Overview

URLouo.io/l6f7zP
IP 104.22.23.162 ()
ASN#13335 CLOUDFLARENET
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-11-18 00:02:03 UTC
StatusLoading report..
IDS alerts0
Blocklist alert1
urlquery alerts No alerts detected
Tags None

Domain Summary (52)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
r3.o.lencr.org (7) 344 No data No data 23.36.76.226
itineraryupper.com (1) 280787 2020-07-23 02:40:11 UTC 2022-11-16 13:28:23 UTC 173.233.137.52
widgets.outbrain.com (1) 1272 2012-05-22 16:25:59 UTC 2021-09-19 11:36:18 UTC 23.38.201.81
bidder.criteo.com (2) 750 2017-01-30 05:01:16 UTC 2020-04-04 21:53:35 UTC 178.250.2.131
image6.pubmatic.com (1) 637 2015-10-14 10:06:42 UTC 2020-04-15 04:23:13 UTC 185.64.189.115
hhklc.com (1) 0 2022-06-12 16:30:56 UTC 2022-11-17 19:03:51 UTC 104.21.70.122 Unknown ranking
ocsp.digicert.com (13) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-11-17 17:43:19 UTC 142.250.74.10
www.gstatic.com (1) 0 2016-07-26 09:37:06 UTC 2022-11-17 17:41:03 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
status.geotrust.com (2) 3662 2018-06-23 22:14:44 UTC 2020-01-21 11:48:52 UTC 93.184.220.29
ocsp.godaddy.com (1) 698 2012-05-20 19:28:57 UTC 2020-05-02 20:58:10 UTC 192.124.249.22
ag.gbc.criteo.com (1) 5925 2018-12-17 13:17:41 UTC 2019-12-16 16:26:43 UTC 185.235.84.220
jsc.adskeeper.com (2) 31191 2020-07-04 10:58:29 UTC 2022-11-17 11:48:57 UTC 172.64.151.192
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
ouo.press (6) 89754 2016-10-08 20:09:51 UTC 2022-11-17 05:43:01 UTC 104.22.58.251
cdn.adtrue.com (1) 52823 2017-08-21 09:17:37 UTC 2022-11-16 13:28:07 UTC 172.64.160.3
tv.gourdycortes.com (1) 0 No data No data 172.255.6.48 Unknown ranking
ad.doubleclick.net (1) 186 2013-05-06 20:24:43 UTC 2022-11-17 10:13:50 UTC 142.250.74.102
fptadtrue-d.openx.net (1) 50626 2017-10-16 10:35:43 UTC 2022-11-17 23:19:10 UTC 34.98.64.218
www.google-analytics.com (1) 40 2012-10-03 01:04:21 UTC 2022-11-17 17:40:59 UTC 142.250.74.174
tag.1rx.io (1) 1330 2017-01-30 04:25:47 UTC 2022-11-17 14:17:24 UTC 213.19.147.42
api.rlcdn.com (1) 791 2018-09-26 05:12:06 UTC 2022-11-17 14:17:21 UTC 34.120.133.55
simage4.pubmatic.com (1) 1129 2013-08-22 13:21:53 UTC 2020-05-04 02:07:07 UTC 198.47.127.20
static.criteo.net (2) 652 2012-05-22 17:01:05 UTC 2020-04-10 07:40:42 UTC 178.250.0.130
www.google.com (1) 7 2016-03-22 03:56:07 UTC 2022-11-17 14:44:45 UTC 142.250.74.164
cdn.jsdelivr.net (1) 439 2012-09-30 00:15:09 UTC 2020-08-10 12:12:39 UTC 151.101.85.229
ocsp.sectigo.com (3) 487 2019-11-29 11:50:24 UTC 2021-09-17 20:05:40 UTC 172.64.155.188
dnacdn.net (2) 3760 2019-09-02 15:07:45 UTC 2022-11-17 21:16:34 UTC 178.250.2.146
ouo.io (2) 50761 2015-02-15 06:06:38 UTC 2022-11-17 05:53:33 UTC 104.22.22.162
aax-dtb-cf.amazon-adsystem.com (1) 0 No data No data 54.230.241.131 Domain (amazon-adsystem.com) ranked at: 3190
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-11-17 05:55:30 UTC 34.102.187.140
fonts.gstatic.com (1) 0 2014-09-09 00:40:21 UTC 2022-11-17 16:05:12 UTC 216.58.207.195 Domain (gstatic.com) ranked at: 540
ecdn.firstimpression.io (3) 18146 2021-02-01 12:00:32 UTC 2022-11-17 11:24:04 UTC 54.230.111.77
cdn.firstimpression.io (5) 18692 2021-01-14 07:12:29 UTC 2022-11-17 11:24:05 UTC 54.230.111.77
c.amazon-adsystem.com (3) 300 2013-12-19 15:10:01 UTC 2020-03-20 03:39:56 UTC 54.230.111.210
ocsp.globalsign.com (1) 2075 2012-07-20 17:46:16 UTC 2020-05-02 20:58:10 UTC 104.18.21.226
ib.adnxs.com (2) 241 2013-11-13 21:17:09 UTC 2020-03-22 02:54:33 UTC 37.252.173.215
id.crwdcntrl.net (1) 1695 2020-11-30 15:11:25 UTC 2022-11-17 11:24:08 UTC 3.248.87.83
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 35.161.136.21
ocsp.pki.goog (9) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.35
ads.pubmatic.com (2) 469 2012-10-30 07:42:53 UTC 2020-05-06 07:34:52 UTC 23.38.200.201
img-getpocket.cdn.mozilla.net (6) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
match.adsrvr.org (1) 349 2014-10-06 17:59:33 UTC 2022-11-17 07:13:28 UTC 3.33.220.150
gem.gbc.criteo.com (1) 6039 2019-02-05 12:48:26 UTC 2019-12-16 15:58:47 UTC 178.250.6.103
ouo.io (2) 50761 2015-02-15 06:06:38 UTC 2022-11-17 05:53:33 UTC 104.22.23.162
gum.criteo.com (6) 381 2015-01-22 10:58:57 UTC 2020-03-06 00:06:09 UTC 178.250.2.146
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-17 05:55:20 UTC 34.117.237.239
www.googletagmanager.com (1) 75 2013-05-22 02:07:37 UTC 2022-11-17 23:25:35 UTC 142.250.74.168
hbopenbid.pubmatic.com (1) 455 2018-07-06 23:21:41 UTC 2020-04-30 22:02:20 UTC 185.64.190.77
fastlane.rubiconproject.com (1) 459 2018-06-14 02:15:35 UTC 2019-11-13 04:41:44 UTC 213.19.162.31
id5-sync.com (1) 504 2017-04-26 01:01:49 UTC 2022-11-17 17:06:08 UTC 162.19.138.118
d3div1mtym39ic.cloudfront.net (1) 0 2022-11-15 23:40:03 UTC 2022-11-17 22:18:52 UTC 54.230.245.230 Unknown ranking

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-11-18 2 itineraryupper.com/ed/36/01/ed36014633829dc70a42dccaefdf3f11.js Malware

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 104.22.23.162
Date UQ / IDS / BL URL IP
2023-02-04 23:18:04 +0000 0 - 6 - 0 ouo.io/kfclB0 104.22.23.162
2023-02-04 21:01:04 +0000 0 - 7 - 0 ouo.io/hX3Ybwh 104.22.23.162
2023-02-04 07:04:37 +0000 0 - 0 - 3 ouo.io/ZehDaM 104.22.23.162
2023-02-04 02:04:41 +0000 0 - 5 - 0 ouo.io/R8aPS5 104.22.23.162
2023-02-03 18:01:04 +0000 0 - 7 - 0 ouo.io/KvYdi1 104.22.23.162


Last 5 reports on ASN: CLOUDFLARENET
Date UQ / IDS / BL URL IP
2023-02-05 07:26:23 +0000 0 - 3 - 0 goo.su/NrYKt 172.67.139.105
2023-02-05 07:24:33 +0000 3 - 1 - 10 ntutdc1995.com/wp-content/plugins/advanced-fl (...) 104.26.1.51
2023-02-05 07:23:18 +0000 0 - 2 - 2 prelands.vikolo.live/meta/India/hammer/mens-club/ 104.21.28.242
2023-02-05 07:21:13 +0000 0 - 1 - 0 cdn.discordapp.com/attachments/10633959135796 (...) 162.159.135.233
2023-02-05 07:20:16 +0000 0 - 1 - 2 www.jacquieetmichelelite.com/ 104.19.129.59


Last 5 reports on domain: ouo.io
Date UQ / IDS / BL URL IP
2023-02-05 07:01:01 +0000 0 - 6 - 0 ouo.io/6htoBEh 172.67.6.151
2023-02-04 23:18:07 +0000 0 - 7 - 0 ouo.io/KQCoxY 172.67.6.151
2023-02-04 23:18:04 +0000 0 - 6 - 0 ouo.io/kfclB0 104.22.23.162
2023-02-04 21:01:04 +0000 0 - 7 - 0 ouo.io/hX3Ybwh 104.22.23.162
2023-02-04 19:03:58 +0000 0 - 7 - 0 ouo.io/TBrkwIH 172.67.6.151


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2022-11-27 23:09:45 +0000 0 - 0 - 8 ouo.press/rX618eN 104.22.59.251
2022-11-17 23:19:17 +0000 0 - 0 - 1 ouo.press/Y1Mh4my 104.22.59.251
2022-11-15 07:28:20 +0000 0 - 0 - 1 ouo.io/PRvPzF 172.67.6.151
2022-11-14 21:53:15 +0000 0 - 0 - 1 ouo.io/599QOVX 104.22.23.162
2022-11-14 00:06:18 +0000 0 - 0 - 1 ouo.io/4srK5m 104.22.22.162

JavaScript

Executed Scripts (40)

