54aee0fb888437b81
Sha1:   474474f522c701e04737fbe59da8bdb398f08a8a
Sha256: 38e65c0ca6f82e2a3ba5556089a8fb247cd2ded7f3bd616cd6dc38a8449b0d7d
                                        
                                            GET /w/1.0/arj?ju=https%3A%2F%2Fouo.press%2F599QOVX&ch=UTF-8&res=1280x1024x24&ifr=true&tz=0&tws=1280x939&be=1&bc=hb_pb_3.0.3&dddid=3749e50d-c635-4e24-8cf6-c8a276fe9fd8&nocache=1668462634625&aus=300x250&divids=adtrue_ads_12953_chyytnmu5qs915ysp9j&aucs=adtrue_ads_12953_chyytnmu5qs915ysp9j&auid=558223497&aumfs=100 HTTP/1.1 
Host: fptadtrue-d.openx.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.98.64.218
HTTP/2 200 OK
content-type: application/json
                                        
vary: Accept, Accept-Encoding
server: OXGW/0.0.0
pragma: no-cache
p3p: CP="CUR ADM OUR NOR STA NID"
expires: Mon, 26 Jul 1997 05:00:00 GMT
date: Mon, 14 Nov 2022 21:50:34 GMT
content-length: 79
content-encoding: gzip
cache-control: private, max-age=0, no-cache
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   79
Md5:    511bb8190455cd02dddf4a363f856824
Sha1:   01703148d3768c334228dd5db79908998c09a297
Sha256: ac7ec0cf5df62527b21a5d9c6243328575ff28c9b85f64e286e3887ccb087cc6
                                        
                                            GET /gtag/js?id=GTM-NPLC9ST HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.adtrue.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.168
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 14 Nov 2022 21:50:34 GMT
expires: Mon, 14 Nov 2022 21:50:34 GMT
cache-control: private, max-age=900
last-modified: Mon, 14 Nov 2022 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 47044
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1921)
Size:   47044
Md5:    ca2b84596fe8b0364c8516e2bdcff13f
Sha1:   b876bde74d2f3cca53781c0d2a381f315980fdf8
Sha256: ea6ab8ee9dd132d841d70a0fd38782952c0ac4d3f28403d05cd588cf196c9b45
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1F54C0FA57EA62F131E173D4A365D6D2D4D10E0993EB69EAF9E27D3788A5DAF8"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10960
Expires: Tue, 15 Nov 2022 00:53:14 GMT
Date: Mon, 14 Nov 2022 21:50:34 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5780
Cache-Control: max-age=134534
Date: Mon, 14 Nov 2022 21:50:34 GMT
Etag: "63720c1c-1d7"
Expires: Wed, 16 Nov 2022 11:12:48 GMT
Last-Modified: Mon, 14 Nov 2022 09:36:28 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1F54C0FA57EA62F131E173D4A365D6D2D4D10E0993EB69EAF9E27D3788A5DAF8"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10960
Expires: Tue, 15 Nov 2022 00:53:14 GMT
Date: Mon, 14 Nov 2022 21:50:34 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1F54C0FA57EA62F131E173D4A365D6D2D4D10E0993EB69EAF9E27D3788A5DAF8"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10960
Expires: Tue, 15 Nov 2022 00:53:14 GMT
Date: Mon, 14 Nov 2022 21:50:34 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F03b751df-18d0-4e56-8d74-5d8e8d02f241.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7494
x-amzn-requestid: b07e424a-c11e-442f-8636-e0670cb6f864
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bd8heGBtoAMFYQA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636f0e09-7dcda14e5077563d726752ae;Sampled=0
x-amzn-remapped-date: Sat, 12 Nov 2022 03:07:53 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: VXu3wEUmBJjK6YiXRFYVAuZ3h-ApKkvK1miRBXpo6faKsx8OOXu0JQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Mon, 14 Nov 2022 03:14:47 GMT
age: 66947
etag: "a49a1bf9716e32979810931d04d1f84216d096c1"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7494
Md5:    dfc7286992b2cebdf1ebb58f85576e61
Sha1:   a49a1bf9716e32979810931d04d1f84216d096c1
Sha256: 7c5288d4ae39202e00c7fd482faa10b5610d31edf0bba9fc69fa4fc1f422b837
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11715
x-amzn-requestid: 20e508bd-6568-4225-9bee-c683a49d44f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdMhUHkpIAMFfJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec13b-7dc726b94a37fc667e2e6646;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:40:11 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: X3SUo1LP97TxraRav0ftskBhzWkTJInHaS44PW26yloF-dgD-bHBuA==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 13 Nov 2022 21:52:43 GMT
age: 86271
etag: "5109c156b180727767fc03c411190ccc0d3fb5fc"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11715
Md5:    cd5bdc050716bb76afe8090fc81617e7
Sha1:   5109c156b180727767fc03c411190ccc0d3fb5fc
Sha256: 9b13e7838946c6654dda17886c2ca8d42de934acb93f4bddb1008dfa1bd1ea99
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F213417cd-cf64-4d28-ae86-bd6f16cecb3b.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9322
x-amzn-requestid: 0becd817-a29e-46bf-b9d6-2d18e12f5fe9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bjyDvE8DoAMFsiw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637163b1-5b4bf1674c4edf80458cf53f;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 21:37:53 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 6eUvvtJ48e5eRUJffmsuc9-blgv2dHt-Lsemnf-i8mLQ9CpY0Y94sQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 13 Nov 2022 22:13:29 GMT
age: 85025
etag: "35afe48832221fe42de30260b9bcb15867109031"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9322
Md5:    6f1e763f44800e4de06d69a3b2af74da
Sha1:   35afe48832221fe42de30260b9bcb15867109031
Sha256: 5f234c025d1f586b4364d2ef8c2818d3d4d441691444bb885e89f4c150b3d2a5
                                        
                                            POST / HTTP/1.1 
Host: status.geotrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1217
Cache-Control: max-age=149070
Date: Mon, 14 Nov 2022 21:50:34 GMT
Etag: "637256b7-1d7"
Expires: Wed, 16 Nov 2022 15:15:04 GMT
Last-Modified: Mon, 14 Nov 2022 14:54:47 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5797e726-229b-4f42-9376-00ae67e14407.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6535
x-amzn-requestid: 3333aa65-c0c7-4704-9af1-fb0a49f830fb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bjyDtHbhoAMFSsg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637163b1-51c3e4513240b7e5662b8e6e;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 21:37:53 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 6dTOcWIKFuo-Thf3zUH_1WY70yFyQkj3w2xPrb6Ntjf8TUFPVG-_lA==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Sun, 13 Nov 2022 22:01:14 GMT
age: 85760
etag: "6b618c3ff6e589f9e01650bd0a619acb70d8004e"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6535
Md5:    a0db3498954921b58948ad8a4e7fd49f
Sha1:   6b618c3ff6e589f9e01650bd0a619acb70d8004e
Sha256: fa3baa9e32e455ab2eeefab0c76714bf0ff5f67a5ccd7c10b3f5c21d8138c5cf
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F68733d52-6c87-4ac4-ba56-bc5f74ff782b.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9921
x-amzn-requestid: 933f6aa6-3bec-4f71-aba8-ef9e77942ae9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bjycgGB-oAMFsDQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6371644f-47d26359464b62b7276316e6;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 21:40:31 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 9DG6rCPdRRiHKrAVXztWJwZlUYYCb893lXH8YDzEMGSEUbeaVkABWw==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Sun, 13 Nov 2022 22:04:26 GMT
age: 85568
etag: "39ca30395586cf1a0a0fa739f7279af807f548a3"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   11623
Md5:    80ba15393d8d1e049d09e6187febb252
Sha1:   eb4b93997a41b334f0a39d1261ab71840084a1db
Sha256: b0e23be9c61354e13698a8b25e489d123c0b22a1152ef7ad8ba46b096e4c6d9e
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa23e03e8-7a4b-473b-801f-39322d374478.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5149
x-amzn-requestid: f9b58134-4474-4ba5-bc90-368568c30eb4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bNaeqGAZoAMF9Ww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6368712a-4f7bbb4743f15dc2471fba0c;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 02:44:58 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: R-wKxHkN3mhPg5hGlsMSmENk1tERrZrO83Ohro0OmuKUQ5bC2tgTiw==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 14 Nov 2022 08:14:40 GMT
age: 48954
etag: "bf8de6c00f579baa320456bd0e79ab80978008bc"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   5364
Md5:    1f16cae2f173901642aca3a68cca7627
Sha1:   f62e5f7bef4d63821470f1eaaf8e0c04b593268a
Sha256: 649789d1f786f4e05624bec659db7c9df55b02c7506345b6555000b76bca7374
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 14 Nov 2022 21:50:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /gtag/js?id=G-0DTZ6LRDBJ&l=dataLayer&cx=c HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.adtrue.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         142.250.74.168
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 14 Nov 2022 21:50:34 GMT
expires: Mon, 14 Nov 2022 21:50:34 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 75997
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (19102)
Size:   75997
Md5:    057337610bc8557257fe504c4870152e
Sha1:   44081ce7ffa3a2a7d2ed1199b08dc43eecbef1bd
Sha256: e853b1595cb781fc49786533c32de0eb81fa90d8b7265bf7180f5fab8be8c397
                                        
                                            POST /translator?source=prebid-client HTTP/1.1 
Host: hbopenbid.pubmatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 870
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         185.64.190.77
HTTP/2 204 No Content
                                        
access-control-allow-credentials: true
access-control-allow-origin: https://ouo.press
cache-control: no-cache, no-store, must-revalidate
date: Mon, 14 Nov 2022 21:50:34 GMT
X-Firefox-Spdy: h2

                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.adtrue.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Mon, 14 Nov 2022 20:41:09 GMT
expires: Mon, 14 Nov 2022 22:41:09 GMT
cache-control: public, max-age=7200
age: 4165
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   20039
Md5:    47e6f374ca946fddd5b59871b325736c
Sha1:   baa9282efc8785e84d247c3bff518eaa45f101c4
Sha256: 16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
                                        
                                            POST /ut/v3/prebid HTTP/1.1 
Host: ib.adnxs.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 538
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         37.252.171.22
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
                                        
Server: nginx/1.21.3
Date: Mon, 14 Nov 2022 21:50:35 GMT
Content-Length: 145
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://ouo.press
AN-X-Request-Uuid: 71a6a86b-db3b-43e6-a2f0-a8ea099c55e9
Set-Cookie: icu=ChkItZqGARAKGAEgASgBMKrwypsGOAFAAUgBEKrwypsGGAA.; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 12-Feb-2023 21:50:34 GMT; Domain=.adnxs.com; Secure; HttpOnly uuid2=832686636807827003; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 12-Feb-2023 21:50:34 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   145
Md5:    87dd1a445a7d251b1740d43a491ae591
Sha1:   01b790a20f781defbf5643afbe8c9c233349cd20
Sha256: 4a5014114068da609088958ddcd0875cf91d6cfe7fce372fa418d7d6872f9729
                                        
                                            GET /aax2/apstag.js HTTP/1.1 
Host: c.amazon-adsystem.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         54.230.111.210
HTTP/2 301 Moved Permanently
content-type: text/html
                                        
content-length: 167
location: https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
server: CloudFront
date: Sun, 13 Nov 2022 22:26:57 GMT
via: 1.1 d954dd318e06aa0e69375f36dcd819de.cloudfront.net (CloudFront), 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA60-P1, OSL50-P1
x-amz-cf-id: 4R07knKaOM_cIW-DxbLQJR-yxfEJbB0frUCMg7fdlQYRlS9SnJTE0A==
age: 84218
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   167
Md5:    f5d40b7259645010f9a248858ad14178
Sha1:   b3051d17a6ec8c9e166bf09a62b48261ab86957b
Sha256: 7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
                                        
                                            GET /npm/prebid-universal-creative@latest/dist/creative.js HTTP/1.1 
Host: cdn.jsdelivr.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         151.101.85.229
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 1.14.1
x-jsd-version-type: version
etag: W/"6c5a-y+sK0xXzH8ASLq957N20gljeHO8"
content-encoding: gzip
accept-ranges: bytes
date: Mon, 14 Nov 2022 21:50:35 GMT
age: 12414
x-served-by: cache-fra-eddf8230118-FRA, cache-bma1670-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 9244
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (27677)
Size:   9244
Md5:    644ba7e773cf65b0bad3e0bfd876fadb
Sha1:   62e327afb13b45d6bd9cdb5b77259f4c48667ca5
Sha256: 44e73c184d22730c0b64b805501bad4b2bbbfc4e6a56de8832f0e5c0a211cb52
                                        