Executed Evals (35)
#1 JavaScript::Eval (size: 20134) - SHA256: 48116d8cd2feeeae60c0b4743647ca1812974116cf8540a44c05f2232413439c
(function() {
    var z = this || self,
        bo = function(b, I, K, O) {
            (K = P((O = P(b), b)), x)(K, b, v(I, Z(O, b)))
        },
        R8 = function(b, I, K) {
            if ("object" == (I = typeof b, I))
                if (b) {
                    if (b instanceof Array) return "array";
                    if (b instanceof Object) return I;
                    if ("[object Window]" == (K = Object.prototype.toString.call(b), K)) return "object";
                    if ("[object Array]" == K || "number" == typeof b.length && "undefined" != typeof b.splice && "undefined" != typeof b.propertyIsEnumerable && !b.propertyIsEnumerable("splice")) return "array";
                    if ("[object Function]" == K || "undefined" != typeof b.call && "undefined" != typeof b.propertyIsEnumerable && !b.propertyIsEnumerable("call")) return "function"
                } else return "null";
            else if ("function" == I && "undefined" == typeof b.call) return "object";
            return I
        },
        Z = function(b, I) {
            if (void 0 === (I = I.K[b], I)) throw [D, 30, b];
            if (I.value) return I.create();
            return I.create(1 * b * b + -48 * b + -64), I.prototype
        },
        f = function(b, I) {
            I.s = ((I.s ? I.s + "~" : "E:") + b.message + ":" + b.stack).slice(0, 2048)
        },
        I8 = function(b, I) {
            (I.push(b[0] << 24 | b[1] << 16 | b[2] << 8 | b[3]), I.push(b[4] << 24 | b[5] << 16 | b[6] << 8 | b[7]), I).push(b[8] << 24 | b[9] << 16 | b[10] << 8 | b[11])
        },
        O1 = function(b, I, K, O) {
            function y() {}
            return {
                invoke: (O = K2(b, (K = void 0, function(R) {
                    y && (I && J(I), K = R, y(), y = void 0)
                }), !!I)[0], function(R, w, q, N) {
                    function u() {
                        K(function(M) {
                            J(function() {
                                R(M)
                            })
                        }, q)
                    }
                    if (!w) return w = O(q), R && R(w), w;
                    K ? u() : (N = y, y = function() {
                        (N(), J)(u)
                    })
                })
            }
        },
        yj = function(b, I, K, O) {
            return Z(356, (k(319, (wl(b, (O = Z(319, b), b.H && O < b.j ? (k(319, b, b.j), qO(b, K)) : k(319, b, K), I)), b), O), b))
        },
        A = function(b, I, K, O, y, R, w, q, N) {
            if (O.L += ((w = (y = (N = (R = (q = (K || O.i++, 0 < O.P && O.I) && O.KI && 1 >= O.v && !O.C && !O.g && (!K || 1 < O.Z - b) && 0 == document.hidden, 4 == O.i)) || q ? O.D() : O.F, N - O.F), y >> 14), O.V) && (O.V ^= w * (y << 2)), O.A = w || O.A, w), R || q) O.F = N, O.i = 0;
            if (!q || N - O.X < O.P - (I ? 255 : K ? 5 : 2)) return false;
            return (k((I = Z((O.Z = b, K ? 351 : 319), O), 319), O, O.j), O.R).push([zJ, I, K ? b + 1 : b]), O.g = J, true
        },
        io = function(b, I) {
            return I[b] << 24 | I[(b | 0) + 1] << 16 | I[(b | 0) + 2] << 8 | I[(b | 0) + 3]
        },
        qO = function(b, I) {
            k(319, ((b.rt.push(b.K.slice()), b).K[319] = void 0, b), I)
        },
        V = function(b, I, K) {
            I[k(K, b, I), uo] = 2796
        },
        JW = function(b, I, K, O, y) {
            for ((b.pI = MO(b.h, ((b.kG = (b.fI = b[E], o8), b).Q2 = PW, {get: function() {
                        return this.concat()
                    }
                })), b).ju = p[b.h](b.pI, {
                    value: {
                        value: {}
                    }
                }), y = [], O = 0; 128 > O; O++) y[O] = String.fromCharCode(O);
            C(true, true, (l(((l([(V(b, (V(b, function(R, w) {
                (w = Z(P(R), R), qO)(R.A, w)
            }, (V(b, function(R, w, q, N) {
                k((w = g((N = P(R), R)), q = P(R), q), R, Z(N, R) >>> w)
            }, (k(97, (V((V(b, (k(230, b, (V(b, (b.uf = (k((k(162, b, (V(b, function(R, w, q, N) {
                (N = Z((w = (q = (w = P(R), N = P(R), P(R)), Z)(w, R), N), R), k)(q, R, +(w == N))
            }, (V(b, (V((V(b, (V(b, (V(b, (V(b, function(R) {
                bo(R, 1)
            }, (k(17, ((V(b, (b.HZ = (V(b, function(R, w) {
                R = (w = P(R), Z(w, R.A)), R[0].removeEventListener(R[1], R[2], c)
            }, (k(507, b, (V(b, function(R, w, q, N, u, M, H) {
                for (u = (q = Z(92, (w = (H = mj((N = P(R), R)), ""), R)), q.length), M = 0; H--;) M = ((M | 0) + (mj(R) | 0)) % u, w += y[q[M]];
                k(N, R, w)
            }, ((V(b, ((V((k((k(366, (k(356, b, (V(b, (V(b, (V(b, (V((k(182, (k(305, (k((b.Su = (V(b, (V(b, function(R, w, q) {
                A(w, false, true, R) || (w = P(R), q = P(R), k(q, R, function(N) {
                    return eval(N)
                }(xP(Z(w, R.A)))))
            }, (V(b, function(R) {
                HW(R, 4)
            }, (k((b.s = (b.DP = (b.L = 1, b.G = void 0, b.rt = [], b.KI = false, (b.W = void 0, b.Y = 0, b.X = (b.o = (b.A = b, []), b.l = (b.v = 0, O = (b.g = null, b.j = 0, (b.S = (b.N = false, void 0), b.wt = 0, window).performance) || {}, (b.P = 0, b).I = !(b.Z = 8001, 1), b.H = [], []), (b.i = void 0, b.U = 25, b.C = void 0, b.R = [], (b.V = void 0, b).RQ = function(R) {
                this.A = R
            }, b).K = [], 0), (b.F = 0, O).timeOrigin || (O.timing || {}).navigationStart) || 0), void 0), 319), b, 0), k(351, b, 0), 475)), 168)), function(R, w, q) {
                0 != (q = Z((w = P(R), q = P(R), q), R), Z(w, R)) && k(319, R, q)
            }), 342), 0), 253), b, []), b), b), b), 0), b), function(R) {
                bo(R, 4)
            }, 267), function(R, w, q, N, u) {
                (q = (u = Z((w = Z((u = P((q = (N = (w = P(R), P)(R), P)(R), R)), w), R.A), u), R), N = Z(N, R), Z)(q, R), 0) !== w && (q = vW(1, R, u, q, w, N), w.addEventListener(N, q, c), k(182, R, [w, N, q]))
            }), 261), function(R, w, q, N, u) {
                (w = (q = P((N = (u = P(R), P)(R), R)), P(R)), q = Z(q, R), w = Z(w, R), N = Z(N, R), k)(u, R, vW(w, R, q, N))
            }), 222), function(R, w, q, N) {
                (w = P((N = (q = P(R), P)(R), R)), k)(w, R, Z(q, R) || Z(N, R))
            }), 381), {})), b), 0), 270), b, z), b), function(R) {
                Zb(R, 3)
            }, 395), V)(b, function(R, w, q) {
                k((q = Z((w = P((q = P(R), R)), q), R), q = R8(q), w), R, q)
            }, 405), function(R, w, q, N) {
                !A(w, false, true, R) && (w = rl(R), q = w.J, N = w.AN, R.A == R || q == R.RQ && N == R) && (k(w.aQ, R, q.apply(N, w.O)), R.F = R.D())
            }), 234), V)(b, function(R) {
                Zb(R, 4)
            }, 203), 335)), [160, 0, 0])), 206)), 0), function() {}), 503), V)(b, function(R, w, q, N, u, M, H, r, m, L, X, G) {
                function Q(n, h) {
                    for (; q < n;) G |= g(R) << q, q += 8;
                    return h = G & (1 << n) - 1, q -= n, G >>= n, h
                }
                for (X = (L = (q = G = (M = P(R), 0), (Q(3) | 0) + 1), u = Q(5), N = 0), m = []; N < u; N++) H = Q(1), m.push(H), X += H ? 0 : 1;
                for (X = (w = (N = ((X | 0) - 1).toString(2).length, []), 0); X < u; X++) m[X] || (w[X] = Q(N));
                for (N = 0; N < u; N++) m[N] && (w[N] = P(R));
                for (r = []; L--;) r.push(Z(P(R), R));
                V(R, function(n, h, Y, NO, t) {
                    for (h = (NO = [], 0), Y = []; h < u; h++) {
                        if (t = w[h], !m[h]) {
                            for (; t >= Y.length;) Y.push(P(n));
                            t = Y[t]
                        }
                        NO.push(t)
                    }
                    n.S = Db(n, (n.C = Db(n, r.slice()), NO))
                }, M)
            }, 94), b), []), 367)), function(R, w, q, N) {
                (N = Z((q = Z((w = (q = P(R), P)(R), q), R), w), R), k)(w, R, N + q)
            }), 58), function(R, w, q, N, u, M) {
                if (!A(w, true, true, R)) {
                    if ("object" == R8((R = Z((M = (w = (M = (q = (w = (N = P(R), P)(R), P(R)), P(R)), Z)(w, R), Z)(M, R), q = Z(q, R), N), R), R))) {
                        for (u in N = [], R) N.push(u);
                        R = N
                    }
                    for (N = (u = (q = 0 < q ? q : 1, 0), R).length; u < N; u += q) w(R.slice(u, (u | 0) + (q | 0)), M)
                }
            }), 341), function(R, w, q, N) {
                if (w = R.rt.pop()) {
                    for (q = g(R); 0 < q; q--) N = P(R), w[N] = R.K[N];
                    R.K = (w[253] = R.K[253], w[97] = R.K[97], w)
                } else k(319, R, R.j)
            }), 327), b), function(R, w, q) {
                w = P(R), q = P(R), k(q, R, "" + Z(w, R))
            }, 455), function(R, w, q, N, u) {
                for (q = (u = P(R), w = mj(R), N = [], 0); q < w; q++) N.push(g(R));
                k(u, R, N)
            }), 34), 117)), T)(4)), 205), b, 524), 0), function(R, w, q, N) {
                N = (w = P((q = (N = P(R), P(R)), R)), Z(N, R)), q = Z(q, R), k(w, R, N in q | 0)
            }), 79), [0, 0, 0])), function(R, w, q, N, u) {
                (q = (u = (N = P(R), P(R)), P)(R), R).A == R && (q = Z(q, R), w = Z(N, R), u = Z(u, R), w[u] = q, 377 == N && (R.G = void 0, 2 == u && (R.V = B(32, R, false), R.G = void 0)))
            }), 474), b), function(R, w, q, N, u, M) {
                A(w, false, true, R) || (N = rl(R.A), w = N.AN, M = N.O, q = N.J, u = M.length, N = N.aQ, w = 0 == u ? new w[q] : 1 == u ? new w[q](M[0]) : 2 == u ? new w[q](M[0], M[1]) : 3 == u ? new w[q](M[0], M[1], M[2]) : 4 == u ? new w[q](M[0], M[1], M[2], M[3]) : 2(), k(N, R, w))
            }, 317), b), 2048), 89)), 473)), function(R, w, q, N) {
                k((N = (q = Z((w = P((N = (q = P(R), P(R)), R)), q), R), Z(N, R)), w), R, q[N])
            }), 380), uo)], b), l)([S, I], b), [f2, K]), b), b))
        },
        l = function(b, I) {
            I.R.splice(0, 0, b)
        },
        XO = function(b, I, K, O) {
            try {
                O = b[((I | 0) + 2) % 3], b[I] = (b[I] | 0) - (b[((I | 0) + 1) % 3] | 0) - (O | 0) ^ (1 == I ? O << K : O >>> K)
            } catch (y) {
                throw y;
            }
        },
        n2 = function(b, I, K) {
            if (3 == b.length) {
                for (K = 0; 3 > K; K++) I[K] += b[K];
                for (b = [13, 8, 13, 12, 16, 5, 3, 10, 15], K = 0; 9 > K; K++) I[3](I, K % 3, b[K])
            }
        },
        GJ = function(b, I, K, O, y) {
            for (y = (K = K[3] | (O = K[2] | 0, 0), 0); 14 > y; y++) I = I >>> 8 | I << 24, I += b | 0, K = K >>> 8 | K << 24, b = b << 3 | b >>> 29, I ^= O + 2298, K += O | 0, K ^= y + 2298, b ^= I, O = O << 3 | O >>> 29, O ^= K;
            return [b >>> 24 & 255, b >>> 16 & 255, b >>> 8 & 255, b >>> 0 & 255, I >>> 24 & 255, I >>> 16 & 255, I >>> 8 & 255, I >>> 0 & 255]
        },
        v = function(b, I, K, O) {
            for (K = (b | 0) - 1, O = []; 0 <= K; K--) O[(b | 0) - 1 - (K | 0)] = I >> 8 * K & 255;
            return O
        },
        wl = function(b, I, K, O, y, R) {
            if (!b.s) {
                b.v++;
                try {
                    for (R = (y = (K = b.j, void 0), 0); --I;) try {
                        if ((O = void 0, b).C) y = hW(b, b.C);
                        else {
                            if (R = Z(319, b), R >= K) break;
                            O = P((k(351, b, R), b)), y = Z(O, b)
                        }
                        A((y && y[$P] & 2048 ? y(b, I) : e([D, 21, O], b, 0), I), false, false, b)
                    } catch (w) {
                        Z(205, b) ? e(w, b, 22) : k(205, b, w)
                    }
                    if (!I) {
                        if (b.CI) {
                            b.v--, wl(b, 216630971487);
                            return
                        }
                        e([D, 33], b, 0)
                    }
                } catch (w) {
                    try {
                        e(w, b, 22)
                    } catch (q) {
                        f(q, b)
                    }
                }
                b.v--
            }
        },
        rl = function(b, I, K, O, y, R) {
            for (R = (K = ((O = (I = b[kP] || {}, P(b)), I.aQ = P(b), I).O = [], b.A == b ? (g(b) | 0) - 1 : 1), P(b)), y = 0; y < K; y++) I.O.push(P(b));
            for (; K--;) I.O[K] = Z(I.O[K], b);
            return (I.J = Z(O, b), I).AN = Z(R, b), I
        },
        vW = function(b, I, K, O, y, R) {
            function w() {
                if (I.A == I) {
                    if (I.K) {
                        var q = [F, O, K, void 0, y, R, arguments];
                        if (2 == b) var N = C(false, false, (l(q, I), I));
                        else if (1 == b) {
                            var u = !I.R.length;
                            (l(q, I), u) && C(false, false, I)
                        } else N = AW(I, q);
                        return N
                    }
                    y && R && y.removeEventListener(R, w, c)
                }
            }
            return w
        },
        E1 = function(b, I, K, O, y, R, w, q) {
            return O = [-9, -48, 48, 29, -71, -79, O, -95, 27, 81], R = Vj, q = b & 7, y = p[K.h](K.pI), y[K.h] = function(N) {
                q += (w = N, 6 + 7 * b), q &= 7
            }, y.concat = function(N) {
                return (w = (N = (N = -46 * I * I * w - -2208 * I * w + (N = I % 16 + 1, 1 * I * I * N) + q + 46 * w * w + O[q + 27 & 7] * I * N - -2944 * w + (R() | 0) * N - N * w, O)[N], void 0), O[(q + 21 & 7) + (b & 2)] = N, O)[q + (b & 2)] = -48, N
            }, y
        },
        C = function(b, I, K, O, y, R) {
            if (K.R.length) {
                K.I = (K.KI = (K.I && 0(), b), true);
                try {
                    y = K.D(), K.F = y, K.X = y, K.i = 0, O = p2(b, K), R = K.D() - K.X, K.Y += R, R < (I ? 0 : 10) || 0 >= K.U-- || (R = Math.floor(R), K.o.push(254 >= R ? R : 254))
                } finally {
                    K.I = false
                }
                return O
            }
        },
        J = z.requestIdleCallback ? function(b) {
            requestIdleCallback(function() {
                b()
            }, {
                timeout: 4
            })
        } : z.setImmediate ? function(b) {
            setImmediate(b)
        } : function(b) {
            setTimeout(b, 0)
        },
        e = function(b, I, K, O, y, R) {
            if (!I.N) {
                if ((b = (K = (0 == (R = Z(253, ((O = void 0, b) && b[0] === D && (O = b[2], K = b[1], b = void 0), I)), R).length && (y = Z(351, I) >> 3, R.push(K, y >> 8 & 255, y & 255), void 0 != O && R.push(O & 255)), ""), b && (b.message && (K += b.message), b.stack && (K += ":" + b.stack)), Z)(97, I), 3) < b) {
                    I.A = (K = (b -= (K = K.slice(0, (b | 0) - 3), (K.length | 0) + 3), Qj)(K), O = I.A, I);
                    try {
                        x(162, I, v(2, K.length).concat(K), 9)
                    } finally {
                        I.A = O
                    }
                }
                k(97, I, b)
            }
        },
        HW = function(b, I, K, O) {
            for (K = (O = P(b), 0); 0 < I; I--) K = K << 8 | g(b);
            k(O, b, K)
        },
        FO = function(b, I) {
            return I(function(K) {
                K(b)
            }), [function() {
                return b
            }]
        },
        cW = function(b, I, K) {
            return I.B(function(O) {
                K = O
            }, false, b), K
        },
        x = function(b, I, K, O, y, R) {
            if (I.A == I)
                for (R = Z(b, I), 162 == b ? (b = function(w, q, N, u) {
                        if ((u = (q = R.length, (q | 0) - 4 >> 3), R.hN) != u) {
                            u = (u << (N = [0, 0, y[R.hN = u, 1], y[2]], 3)) - 4;
                            try {
                                R.bf = GJ(io(u, R), io((u | 0) + 4, R), N)
                            } catch (M) {
                                throw M;
                            }
                        }
                        R.push(R.bf[q & 7] ^ w)
                    }, y = Z(230, I)) : b = function(w) {
                        R.push(w)
                    }, O && b(O & 255), I = K.length, O = 0; O < I; O++) b(K[O])
        },
        TJ = function(b, I) {
            if ((I = (b = null, z).trustedTypes, !I) || !I.createPolicy) return b;
            try {
                b = I.createPolicy("bg", {
                    createHTML: gl,
                    createScript: gl,
                    createScriptURL: gl
                })
            } catch (K) {
                z.console && z.console.error(K.message)
            }
            return b
        },
        p2 = function(b, I, K, O) {
            for (; I.R.length;) {
                K = (I.g = null, I).R.pop();
                try {
                    O = AW(I, K)
                } catch (y) {
                    f(y, I)
                }
                if (b && I.g) {
                    b = I.g, b(function() {
                        C(true, true, I)
                    });
                    break
                }
            }
            return O
        },
        AW = function(b, I, K, O, y) {
            if (O = I[0], O == W) b.U = 25, b.u(I);
            else if (O == E) {
                K = I[1];
                try {
                    y = b.s || b.u(I)
                } catch (R) {
                    f(R, b), y = b.s
                }
                K(y)
            } else if (O == zJ) b.u(I);
            else if (O == S) b.u(I);
            else if (O == f2) {
                try {
                    for (y = 0; y < b.l.length; y++) try {
                        K = b.l[y], K[0][K[1]](K[2])
                    } catch (R) {}
                } catch (R) {}(0, I[b.l = [], 1])(function(R, w) {
                    b.B(R, true, w)
                }, function(R) {
                    l([$P], (R = !b.R.length, b)), R && C(true, false, b)
                })
            } else {
                if (O == F) return y = I[2], k(332, b, I[6]), k(356, b, y), b.u(I);
                O == $P ? (b.H = [], b.K = null, b.o = []) : O == uo && "loading" === z.document.readyState && (b.g = function(R, w) {
                    function q() {
                        w || (w = true, R())
                    }
                    z.document.addEventListener("DOMContentLoaded", q, (w = false, c)), z.addEventListener("load", q, c)
                })
            }
        },
        MO = function(b, I) {
            return p[b](p.prototype, {
                pop: I,
                call: I,
                splice: I,
                document: I,
                replace: I,
                prototype: I,
                length: I,
                propertyIsEnumerable: I,
                floor: I,
                console: I,
                parent: I,
                stack: I
            })
        },
        Db = function(b, I, K) {
            return K = p[b.h](b.ju), K[b.h] = function() {
                return I
            }, K.concat = function(O) {
                I = O
            }, K
        },
        a, Zb = function(b, I, K, O, y) {
            (((y = (K = P((I &= (O = I & 3, 4), y = P(b), b)), Z)(y, b), I) && (y = Qj("" + y)), O) && x(K, b, v(2, y.length)), x)(K, b, y)
        },
        B = function(b, I, K, O, y, R, w, q, N, u, M, H, r, m) {
            if ((r = Z(319, I), r) >= I.j) throw [D, 31];
            for (w = r, u = (H = I.fI.length, b), q = 0; 0 < u;) M = w % 8, R = 8 - (M | 0), N = w >> 3, R = R < u ? R : u, O = I.H[N], K && (y = I, y.G != w >> 6 && (y.G = w >> 6, m = Z(377, y), y.W = GJ(y.V, y.G, [0, 0, m[1], m[2]])), O ^= I.W[N & H]), q |= (O >> 8 - (M | 0) - (R | 0) & (1 << R) - 1) << (u | 0) - (R | 0), w += R, u -= R;
            return k(319, I, (K = q, (r | 0) + (b | 0))), K
        },
        P = function(b, I) {
            if (b.C) return hW(b, b.S);
            return (I = B(8, b, true), I) & 128 && (I ^= 128, b = B(2, b, true), I = (I << 2) + (b | 0)), I
        },
        d, k = function(b, I, K) {
            if (319 == b || 351 == b) I.K[b] ? I.K[b].concat(K) : I.K[b] = Db(I, K);
            else {
                if (I.N && 377 != b) return;
                507 == b || 162 == b || 17 == b || 253 == b || 230 == b ? I.K[b] || (I.K[b] = E1(54, b, I, K)) : I.K[b] = E1(137, b, I, K)
            }
            377 == b && (I.V = B(32, I, false), I.G = void 0)
        },
        Qj = function(b, I, K, O, y) {
            for (y = (I = K = (b = b.replace(/\r\n/g, "\n"), 0), []); I < b.length; I++) O = b.charCodeAt(I), 128 > O ? y[K++] = O : (2048 > O ? y[K++] = O >> 6 | 192 : (55296 == (O & 64512) && I + 1 < b.length && 56320 == (b.charCodeAt(I + 1) & 64512) ? (O = 65536 + ((O & 1023) << 10) + (b.charCodeAt(++I) & 1023), y[K++] = O >> 18 | 240, y[K++] = O >> 12 & 63 | 128) : y[K++] = O >> 12 | 224, y[K++] = O >> 6 & 63 | 128), y[K++] = O & 63 | 128);
            return y
        },
        g = function(b) {
            return b.C ? hW(b, b.S) : B(8, b, true)
        },
        T = function(b, I) {
            for (I = []; b--;) I.push(255 * Math.random() | 0);
            return I
        },
        mj = function(b, I) {
            return (I = g(b), I) & 128 && (I = I & 127 | g(b) << 7), I
        },
        K2 = function(b, I, K, O) {
            return (O = d[b.substring(0, 3) + "_"]) ? O(b.substring(3), I, K) : FO(b, I)
        },
        c = {
            passive: true,
            capture: true
        },
        gl = function(b) {
            return b
        },
        U = function(b, I, K) {
            K = this;
            try {
                JW(this, b, I)
            } catch (O) {
                f(O, this), I(function(y) {
                    y(K.s)
                })
            }
        },
        hW = function(b, I) {
            return (I = I.create().shift(), b.C.create().length || b.S.create().length) || (b.C = void 0, b.S = void 0), I
        },
        kP = String.fromCharCode(105, 110, 116, 101, 103, 67, 104, 101, 99, 107, 66, 121, 112, 97, 115, 115),
        zJ = [],
        f2 = [],
        $P = ((U.prototype.FY = void 0, U).prototype.T = "toString", U.prototype.CI = false, []),
        W = (U.prototype.eu = void 0, []),
        E = [],
        S = [],
        uo = [],
        D = {},
        F = [],
        p = (((I8, T, XO, function() {})(n2), U.prototype).h = "create", D.constructor),
        Vj = ((a = U.prototype, a.nI = function(b, I, K, O, y, R) {
            for (R = [], K = O = 0; K < b.length; K++)
                for (O += I, y = y << I | b[K]; 7 < O;) O -= 8, R.push(y >> O & 255);
            return R
        }, a).GP = function(b, I, K) {
            return b ^ ((I = (I ^= I << 13, I ^= I >> 17, (I ^ I << 5) & K)) || (I = 1), I)
        }, void 0),
        PW = (((a.D = (a.B = (a.Mm = function() {
            return Math.floor(this.Y + (this.D() - this.X))
        }, a.dt = function() {
            return Math.floor(this.D())
        }, a.Oj = function(b, I, K, O, y) {
            for (y = O = 0; y < b.length; y++) O += b.charCodeAt(y), O += O << 10, O ^= O >> 6;
            return O = (b = (O += O << 3, O ^= O >> 11, O) + (O << 15) >>> 0, new Number(b & (1 << I) - 1)), O[0] = (b >>> I) % K, O
        }, function(b, I, K, O, y) {
            if (K = "array" === R8(K) ? K : [K], this.s) b(this.s);
            else try {
                y = [], O = !this.R.length, l([W, y, K], this), l([E, b, y], this), I && !O || C(I, true, this)
            } catch (R) {
                f(R, this), b(this.s)
            }
        }), (window.performance || {}).now ? function() {
            return this.DP + window.performance.now()
        } : function() {
            return +new Date
        }), U.prototype.u = function(b, I) {
            return Vj = (I = (b = {}, {}), function() {
                    return I == b ? -64 : -17
                }),
                function(K, O, y, R, w, q, N, u, M, H, r, m, L, X, G) {
                    I = (u = I, b);
                    try {
                        if (y = K[0], y == S) {
                            L = K[1];
                            try {
                                for (M = H = (R = (q = atob(L), []), 0); H < q.length; H++) O = q.charCodeAt(H), 255 < O && (R[M++] = O & 255, O >>= 8), R[M++] = O;
                                this.H = R, this.j = this.H.length << 3, k(377, this, [0, 0, 0])
                            } catch (Q) {
                                e(Q, this, 17);
                                return
                            }
                            wl(this, 8001)
                        } else if (y == W) K[1].push(Z(97, this), Z(162, this).length, Z(17, this).length, Z(507, this).length), k(356, this, K[2]), this.K[376] && yj(this, 8001, Z(376, this));
                        else {
                            if (y == E) {
                                (X = (G = v(2, ((H = K[2], Z(507, this)).length | 0) + 2), this).A, this).A = this;
                                try {
                                    w = Z(253, this), 0 < w.length && x(507, this, v(2, w.length).concat(w), 10), x(507, this, v(1, this.L), 109), x(507, this, v(1, this[E].length)), q = 0, N = Z(162, this), q += Z(366, this) & 2047, q -= (Z(507, this).length | 0) + 5, 4 < N.length && (q -= (N.length | 0) + 3), 0 < q && x(507, this, v(2, q).concat(T(q)), 15), 4 < N.length && x(507, this, v(2, N.length).concat(N), 156)
                                } finally {
                                    this.A = X
                                }
                                if (r = ((M = T(2).concat(Z(507, this)), M)[1] = M[0] ^ 6, M[3] = M[1] ^ G[0], M[4] = M[1] ^ G[1], this).sj(M)) r = "!" + r;
                                else
                                    for (q = 0, r = ""; q < M.length; q++) m = M[q][this.T](16), 1 == m.length && (m = "0" + m), r += m;
                                return Z(507, (Z(((k(97, (R = r, this), H.shift()), Z)(162, this).length = H.shift(), 17), this).length = H.shift(), this)).length = H.shift(), R
                            }
                            if (y == zJ) yj(this, K[2], K[1]);
                            else if (y == F) return yj(this, 8001, K[1])
                        }
                    } finally {
                        I = u
                    }
                }
        }(), U.prototype).V2 = 0, U.prototype).sj = function(b, I, K, O) {
            if (I = window.btoa) {
                for (O = (K = 0, ""); K < b.length; K += 8192) O += String.fromCharCode.apply(null, b.slice(K, K + 8192));
                b = I(O).replace(/\+/g, "-").replace(/\//g, "_").replace(/=/g, "")
            } else b = void 0;
            return b
        }, U.prototype.XY = 0, /./),
        o8, BW = S.pop.bind((U.prototype[f2] = [0, 0, 1, 1, 0, 1, 1], U.prototype[W])),
        xP = (o8 = MO(U.prototype.h, (PW[U.prototype.T] = BW, {get: BW
        })), U.prototype.gt = void 0, function(b, I) {
            return (I = TJ()) && 1 === b.eval(I.createScript("1")) ? function(K) {
                return I.createScript(K)
            } : function(K) {
                return "" + K
            }
        }(z));
    (40 < (d = z.botguard || (z.botguard = {}), d.m) || (d.m = 41, d.bg = O1, d.a = K2), d).LDL_ = function(b, I, K) {
        return [(K = new U(b, I), function(O) {
            return cW(O, K)
        })]
    };
}).call(this);
#2 JavaScript::Eval (size: 25) - SHA256: cfd8889f26f46323b63c7766e414faf4a4171cc959c4c2b2e6a64c0ec3edf13f
this.context['CryptoKey']
#3 JavaScript::Eval (size: 26) - SHA256: 59d45abada49f5b514521b527330402a2d826ae3f0dab2199c58c38f1e511777
this.context['TouchEvent']
#4 JavaScript::Eval (size: 33) - SHA256: 92cc9c48ca7d897742a37b1578ba7c99e9d9c405fced233bb9a3270ef84fddfc
this.context['DeviceMotionEvent']
#5 JavaScript::Eval (size: 46) - SHA256: e218a1ac15f252350ef2646dead414bf35db450215962e63da301cb7c3f064eb
this.context['navigator']['webkitGetGamepads']
#6 JavaScript::Eval (size: 21) - SHA256: 37ceb2a749341c51c7b8c25daaa71dc167b4aba7485c9b398b8ab004b685e492
this.context['Touch']
#7 JavaScript::Eval (size: 22) - SHA256: c4e7ca158015332be1df536c970a209b44cb4744fae720ed1caaefdc87f37f93
0,
function(R) {
    HW(R, 1)
}
#8 JavaScript::Eval (size: 42) - SHA256: 2fc752a40595d1d6681e6be3ebd8f44cdda99876ff9ee19fe654647a6a11415e
this.context['ApplicationCacheErrorEvent']
#9 JavaScript::Eval (size: 22) - SHA256: c624a79f9c72c617d0ed1ad3207a67a39f6243071e14c4ebeace5dcff97313a3
this.context['Entity']
#10 JavaScript::Eval (size: 28) - SHA256: fca3cd5a7ca3a44b75f81e0c169fe599fb48741835c83b5616e304b3f722522b
this.context['AnalyserNode']
#11 JavaScript::Eval (size: 36) - SHA256: 2d498779a32244d72a8a7d953918ce95c00fab9d3b129b2a1c3125fb263ccb45
this.context['self']['SharedWorker']
#12 JavaScript::Eval (size: 45) - SHA256: e44d38f746ee1fa3b3ef03ed6ea3f298c25e173b6daea3c4505afce8bb869508
this.context['CanvasCaptureMediaStreamTrack']
#13 JavaScript::Eval (size: 6482) - SHA256: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
var amzn_aps_csm = amzn_aps_csm || {};
amzn_aps_csm.errors = [], amzn_aps_csm.reportErrors = function(a) {
        var b, c;
        for (/^https?:\/\//.test(a) === !1 && (a = document.location.protocol + "//" + a), "/" !== a.substr(a.length - 1) && (a += "/"), b = 0; b < amzn_aps_csm.errors.length; b++) c = '{"adViewability":[{"error": {"m": "' + amzn_aps_csm.errors[b] + '"}}], "c": "aps_communicator", "api": "RTB", "error": 1}', "https:" === document.location.protocol && /^http:\/\//.test(a) === !0 && (a = a.replace("http://", "https://")), (new Image).src = a + c + "?cb=" + Math.round(1e7 * Math.random());
        amzn_aps_csm.errors = []
    },
    function(a) {
        function b(a) {
            return a ? a.replace(/^\s+|\s+$/g, "") : a
        }

        function c(a) {
            if (a && a.s) {
                var b, c = a.s.length > 0 ? a.s[0] : "",
                    d = a.s.length > 1 ? a.s[1] : "";
                c && (b = c.match(j)), b && 3 === b.length || !d || (b = d.match(i)), b && 3 === b.length && (a.f = b[1], a.l = b[2])
            }
        }

        function d(a, d) {
            if (d = d || {}, !a) return {};
            a.m && a.m.message && (a = a.m);
            var i, j, k, l, m, n = {
                    m: e(a, d),
                    c: a.c ? "" + a.c : a.c,
                    s: [],
                    l: a.l || a.line || a.lineno || a.lineNumber,
                    name: a.name,
                    type: a.type
                },
                o = 0,
                p = 0;
            if (i = a.stack || (a.err ? a.err.stack : ""), i && i.split)
                for (j = i.split("\n"); o < j.length && n.s.length < g;) k = j[o++], k && n.s.unshift(b(k));
            else
                for (l = f(a.args || arguments, "callee"), o = 0, p = 0; l && g > o;) m = h, l.skipTrace || (k = l.toString(), k && k.substr && (m = 0 === p ? 4 * h : m, m = 1 === p ? 2 * h : m, n.s.unshift(k.substr(0, m)), p++)), l = f(l, "caller"), o++;
            return !n.f && n.s.length > 0 && c(n), n
        }

        function e(a, b) {
            var c = b.m || b.message || "";
            return c += a.m && a.m.message ? a.m.message : a.m && a.m.target && a.m.target.tagName ? "Error handler invoked by " + a.m.target.tagName + " tag" : a.m ? a.m : a.message ? a.message : "Unknown error"
        }