                                            POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 14 Nov 2022 21:50:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "10C20228E41E3689C468680A12B16C8CD1A4D416"
Expires: Tue, 15 Nov 2022 08:00:00 GMT
Last-Modified: Mon, 14 Nov 2022 20:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 1488
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76a2f6addbb61c02-OSL


--- Additional Info ---
Magic:  data
Size:   1462
Md5:    b7835c2dc00b6e2bddf1ecae13aed5ac
Sha1:   5bb35112f553dc4644a7f95bb9458cb037c4ac48
Sha256: 94def6a509cb075e725069f56b4d61ce8fc402a4d0b3a7cf2b64d65d05293484
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1264
Cache-Control: max-age=113105
Date: Mon, 14 Nov 2022 21:50:35 GMT
Etag: "6371ca0c-116"
Expires: Wed, 16 Nov 2022 05:15:40 GMT
Last-Modified: Mon, 14 Nov 2022 04:54:36 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 278

                                        
                                            GET /aax2/apstag.js HTTP/1.1 
Host: d3div1mtym39ic.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ouo.press/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         54.230.245.70
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Mon, 14 Nov 2022 21:15:46 GMT
last-modified: Wed, 09 Nov 2022 20:51:49 GMT
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600
server: AmazonS3
content-encoding: br
etag: W/"fa24fe2b94a2fc864b1ec67f32e8db32"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: fVkmyzPE4g65LNoM-Mta-HpXqidUhtQtqukaM71bDLV9SAMKvHOzmA==
age: 2090
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65456)
Size:   40856
Md5:    e40e8d4e8e2aac003dd4d8dd4ca435d6
Sha1:   919f94fa04ea6ab5081265e72dd40044e211ae2e
Sha256: 65986dc744b0456e488b91223d8f491ffe0df36184071b44cc7525c467f8b605
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1264
Cache-Control: max-age=113105
Date: Mon, 14 Nov 2022 21:50:35 GMT
Etag: "6371ca0c-116"
Expires: Wed, 16 Nov 2022 05:15:40 GMT
Last-Modified: Mon, 14 Nov 2022 04:54:36 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 278

                                        
                                            POST /cdb?profileId=207&av=34&wv=6.2.0&cb=36618141772 HTTP/1.1 
Host: bidder.criteo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 490
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         178.250.2.131
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Mon, 14 Nov 2022 21:50:35 GMT
vary: Origin
server: Finatra
timing-allow-origin: *
access-control-allow-origin: https://ouo.press
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-encoding: gzip
content-length: 44
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   44
Md5:    5f1dcf53824ce88cdb7941d34db3f19d
Sha1:   4164a13e3f53e1f002606a807d64a92620720fb0
Sha256: 3a803b7520764b5266cfac90aa9f9b2ff931109f489d9a1deb24aa686c239a74
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5786
Cache-Control: max-age=103965
Date: Mon, 14 Nov 2022 21:50:35 GMT
Etag: "637194ae-1d7"
Expires: Wed, 16 Nov 2022 02:43:20 GMT
Last-Modified: Mon, 14 Nov 2022 01:06:54 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /ut/v3/prebid HTTP/1.1 
Host: ib.adnxs.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 684
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         37.252.171.22
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
                                        
Server: nginx/1.21.3
Date: Mon, 14 Nov 2022 21:50:35 GMT
Content-Length: 144
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://ouo.press
AN-X-Request-Uuid: 90c4c2d4-2e60-4fc5-a125-2232912035e1
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com

                                        
                                            POST /ut/v3/prebid HTTP/1.1 
Host: ib.adnxs.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 565
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         37.252.171.22
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
                                        
Server: nginx/1.21.3
Date: Mon, 14 Nov 2022 21:50:35 GMT
Content-Length: 145
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://ouo.press
AN-X-Request-Uuid: 10b044b9-985f-4b58-8ec5-2ffd9b59087e
Set-Cookie: icu=ChgIw6tREAoYASABKAEwq_DKmwY4AUABSAEQq_DKmwYYAA..; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 12-Feb-2023 21:50:35 GMT; Domain=.adnxs.com; Secure; HttpOnly uuid2=3196076393327319509; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 12-Feb-2023 21:50:35 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com


--- Additional Info ---
Magic:  gzip compressed data, from Unix\012- data
Size:   5834
Md5:    706a3b560e9a84e135be3b125fa29f64
Sha1:   fa51d322f934621e27c70123bf865b2057f73fd0
Sha256: 76e12c7d960622b19544cfa814d5da4e480e4f5107eb7c7657ad20186cb63f81
                                        
                                            GET /a/api/fastlane.json?account_id=18438&site_id=202928&zone_id=1317174&size_id=2&rp_schain=1.0,1!firstimpression.io,7419,1,,,&rf=https%3A%2F%2Fouo.press%2F599QOVX&kw=ouo.press%2Cshortlinks%2Clinkshortener%2CfreeURLshortener&tg_i.ref=https%3A%2F%2Fouo.press%2F599QOVX&tg_i.page=https%3A%2F%2Fouo.press%2F599QOVX&tg_i.domain=ouo.press&tg_i.figroup=a9&tk_flint=pbjs_lite_v6.2.0&x_source.tid=241fe59c-964e-4a48-9e3c-2de2fbdd5930&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.041305959588605945 HTTP/1.1 
Host: fastlane.rubiconproject.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         213.19.162.51
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Server: nginx/1.21.4
Date: Mon, 14 Nov 2022 21:50:35 GMT
Content-Length: 350
Connection: keep-alive
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Expires: Wed, 17 Sep 1975 21:32:10 GMT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://ouo.press
Pragma: no-cache
Vary: Accept-Encoding
Set-Cookie: khaos=LAHBKOVK-A-8YD7; Domain=.rubiconproject.com; Path=/; Expires=Tue, 14-Nov-2023 21:50:35 GMT; Max-Age=31536000; SameSite=None; Secure audit=1|naVuGyos1qpymDhSUTuGze9DtVM30fCg/QqPpZXCJvG7rEzOClOKtJZjSCqH74hcJhsHlJbldDdJwe9iGXKQTKZr5ZVxLWDe; Domain=.rubiconproject.com; Path=/; Expires=Tue, 14-Nov-2023 21:50:35 GMT; Max-Age=31536000; SameSite=None; Secure
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (350), with no line terminators
Size:   350
Md5:    69190fa6aa674d3be437b28a1f8abd5b
Sha1:   a7eafd90915dcb92b2d7ef809a16aed2f05206be
Sha256: 16fae8fe9f3ab67a279edfe88c8d6ba2ccfd0d44ff4fb9678c9082a9fabc5298
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 14 Nov 2022 21:50:35 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 12 Nov 2022 13:55:53 GMT
Expires: Sat, 19 Nov 2022 13:55:52 GMT
Etag: "e343ed173717c9ac3594fc7c8dc9873ee88f5f8d"
Cache-Control: max-age=402916,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76a2f6afcd3db52d-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6525
Cache-Control: max-age=92453
Date: Mon, 14 Nov 2022 21:50:35 GMT
Etag: "637164d3-139"
Expires: Tue, 15 Nov 2022 23:31:28 GMT
Last-Modified: Sun, 13 Nov 2022 21:42:43 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 313