        function f(a, b) {
            try {
                return a[b]
            } catch (c) {
                return ""
            }
        }
        var g = 20,
            h = 256,
            i = /\(?([^\s]*):(\d+):\d+\)?/,
            j = /.*@(.*):(\d*)/;
        a.constructErrorMessage = d
    }(amzn_aps_csm), window.JSON || (window.JSON = {
        parse: function(sJSON) {
            return eval("(" + sJSON + ")")
        },
        stringify: function() {
            var a = Object.prototype.toString,
                b = Array.isArray || function(b) {
                    return "[object Array]" === a.call(b)
                },
                c = {
                    '"': '\\"',
                    "\\": "\\\\",
                    "\b": "\\b",
                    "\f": "\\f",
                    "\n": "\\n",
                    "\r": "\\r",
                    "	": "\\t"
                },
                d = function(a) {
                    return c[a] || "\\u" + (a.charCodeAt(0) + 65536).toString(16).substr(1)
                },
                e = /[\\"\u0000-\u001F\u2028\u2029]/g;
            return function f(c) {
                var g, h, i, j;
                if (null == c) return "null";
                if ("number" == typeof c) return isFinite(c) ? c.toString() : "null";
                if ("boolean" == typeof c) return c.toString();
                if ("object" == typeof c) {
                    if ("function" == typeof c.toJSON) return f(c.toJSON());
                    if (b(c)) {
                        for (g = "[", h = 0; h < c.length; h++) g += (h ? ", " : "") + f(c[h]);
                        return g + "]"
                    }
                    if ("[object Object]" === a.call(c)) {
                        i = [];
                        for (j in c) c.hasOwnProperty(j) && i.push(f(j) + ": " + f(c[j]));
                        return "{" + i.join(", ") + "}"
                    }
                }
                return '"' + c.toString().replace(e, d) + '"'
            }
        }()
    }), amzn_aps_csm = amzn_aps_csm || {}, amzn_aps_csm.log = function(a) {
        try {
            -1 !== window.location.href.indexOf("csm_debug_mode") && window.console && window.console.log(a)
        } catch (b) {
            b.message && amzn_aps_csm.errors.push(b.message)
        }
    }, amzn_aps_csm.loadModules = function(a) {
        var b, c, d;
        try {
            for (b = 0; b < a.length; b++) {
                if (c = a[b].name, d = a[b].params || [], window.performance && window.performance.mark && "function" == typeof window.performance.mark && window.performance.mark("loadStart" + c), "[object Array]" !== Object.prototype.toString.call(d) && amzn_aps_csm.log("Params passed in the amzn_aps_csm.loadModules methods must be an array"), amzn_aps_csm[c]) {
                    if (void 0 === amzn_aps_csm[c].shortName) throw new amzn_aps_csm.invalidModuleException("Module shortName not defined for module " + c + ". ");
                    amzn_aps_csm[c].init.apply(amzn_aps_csm[c], d), amzn_aps_csm.log("Initiated " + c + " module")
                } else amzn_aps_csm.log("Undefined module " + c);
                window.performance && window.performance.mark && "function" == typeof window.performance.mark && (window.performance.mark("loadEnd" + c), window.performance.measure("lt" + amzn_aps_csm[c].shortName, "loadStart" + c, "loadEnd" + c))
            }
        } catch (e) {
            e.message && amzn_aps_csm.errors.push(e.message)
        }
    }, amzn_aps_csm.define = function(a) {
        var b, c, d, e, f, g, h, i;
        try {
            for (b = function(a) {
                    return "string" == typeof a ? amzn_aps_csm[a] : a
                }, c = Array.prototype.slice.call(arguments), d = c[0], e = c.length > 2 ? c[1] : [], f = c[c.length - 1], g = [], h = 0, i = e.length; i > h; h++) g.push(b(e[h]));
            amzn_aps_csm[d] = f.apply(f, g)
        } catch (j) {
            j.message && amzn_aps_csm.errors.push(j.message)
        }
    }, amzn_aps_csm.invalidModuleException = function(a) {
        this.value = a, this.message = "does not conform to the expected format of a module", this.toString = function() {
            return this.value + this.message
        }
    }, amzn_aps_csm = amzn_aps_csm || {}, amzn_aps_csm.define("eventUtils", [], function() {
        var a = {
            shortName: "eu"
        };
        return a.init = function() {
            amzn_aps_csm.log("Initializing eventUtils"), a.eventHandlers = []
        }, a.addEvent = function(b, c, d, e) {
            b.addEventListener ? b.addEventListener(c, d, e) : b.attachEvent && b.attachEvent("on" + c, d);
            var f = {
                elem: b,
                eventName: c,
                cb: d
            };
            a.eventHandlers.push(f)
        }, a.registerPostMessageHandler = function(a) {
            var b = window.addEventListener ? "addEventListener" : "attachEvent",
                c = window[b],
                d = "attachEvent" == b ? "onmessage" : "message";
            c(d, function(b) {
                a(b)
            }, !1)
        }, a
    }), amzn_aps_csm = amzn_aps_csm || {}, amzn_aps_csm.define("pixelQueue", [], function() {
        var a = {
            shortName: "pq"
        };
        return a.init = function() {}, a.firePixel = function(a, b, c) {
            if ("" !== b) {
                /^https?:\/\//.test(b) === !1 && (b = document.location.protocol + "//" + b), "/" != b.substr(b.length - 1) && (b += "/"), "https:" === document.location.protocol && /^http:\/\//.test(b) === !0 && (b = b.replace("http://", "https://"));
                try {
                    var d = JSON.parse(a);
                    d.ver = amzn_aps_csm.version, a = JSON.stringify(d)
                } catch (e) {}
                void 0 !== c && "" !== c && (b += c), (new Image).src = b + a + "?cb=" + Math.round(1e7 * Math.random())
            } else amzn_aps_csm.log("instrURL is empty")
        }, a
    }), amzn_aps_csm = amzn_aps_csm || {},
    function() {
        var a, b;
        amzn_aps_csm.loadModules([{
            name: "eventUtils",
            params: []
        }]);
        for (a in amzn_aps_csm.eventUtils) amzn_aps_csm.eventUtils.hasOwnProperty(a) && (amzn_aps_csm[a] = amzn_aps_csm.eventUtils[a]);
        amzn_aps_csm.loadModules([{
            name: "pixelQueue",
            params: []
        }]), b = 5, amzn_aps_csm.registerPostMessageHandler(function(a) {
            var c, d, e, f, g, h, i, j, k, l, m;
            if (amzn_aps_csm.log("parent received message!: ", a.data), amzn_aps_csm.log(a.origin), /pixelId/.test(a.data)) {
                for (c = a.source, d = 0; c.parent !== top && b > d;) c = c.parent, d++;
                for (e = {}, "object" == typeof apstag && null !== apstag && "function" == typeof apstag._getSlotIdToNameMapping && null !== apstag._getSlotIdToNameMapping() && (e = apstag._getSlotIdToNameMapping()), f = "", g = document.getElementsByTagName("iframe"), h = 0; h < g.length; h++)
                    if (g[h].contentWindow === c) {
                        i = g[h].parentElement;
                        do j = i.id, i = i.parentElement; while (e.hasOwnProperty(j) === !1 && "body" !== i.tagName.toLowerCase());
                        f = e[j] || j
                    }
                k = JSON.parse(a.data), l = decodeURIComponent(k.instrURL), m = {
                    sn: encodeURIComponent(f),
                    pixelId: k.pixelId
                }, /amazon-adsystem\.com/.test(l) && amzn_aps_csm.pixelQueue.firePixel(JSON.stringify(m), l, "")
            }
        })
    }();
#14 JavaScript::Eval (size: 43) - SHA256: 0220aceb9c3413632235ce2598b94dd7a130a95558114c04ad41f9386b69777b
this.context['clientInformation']['vendor']
#15 JavaScript::Eval (size: 28) - SHA256: 4f6a557989f79654728dcb244539b604c5329db30b964d6e8c524c72517b9fa6
this.context['Notification']
#16 JavaScript::Eval (size: 31) - SHA256: 0408d20a8555f96ab5cced9f89880c477f78d4ade576e5618b04094f034fb081
this.context['ArrayBufferView']
#17 JavaScript::Eval (size: 19) - SHA256: 67909fba812519f6eced963d195970a41923b591290d48f96704719fc6b74ec5
this.context['NaN']
#18 JavaScript::Eval (size: 45) - SHA256: d7fff9897aaa9675a3652e7cac1a8c2a3427b896b5cc0ab5ffd628f9bb106e34
this.context['external']['AddSearchProvider']
#19 JavaScript::Eval (size: 39) - SHA256: 04f881dff1163e4e36943700ddbcf25667dfe7e0b154d21e181a771955264d60
this.context['document']['createTouch']
#20 JavaScript::Eval (size: 35) - SHA256: 41aae560d6dd4b675e6e45d30c1572db537659e580ac434c4b89b76e4f3dc5ac
this.context['SiteBoundCredential']
#21 JavaScript::Eval (size: 22) - SHA256: d8fc182869d21957579c2a09eae263e41ab53e4c30c4ffa96d93584a64eb6f77
0,
function(R) {
    HW(R, 2)
}
#22 JavaScript::Eval (size: 35) - SHA256: 7013ec5264e02f54f3b42e05b51fd1ad0f180fa3870b71acd2f1a384cc81d601
this.context['document']['prepend']
#23 JavaScript::Eval (size: 15568) - SHA256: ac67106da7775f013b7cb9730c8cde5cfa186d74c2bff74fe27579bb046366be
/* Anti-spam. Want to say hello? Contact (base64) Ym90Z3VhcmQtY29udGFjdEBnb29nbGUuY29t */
(function() {
    var q = function(b, R) {
            if ((R = (b = K.trustedTypes, null), !b) || !b.createPolicy) return R;
            try {
                R = b.createPolicy("bg", {
                    createHTML: O,
                    createScript: O,
                    createScriptURL: O
                })
            } catch (I) {
                K.console && K.console.error(I.message)
            }
            return R
        },
        K = this || self,
        O = function(b) {
            return b
        };
    (0, eval)(function(b, R) {
        return (R = q()) && 1 === b.eval(R.createScript("1")) ? function(I) {
            return R.createScript(I)
        } : function(I) {
            return "" + I
        }
    }(K)(Array(7824 * Math.random() | 0).join("\n") + '(function(){var z=this||self,bo=function(b,I,K,O){(K=P((O=P(b),b)),x)(K,b,v(I,Z(O,b)))},R8=function(b,I,K){if("object"==(I=typeof b,I))if(b){if(b instanceof Array)return"array";if(b instanceof Object)return I;if("[object Window]"==(K=Object.prototype.toString.call(b),K))return"object";if("[object Array]"==K||"number"==typeof b.length&&"undefined"!=typeof b.splice&&"undefined"!=typeof b.propertyIsEnumerable&&!b.propertyIsEnumerable("splice"))return"array";if("[object Function]"==K||"undefined"!=typeof b.call&&"undefined"!=typeof b.propertyIsEnumerable&&!b.propertyIsEnumerable("call"))return"function"}else return"null";else if("function"==I&&"undefined"==typeof b.call)return"object";return I},Z=function(b,I){if(void 0===(I=I.K[b],I))throw[D,30,b];if(I.value)return I.create();return I.create(1*b*b+-48*b+-64),I.prototype},f=function(b,I){I.s=((I.s?I.s+"~":"E:")+b.message+":"+b.stack).slice(0,2048)},I8=function(b,I){(I.push(b[0]<<24|b[1]<<16|b[2]<<8|b[3]),I.push(b[4]<<24|b[5]<<16|b[6]<<8|b[7]),I).push(b[8]<<24|b[9]<<16|b[10]<<8|b[11])},O1=function(b,I,K,O){function y(){}return{invoke:(O=K2(b,(K=void 0,function(R){y&&(I&&J(I),K=R,y(),y=void 0)}),!!I)[0],function(R,w,q,N){function u(){K(function(M){J(function(){R(M)})},q)}if(!w)return w=O(q),R&&R(w),w;K?u():(N=y,y=function(){(N(),J)(u)})})}},yj=function(b,I,K,O){return Z(356,(k(319,(wl(b,(O=Z(319,b),b.H&&O<b.j?(k(319,b,b.j),qO(b,K)):k(319,b,K),I)),b),O),b))},A=function(b,I,K,O,y,R,w,q,N){if(O.L+=((w=(y=(N=(R=(q=(K||O.i++,0<O.P&&O.I)&&O.KI&&1>=O.v&&!O.C&&!O.g&&(!K||1<O.Z-b)&&0==document.hidden,4==O.i))||q?O.D():O.F,N-O.F),y>>14),O.V)&&(O.V^=w*(y<<2)),O.A=w||O.A,w),R||q)O.F=N,O.i=0;if(!q||N-O.X<O.P-(I?255:K?5:2))return false;return(k((I=Z((O.Z=b,K?351:319),O),319),O,O.j),O.R).push([zJ,I,K?b+1:b]),O.g=J,true},io=function(b,I){return I[b]<<24|I[(b|0)+1]<<16|I[(b|0)+2]<<8|I[(b|0)+3]},qO=function(b,I){k(319,((b.rt.push(b.K.slice()),b).K[319]=void 0,b),I)},V=function(b,I,K){I[k(K,b,I),uo]=2796},JW=function(b,I,K,O,y){for((b.pI=MO(b.h,((b.kG=(b.fI=b[E],o8),b).Q2=PW,{get:function(){return this.concat()}})),b).ju=p[b.h](b.pI,{value:{value:{}}}),y=[],O=0;128>O;O++)y[O]=String.fromCharCode(O);C(true,true,(l(((l([(V(b,(V(b,function(R,w){(w=Z(P(R),R),qO)(R.A,w)},(V(b,function(R,w,q,N){k((w=g((N=P(R),R)),q=P(R),q),R,Z(N,R)>>>w)},(k(97,(V((V(b,(k(230,b,(V(b,(b.uf=(k((k(162,b,(V(b,function(R,w,q,N){(N=Z((w=(q=(w=P(R),N=P(R),P(R)),Z)(w,R),N),R),k)(q,R,+(w==N))},(V(b,(V((V(b,(V(b,(V(b,(V(b,function(R){bo(R,1)},(k(17,((V(b,(b.HZ=(V(b,function(R,w){R=(w=P(R),Z(w,R.A)),R[0].removeEventListener(R[1],R[2],c)},(k(507,b,(V(b,function(R,w,q,N,u,M,H){for(u=(q=Z(92,(w=(H=mj((N=P(R),R)),""),R)),q.length),M=0;H--;)M=((M|0)+(mj(R)|0))%u,w+=y[q[M]];k(N,R,w)},((V(b,((V((k((k(366,(k(356,b,(V(b,(V(b,(V(b,(V((k(182,(k(305,(k((b.Su=(V(b,(V(b,function(R,w,q){A(w,false,true,R)||(w=P(R),q=P(R),k(q,R,function(N){return eval(N)}(xP(Z(w,R.A)))))},(V(b,function(R){HW(R,4)},(k((b.s=(b.DP=(b.L=1,b.G=void 0,b.rt=[],b.KI=false,(b.W=void 0,b.Y=0,b.X=(b.o=(b.A=b,[]),b.l=(b.v=0,O=(b.g=null,b.j=0,(b.S=(b.N=false,void 0),b.wt=0,window).performance)||{},(b.P=0,b).I=!(b.Z=8001,1),b.H=[],[]),(b.i=void 0,b.U=25,b.C=void 0,b.R=[],(b.V=void 0,b).RQ=function(R){this.A=R},b).K=[],0),(b.F=0,O).timeOrigin||(O.timing||{}).navigationStart)||0),void 0),319),b,0),k(351,b,0),475)),168)),function(R,w,q){0!=(q=Z((w=P(R),q=P(R),q),R),Z(w,R))&&k(319,R,q)}),342),0),253),b,[]),b),b),b),0),b),function(R){bo(R,4)},267),function(R,w,q,N,u){(q=(u=Z((w=Z((u=P((q=(N=(w=P(R),P)(R),P)(R),R)),w),R.A),u),R),N=Z(N,R),Z)(q,R),0)!==w&&(q=vW(1,R,u,q,w,N),w.addEventListener(N,q,c),k(182,R,[w,N,q]))}),261),function(R,w,q,N,u){(w=(q=P((N=(u=P(R),P)(R),R)),P(R)),q=Z(q,R),w=Z(w,R),N=Z(N,R),k)(u,R,vW(w,R,q,N))}),222),function(R,w,q,N){(w=P((N=(q=P(R),P)(R),R)),k)(w,R,Z(q,R)||Z(N,R))}),381),{})),b),0),270),b,z),b),function(R){Zb(R,3)},395),V)(b,function(R,w,q){k((q=Z((w=P((q=P(R),R)),q),R),q=R8(q),w),R,q)},405),function(R,w,q,N){!A(w,false,true,R)&&(w=rl(R),q=w.J,N=w.AN,R.A==R||q==R.RQ&&N==R)&&(k(w.aQ,R,q.apply(N,w.O)),R.F=R.D())}),234),V)(b,function(R){Zb(R,4)},203),335)),[160,0,0])),206)),0),function(){}),503),V)(b,function(R,w,q,N,u,M,H,r,m,L,X,G){function Q(n,h){for(;q<n;)G|=g(R)<<q,q+=8;return h=G&(1<<n)-1,q-=n,G>>=n,h}for(X=(L=(q=G=(M=P(R),0),(Q(3)|0)+1),u=Q(5),N=0),m=[];N<u;N++)H=Q(1),m.push(H),X+=H?0:1;for(X=(w=(N=((X|0)-1).toString(2).length,[]),0);X<u;X++)m[X]||(w[X]=Q(N));for(N=0;N<u;N++)m[N]&&(w[N]=P(R));for(r=[];L--;)r.push(Z(P(R),R));V(R,function(n,h,Y,NO,t){for(h=(NO=[],0),Y=[];h<u;h++){if(t=w[h],!m[h]){for(;t>=Y.length;)Y.push(P(n));t=Y[t]}NO.push(t)}n.S=Db(n,(n.C=Db(n,r.slice()),NO))},M)},94),b),[]),367)),function(R,w,q,N){(N=Z((q=Z((w=(q=P(R),P)(R),q),R),w),R),k)(w,R,N+q)}),58),function(R,w,q,N,u,M){if(!A(w,true,true,R)){if("object"==R8((R=Z((M=(w=(M=(q=(w=(N=P(R),P)(R),P(R)),P(R)),Z)(w,R),Z)(M,R),q=Z(q,R),N),R),R))){for(u in N=[],R)N.push(u);R=N}for(N=(u=(q=0<q?q:1,0),R).length;u<N;u+=q)w(R.slice(u,(u|0)+(q|0)),M)}}),341),function(R,w,q,N){if(w=R.rt.pop()){for(q=g(R);0<q;q--)N=P(R),w[N]=R.K[N];R.K=(w[253]=R.K[253],w[97]=R.K[97],w)}else k(319,R,R.j)}),327),b),function(R,w,q){w=P(R),q=P(R),k(q,R,""+Z(w,R))},455),function(R,w,q,N,u){for(q=(u=P(R),w=mj(R),N=[],0);q<w;q++)N.push(g(R));k(u,R,N)}),34),117)),T)(4)),205),b,524),0),function(R,w,q,N){N=(w=P((q=(N=P(R),P(R)),R)),Z(N,R)),q=Z(q,R),k(w,R,N in q|0)}),79),[0,0,0])),function(R,w,q,N,u){(q=(u=(N=P(R),P(R)),P)(R),R).A==R&&(q=Z(q,R),w=Z(N,R),u=Z(u,R),w[u]=q,377==N&&(R.G=void 0,2==u&&(R.V=B(32,R,false),R.G=void 0)))}),474),b),function(R,w,q,N,u,M){A(w,false,true,R)||(N=rl(R.A),w=N.AN,M=N.O,q=N.J,u=M.length,N=N.aQ,w=0==u?new w[q]:1==u?new w[q](M[0]):2==u?new w[q](M[0],M[1]):3==u?new w[q](M[0],M[1],M[2]):4==u?new w[q](M[0],M[1],M[2],M[3]):2(),k(N,R,w))},317),b),2048),89)),473)),function(R,w,q,N){k((N=(q=Z((w=P((N=(q=P(R),P(R)),R)),q),R),Z(N,R)),w),R,q[N])}),380),uo)],b),l)([S,I],b),[f2,K]),b),b))},l=function(b,I){I.R.splice(0,0,b)},XO=function(b,I,K,O){try{O=b[((I|0)+2)%3],b[I]=(b[I]|0)-(b[((I|0)+1)%3]|0)-(O|0)^(1==I?O<<K:O>>>K)}catch(y){throw y;}},n2=function(b,I,K){if(3==b.length){for(K=0;3>K;K++)I[K]+=b[K];for(b=[13,8,13,12,16,5,3,10,15],K=0;9>K;K++)I[3](I,K%3,b[K])}},GJ=function(b,I,K,O,y){for(y=(K=K[3]|(O=K[2]|0,0),0);14>y;y++)I=I>>>8|I<<24,I+=b|0,K=K>>>8|K<<24,b=b<<3|b>>>29,I^=O+2298,K+=O|0,K^=y+2298,b^=I,O=O<<3|O>>>29,O^=K;return[b>>>24&255,b>>>16&255,b>>>8&255,b>>>0&255,I>>>24&255,I>>>16&255,I>>>8&255,I>>>0&255]},v=function(b,I,K,O){for(K=(b|0)-1,O=[];0<=K;K--)O[(b|0)-1-(K|0)]=I>>8*K&255;return O},wl=function(b,I,K,O,y,R){if(!b.s){b.v++;try{for(R=(y=(K=b.j,void 0),0);--I;)try{if((O=void 0,b).C)y=hW(b,b.C);else{if(R=Z(319,b),R>=K)break;O=P((k(351,b,R),b)),y=Z(O,b)}A((y&&y[$P]&2048?y(b,I):e([D,21,O],b,0),I),false,false,b)}catch(w){Z(205,b)?e(w,b,22):k(205,b,w)}if(!I){if(b.CI){b.v--,wl(b,216630971487);return}e([D,33],b,0)}}catch(w){try{e(w,b,22)}catch(q){f(q,b)}}b.v--}},rl=function(b,I,K,O,y,R){for(R=(K=((O=(I=b[kP]||{},P(b)),I.aQ=P(b),I).O=[],b.A==b?(g(b)|0)-1:1),P(b)),y=0;y<K;y++)I.O.push(P(b));for(;K--;)I.O[K]=Z(I.O[K],b);return(I.J=Z(O,b),I).AN=Z(R,b),I},vW=function(b,I,K,O,y,R){function w(){if(I.A==I){if(I.K){var q=[F,O,K,void 0,y,R,arguments];if(2==b)var N=C(false,false,(l(q,I),I));else if(1==b){var u=!I.R.length;(l(q,I),u)&&C(false,false,I)}else N=AW(I,q);return N}y&&R&&y.removeEventListener(R,w,c)}}return w},E1=function(b,I,K,O,y,R,w,q){return O=[-9,-48,48,29,-71,-79,O,-95,27,81],R=Vj,q=b&7,y=p[K.h](K.pI),y[K.h]=function(N){q+=(w=N,6+7*b),q&=7},y.concat=function(N){return(w=(N=(N=-46*I*I*w- -2208*I*w+(N=I%16+1,1*I*I*N)+q+46*w*w+O[q+27&7]*I*N- -2944*w+(R()|0)*N-N*w,O)[N],void 0),O[(q+21&7)+(b&2)]=N,O)[q+(b&2)]=-48,N},y},C=function(b,I,K,O,y,R){if(K.R.length){K.I=(K.KI=(K.I&&0(),b),true);try{y=K.D(),K.F=y,K.X=y,K.i=0,O=p2(b,K),R=K.D()-K.X,K.Y+=R,R<(I?0:10)||0>=K.U--||(R=Math.floor(R),K.o.push(254>=R?R:254))}finally{K.I=false}return O}},J=z.requestIdleCallback?function(b){requestIdleCallback(function(){b()},{timeout:4})}:z.setImmediate?function(b){setImmediate(b)}:function(b){setTimeout(b,0)},e=function(b,I,K,O,y,R){if(!I.N){if((b=(K=(0==(R=Z(253,((O=void 0,b)&&b[0]===D&&(O=b[2],K=b[1],b=void 0),I)),R).length&&(y=Z(351,I)>>3,R.push(K,y>>8&255,y&255),void 0!=O&&R.push(O&255)),""),b&&(b.message&&(K+=b.message),b.stack&&(K+=":"+b.stack)),Z)(97,I),3)<b){I.A=(K=(b-=(K=K.slice(0,(b|0)-3),(K.length|0)+3),Qj)(K),O=I.A,I);try{x(162,I,v(2,K.length).concat(K),9)}finally{I.A=O}}k(97,I,b)}},HW=function(b,I,K,O){for(K=(O=P(b),0);0<I;I--)K=K<<8|g(b);k(O,b,K)},FO=function(b,I){return I(function(K){K(b)}),[function(){return b}]},cW=function(b,I,K){return I.B(function(O){K=O},false,b),K},x=function(b,I,K,O,y,R){if(I.A==I)for(R=Z(b,I),162==b?(b=function(w,q,N,u){if((u=(q=R.length,(q|0)-4>>3),R.hN)!=u){u=(u<<(N=[0,0,y[R.hN=u,1],y[2]],3))-4;try{R.bf=GJ(io(u,R),io((u|0)+4,R),N)}catch(M){throw M;}}R.push(R.bf[q&7]^w)},y=Z(230,I)):b=function(w){R.push(w)},O&&b(O&255),I=K.length,O=0;O<I;O++)b(K[O])},TJ=function(b,I){if((I=(b=null,z).trustedTypes,!I)||!I.createPolicy)return b;try{b=I.createPolicy("bg",{createHTML:gl,createScript:gl,createScriptURL:gl})}catch(K){z.console&&z.console.error(K.message)}return b},p2=function(b,I,K,O){for(;I.R.length;){K=(I.g=null,I).R.pop();try{O=AW(I,K)}catch(y){f(y,I)}if(b&&I.g){b=I.g,b(function(){C(true,true,I)});break}}return O},AW=function(b,I,K,O,y){if(O=I[0],O==W)b.U=25,b.u(I);else if(O==E){K=I[1];try{y=b.s||b.u(I)}catch(R){f(R,b),y=b.s}K(y)}else if(O==zJ)b.u(I);else if(O==S)b.u(I);else if(O==f2){try{for(y=0;y<b.l.length;y++)try{K=b.l[y],K[0][K[1]](K[2])}catch(R){}}catch(R){}(0,I[b.l=[],1])(function(R,w){b.B(R,true,w)},function(R){l([$P],(R=!b.R.length,b)),R&&C(true,false,b)})}else{if(O==F)return y=I[2],k(332,b,I[6]),k(356,b,y),b.u(I);O==$P?(b.H=[],b.K=null,b.o=[]):O==uo&&"loading"===z.document.readyState&&(b.g=function(R,w){function q(){w||(w=true,R())}z.document.addEventListener("DOMContentLoaded",q,(w=false,c)),z.addEventListener("load",q,c)})}},MO=function(b,I){return p[b](p.prototype,{pop:I,call:I,splice:I,document:I,replace:I,prototype:I,length:I,propertyIsEnumerable:I,floor:I,console:I,parent:I,stack:I})},Db=function(b,I,K){return K=p[b.h](b.ju),K[b.h]=function(){return I},K.concat=function(O){I=O},K},a,Zb=function(b,I,K,O,y){(((y=(K=P((I&=(O=I&3,4),y=P(b),b)),Z)(y,b),I)&&(y=Qj(""+y)),O)&&x(K,b,v(2,y.length)),x)(K,b,y)},B=function(b,I,K,O,y,R,w,q,N,u,M,H,r,m){if((r=Z(319,I),r)>=I.j)throw[D,31];for(w=r,u=(H=I.fI.length,b),q=0;0<u;)M=w%8,R=8-(M|0),N=w>>3,R=R<u?R:u,O=I.H[N],K&&(y=I,y.G!=w>>6&&(y.G=w>>6,m=Z(377,y),y.W=GJ(y.V,y.G,[0,0,m[1],m[2]])),O^=I.W[N&H]),q|=(O>>8-(M|0)-(R|0)&(1<<R)-1)<<(u|0)-(R|0),w+=R,u-=R;return k(319,I,(K=q,(r|0)+(b|0))),K},P=function(b,I){if(b.C)return hW(b,b.S);return(I=B(8,b,true),I)&128&&(I^=128,b=B(2,b,true),I=(I<<2)+(b|0)),I},d,k=function(b,I,K){if(319==b||351==b)I.K[b]?I.K[b].concat(K):I.K[b]=Db(I,K);else{if(I.N&&377!=b)return;507==b||162==b||17==b||253==b||230==b?I.K[b]||(I.K[b]=E1(54,b,I,K)):I.K[b]=E1(137,b,I,K)}377==b&&(I.V=B(32,I,false),I.G=void 0)},Qj=function(b,I,K,O,y){for(y=(I=K=(b=b.replace(/\\r\\n/g,"\\n"),0),[]);I<b.length;I++)O=b.charCodeAt(I),128>O?y[K++]=O:(2048>O?y[K++]=O>>6|192:(55296==(O&64512)&&I+1<b.length&&56320==(b.charCodeAt(I+1)&64512)?(O=65536+((O&1023)<<10)+(b.charCodeAt(++I)&1023),y[K++]=O>>18|240,y[K++]=O>>12&63|128):y[K++]=O>>12|224,y[K++]=O>>6&63|128),y[K++]=O&63|128);return y},g=function(b){return b.C?hW(b,b.S):B(8,b,true)},T=function(b,I){for(I=[];b--;)I.push(255*Math.random()|0);return I},mj=function(b,I){return(I=g(b),I)&128&&(I=I&127|g(b)<<7),I},K2=function(b,I,K,O){return(O=d[b.substring(0,3)+"_"])?O(b.substring(3),I,K):FO(b,I)},c={passive:true,capture:true},gl=function(b){return b},U=function(b,I,K){K=this;try{JW(this,b,I)}catch(O){f(O,this),I(function(y){y(K.s)})}},hW=function(b,I){return(I=I.create().shift(),b.C.create().length||b.S.create().length)||(b.C=void 0,b.S=void 0),I},kP=String.fromCharCode(105,110,116,101,103,67,104,101,99,107,66,121,112,97,115,115),zJ=[],f2=[],$P=((U.prototype.FY=void 0,U).prototype.T="toString",U.prototype.CI=false,[]),W=(U.prototype.eu=void 0,[]),E=[],S=[],uo=[],D={},F=[],p=(((I8,T,XO,function(){})(n2),U.prototype).h="create",D.constructor),Vj=((a=U.prototype,a.nI=function(b,I,K,O,y,R){for(R=[],K=O=0;K<b.length;K++)for(O+=I,y=y<<I|b[K];7<O;)O-=8,R.push(y>>O&255);return R},a).GP=function(b,I,K){return b^((I=(I^=I<<13,I^=I>>17,(I^I<<5)&K))||(I=1),I)},void 0),PW=(((a.D=(a.B=(a.Mm=function(){return Math.floor(this.Y+(this.D()-this.X))},a.dt=function(){return Math.floor(this.D())},a.Oj=function(b,I,K,O,y){for(y=O=0;y<b.length;y++)O+=b.charCodeAt(y),O+=O<<10,O^=O>>6;return O=(b=(O+=O<<3,O^=O>>11,O)+(O<<15)>>>0,new Number(b&(1<<I)-1)),O[0]=(b>>>I)%K,O},function(b,I,K,O,y){if(K="array"===R8(K)?K:[K],this.s)b(this.s);else try{y=[],O=!this.R.length,l([W,y,K],this),l([E,b,y],this),I&&!O||C(I,true,this)}catch(R){f(R,this),b(this.s)}}),(window.performance||{}).now?function(){return this.DP+window.performance.now()}:function(){return+new Date}),U.prototype.u=function(b,I){return Vj=(I=(b={},{}),function(){return I==b?-64:-17}),function(K,O,y,R,w,q,N,u,M,H,r,m,L,X,G){I=(u=I,b);try{if(y=K[0],y==S){L=K[1];try{for(M=H=(R=(q=atob(L),[]),0);H<q.length;H++)O=q.charCodeAt(H),255<O&&(R[M++]=O&255,O>>=8),R[M++]=O;this.H=R,this.j=this.H.length<<3,k(377,this,[0,0,0])}catch(Q){e(Q,this,17);return}wl(this,8001)}else if(y==W)K[1].push(Z(97,this),Z(162,this).length,Z(17,this).length,Z(507,this).length),k(356,this,K[2]),this.K[376]&&yj(this,8001,Z(376,this));else{if(y==E){(X=(G=v(2,((H=K[2],Z(507,this)).length|0)+2),this).A,this).A=this;try{w=Z(253,this),0<w.length&&x(507,this,v(2,w.length).concat(w),10),x(507,this,v(1,this.L),109),x(507,this,v(1,this[E].length)),q=0,N=Z(162,this),q+=Z(366,this)&2047,q-=(Z(507,this).length|0)+5,4<N.length&&(q-=(N.length|0)+3),0<q&&x(507,this,v(2,q).concat(T(q)),15),4<N.length&&x(507,this,v(2,N.length).concat(N),156)}finally{this.A=X}if(r=((M=T(2).concat(Z(507,this)),M)[1]=M[0]^6,M[3]=M[1]^G[0],M[4]=M[1]^G[1],this).sj(M))r="!"+r;else for(q=0,r="";q<M.length;q++)m=M[q][this.T](16),1==m.length&&(m="0"+m),r+=m;return Z(507,(Z(((k(97,(R=r,this),H.shift()),Z)(162,this).length=H.shift(),17),this).length=H.shift(),this)).length=H.shift(),R}if(y==zJ)yj(this,K[2],K[1]);else if(y==F)return yj(this,8001,K[1])}}finally{I=u}}}(),U.prototype).V2=0,U.prototype).sj=function(b,I,K,O){if(I=window.btoa){for(O=(K=0,"");K<b.length;K+=8192)O+=String.fromCharCode.apply(null,b.slice(K,K+8192));b=I(O).replace(/\\+/g,"-").replace(/\\//g,"_").replace(/=/g,"")}else b=void 0;return b},U.prototype.XY=0,/./),o8,BW=S.pop.bind((U.prototype[f2]=[0,0,1,1,0,1,1],U.prototype[W])),xP=(o8=MO(U.prototype.h,(PW[U.prototype.T]=BW,{get:BW})),U.prototype.gt=void 0,function(b,I){return(I=TJ())&&1===b.eval(I.createScript("1"))?function(K){return I.createScript(K)}:function(K){return""+K}}(z));(40<(d=z.botguard||(z.botguard={}),d.m)||(d.m=41,d.bg=O1,d.a=K2),d).LDL_=function(b,I,K){return[(K=new U(b,I),function(O){return cW(O,K)})]};}).call(this);'));
}).call(this);
#24 JavaScript::Eval (size: 64) - SHA256: 14ed98b8b82987bce49c9e6a0f9b620434ec92ad83e9815037257823fe34071e
0,
function(R, w, q) {
    k((q = (w = (q = P(R), P(R)), R).K[q] && Z(q, R), w), R, q)
}
#25 JavaScript::Eval (size: 32) - SHA256: a535a9a97ed5a801419c63a6e764dd3b24c8456f177155717caf9ba3411ef756
this.context['chrome']['search']
#26 JavaScript::Eval (size: 19) - SHA256: 631bd9a13534679ce526b007d4fc8352793377d89bcc321392b01ecf075c4101
this.context['Set']
#27 JavaScript::Eval (size: 39) - SHA256: aaa8c0ab87c7070701d0a29a610c65a4c1d29153c2d14623602acef3eea646dd
this.context['EventTarget']['toString']
#28 JavaScript::Eval (size: 30) - SHA256: 7ceacb36606d6f6599d3ed5454c31152cb4417fb3c02ebb66431c4227a653726
this.context['clearImmediate']
#29 JavaScript::Eval (size: 41) - SHA256: 25fde17ee6ee622be6ebf83118c8802af55f2721a375a4017d6dec6edaf3b37b
this.context['DOMException']['ABORT_ERR']
#30 JavaScript::Eval (size: 200) - SHA256: e5bbf42a8696261508cc685cd48ec261b8fc6de65f727b020f2c39713a7bdc43
apstag.punt({
    "cmp": "https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-LoopMe_n-onetag_pm-db5_rbd_n-MediaNet_cnv_n-Outbrain",
    "rm": true,
    "to": 5000,
    "id": "default",
    "cb": "0"
})
#31 JavaScript::Eval (size: 21) - SHA256: 5f7d79033f82e1d81e2e6490b1fe43f241e2889aae35ea6d5f968ca697f5a577
this.context['close']
#32 JavaScript::Eval (size: 36) - SHA256: a612f8985aebacd5c5fa6b17d16982a29983ae9131bae94403ff9abe1ce2ded2
this.context['navigator']['appName']
#33 JavaScript::Eval (size: 31) - SHA256: fb71685befff6e5c6fb9e2dd5f9bea6c71a2a162b39920f3927ef5ebfcf0134d
this.context['BeforeLoadEvent']
#34 JavaScript::Eval (size: 35) - SHA256: 022ae916a59e1d7cb709a35e757c60e6626bfccd2c1e87c5ad6b432f0f1b1538
this.context['HTMLBaseFontElement']
#35 JavaScript::Eval (size: 41) - SHA256: e9d851c02746b7bd4d9207264c143f76480b69aa3552b1cdaa79ee537d83f5ac
this.context['navigator']['taintEnabled']

Executed Writes (8)
#1 JavaScript::Write (size: 192) - SHA256: df9913e17da94cf021a5cf7de21a12683e6020ed3b2cbeb6dca1f3169fdf87a4
< head > < /head><body><script type="text/javascript
">var adtrue_passback = {adtrue_pzoneid:'12953'};</script><script type="
text / javascript " src=" //cdn.adtrue.com/rtb/passback.js"></script></body>
#2 JavaScript::Write (size: 132) - SHA256: 3552770b3071071ddb357df56ac0ca0583b397e28edef983e2bb8013a9b11f4b
< script type = "text/javascript"
src = "//exchange.adtrue.com/tag/passback?adtrue_pzoneid=12953&divid=160912468&ref=undefined" > < /script>
#3 JavaScript::Write (size: 249) - SHA256: d69309a446845fa51459fb0bf23ba7e57d8cbdfd2833b544627e64ec727a2102
<!-- Composite Start -->
< style >
    .mgbox.mgheader {
        display: none!important;
    } < /style> < div id = "M624865ScriptRootC991771" >
    < /div> < script src = "https://jsc.adskeeper.com/a/d/adtrue.ouo.press.991771.js"
async >
    < /script>
    <!-- Composite End -->
#4 JavaScript::Write (size: 3268) - SHA256: 4d76275ba2c122f961938f23593d6bbb20fc649824f318e711fb9a39a8cd5f66
< !DOCTYPE HTML > < html > < head > < /head><body><script type="text/javascript
">function showAdsByAdtrue(){document.getElementById("
adtrue_gc ").style.width = '105px';document.getElementById("
adtrue_gb ").style.display = 'none';document.getElementById("
adtrue_gs ").style.display = 'block';}function hideAdsByAdtrue(cb){setTimeout(function() {document.getElementById("
adtrue_gc ").style.width = '15px';document.getElementById("
adtrue_gb ").style.display = 'block';document.getElementById("
adtrue_gs ").style.display = 'none';}, 500);}</script><style>#block_adexchange svg:not(:root) {overflow: auto;!important}</style><div id="
block_adexchange " style="
width: 300 px;
height: 250 px;
position: relative;
font: 15 px / 1.2e m Arial, sans - serif!important;
">            <div dir="
ltr " id="
adtrue_gc " class="
adtrue_gc_12953 " style="
display: none;
width: 15 px;
height: 15 px;
height: 15 px;
position: absolute;
left: 0;
text - rendering: geometricprecision;
bottom: 0;
width: 15 px;
z - index: 9020;
">                <div id="
adtrue_gb " style="
display: block;
height: 100 % ;
" onmouseover="
showAdsByAdtrue()
"><svg width="
100 % " height="
100 % "><rect width="
100 % " height="
100 % " fill="
whitesmoke "/><svg stroke="
#000000" fill= "#000000"
x = "0px"
y = "0px" > < circle cx = "7.5px"
cy = "7.5px"
r = "5.5px"
fill = "none"
stroke - width = "1.1px" / > < circle cx = "7.5px"
cy = "4.75px"
r = "1px"
stroke = "none" / > < line x1 = "7.5px"
x2 = "7.5px"
y1 = "6.5px"
y2 = "11px"
fill = "none"
stroke - width = "1.75px" / > < /svg>                    </svg > < /div>                <div id="adtrue_gs" style="display: none;height: 100%;" onmouseleave="hideAdsByAdtrue()">                    <a target="_blank" href="https:/ / adtrue.com " style="
text - decoration: none;
" id="
abgl ">                        <svg height="
100 % " width="
100 % ">                        <path transform="
matrix(-1.18971, -0.00136069, 0.00161882, -0.999999, 105, 15)
" d="
M0, 0 l96, 0 l0, 15 l - 92, 0 s - 4, 0, -4, -4 Z " fill="
whitesmoke "/>                        <svg width="
34 px " y="
11 px " x="
17 px " overflow="
visible ">                        <text transform="
scale(0.11121408415723971)
" font-size="
100 px " font-family="
Arial " fill="
dimgray ">Ads by</text>                        </svg>                        <svg width="
38 px " y="
11 px " x="
53 px " overflow="
visible ">                        <text transform="
scale(0.11784163440459683)
" font-weight="
bold " font-size="
100 px " font-family="
Arial " fill="
black ">Adtrue</text>                        </svg>                        <svg y="
0 px " x="
0 px " fill="
#000000" stroke= "#000000" > < circle stroke - width = "1.1px"
fill = "none"
r = "5.5px"
cy = "7.5px"
cx = "7.5px" / > < circle stroke = "none"
r = "1px"
cy = "4.75px"
cx = "7.5px" / > < line stroke - width = "1.75px"
fill = "none"
y2 = "11px"
y1 = "6.5px"
x2 = "7.5px"
x1 = "7.5px" / > < /svg>                        </svg > < /a>                </div > < /div><script type="text/javascript
">document.write('<script type="
text / javascript " src=" //exchange.adtrue.com/delivery/impress?pzoneid=12953&ref=https%3A%2F%2Fouo.press%2Fl6f7zP&cb=2855972374&timeZone=0&adWidth=300&adHeight=250&loc=https://ouo.press/l6f7zP"></'+'script>');</script>        </div></body></html>
#5 JavaScript::Write (size: 215) - SHA256: e5de7473e7917eda2ffccbd7e4070ea1b3260d56a8ba4b37478b7bfb543c4375
< script type = "text/javascript"
src = "//exchange.adtrue.com/delivery/impress?pzoneid=12953&ref=https%3A%2F%2Fouo.press%2Fl6f7zP&cb=2855972374&timeZone=0&adWidth=300&adHeight=250&loc=https://ouo.press/l6f7zP" > < /script>
#6 JavaScript::Write (size: 3384) - SHA256: ed7ca95a5ef57501bb0f1bdb3b35bdfd68d026942a6f2a7de907b43ca6bd1782
< script async src = "//cdn.adtrue.com/pb/prebid.js" > < /script><script>var zoneId = 12953;var sizes = [[300, 250]];var REFRESH = 60000;var REFRESH_TIMES = 3;var generateRandomString = Math.random().toString(36).substring(2, 15) + Math.random().toString(36).substring(2, 10);var adTagId = "adtrue_ads_" + zoneId + "_" + generateRandomString;var PREBID_TIMEOUT = 1000;var adUnits = [{code: adTagId,mediaTypes: {banner: {sizes: sizes,},},bids: [{bidder: 'pubmatic',params: {publisherId: '155495',adSlot: 'ouo.press_300x250_direct@300x250'}}, {bidder: 'openx',params: {unit: '558223497',delDomain: 'fptadtrue-d.openx.net',customFloor: 0.1}}, {bidder: 'criteo',params: {networkId: 10692,publisherSubId: zoneId}}, {bidder: 'oftmedia',params: {placementId: 27389997,reserve: 0.03}}],}, ];var pbjs = pbjs || {};pbjs.que = pbjs.que || [];pbjs.que.push(function() {pbjs.addAdUnits(adUnits);pbjs.requestBids({timeout: PREBID_TIMEOUT,bidsBackHandler: handlerPassback,});pbjs.setConfig({"schain": {"validation": "strict","config": {"ver": "1.0","complete": 1,"nodes": [{"asi": "adtruesyndication.com","sid": "3363","hp": 1}]}}});pbjs.setConfig({"bidders": ["oftmedia"],"schain": {"validation": "relaxed","config": {"ver": "1.0","complete": 1,"nodes": [{"asi": "152media.info","sid": "152M351","hp": 1}]}}});pbjs.setConfig({userSync: {filterSettings: {iframe: {bidders: "*",filter: "include",},},userIds: [{name: "criteo",}, ],},});pbjs.enableAnalytics({provider: 'adtrue',options: {"zoneId": 12953,"publisherId": 3363}});});function refreshBid() {pbjs.que.push(function() {pbjs.requestBids({timeout: PREBID_TIMEOUT,bidsBackHandler: handlerPassback,});});}var ntimes = 0;var intervalID = setInterval(function() {ntimes++;if (ntimes > REFRESH_TIMES) {window.clearInterval(intervalID);}refreshBid();}, REFRESH);function handlerPassback() {var iframe = document.getElementById(adTagId);var iframeDoc = iframe.contentWindow.document;var adServerTargeting = pbjs.getAdserverTargetingForAdUnitCode(adTagId);/ * If any bidders
return any creatives * /if (adServerTargeting && adServerTargeting["hb_adid"]) {pbjs.renderAd(iframeDoc, adServerTargeting["hb_adid"]);} else {iframe.width = sizes[0][0];iframe.height = sizes[0][1];iframeDoc.write("<head></head > < body > " + passbackTagHtml + " < /body>");iframeDoc.close();}}var passbackTagHtml = '<script type="text\/javascript">' + "var adtrue_passback = {adtrue_pzoneid:'" + zoneId + "'};" + "<\/script>" + '<script type="text\/javascript" src="/ / cdn.adtrue.com / rtb / passback.js "><\/script>';</script><iframe id="
pb_iframe " frameborder="
0 " scrolling="
no " marginheight="
0 " marginwidth="
0 " TOPMARGIN="
0 " LEFTMARGIN="
0 " ALLOWTRANSPARENCY="
true " width="
0 " height="
0 "></iframe><script>var iframe = document.getElementById("
pb_iframe ");iframe.setAttribute("
id ", adTagId);</script><script type="
text / javascript ">(function() {var purl = window.location.href;var url = '//ads.pubmatic.com/AdServer/js/pwt/155495/4202';var profileVersionId = '';if (purl.indexOf('pwtv=') > 0) {var regexp = /pwtv=(.*?)(&|$)/g;var matches = regexp.exec(purl);if (matches.length >= 2 && matches[1].length > 0) {profileVersionId = '/' + matches[1];}}var wtads = document.createElement('script');wtads.async = true;wtads.type = 'text/javascript';wtads.src = url + profileVersionId + '/pwt.js';var node = document.getElementsByTagName('script')[0];node.parentNode.insertBefore(wtads, node);})();</script>
#7 JavaScript::Write (size: 349) - SHA256: 98c8ee53b4d5a514cf9a8680ef1602d5ea9e2a1524f1fb490f02402a0efc552d
< iframe name = "pbeacon"
frameborder = "0"
allowtransparency = "true"
hspace = "0"
vspace = "0"
marginheight = "0"
marginwidth = "0"
scrolling = "no"
width = "0"
height = "0"
style = "position:absolute;top:-20000px;"
src = "//track.adtrue.com/track/request?pzoneid=12953&domain=ouo.press&ref=https%3A%2F%2Fouo.press%2Fl6f7zP&loc=https%3A%2F%2Fouo.press%2Fl6f7zP" > < /iframe>
#8 JavaScript::Write (size: 173) - SHA256: 642f9705ec7d8c7b0f907d5fecc582d31d93a78c244f05c938e36bf016fe9d3c
< body style = "background-color:white;margin:0px;padding:0px;" > < div id = "c" > < /div><script src="https:/ / ecdn.firstimpression.io / static / js / fiamp.js "></script></body>