                                        
                                            GET /cdn/prod/config?src=600&u=https%3A%2F%2Fouo.press&pubid=4cd01fd0-0780-4b33-a4da-c39467660185 HTTP/1.1 
Host: c.amazon-adsystem.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.210
HTTP/2 204 No Content
                                        
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
cache-control: max-age=21550, s-maxage=21600
date: Mon, 14 Nov 2022 20:25:59 GMT
server: Server
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 90r5wtvL5rYiBkRT-nyZO3U3T7-aAqHZvz-I7zIrc829A51MXs9jKQ==
age: 5075
X-Firefox-Spdy: h2

                                        
                                            POST /rmp/212927/0/mvo?z=1r&hbv=6.2,2.1 HTTP/1.1 
Host: tag.1rx.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 620
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         213.19.147.43
HTTP/2 204 No Content
                                        
date: Mon, 14 Nov 2022 21:50:35 GMT
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
pragma: no-cache
cache-control: private, max-age=0, no-cache, no-store
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4807
Cache-Control: max-age=162771
Date: Mon, 14 Nov 2022 21:50:35 GMT
Etag: "63727e37-138"
Expires: Wed, 16 Nov 2022 19:03:26 GMT
Last-Modified: Mon, 14 Nov 2022 17:43:19 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 312

                                        
                                            GET /e/dtb/bid?src=600&u=https%3A%2F%2Fouo.press%2F599QOVX&pid=00UQQs99jOlsH&cb=0&ws=728x90&v=22.1107.1609&t=2000&slots=%5B%7B%22sd%22%3A%2293863%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%5D&schain=1.0%2C1!firstimpression.io%2C7419%2C1%2C%2C%2C&pubid=4cd01fd0-0780-4b33-a4da-c39467660185&gdprl=%7B%22status%22%3A%22no-cmp%22%7D HTTP/1.1 
Host: aax-dtb-cf.amazon-adsystem.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         54.230.241.131
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
                                        
content-length: 165
server: Server
date: Mon, 14 Nov 2022 21:50:35 GMT
x-amz-rid: TDD4Z9087D76QMEQVYFD
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
timing-allow-origin: *
strict-transport-security: max-age=47474747; includeSubDomains; preload
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ms-5zaqwLrKtVfNJmJTdb0elLUpUoQU2mUs7GG1iCOv6KlA6Ei8vzQ==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   165
Md5:    524702d9c4ac8c61e27c3d850412f10f
Sha1:   199d4d5b602799e1a01577115d249b9707dbf37a
Sha256: 7e4302335da0ce23c817a82d8d34836aef6ef7fb136f731d4ba29a7e4d762a7b
                                        
                                            GET /dna HTTP/1.1 
Host: dnacdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         178.250.2.146
HTTP/2 200 OK
                                        
date: Mon, 14 Nov 2022 21:50:35 GMT
server: Kestrel
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=nPPixV80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3dMTEtXVW5nTmR0Mll3WURkJTJGV1hITE5WeHIlMkZpemtwcExOMGkzcVFsVTI0; expires=Sat, 09 Dec 2023 21:50:35 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 233369
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6392
Cache-Control: max-age=136622
Date: Mon, 14 Nov 2022 21:50:36 GMT
Etag: "637211e2-138"
Expires: Wed, 16 Nov 2022 11:47:38 GMT
Last-Modified: Mon, 14 Nov 2022 10:01:06 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 312

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6392
Cache-Control: max-age=136622
Date: Mon, 14 Nov 2022 21:50:36 GMT
Etag: "637211e2-138"
Expires: Wed, 16 Nov 2022 11:47:38 GMT
Last-Modified: Mon, 14 Nov 2022 10:01:06 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 312

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "2C3C1BEC39DBEB3E9AC92ED750F28ED5DE134B1756B3EFCAB866608657EF866C"
Last-Modified: Mon, 14 Nov 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6009
Expires: Mon, 14 Nov 2022 23:30:45 GMT
Date: Mon, 14 Nov 2022 21:50:36 GMT
Connection: keep-alive

                                        
                                            POST /gsgccr3dvtlsca2020 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 14 Nov 2022 21:50:36 GMT
Content-Length: 1414
Connection: keep-alive
Expires: Fri, 18 Nov 2022 18:20:47 GMT
ETag: "5b1da9165cd25591c4efa72e0a718fdcd9c200a9"
Last-Modified: Mon, 14 Nov 2022 18:20:48 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3100
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76a2f6b7fd951c02-OSL


--- Additional Info ---
Magic:  data
Size:   1414
Md5:    5ae52e1db106ffcaa0b1e45624ece37a
Sha1:   5b1da9165cd25591c4efa72e0a718fdcd9c200a9
Sha256: cd5b084933919b5fc27f092d1b4770401b749fc8f2e361c27d57550e24904390
                                        
                                            POST /g/v2/806.json HTTP/1.1 
Host: id5-sync.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 195
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         141.95.98.65
HTTP/1.1 200
content-type: application/json;charset=UTF-8
                                        
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
transfer-encoding: chunked
date: Mon, 14 Nov 2022 21:50:35 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   216
Md5:    28bf205f989698d54c7a9f2eabc94f8e
Sha1:   7bf36ea1aecae56cc9dbcc4d161ea044d3e3f39b
Sha256: b5b6b294240e5faf701285a78cf0f0320fff916bb5c57ef23117776fefbf6896
                                        
                                            GET /track/rid?ttd_pid=pubmatic&fmt=json HTTP/1.1 
Host: match.adsrvr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         15.197.193.217
HTTP/2 500 Internal Server Error
content-type: text/html; charset=utf-8
                                        
date: Mon, 14 Nov 2022 21:50:36 GMT
content-length: 3495
cache-control: private
x-aspnet-version: 4.0.30319
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (379), with CRLF line terminators
Size:   3495
Md5:    9f725a31fe780e5ea72b653e7c615636
Sha1:   8dc2f425fa0808b7e95ac12e4ab9331eb405f8a9
Sha256: 1de262be26d4ed1c9c57765cc0d7d8f486202876cdeaa3b3cd2817ae3a47c2dc
                                        
                                            POST / HTTP/1.1 
Host: ocsp.godaddy.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         192.124.249.23
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Sucuri/Cloudproxy
Date: Mon, 14 Nov 2022 21:50:36 GMT
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 14 Nov 2022 21:21:16 GMT
Expires: Tue, 15 Nov 2022 21:21:16 GMT
ETag: "764b649a691c4b6bcd93ede1db8322d6600ce3a2"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"


--- Additional Info ---
Magic:  data
Size:   1777
Md5:    09d3a62c169f77d5d799943cc4455c22
Sha1:   764b649a691c4b6bcd93ede1db8322d6600ce3a2
Sha256: 285ed1f8925b074f8991c09435f29cdb411bc19a9d2ba8a6428b8f98f915552c
                                        
                                            GET /id HTTP/1.1 
Host: id.crwdcntrl.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         3.248.87.83
HTTP/2 200 OK
content-type: application/json;charset=utf-8
                                        
date: Mon, 14 Nov 2022 21:50:36 GMT
content-length: 43
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.2.30
access-control-allow-credentials: true
access-control-allow-origin: https://ouo.press
server: Jetty(9.4.38.v20210224)
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   43
Md5:    90eeff5111bbbdce769d4130cc3cca3c
Sha1:   d62886c1a85d51814cb7f124761c5e6aca6d8933
Sha256: a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 14 Nov 2022 21:50:36 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 13 Nov 2022 02:41:37 GMT
Expires: Sun, 20 Nov 2022 02:41:36 GMT
Etag: "ef7551f02d61e49ccbbd7c76687225092d8cea28"
Cache-Control: max-age=448859,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76a2f6b79c17b52d-OSL

                                        
                                            GET /api/identity/envelope?pid=1258 HTTP/1.1 
Host: api.rlcdn.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.133.55
HTTP/2 401 Unauthorized
content-type: text/plain; charset=utf-8
                                        
x-content-type-options: nosniff
date: Mon, 14 Nov 2022 21:50:36 GMT
content-length: 19
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   19
Md5:    63dfbd2b39fe4f536a04e7b32ada47b4
Sha1:   207298c4a215ad5d97d888522927910ae772ba48
Sha256: 26e51290d12b4fea0bb98da3ed118837b744555ba723061771ab3df30000b6b7
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 14 Nov 2022 21:50:37 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 13 Nov 2022 02:41:37 GMT
Expires: Sun, 20 Nov 2022 02:41:36 GMT
Etag: "ef7551f02d61e49ccbbd7c76687225092d8cea28"
Cache-Control: max-age=448858,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76a2f6b94db7b52d-OSL

                                        
                                            GET /AdServer/js/user_sync.html?kdntuid=1&p=155495 HTTP/1.1 
Host: ads.pubmatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.200.201
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
server: Apache
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5549
cache-control: max-age=82280
expires: Tue, 15 Nov 2022 20:41:58 GMT
date: Mon, 14 Nov 2022 21:50:38 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document, ASCII text, with very long lines (15844), with no line terminators
Size:   5549
Md5:    7725e8e949141c8ded449d86975d4c04
Sha1:   8cd8c314a2002cc26f821d331ab9512f52a551a2
Sha256: a0c49aacf6f552bce544eb8516404f696918253cd934a6404ebeafd71f8780ae
                                        
                                            GET /AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB HTTP/1.1 
Host: image6.pubmatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.pubmatic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

search
                                         198.47.127.19
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
cache-control: private
expires: Sun, 12 Feb 2023 13:43:38 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Mon, 14 Nov 2022 21:50:37 GMT
content-length: 60
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   60
Md5:    cb512b8cf00e072a48c37abcfcb7521b
Sha1:   82a591f071b3bc93ebd7262c0050dce1828f5d65
Sha256: d1c966d64cdfae3a6bf85f1121ddef3d421a190b5f3def65b8d287a38a8456ad
                                        
                                            GET /AdServer/js/cl_partner.html?pid=2&gdpr=0&gdpr_consent=&rdu=https%3A%2F%2Fsimage4.pubmatic.com%2FAdServer%2FSPug%3Fo%3D3%26u%3D618C1A3C-1D21-4537-8249-5C9995BBC093%26vcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%23%23P_UID HTTP/1.1 
Host: ads.pubmatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simage4.pubmatic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers

search
                                         23.38.200.201
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: Apache
last-modified: Wed, 17 Aug 2016 09:36:32 GMT
etag: "fa18f0-6b8-53a413358bd01"
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 953
cache-control: max-age=166628
expires: Wed, 16 Nov 2022 20:07:46 GMT
date: Mon, 14 Nov 2022 21:50:38 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document, ASCII text, with very long lines (1720), with no line terminators
Size:   953
Md5:    499546dec064c08e4c7c354bab138f7f
Sha1:   f155d071d071e4e7c1d45e22943915df9d9f2b75
Sha256: 1a9219bc3962479cfa6ff0ca64e2f810aab8b816ae4f937b252d0ca044d693b4
                                        