HTTP Transactions (111)


Request Response
                                        
                                            GET /l6f7zP HTTP/1.1 
Host: ouo.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         104.22.23.162
HTTP/1.1 301 Moved Permanently
                                        
Date: Fri, 18 Nov 2022 00:01:51 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 18 Nov 2022 01:01:51 GMT
Location: https://ouo.io/l6f7zP
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76bc6f18cb0f1c02-OSL

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "6BCFA518476658128C1FB4EA2435C4E58531454CF97138DCE7ECE9DEF589AEAD"
Last-Modified: Wed, 16 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5996
Expires: Fri, 18 Nov 2022 01:41:47 GMT
Date: Fri, 18 Nov 2022 00:01:51 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3776
Cache-Control: max-age=127948
Date: Fri, 18 Nov 2022 00:01:51 GMT
Etag: "63760d7b-1d7"
Expires: Sat, 19 Nov 2022 11:34:19 GMT
Last-Modified: Thu, 17 Nov 2022 10:31:23 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "04D64920CC8E6B096841938B0C1140889F5D7A04EABD440934A31F1C7AB90352"
Last-Modified: Wed, 16 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20257
Expires: Fri, 18 Nov 2022 05:39:28 GMT
Date: Fri, 18 Nov 2022 00:01:51 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 17 Nov 2022 23:44:57 GMT
cache-control: public,max-age=3600
age: 1014
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    4d7e4eed097b9c4e5d509419f1cfc85a
Sha1:   290bb3d428a7c6330e2e3d73a952b16f820896c8
Sha256: 0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: XUW2uAKy/W+ZYK/5govxcs41Txy/8DfxyzjVBAbv8OydvXuz9GjOXFfND1E62GxpKa9Fz6wWYdI=
x-amz-request-id: VE254R0GW7RF988J
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 17 Nov 2022 23:52:40 GMT
age: 551
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    67d5a988edcda47bc3b3b3f65d32b4b6
Sha1:   d4f0e0da8b3690cc7da925026d3414b68c7d954f
Sha256: 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Fri, 18 Nov 2022 00:01:51 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=162999
Date: Fri, 18 Nov 2022 00:01:51 GMT
Etag: "6376a526-116"
Expires: Sat, 19 Nov 2022 21:18:30 GMT
Last-Modified: Thu, 17 Nov 2022 21:18:30 GMT
Server: nginx
Content-Length: 278

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 17 Nov 2022 23:25:01 GMT
cache-control: public,max-age=3600
age: 2211
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5571
Cache-Control: 'max-age=158059'
Date: Fri, 18 Nov 2022 00:01:52 GMT
Last-Modified: Thu, 17 Nov 2022 22:29:01 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5173
Cache-Control: max-age=156651
Date: Fri, 18 Nov 2022 00:01:52 GMT
Etag: "63767826-118"
Expires: Sat, 19 Nov 2022 19:32:43 GMT
Last-Modified: Thu, 17 Nov 2022 18:06:30 GMT
Server: ECS (amb/6B7A)
X-Cache: HIT
Content-Length: 280

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: zGQ3P5AGH/02eCMUQG4wgw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         35.161.136.21
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: y6KiXSDfJbxeVeG+b9xn0YH127Q=

                                        
                                            GET /images/world.png HTTP/1.1 
Host: ouo.press
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/l6f7zP
Cookie: ouoio_session=eyJpdiI6Ik92ZCthR2FZQUV6bzFcL0UyQ2d2RklMRmd6UVZSa0c0NWhzOUpDcXVGVEF3PSIsInZhbHVlIjoiWlRLY2F2ZVwvZjdGTnhRMkZMRGU2dkR1bkw5NkdiRzlRS2dmQ0YxWnhKTDRXY3M0VDhONXBXVmRHRkVMcXhPSW5JYjVcL0Z2N1Y3bGhMZUdLMmQyQ2xjZz09IiwibWFjIjoiOGUzMzUwYzI0ZTgyODMyOWNjMzY0NDFiNDZjZTQzOTRlMjU0MDMyYmUwYzQ5Zjg2MzgzNzQxZDkwMGY1MDU5YyJ9; language=eyJpdiI6Im1cL215MG1LdklcL1ZXMzlJd3JXdng0XC95endGZG16b0lQUHFaTkN1M1NZNWc9IiwidmFsdWUiOiJGR2RBZkFmbHBOUEZpV2ZydzNjdW5zdTZ5NEFuMkRVUWdHK1FTU1FsejBjPSIsIm1hYyI6IjkwMzVhN2FjNjRlY2M4MTVjMDM0ZDY5NWU4YTQyYjY1Mzg3MWJjNDY2NmQzMmRmM2FmNTJiNTY0Yjg1ZGFjMWIifQ%3D%3D; 39ed0c32e14f3c27c12bbe048af244fc4a789d78=eyJpdiI6InFpczNnSk5pOHF1N0g2YVwvdktQaUVLNVBwczVcL3U1N0VrMXMzbFVtMld3QT0iLCJ2YWx1ZSI6IiswaEZjYUJJRmo1XC82RkhuY05oMkpFbTY2Z1wvVW9EY1RCU1dqczlLREpFcHN5RG5IUUpJR3hlOTROSWtRaXhZTk45blNENkkrRGxEVlZucTZMSTkzM1R3OGY0dk1HVEZKbDJMeDFWSGRiTTNsT0VSbWNQdHR3Z1FqXC8xRWNYc2Erd1dPQUh1Z0x5dFZcL3JiR0RaTnBEZDBoUEJoOHo2ejJLN0V5XC8zM2NpTjY2ZDZvMjF1bW1oNlY1SWM1SGhpVHd2YzdMeHBrcTByS1BQdlwvd212YmtEdDlwTit3UG5yQ05lMElTcTJtRGxXU29SMUhUVWpaRzkxRnlSZmkwZVRJNlRcL1NcL2NXeW9RVWZ3VWg3YjhcLzlacmVIeUtPcGJ5YlZQRkxsZjNjR3RGNk1qUUtGenhMRkRzaHFzOVBSbWpkRndEbVM3dGlWM3Z0MGRvVUlqMUxHcTI4dDNvaUZGSXFiaVp2amxxME9qOHJiVTBVVVwvVFVxTWxQTjE5U0QwUmhZbE4iLCJtYWMiOiJmYzkxZDJkOWIyMDlkY2U2YzMxYjZkYTIyNWExMTkxZjQ3NDk5YmJjOTA1YTc0YTY5ZTcxZDcxYzhjYzY1YzEyIn0%3D; __cf_bm=32bd5NuppqY_RIAYYOtIzLx5_51EViwk_dGYKq2yM2Y-1668729712-0-ATAE5llxFZrWACPs182xtT6zwePEGsBVbGcqT3RFzoyNkFbwxRbQQpgMx37WO9k/32mB1VIZdDX9f7itukmuixc=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.22.58.251
HTTP/2 200 OK
content-type: image/png
                                        
date: Fri, 18 Nov 2022 00:01:52 GMT
content-length: 5692
cache-control: max-age=2592000
cf-bgj: imgq:85,h2pri
cf-polished: status=not_needed
etag: "5549a07c-163c"
expires: Sat, 03 Dec 2022 22:33:44 GMT
last-modified: Wed, 06 May 2015 05:02:52 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 1214888
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76bc6f21b86f1c0a-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Size:   5692
Md5:    4eea420a8830a6d695114427bf52b556
Sha1:   35579e7f1a656beb3a07a7093166ff37c634bade
Sha256: 70f03c74cc197cf154af36fa552a448d9ffebb55081c96e55ef4cf469123fe22
                                        
                                            GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1 
Host: ouo.press
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/l6f7zP
Cookie: ouoio_session=eyJpdiI6Ik92ZCthR2FZQUV6bzFcL0UyQ2d2RklMRmd6UVZSa0c0NWhzOUpDcXVGVEF3PSIsInZhbHVlIjoiWlRLY2F2ZVwvZjdGTnhRMkZMRGU2dkR1bkw5NkdiRzlRS2dmQ0YxWnhKTDRXY3M0VDhONXBXVmRHRkVMcXhPSW5JYjVcL0Z2N1Y3bGhMZUdLMmQyQ2xjZz09IiwibWFjIjoiOGUzMzUwYzI0ZTgyODMyOWNjMzY0NDFiNDZjZTQzOTRlMjU0MDMyYmUwYzQ5Zjg2MzgzNzQxZDkwMGY1MDU5YyJ9; language=eyJpdiI6Im1cL215MG1LdklcL1ZXMzlJd3JXdng0XC95endGZG16b0lQUHFaTkN1M1NZNWc9IiwidmFsdWUiOiJGR2RBZkFmbHBOUEZpV2ZydzNjdW5zdTZ5NEFuMkRVUWdHK1FTU1FsejBjPSIsIm1hYyI6IjkwMzVhN2FjNjRlY2M4MTVjMDM0ZDY5NWU4YTQyYjY1Mzg3MWJjNDY2NmQzMmRmM2FmNTJiNTY0Yjg1ZGFjMWIifQ%3D%3D; 39ed0c32e14f3c27c12bbe048af244fc4a789d78=eyJpdiI6InFpczNnSk5pOHF1N0g2YVwvdktQaUVLNVBwczVcL3U1N0VrMXMzbFVtMld3QT0iLCJ2YWx1ZSI6IiswaEZjYUJJRmo1XC82RkhuY05oMkpFbTY2Z1wvVW9EY1RCU1dqczlLREpFcHN5RG5IUUpJR3hlOTROSWtRaXhZTk45blNENkkrRGxEVlZucTZMSTkzM1R3OGY0dk1HVEZKbDJMeDFWSGRiTTNsT0VSbWNQdHR3Z1FqXC8xRWNYc2Erd1dPQUh1Z0x5dFZcL3JiR0RaTnBEZDBoUEJoOHo2ejJLN0V5XC8zM2NpTjY2ZDZvMjF1bW1oNlY1SWM1SGhpVHd2YzdMeHBrcTByS1BQdlwvd212YmtEdDlwTit3UG5yQ05lMElTcTJtRGxXU29SMUhUVWpaRzkxRnlSZmkwZVRJNlRcL1NcL2NXeW9RVWZ3VWg3YjhcLzlacmVIeUtPcGJ5YlZQRkxsZjNjR3RGNk1qUUtGenhMRkRzaHFzOVBSbWpkRndEbVM3dGlWM3Z0MGRvVUlqMUxHcTI4dDNvaUZGSXFiaVp2amxxME9qOHJiVTBVVVwvVFVxTWxQTjE5U0QwUmhZbE4iLCJtYWMiOiJmYzkxZDJkOWIyMDlkY2U2YzMxYjZkYTIyNWExMTkxZjQ3NDk5YmJjOTA1YTc0YTY5ZTcxZDcxYzhjYzY1YzEyIn0%3D; __cf_bm=32bd5NuppqY_RIAYYOtIzLx5_51EViwk_dGYKq2yM2Y-1668729712-0-ATAE5llxFZrWACPs182xtT6zwePEGsBVbGcqT3RFzoyNkFbwxRbQQpgMx37WO9k/32mB1VIZdDX9f7itukmuixc=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.22.58.251
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Fri, 18 Nov 2022 00:01:52 GMT
last-modified: Tue, 15 Nov 2022 18:10:02 GMT
etag: W/"6373d5fa-4d7"
vary: Accept-Encoding
server: cloudflare
cf-ray: 76bc6f21b8701c0a-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Sun, 20 Nov 2022 00:01:52 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 18 Nov 2022 00:01:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 18 Nov 2022 00:01:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /recaptcha/api.js?render=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.164
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
expires: Fri, 18 Nov 2022 00:01:52 GMT
date: Fri, 18 Nov 2022 00:01:52 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 585
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (884), with no line terminators
Size:   585
Md5:    d36fbadc19583158e0e17f2600407814
Sha1:   e99295beaa7c52e0b1f42759c67b40aebe4bab10
Sha256: dbf530370a0136951085663be32f33ad5e3a01e1a2883eebbd518fbee9816f50
                                        
                                            GET /css?family=Questrial HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 18 Nov 2022 00:01:52 GMT
date: Fri, 18 Nov 2022 00:01:52 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            GET /rtb/async.js HTTP/1.1 
Host: cdn.adtrue.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         172.64.160.3
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Fri, 18 Nov 2022 00:01:52 GMT
last-modified: Mon, 16 Nov 2020 01:20:45 GMT
etag: W/"5fb1d3ed-1c9f"
expires: Sun, 24 Sep 2023 03:44:03 GMT
cache-control: max-age=31104000
access-control-allow-origin: *
cf-cache-status: HIT
age: 4306669
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KEjeo%2FHy%2B2FzdHODDmPoobODwtvZbR0DOQ%2FONssB6gXPTQ1l5KH0Rz3O%2ByddYfFFaOI1cs0SMZQXP5kRvyK%2FvxQ0to9z64DjYRNHn6LBdkQK7wus9z5HRJ6ZO5s1sUn83g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76bc6f222c25775c-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (7327), with no line terminators
Size:   6867
Md5:    0fec84395fa7c8a351a24bdb04e0f927
Sha1:   89f0a409a6d6efd630b2739404515f60091a7524
Sha256: 105577caa6b842e0da4686dcbe7f684610e585b3617942a6a3acf23113f92f1b
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1120
Cache-Control: max-age=93945
Date: Fri, 18 Nov 2022 00:01:53 GMT
Etag: "6375930a-116"
Expires: Sat, 19 Nov 2022 02:07:38 GMT
Last-Modified: Thu, 17 Nov 2022 01:48:58 GMT
Server: ECS (amb/6B7A)
X-Cache: HIT
Content-Length: 278

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 18 Nov 2022 00:01:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 18 Nov 2022 00:01:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /1clkn/16562 HTTP/1.1 
Host: tv.gourdycortes.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         172.255.6.48
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Server: nginx
Date: Fri, 18 Nov 2022 00:01:53 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Set-Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; expires=Sat, 19-Nov-2022 00:01:53 GMT; Max-Age=86400; path=/; secure; SameSite=None GL_GI10=eJxNjM0KgkAYRW0qSwrjQg%2FQC2T%2Fi7bVMnThAwxmXzFg84kz%2FdjTpwbR5nI4cK7jOGLsQ6gcw%2B0i2M6D9TJYbNZoX4khwgjDlO%2FaFqXUyY3ghlw8kxJuQVfFGmK%2BwuDLMuUzoRtG0z%2FXRIPIZDzZ1z8lOqmqt1bwav52vaprXFuZHP4uU69JzNndVi8GniYrTU50hrdPThnNDvER%2Fs82H24LfWVkXvCrrHhk1Y3erEny5WLIVqr1cMUHDLFHVQ%3D%3D; expires=Sat, 19-Nov-2022 00:01:53 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   26
Md5:    414a242a6fee8464282857e475d3ef61
Sha1:   f669890350347f53aa9bd19c1a355692e8d17d2f
Sha256: d4914e81dd0b4c1d8ee8e789f6b369d107b93ac886f862930e1a98580e79aafa
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "90F5EFA21970806A346E0D8FFFA525077FAC927B353BFAAA4ACA6168EC04F1C7"
Last-Modified: Wed, 16 Nov 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1495
Expires: Fri, 18 Nov 2022 00:26:48 GMT
Date: Fri, 18 Nov 2022 00:01:53 GMT
Connection: keep-alive