                                            GET /newidsd HTTP/1.1 
Host: ag.gbc.criteo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

search
                                         178.250.6.237
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Mon, 14 Nov 2022 21:50:35 GMT
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 93268
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /AdServer/SPug?o=1&p=155495&sc=1&u=618C1A3C-1D21-4537-8249-5C9995BBC093&rs=3&gdpr=0&gdpr_consent=&us_privacy= HTTP/1.1 
Host: simage4.pubmatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site

search
                                         198.47.127.20
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
server: nginx
date: Mon, 14 Nov 2022 21:50:37 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1 
Host: ouo.press
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/599QOVX
Cookie: ouoio_session=eyJpdiI6Imh2cU1FV1E1UzZkXC9BTkkrVFhsMTQrWVY4M1FJTzE1N1BPSDErWmczWVlVPSIsInZhbHVlIjoicGp1S3BNRGtWM3dGMk11Y2lPUWprTGhQREdTSlEzbTRmYnRLTXFwMzZSK0lraXNQRmp3Q1wveFhncjJTa0xlbjFaRnRjYXFjQTA2c2YxRG9pSHp0c1wvUT09IiwibWFjIjoiMTQzMjRkMDZjM2QzNmJkNDg2YzE4YTI0NzhlNDE2OWYzNjQ5ZGU2ZWZhYjAyYmM5NWIwYmYzMTBmZjYyODgxNSJ9; language=eyJpdiI6IlFMZmtNck5PMGc4dnVRZGEwWGlQcmpYUnhMTjJnTnNxd3AzcTk5enExaW89IiwidmFsdWUiOiIrc1l6UStydGd6Q0R2THA5K3ZvVnJQV0pRakJHWllVbzI5bmNKQWJyais4PSIsIm1hYyI6ImJlNzZkODE5MDIyM2M0NmIxMDhjOTY2OWM1Nzg4NjcwM2ViNDMzMjFkZjdhNzZmYzkwNjJhNmE0YTdlMjZkMzQifQ%3D%3D; 4d7629e91c7ced43a05241f90a078681f28dc2ac=eyJpdiI6IkExeGxIV2VFV01vZnFNUmhEeHJjRmdWWW9vS1U1RjRQdEpXc29HbVNcL1gwPSIsInZhbHVlIjoiRzlkZ2o4WStBRHRDNUVMZ0EzSjBDVlZiaGtLQnZPXC9FdzRUOVIzK09qaE82dTFxZW5tWjR2WThSeVRaYjhwQlhrK2Q3NU1yVVpyS05NQ2JIVVVYa3hncGlRWit0OGRsUnZrQ0lZSHAxamRBcFNyTFwvMnFtcjFzZWcwVTUxZFRld3ZkY3dmSHRzNWFTVG0yYThiVnhKVDRaYmlXbGlcL0dQQnVxaVd3T3diTytRNEkrdmRCWjR0TUtzdjdBZ0JhWGVRNm1zVTdXa2dicXdmVjkyNFZCVHBkT1pOaDgrQlliNldJTTZQNDN3cCtcL1NZT2ZmeEl6UnI3dzJ6QzdJSmtBWWp0VmJFTHk2ZlRCZXA5TVNYanNoWmdFdXZLeHdHcFB0OXFoZjRMbURNQnF5VEFKb1VFVmFGQXpjN0dUV0RjWEt5Smx6dys5ZlRNQllzajVvZnh2SGpQdnQ3VHUrWlppTkZjeDVieFU1Z3NZb1hFZ1RcL3o1YnpVSEdqcG9cL2NCUEFrIiwibWFjIjoiZWI2MGEwYmQxNmY4MWY2MWIwYTgxMmJlNWU1YjQzN2NjZjc2YzM4YjQxYTU1OGE0NDc5YmU2NjNkMWFmMGM5YSJ9; __cf_bm=m1VhDvahQ2aL3Nc3chd3GBPA3KVmCQKhzfKjoVZc6jo-1668462633-0-AVNZRmNOoF3xzmV68neLcSPl5U2wUHuvbDrxCuyTTEeHAUUl5WpBj35kQLIt51X4tvVT6sVu/LnvEmHeROOe3pg=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         172.67.22.15
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Mon, 14 Nov 2022 21:50:33 GMT
last-modified: Wed, 09 Nov 2022 12:52:00 GMT
etag: W/"636ba270-4d7"
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a2f6a499d3fab8-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Wed, 16 Nov 2022 21:50:33 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /static/js/fiamp.js HTTP/1.1 
Host: ecdn.firstimpression.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.77
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx/1.20.0
last-modified: Fri, 08 Apr 2022 08:48:22 GMT
access-control-allow-origin: *
content-encoding: gzip
date: Mon, 14 Nov 2022 21:29:55 GMT
expires: Mon, 14 Nov 2022 22:29:54 GMT
cache-control: max-age=3600
etag: W/"624ff6d6-1b8e9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Jxh5MyW84SgybmgXZOFThtejAkeuAHcHQxwV9Fi9cUhzkfgVxprBwQ==
age: 1241
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            POST /delivery/lg.php?bannerid=65637%7C65638%7C65639%7C83411%7C93863%7C100721&campaignid=18%7C15%7C9%7C44%7C43%7C22&zoneid=110459%7C110459%7C110459%7C110459%7C110459%7C110459 HTTP/1.1 
Host: cdn.firstimpression.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Cookie: OAID=GDPR
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.77
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Mon, 14 Nov 2022 21:50:35 GMT
server: nginx/1.20.0
vary: Accept-Encoding
x-powered-by: PHP/8.0.14
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
expires: 0
access-control-allow-origin: https://ouo.press
p3p: CP="CUR ADM OUR NOR STA NID"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: sEcaWH9R5xByVI9_NrrbDXpMRCcdC6tIRGEnC0LNfKpITABuoNMwWw==
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /bao-csm/aps-comm/aps_csm.js HTTP/1.1 
Host: c.amazon-adsystem.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.210
HTTP/2 200 OK
content-type: application/javascript
                                        
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 08 Nov 2022 20:12:15 GMT
x-amz-version-id: 73Lfxs6DHpOgTaZAZUymb39ifEt2PRR2
server: AmazonS3
content-encoding: gzip
date: Mon, 14 Nov 2022 02:44:52 GMT
cache-control: public, max-age=86400
etag: W/"a4d296427fc806b21335359e398c025c"
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: zaaMzwJYyjMKI6aklotm98wKtZ4Vf5a5bO4cLhK44glKqA7JysczMw==
age: 69440
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /js/ld/publishertag.prebid.123.js HTTP/1.1 
Host: static.criteo.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         178.250.2.130
HTTP/2 200 OK
content-type: text/javascript
                                        
server: nginx
date: Mon, 14 Nov 2022 21:50:35 GMT
last-modified: Tue, 03 May 2022 11:21:03 GMT
etag: W/"6271101f-15b58"
expires: Tue, 15 Nov 2022 21:50:35 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /js/ld/publishertag.prebid.js HTTP/1.1 
Host: static.criteo.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         178.250.2.130
HTTP/2 200 OK
content-type: text/javascript
                                        
server: nginx
date: Mon, 14 Nov 2022 21:50:35 GMT
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
etag: W/"6356752f-16294"
expires: Tue, 15 Nov 2022 21:50:35 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            OPTIONS /sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&pbt=1&lsw=1 HTTP/1.1 
Host: gum.criteo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://ouo.press/
Origin: https://ouo.press
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         178.250.0.157
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Mon, 14 Nov 2022 21:50:38 GMT
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://ouo.press
server-processing-duration-in-ticks: 416139
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /599QOVX HTTP/1.1 
Host: ouo.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         104.22.22.162
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
                                        
date: Mon, 14 Nov 2022 21:50:33 GMT
location: https://ouo.press/599QOVX
cache-control: no-cache
set-cookie: ouoio_session=eyJpdiI6IkxqaEFlVHdyZjR2RDRScDd6M3BzcDdiNHNqXC9DSTRKUnYwZCtiaXBRWGljPSIsInZhbHVlIjoiT1F3d3lIdURuTFhKdnVIMFllZG1TSUt1UVhKR21CbkV3VWxYelZXSHNtMFNNU0hPTElvVGdoTElScUlLSHZvXC9rdVduZER1UjZDWGtGNGQ4b2x1emFBPT0iLCJtYWMiOiIwM2EzODYzNzcxMTllZmE5ZGJiMDg1MGNjNjA3OTViNGQ0MTM0NjNjMGM2N2NhOTdkZWVlZDg1ZTMyNmRkYTkzIn0%3D; path=/; httponly language=eyJpdiI6IlRvNzFsOUFNQUdYVVFcLzU3VEdVWFJhSThSbWxMKzlVWnRxZWp5alJ2UWhFPSIsInZhbHVlIjoiS2F6MDJFNmwrMyt4VzljWlVObDZDU0U4QzA3OTFwVXpKQW5JYmZIN0R5OD0iLCJtYWMiOiI0M2JkMWU5MTM2N2RjZmY5MGVhZjQ3YjdiMWVmMzgyOTg1NmExZjVkMGU1MWEwNTYwNjE5OTY0YzQyZjgxNzFjIn0%3D; expires=Sat, 13-Nov-2027 21:50:32 GMT; Max-Age=157680000; path=/; httponly 65bc586a098acfb7111ffacdd76fe94955a11ab2=eyJpdiI6ImVCZDQwZFZkN1FqSDBlZkh3ek5mOHlmN1ljRVRKeTVYOGR6alh2UW5Jd1E9IiwidmFsdWUiOiJnOUhXdW9rb3hOV1NOa1IwTU1FVUNxY1wvZHkxOEpBRWFFZnZpZHpjZDJlWHNjeGsxZGtLd1pSY05SZXhuR3crd0hOZ2tiK3JHakhWN1M3ODhqc21kblVOQklVNk1tell5R3NkUUtCOUNVNmRtK2VcL0E4YlJRK09tdGU0NWNlNm5rcTg0VXFaNUdlbGpZVUtCcG1KVlZ0UHI4Y1lqcHBOVWFWNnluMFVUY0Ezb09SS0x5dTcyTHpWYVUwUjlGYncxYVVTR1hRXC80XC82VXl4TG5OWVQ5OGVJbmNYdVhkTVIxUWFlMSszRFA2RXNpMnJ1empzTGR5WVdjRTFRYkw4dW53RVI2dWprdXc3Vkd0anVBMVdTN2drV1FHNkJ0WlFVaDVwMExmdTlTUm5Ec0krTTNWSVRERHN1XC9GdnFMc2JwWVVcL2NwM0JUWXJLMnhnUUFsZjFoYUNcL1pBPT0iLCJtYWMiOiIxMjUxZGViYzY4MTNiM2ZmZTliMDcxMjFjNGVjZDlkMDI1YTViNGIwOWE3OGM3YTU2NTc0MzQ3OTFlYzQ5N2M1In0%3D; expires=Mon, 14-Nov-2022 23:50:32 GMT; Max-Age=7200; path=/; httponly
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 76a2f69e1d7c1bfa-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /rtb/async.js HTTP/1.1 
Host: cdn.adtrue.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         172.67.144.172
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Mon, 14 Nov 2022 21:50:33 GMT
last-modified: Mon, 16 Nov 2020 01:20:45 GMT
etag: W/"5fb1d3ed-1c9f"
expires: Sun, 24 Sep 2023 03:46:20 GMT
cache-control: max-age=31104000
access-control-allow-origin: *
cf-cache-status: HIT
age: 4039453
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F2l%2BsjsQn3iR1tgq1zMFqsSs00E7RmcBUrHFmY4B76rmEuD%2Fo%2BLlGn9qPIK5VgIIZPRystr%2F7s9gO2OoCzQh3wH7LubxTXRQANysEmASELZw4MStf4Hd3%2Bl0SVlJZtA%2FRA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a2f6a4cf160b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /fi_client.js HTTP/1.1 
Host: ecdn.firstimpression.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         54.230.111.77
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Mon, 14 Nov 2022 21:21:19 GMT
server: nginx/1.20.0
x-powered-by: PHP/8.0.14
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 21:21:19 UTC
etag: W/"98824344fb4888d2dc1b8b95f5887ff6"
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: SfbQ6VLeahDV_zIE1ipIapeAOA-Q9hj3skOk-khkIdgfn_MKASM5TA==
age: 1754
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            OPTIONS /sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1 HTTP/1.1 
Host: gum.criteo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://ouo.press/
Origin: https://ouo.press
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         178.250.0.157
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Mon, 14 Nov 2022 21:50:34 GMT
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://ouo.press
server-processing-duration-in-ticks: 465389
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1 HTTP/1.1 
Host: gum.criteo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         178.250.0.157
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Mon, 14 Nov 2022 21:50:34 GMT
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://ouo.press
server-processing-duration-in-ticks: 1249691