                                        
                                            GET /ed/36/01/ed36014633829dc70a42dccaefdf3f11.js HTTP/1.1 
Host: itineraryupper.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         173.233.137.52
HTTP/1.1 403 Forbidden
Content-Type: application/javascript
                                        
Server: nginx/1.19.5
Date: Fri, 18 Nov 2022 00:01:53 GMT
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: ouo.press
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/l6f7zP
Cookie: ouoio_session=eyJpdiI6Ik92ZCthR2FZQUV6bzFcL0UyQ2d2RklMRmd6UVZSa0c0NWhzOUpDcXVGVEF3PSIsInZhbHVlIjoiWlRLY2F2ZVwvZjdGTnhRMkZMRGU2dkR1bkw5NkdiRzlRS2dmQ0YxWnhKTDRXY3M0VDhONXBXVmRHRkVMcXhPSW5JYjVcL0Z2N1Y3bGhMZUdLMmQyQ2xjZz09IiwibWFjIjoiOGUzMzUwYzI0ZTgyODMyOWNjMzY0NDFiNDZjZTQzOTRlMjU0MDMyYmUwYzQ5Zjg2MzgzNzQxZDkwMGY1MDU5YyJ9; language=eyJpdiI6Im1cL215MG1LdklcL1ZXMzlJd3JXdng0XC95endGZG16b0lQUHFaTkN1M1NZNWc9IiwidmFsdWUiOiJGR2RBZkFmbHBOUEZpV2ZydzNjdW5zdTZ5NEFuMkRVUWdHK1FTU1FsejBjPSIsIm1hYyI6IjkwMzVhN2FjNjRlY2M4MTVjMDM0ZDY5NWU4YTQyYjY1Mzg3MWJjNDY2NmQzMmRmM2FmNTJiNTY0Yjg1ZGFjMWIifQ%3D%3D; 39ed0c32e14f3c27c12bbe048af244fc4a789d78=eyJpdiI6InFpczNnSk5pOHF1N0g2YVwvdktQaUVLNVBwczVcL3U1N0VrMXMzbFVtMld3QT0iLCJ2YWx1ZSI6IiswaEZjYUJJRmo1XC82RkhuY05oMkpFbTY2Z1wvVW9EY1RCU1dqczlLREpFcHN5RG5IUUpJR3hlOTROSWtRaXhZTk45blNENkkrRGxEVlZucTZMSTkzM1R3OGY0dk1HVEZKbDJMeDFWSGRiTTNsT0VSbWNQdHR3Z1FqXC8xRWNYc2Erd1dPQUh1Z0x5dFZcL3JiR0RaTnBEZDBoUEJoOHo2ejJLN0V5XC8zM2NpTjY2ZDZvMjF1bW1oNlY1SWM1SGhpVHd2YzdMeHBrcTByS1BQdlwvd212YmtEdDlwTit3UG5yQ05lMElTcTJtRGxXU29SMUhUVWpaRzkxRnlSZmkwZVRJNlRcL1NcL2NXeW9RVWZ3VWg3YjhcLzlacmVIeUtPcGJ5YlZQRkxsZjNjR3RGNk1qUUtGenhMRkRzaHFzOVBSbWpkRndEbVM3dGlWM3Z0MGRvVUlqMUxHcTI4dDNvaUZGSXFiaVp2amxxME9qOHJiVTBVVVwvVFVxTWxQTjE5U0QwUmhZbE4iLCJtYWMiOiJmYzkxZDJkOWIyMDlkY2U2YzMxYjZkYTIyNWExMTkxZjQ3NDk5YmJjOTA1YTc0YTY5ZTcxZDcxYzhjYzY1YzEyIn0%3D; __cf_bm=32bd5NuppqY_RIAYYOtIzLx5_51EViwk_dGYKq2yM2Y-1668729712-0-ATAE5llxFZrWACPs182xtT6zwePEGsBVbGcqT3RFzoyNkFbwxRbQQpgMx37WO9k/32mB1VIZdDX9f7itukmuixc=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.22.58.251
HTTP/2 200 OK
content-type: image/x-icon
                                        
date: Fri, 18 Nov 2022 00:01:53 GMT
content-length: 0
last-modified: Sat, 14 Feb 2015 06:41:24 GMT
etag: "54deee14-0"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=86400
cf-cache-status: HIT
age: 4346
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76bc6f260aa51c0a-OSL
X-Firefox-Spdy: h2

                                        
                                            GET /images/widgetIcons/achoice.svg HTTP/1.1 
Host: widgets.outbrain.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         23.38.201.81
HTTP/2 200 OK
content-type: image/svg+xml
                                        
accept-ranges: bytes
etag: "9d26fa4e7238ed94f1d0d92afb453b3e:1662969032.874716"
last-modified: Mon, 12 Sep 2022 07:37:47 GMT
server: AkamaiNetStorage
content-length: 2735
cache-control: max-age=2592000
expires: Sun, 18 Dec 2022 00:01:53 GMT
date: Fri, 18 Nov 2022 00:01:53 GMT
timing-allow-origin: *, *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2290)
Size:   2735
Md5:    9d26fa4e7238ed94f1d0d92afb453b3e
Sha1:   ae18efe7d09337bf2f580b3f5bc912284aad7821
Sha256: 2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 18 Nov 2022 00:01:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 18 Nov 2022 00:01:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250 HTTP/1.1 
Host: ad.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.102
HTTP/2 200 OK
content-type: image/x-icon
                                        
accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 104
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Thu, 17 Nov 2022 12:36:02 GMT
expires: Fri, 18 Nov 2022 12:36:02 GMT
cache-control: public, max-age=86400
age: 41151
last-modified: Tue, 08 May 2012 13:08:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  MS Windows icon resource - 2 icons, 16x16, 16 colors, 32x32, 16 colors\012- data
Size:   104
Md5:    32ac8a9b81788b981a3a7e13c14082d4
Sha1:   fbfd48a2bfe8d4247a975176f88d18c3c2ad1952
Sha256: 00cc7617e054596ff0aaabd8a93a9214dc5304bfe317316022dbf4fb3ea073d2
                                        
                                            GET /s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ouo.press
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19292
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 14 Nov 2022 20:03:35 GMT
expires: Tue, 14 Nov 2023 20:03:35 GMT
cache-control: public, max-age=31536000
age: 273498
last-modified: Wed, 27 Apr 2022 16:12:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 19292, version 1.0\012- data
Size:   19292
Md5:    19007b17e56daa60133bce9e9b352a95
Sha1:   bac1384caeae5762e7a1d8c18037f69c8cd21bc4
Sha256: fd88a03358ba14440b78c6329717bdf6ed1a9fe97c3ad4e0a0a39d31fb1ac546
                                        
                                            GET /recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/recaptcha__en.js HTTP/1.1 
Host: www.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.163
HTTP/2 200 OK
content-type: text/javascript
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162590
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Nov 2022 09:47:08 GMT
expires: Fri, 17 Nov 2023 09:47:08 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 07 Nov 2022 23:32:29 GMT
age: 51285
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (668)
Size:   162590
Md5:    70dc760a0efad09d703883a39f7683b2
Sha1:   2bc70f2a100ff27d27a89d563dfe279590c8336b
Sha256: 2bc59eab94309c59fba62afa40dfd841fb83760714e9ec7248ce3e10ae05fd19
                                        
                                            GET /fi_client.js HTTP/1.1 
Host: ecdn.firstimpression.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         54.230.111.77
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Thu, 17 Nov 2022 23:21:55 GMT
server: nginx/1.20.0
x-powered-by: PHP/8.0.14
x-xss-protection: 0
last-modified: Thu, 17 Nov 2022 23:21:55 UTC
etag: W/"255f9769ca5152fe3a9427b45c542fb5"
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 8PrghjygHFoT1McmqBGZJ5fmPNtXv3Q4n4ia5H8eZn72HMFpmRgIeQ==
age: 2398
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (618)
Size:   95983
Md5:    24e5b00a9778b9321a3248e14016f70b
Sha1:   5199ce3d247e9a25ff7a7dd0e83b0f6af1465dcb
Sha256: c05d4b00d12566914c64da5ea4c5d7a3c5dc13de719eea148787d22d76894e5d
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 18 Nov 2022 00:01:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /AdServer/js/pwt/155495/4202/pwt.js HTTP/1.1 
Host: ads.pubmatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         23.38.200.201
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Wed, 27 Oct 2021 05:33:12 GMT
etag: "1241a12-3fca8-5cf4eee137dd8"
server: Apache
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: https://ci-va2qa-mgmt.pubmatic.com
x-xss-protection: 1; mode=block
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 80538
cache-control: max-age=47245
expires: Fri, 18 Nov 2022 13:09:18 GMT
date: Fri, 18 Nov 2022 00:01:53 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   80538
Md5:    6a4ce36b0d03543974d71b88fa37145d
Sha1:   a5c1750aab7489f287c98bae25f5afff0ed16ce8
Sha256: 30fb02ff951a4220268d02c95e2dbd16adfad28b179a89e9643d75ade8809aaf
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 18 Nov 2022 00:01:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "AEC801578F867078E0A82D90E78290F0A3EF4F1F4936EB763801B869E0FAE747"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4527
Expires: Fri, 18 Nov 2022 01:17:20 GMT
Date: Fri, 18 Nov 2022 00:01:53 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   100144
Md5:    86b300b114eed506956c0529731fa4cb
Sha1:   76ce4257a44ed84cadf52915697cb7cf800ac4eb
Sha256: 81a81c43a07eb7f04c0453a02a47553e1d48cc9cef43a2e26a487465a9084a8d
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "AEC801578F867078E0A82D90E78290F0A3EF4F1F4936EB763801B869E0FAE747"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4527
Expires: Fri, 18 Nov 2022 01:17:20 GMT
Date: Fri, 18 Nov 2022 00:01:53 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "AEC801578F867078E0A82D90E78290F0A3EF4F1F4936EB763801B869E0FAE747"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4527
Expires: Fri, 18 Nov 2022 01:17:20 GMT
Date: Fri, 18 Nov 2022 00:01:53 GMT
Connection: keep-alive

                                        
                                            POST /tracking/collect?b=1 HTTP/1.1 
Host: cdn.firstimpression.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded;charset=UTF-8
Content-Length: 401
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Cookie: OAID=GDPR
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.77
HTTP/2 200 OK
content-type: text/plain
                                        
content-length: 2
date: Fri, 18 Nov 2022 00:01:53 GMT
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-request-method: *
access-control-allow-methods: OPTIONS, GET, POST
x-cache: Miss from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: FUXNxccl52uPlGpMlH-KprhzVSkETEGhqyaoVKSDO-Prjsz9FIWE-A==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   2
Md5:    e0aa021e21dddbd6d8cecec71e9cf564
Sha1:   9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
Sha256: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57ba71d8-c0f3-4d43-a49a-3576bdcfb322.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4310
x-amzn-requestid: 6452483a-f96e-4f27-a18e-55e9206e7be6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-78FiToAMFQag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376ab7f-4e366d3612f39c5c421e864e;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:45:35 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: C8hVBVyCgsK-mT6_PXr68AjfNsNPGqD_TWBEwNlyY_Nur_RgB5aE3w==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 22:42:15 GMT
age: 4778
etag: "1530f860e2b54b7b382f59654db63eaed59c5f95"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4310
Md5:    292dc2edef978e128f70b96ee4b2b3e2
Sha1:   1530f860e2b54b7b382f59654db63eaed59c5f95
Sha256: f74b08f1bdd35ea7ebb6e2887fc6c02abc76f9e276cd30d1d7d6475e667b5624
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3007b4f3-f5db-4eb7-b71a-f9f854ae287e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7631
x-amzn-requestid: b47e545d-1fb6-4a62-ab45-28cdb9d3f0b6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-vQE0XoAMFS3w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376ab2e-56365eed3d4c082c53b172b3;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:44:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: qpoQa1Lhe-h27dGooXDCtujesSTg7Tb0Ov-PNLnUP0288ZofwHxkhQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 22:24:12 GMT
age: 5861
etag: "e88c5832ff0c49bab181d948c3a510d88343bb6f"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7631
Md5:    b2b393e36ee2c9649d90db136aa49542
Sha1:   e88c5832ff0c49bab181d948c3a510d88343bb6f
Sha256: 8b524701df43bff56ac52a021ff0fbd964e06f00e84b4861aa557ec6ae6b4ffd
                                        
                                            GET /gtag/js?id=GTM-NPLC9ST HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.adtrue.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.168
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 18 Nov 2022 00:01:53 GMT
expires: Fri, 18 Nov 2022 00:01:53 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 47044
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1921)
Size:   47044
Md5:    0202b3a9a029ab5b0e814fb5a49f457a
Sha1:   e0f6073a15c826698e78381026cb0b4f4dbf7335
Sha256: bda42ee4cca7f842267898d4da2f8e1fa94ef44d079f956a7c35e649b91dc775
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F484ffe7b-1073-4220-bf53-ccbfc7e9654e.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8884
x-amzn-requestid: 3739b8f5-bb0c-4798-a931-e955dd6df81d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-MiGFxoAMFlxA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376aa50-74c24a2f737634b655a5b47c;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:40:32 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: d_bLYyZzi1phYwQ2e5uvUmzO0GuvNu9Ubi2PQ0ChilQJegKr3uUiRw==
via: 1.1 79880188a81becf1687ba18c0e064230.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 22:08:13 GMT
age: 6820
etag: "96c6cbfe31e7247c64dfa8c3759967627f8c6286"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8884
Md5:    14649d486602810c1b218b96b27b2cc4
Sha1:   96c6cbfe31e7247c64dfa8c3759967627f8c6286
Sha256: 80f5d7573fd2bf4e6a6038ebf1335d159ad37c391ee539918455963d6ee88654
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92501a28-163f-4c6e-aed7-d31c29354d1e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11667
x-amzn-requestid: 4778d1bd-28c3-4665-89da-046e356087f0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bjyD1HE-oAMF0QQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637163b1-53c7330c5fd36d3c4d9e6aed;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 21:37:53 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 5zDWKjYmvVLCemXw5Swm2qkhw1mQtD5c07Fl7Krydo_XR5FFyHDu4Q==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 07:15:37 GMT
age: 60376
etag: "dd4fd6c803a9b333bace9a541c6bd183d0c56bb9"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11667
Md5:    032386e5c9dffff1ba1ee5e8a322d438
Sha1:   dd4fd6c803a9b333bace9a541c6bd183d0c56bb9
Sha256: 0e9f559a0aa7e114c5810a27ba243c0da7b44dc0bf7aec2b7ab32b8f0e2b536c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9672fb80-baaa-4ab8-b080-dc8c1ce94400.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 12065
x-amzn-requestid: 45c97153-71c7-4985-a1ad-fc21a509d153
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-K5FyVIAMFtDg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376aa45-0f9d22dd544a4580570f3089;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:40:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: dxT2WJB7m5tUhgBn2PwTIN4Zskzm3X7CW-29hl1nCyNPbKt5j6q5iA==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 22:02:57 GMT
age: 7136
etag: "ce1bb33256b0754f9acc01e7e9f3e5dc85f89244"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   12065
Md5:    05289172c1455c4134e496c6f4606efd
Sha1:   ce1bb33256b0754f9acc01e7e9f3e5dc85f89244
Sha256: a8b4411a0310cc376efe2aec7c0830b8d3b63b8827631b0ff43ec092f1f80f82
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F84053cb2-edec-465e-8700-6af61bae8236.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8155
x-amzn-requestid: 5650af50-eb93-47d9-8322-8a2e263e12ea
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-7vFU5IAMFYGw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376ab7e-759bbd5b5a22e07c1c181c0a;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:45:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XzJcm_AlMH4hb2urV7RORAjz7LR7NXZ2pAMEhx1foW2VJgj4mxVxJw==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 22:05:52 GMT
age: 6961
etag: "cbdc425467a5d41aba5e8e5c54354b4f03cd194a"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8155
Md5:    676b1603008690786aa36dc3113b7581
Sha1:   cbdc425467a5d41aba5e8e5c54354b4f03cd194a
Sha256: 7e5e7bf695ff31df6c97e502a44f4fa9197c6579b0c7a7c590457ea067d1cf1e
                                        
                                            GET /aax2/apstag.js HTTP/1.1 
Host: c.amazon-adsystem.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         54.230.111.210
HTTP/2 301 Moved Permanently
content-type: text/html
                                        
content-length: 167
location: https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
server: CloudFront
date: Thu, 17 Nov 2022 22:27:03 GMT
via: 1.1 78059242182c195ff7f26013772da09a.cloudfront.net (CloudFront), 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA6-C1, OSL50-P1
x-amz-cf-id: kC_AKyl98IN6P8Yso2tOS1gjCjsOHWbWDuPXMJpC0jee6pzmHl-KOA==
age: 5690
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   167
Md5:    f5d40b7259645010f9a248858ad14178
Sha1:   b3051d17a6ec8c9e166bf09a62b48261ab86957b
Sha256: 7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
                                        