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /sid/json?origin=publishertag&domain=ouo.press&sn=FirefoxSyncframe&so=3&topUrl=ouo.press&bundle=GLP7sF9tT3JEM2tDJTJCRCUyQlhTcVVERGxDZXQ0JTJCNFVsR3NOUndJMnhnYkNqbTk3ckMlMkJHQXpZaTNpYjh3QXZKQTk1V2UxaSUyQkJEcElFWXZHYVFyem9QTnlxd2RXa1BGeVpWMEdRYzhFNEZ1UHkwd2dVUXklMkZId0ZDY0g2RW9DUGJsdUVzMDFOZg&info=xpaQvF80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3dMTEtXVW5nTmR0Mll3WURkJTJGV1hISnVqdzkyYndhMiUyRnQlMkJEdmwlMkZBS3Y0Wg&idsd=1513114532,785303690&cw=1&lsw=1 HTTP/1.1 
Host: gum.criteo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ouo.press
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         178.250.0.157
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Mon, 14 Nov 2022 21:50:35 GMT
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 1546798
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /599QOVX HTTP/1.1 
Host: ouo.press
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         172.67.22.15
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Mon, 14 Nov 2022 21:50:33 GMT
cache-control: no-cache
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
set-cookie: ouoio_session=eyJpdiI6Imh2cU1FV1E1UzZkXC9BTkkrVFhsMTQrWVY4M1FJTzE1N1BPSDErWmczWVlVPSIsInZhbHVlIjoicGp1S3BNRGtWM3dGMk11Y2lPUWprTGhQREdTSlEzbTRmYnRLTXFwMzZSK0lraXNQRmp3Q1wveFhncjJTa0xlbjFaRnRjYXFjQTA2c2YxRG9pSHp0c1wvUT09IiwibWFjIjoiMTQzMjRkMDZjM2QzNmJkNDg2YzE4YTI0NzhlNDE2OWYzNjQ5ZGU2ZWZhYjAyYmM5NWIwYmYzMTBmZjYyODgxNSJ9; path=/; httponly language=eyJpdiI6IlFMZmtNck5PMGc4dnVRZGEwWGlQcmpYUnhMTjJnTnNxd3AzcTk5enExaW89IiwidmFsdWUiOiIrc1l6UStydGd6Q0R2THA5K3ZvVnJQV0pRakJHWllVbzI5bmNKQWJyais4PSIsIm1hYyI6ImJlNzZkODE5MDIyM2M0NmIxMDhjOTY2OWM1Nzg4NjcwM2ViNDMzMjFkZjdhNzZmYzkwNjJhNmE0YTdlMjZkMzQifQ%3D%3D; expires=Sat, 13-Nov-2027 21:50:33 GMT; Max-Age=157680000; path=/; httponly 4d7629e91c7ced43a05241f90a078681f28dc2ac=eyJpdiI6IkExeGxIV2VFV01vZnFNUmhEeHJjRmdWWW9vS1U1RjRQdEpXc29HbVNcL1gwPSIsInZhbHVlIjoiRzlkZ2o4WStBRHRDNUVMZ0EzSjBDVlZiaGtLQnZPXC9FdzRUOVIzK09qaE82dTFxZW5tWjR2WThSeVRaYjhwQlhrK2Q3NU1yVVpyS05NQ2JIVVVYa3hncGlRWit0OGRsUnZrQ0lZSHAxamRBcFNyTFwvMnFtcjFzZWcwVTUxZFRld3ZkY3dmSHRzNWFTVG0yYThiVnhKVDRaYmlXbGlcL0dQQnVxaVd3T3diTytRNEkrdmRCWjR0TUtzdjdBZ0JhWGVRNm1zVTdXa2dicXdmVjkyNFZCVHBkT1pOaDgrQlliNldJTTZQNDN3cCtcL1NZT2ZmeEl6UnI3dzJ6QzdJSmtBWWp0VmJFTHk2ZlRCZXA5TVNYanNoWmdFdXZLeHdHcFB0OXFoZjRMbURNQnF5VEFKb1VFVmFGQXpjN0dUV0RjWEt5Smx6dys5ZlRNQllzajVvZnh2SGpQdnQ3VHUrWlppTkZjeDVieFU1Z3NZb1hFZ1RcL3o1YnpVSEdqcG9cL2NCUEFrIiwibWFjIjoiZWI2MGEwYmQxNmY4MWY2MWIwYTgxMmJlNWU1YjQzN2NjZjc2YzM4YjQxYTU1OGE0NDc5YmU2NjNkMWFmMGM5YSJ9; expires=Mon, 14-Nov-2022 23:50:33 GMT; Max-Age=7200; path=/; httponly __cf_bm=m1VhDvahQ2aL3Nc3chd3GBPA3KVmCQKhzfKjoVZc6jo-1668462633-0-AVNZRmNOoF3xzmV68neLcSPl5U2wUHuvbDrxCuyTTEeHAUUl5WpBj35kQLIt51X4tvVT6sVu/LnvEmHeROOe3pg=; path=/; expires=Mon, 14-Nov-22 22:20:33 GMT; domain=.ouo.press; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 76a2f6a16fb9fab8-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /static/js/prebidamp.js HTTP/1.1 
Host: ecdn.firstimpression.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.77
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx/1.20.0
last-modified: Tue, 14 Dec 2021 15:30:51 GMT
access-control-allow-origin: *
content-encoding: gzip
date: Mon, 14 Nov 2022 21:08:59 GMT
expires: Mon, 14 Nov 2022 22:08:59 GMT
cache-control: max-age=3600
etag: W/"61b8b8ab-4e128"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: u4HqnJbIaqE_pa-JClVS3hc-vuYzA1YLP-7p8bco-h4wQFUXcIP6zg==
age: 2496
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /dna HTTP/1.1 
Host: dnacdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=nPPixV80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3dMTEtXVW5nTmR0Mll3WURkJTJGV1hITE5WeHIlMkZpemtwcExOMGkzcVFsVTI0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         178.250.2.146
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Mon, 14 Nov 2022 21:50:35 GMT
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=xpaQvF80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3dMTEtXVW5nTmR0Mll3WURkJTJGV1hISnVqdzkyYndhMiUyRnQlMkJEdmwlMkZBS3Y0Wg; expires=Sat, 09 Dec 2023 21:50:36 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 426049
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /newidsd HTTP/1.1 
Host: gem.gbc.criteo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

search
                                         185.235.84.149
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Mon, 14 Nov 2022 21:50:35 GMT
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 86118
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&pbt=1&lsw=1 HTTP/1.1 
Host: gum.criteo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         178.250.0.157
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Mon, 14 Nov 2022 21:50:37 GMT
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://ouo.press
server-processing-duration-in-ticks: 1157641
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---