                                            GET /npm/prebid-universal-creative@latest/dist/creative.js HTTP/1.1 
Host: cdn.jsdelivr.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         151.101.85.229
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 1.14.1
x-jsd-version-type: version
etag: W/"6c5a-y+sK0xXzH8ASLq957N20gljeHO8"
content-encoding: gzip
accept-ranges: bytes
date: Fri, 18 Nov 2022 00:01:53 GMT
age: 20288
x-served-by: cache-fra-eddf8230118-FRA, cache-bma1654-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 9244
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (27677)
Size:   9244
Md5:    644ba7e773cf65b0bad3e0bfd876fadb
Sha1:   62e327afb13b45d6bd9cdb5b77259f4c48667ca5
Sha256: 44e73c184d22730c0b64b805501bad4b2bbbfc4e6a56de8832f0e5c0a211cb52
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 18 Nov 2022 00:01:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1042
Cache-Control: max-age=127351
Date: Fri, 18 Nov 2022 00:01:53 GMT
Etag: "637615d6-139"
Expires: Sat, 19 Nov 2022 11:24:24 GMT
Last-Modified: Thu, 17 Nov 2022 11:07:02 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 313

                                        
                                            POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 18 Nov 2022 00:01:54 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "6E7732D3C6331F8CFD408EE31FE96B9476814B60"
Expires: Fri, 18 Nov 2022 10:00:00 GMT
Last-Modified: Thu, 17 Nov 2022 22:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 1793
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76bc6f287efbb50c-OSL


--- Additional Info ---
Magic:  data
Size:   1462
Md5:    4ad55566c03cd0044cda9f2bc546cd98
Sha1:   8b51c87fe7f2eff1e1d01188f5707cf0056c9b6c
Sha256: 026e959d666b06d94f3325a0682d259c7341b1499e31ac44388f6e830cbbf8fa
                                        
                                            POST / HTTP/1.1 
Host: status.geotrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3399
Cache-Control: max-age=143383
Date: Fri, 18 Nov 2022 00:01:54 GMT
Etag: "63764b42-1d7"
Expires: Sat, 19 Nov 2022 15:51:37 GMT
Last-Modified: Thu, 17 Nov 2022 14:54:58 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4451
Cache-Control: max-age=125330
Date: Fri, 18 Nov 2022 00:01:54 GMT
Etag: "637600a1-1d7"
Expires: Sat, 19 Nov 2022 10:50:44 GMT
Last-Modified: Thu, 17 Nov 2022 09:36:33 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /cdb?profileId=207&av=34&wv=7.12.0-pre&cb=89626596108&lsavail=0 HTTP/1.1 
Host: bidder.criteo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 406
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         178.250.2.131
HTTP/2 204 No Content
                                        
date: Fri, 18 Nov 2022 00:01:53 GMT
vary: Origin
server: Finatra
timing-allow-origin: *
access-control-allow-origin: https://ouo.press
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2

                                        
                                            GET /w/1.0/arj?ju=https%3A%2F%2Fouo.press%2Fl6f7zP&ch=UTF-8&res=1280x1024x24&ifr=true&tz=0&tws=1280x939&be=1&bc=hb_pb_3.0.3&dddid=c09d6436-720c-413d-ad31-c20bc00c0d34&nocache=1668729712455&aus=300x250&divids=adtrue_ads_12953_d3987lggyrp50ajb9lf&aucs=adtrue_ads_12953_d3987lggyrp50ajb9lf&auid=558223497&aumfs=100 HTTP/1.1 
Host: fptadtrue-d.openx.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.98.64.218
HTTP/2 200 OK
content-type: application/json
                                        
vary: Accept, Accept-Encoding
server: OXGW/0.0.0
pragma: no-cache
p3p: CP="CUR ADM OUR NOR STA NID"
expires: Mon, 26 Jul 1997 05:00:00 GMT
date: Fri, 18 Nov 2022 00:01:54 GMT
content-length: 77
content-encoding: gzip
cache-control: private, max-age=0, no-cache
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   77
Md5:    c3c7cd244402e715132c55bb61b03aa5
Sha1:   5e15f8512fc4f90f7fd54e836973f4139a476862
Sha256: 657e29bb7bf30769c57bf81a6a0f60b0d5e592556afd30c08351a2da506fb2ba
                                        
                                            POST / HTTP/1.1 
Host: status.geotrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3990
Cache-Control: max-age=143974
Date: Fri, 18 Nov 2022 00:01:54 GMT
Etag: "63764b42-1d7"
Expires: Sat, 19 Nov 2022 16:01:28 GMT
Last-Modified: Thu, 17 Nov 2022 14:54:58 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.adtrue.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Thu, 17 Nov 2022 22:41:09 GMT
expires: Fri, 18 Nov 2022 00:41:09 GMT
cache-control: public, max-age=7200
age: 4845
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   20039
Md5:    47e6f374ca946fddd5b59871b325736c
Sha1:   baa9282efc8785e84d247c3bff518eaa45f101c4
Sha256: 16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
                                        
                                            POST /translator?source=prebid-client HTTP/1.1 
Host: hbopenbid.pubmatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 869
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         185.64.190.77
HTTP/2 204 No Content
                                        
access-control-allow-credentials: true
access-control-allow-origin: https://ouo.press
cache-control: no-cache, no-store, must-revalidate
date: Fri, 18 Nov 2022 00:01:54 GMT
X-Firefox-Spdy: h2

                                        
                                            POST /ut/v3/prebid HTTP/1.1 
Host: ib.adnxs.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 533
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         37.252.173.215
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
                                        
Server: nginx/1.21.3
Date: Fri, 18 Nov 2022 00:01:54 GMT
Content-Length: 143
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://ouo.press
AN-X-Request-Uuid: fad41012-4add-4274-8d52-9f5a233d771d
Set-Cookie: icu=ChkItZqGARAKGAEgASgBMPKW25sGOAFAAUgBEPKW25sGGAA.; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 16-Feb-2023 00:01:54 GMT; Domain=.adnxs.com; Secure; HttpOnly uuid2=6890329831090508731; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 16-Feb-2023 00:01:54 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   143
Md5:    897954d6bdf36f491b39c2ecf719ac06
Sha1:   b3b4b1bfbee90c6d4607b219e069dea7af5b0db4
Sha256: 17d92264fadef81070cc1fc362bbdf77baa56188483bcfd152e36c67b20fd057
                                        
                                            POST /cdb?profileId=207&av=34&wv=6.2.0&cb=55457474991 HTTP/1.1 
Host: bidder.criteo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 487
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         178.250.2.131
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Fri, 18 Nov 2022 00:01:54 GMT
vary: Origin
server: Finatra
timing-allow-origin: *
access-control-allow-origin: https://ouo.press
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-encoding: gzip
content-length: 44
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   44
Md5:    5f1dcf53824ce88cdb7941d34db3f19d
Sha1:   4164a13e3f53e1f002606a807d64a92620720fb0
Sha256: 3a803b7520764b5266cfac90aa9f9b2ff931109f489d9a1deb24aa686c239a74
                                        
                                            OPTIONS /sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1 HTTP/1.1 
Host: gum.criteo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://ouo.press/
Origin: https://ouo.press
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         178.250.2.146
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Fri, 18 Nov 2022 00:01:53 GMT
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://ouo.press
server-processing-duration-in-ticks: 434627
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2

                                        
                                            GET /a/d/adtrue.ouo.press.991771.js HTTP/1.1 
Host: jsc.adskeeper.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         172.64.151.192
HTTP/2 200 OK
content-type: text/javascript
                                        
date: Fri, 18 Nov 2022 00:01:54 GMT
content-length: 931
x-amz-id-2: DpAKct+ZZ8szDYgVNbB8CXlKoVt69Zzm6eUVI25PqgSFU4H5qOaoZOc2FaKbUe1Lt6Kn8tZGGlY=
x-amz-request-id: C76KDVMKZRK8NR4W
last-modified: Thu, 03 Nov 2022 11:38:04 GMT
etag: "8e8d7a0a62663d5f7c415376384593c2"
content-encoding: gzip
x-amz-version-id: SBZDoO6KUGsi9aXrwr03p7YsWy_YVSlV
cf-cache-status: HIT
age: 4564
expires: Fri, 18 Nov 2022 04:01:54 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76bc6f2b2faafac8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2388)
Size:   931
Md5:    8e8d7a0a62663d5f7c415376384593c2
Sha1:   f7cd825a352266b8c5b4b0dfea749c967d26b22d
Sha256: 222d7503ac4a040176b2029a74c3fda84012d21742a4b7deca73243d521fc3de
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4926
Cache-Control: 'max-age=158059'
Date: Fri, 18 Nov 2022 00:01:54 GMT
Last-Modified: Thu, 17 Nov 2022 22:39:48 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /a/d/adtrue.ouo.press.991771.es6.js HTTP/1.1 
Host: jsc.adskeeper.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         172.64.151.192
HTTP/2 200 OK
content-type: text/javascript
                                        
date: Fri, 18 Nov 2022 00:01:54 GMT
content-length: 77407
x-amz-id-2: WWd9x0Gq6FvGsNtCKDMctOFIq+uCBEfh9T/M/AdM6C8Q45tvN/NL0hn3dvzjvhsTm8Q8n1X6W6CfG6NVPxWmcg==
x-amz-request-id: ZQANRS00VQFHFH7W
last-modified: Thu, 03 Nov 2022 14:15:36 GMT
etag: "230cc82ca6b0866e990314cbc9027a3a"
content-encoding: gzip
x-amz-version-id: lLRYvMywT8mphRmbRVyHVkxgXiOMWoKg
cf-cache-status: HIT
age: 4563
expires: Fri, 18 Nov 2022 04:01:54 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76bc6f2b4fb6fac8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document, ASCII text, with very long lines (33588)
Size:   77407
Md5:    230cc82ca6b0866e990314cbc9027a3a
Sha1:   82d5affc0fcc38fc96045c481adf1da072ac1d3f
Sha256: 7d10f7267c9a69a121fd36026a7b5f25e9e94b310a9ea25e7b554507d02ba5a3
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6093
Cache-Control: max-age=110054
Date: Fri, 18 Nov 2022 00:01:54 GMT
Etag: "6375be8b-117"
Expires: Sat, 19 Nov 2022 06:36:08 GMT
Last-Modified: Thu, 17 Nov 2022 04:54:35 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET /sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1 HTTP/1.1 
Host: gum.criteo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         178.250.2.146
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Fri, 18 Nov 2022 00:01:53 GMT
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://ouo.press
server-processing-duration-in-ticks: 933576
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2

                                        
                                            GET /a/api/fastlane.json?account_id=18438&site_id=202928&zone_id=1317174&size_id=2&rp_schain=1.0,1!firstimpression.io,7419,1,,,&rf=https%3A%2F%2Fouo.press%2Fl6f7zP&kw=ouo.press%2Cshortlinks%2Clinkshortener%2CfreeURLshortener&tg_i.ref=https%3A%2F%2Fouo.press%2Fl6f7zP&tg_i.page=https%3A%2F%2Fouo.press%2Fl6f7zP&tg_i.domain=ouo.press&tg_i.figroup=a9&tk_flint=pbjs_lite_v6.2.0&x_source.tid=cb0df5a4-e672-438d-84bb-49da6adbd153&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.32575625836925315 HTTP/1.1 
Host: fastlane.rubiconproject.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         213.19.162.31
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx/1.21.4
date: Fri, 18 Nov 2022 00:01:54 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://ouo.press
pragma: no-cache
vary: Accept-Encoding
set-cookie: khaos=LALQL4B4-M-3UNF; Domain=.rubiconproject.com; Path=/; Expires=Sat, 18-Nov-2023 00:01:54 GMT; Max-Age=31536000; SameSite=None; Secure audit=1|naVuGyos1qqXDxyrN6K5xu9DtVM30fCgyAxZlNGFrOgGXw1qRdJLtZZjSCqH74hcJhsHlJbldDdJwe9iGXKQTKZr5ZVxLWDe; Domain=.rubiconproject.com; Path=/; Expires=Sat, 18-Nov-2023 00:01:54 GMT; Max-Age=31536000; SameSite=None; Secure
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 348
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (348), with no line terminators
Size:   348
Md5:    bb88abfa9cf66281270852e2576b176f
Sha1:   bf74e56f727a29a49c80050d48b3c10965402e49
Sha256: d17321edecefd00317aeebb7c06bc458399d7d59f2478b7bd5328ffcd4bca1c0
                                        
                                            POST /ut/v3/prebid HTTP/1.1 
Host: ib.adnxs.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 682
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         37.252.173.215
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
                                        
Server: nginx/1.21.3
Date: Fri, 18 Nov 2022 00:01:54 GMT
Content-Length: 145
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://ouo.press
AN-X-Request-Uuid: db8e2f90-0e1a-4688-9e33-62a09fcd9db4
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   145
Md5:    db7b6efe2a647ddf7b0ce12a4aec2230
Sha1:   f72b8500f809325032f2db7b3ac0e4db0105daf0
Sha256: 8bad6e86bd01d5f79d385c384ebb6cd3a136dc4269a9be3c6cbfd297b00de601
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 18 Nov 2022 00:01:54 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 16 Nov 2022 01:55:57 GMT
Expires: Wed, 23 Nov 2022 01:55:56 GMT
Etag: "530902f94af1b9cb968d0a35eb71ccbc8f3fa6e7"
Cache-Control: max-age=438241,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76bc6f2b3aeab4f3-OSL

                                        
                                            GET /cdn/prod/config?src=600&u=https%3A%2F%2Fouo.press&pubid=4cd01fd0-0780-4b33-a4da-c39467660185 HTTP/1.1 
Host: c.amazon-adsystem.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.210
HTTP/2 204 No Content
                                        
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
cache-control: max-age=21550, s-maxage=21600
date: Thu, 17 Nov 2022 18:16:20 GMT
server: Server
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 0BtBYSUPzDcBlvuLq-ftP-yjqJJcnrQWYSyCx5NkR5qeViU2Oh4UOg==
age: 20733
X-Firefox-Spdy: h2

                                        
                                            POST /rmp/212927/0/mvo?z=1r&hbv=6.2,2.1 HTTP/1.1 
Host: tag.1rx.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 617
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         213.19.147.42
HTTP/2 204 No Content
                                        
date: Fri, 18 Nov 2022 00:01:54 GMT
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
pragma: no-cache
cache-control: private, max-age=0, no-cache, no-store
X-Firefox-Spdy: h2

                                        
                                            POST /tracking/collect?b=1 HTTP/1.1 
Host: cdn.firstimpression.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1794
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Cookie: OAID=GDPR
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.77
HTTP/2 200 OK
content-type: text/plain
                                        
content-length: 2
date: Fri, 18 Nov 2022 00:01:54 GMT
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-request-method: *
access-control-allow-methods: OPTIONS, GET, POST
x-cache: Miss from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 9Y2--pd3izqLbcIcUcOswheuL5EjFwYkryXSZYZxo61gpZzm8Pj4QQ==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   2
Md5:    e0aa021e21dddbd6d8cecec71e9cf564
Sha1:   9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
Sha256: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2838
Cache-Control: max-age=167328
Date: Fri, 18 Nov 2022 00:01:54 GMT
Etag: "6376aafc-13a"
Expires: Sat, 19 Nov 2022 22:30:42 GMT
Last-Modified: Thu, 17 Nov 2022 21:43:24 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 314

                                        
                                            GET /e/dtb/bid?src=600&u=https%3A%2F%2Fouo.press%2Fl6f7zP&pid=yMDP4E6MzJ5W9&cb=0&ws=728x90&v=22.1107.1609&t=2000&slots=%5B%7B%22sd%22%3A%2293863%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%5D&schain=1.0%2C1!firstimpression.io%2C7419%2C1%2C%2C%2C&pubid=4cd01fd0-0780-4b33-a4da-c39467660185&gdprl=%7B%22status%22%3A%22no-cmp%22%7D HTTP/1.1 
Host: aax-dtb-cf.amazon-adsystem.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         54.230.241.131
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
                                        
content-length: 200
server: Server
date: Fri, 18 Nov 2022 00:01:54 GMT
x-amz-rid: YP11VYV6BFSDEG6Y8E1C
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
timing-allow-origin: *
strict-transport-security: max-age=47474747; includeSubDomains; preload
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: l1VH8KNlG67pSUJ5ICZIAFhCVGNCaNuQ2wIMj3zAeb0Y-Sgetu7xlw==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   200
Md5:    39d55c494029eba200609870056fd4cc
Sha1:   e93076eb85b1fd56b9b959c4318a251a089f19df
Sha256: e5bbf42a8696261508cc685cd48ec261b8fc6de65f727b020f2c39713a7bdc43
                                        
                                            POST /tracking/collect?b=1 HTTP/1.1 
Host: cdn.firstimpression.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded;charset=UTF-8
Content-Length: 287
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Cookie: OAID=GDPR
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.77
HTTP/2 200 OK
content-type: text/plain
                                        
content-length: 2
date: Fri, 18 Nov 2022 00:01:55 GMT
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-request-method: *
access-control-allow-methods: OPTIONS, GET, POST
x-cache: Miss from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: V237NRPeBIHt46PEiRiUtUMvuG8S0FZXF0rTCLVfBPO71MBxK5WZ9A==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   2
Md5:    e0aa021e21dddbd6d8cecec71e9cf564
Sha1:   9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
Sha256: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1118
Cache-Control: max-age=151202
Date: Fri, 18 Nov 2022 00:01:55 GMT
Etag: "637672b8-139"
Expires: Sat, 19 Nov 2022 18:01:57 GMT
Last-Modified: Thu, 17 Nov 2022 17:43:20 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 313

                                        
                                            GET /dna HTTP/1.1 
Host: dnacdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         178.250.2.146
HTTP/2 200 OK
                                        
date: Fri, 18 Nov 2022 00:01:55 GMT
server: Kestrel
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=64IibF80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3htSDQ4dFlVQkw0RGw4QzVPbHRhNGprYmEwdGlRQVIlMkIlMkY5QzJNNm1FbDVh; expires=Wed, 13 Dec 2023 00:01:55 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 359016
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2720
Cache-Control: max-age=125072
Date: Fri, 18 Nov 2022 00:01:55 GMT
Etag: "63760663-139"
Expires: Sat, 19 Nov 2022 10:46:27 GMT
Last-Modified: Thu, 17 Nov 2022 10:01:07 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 313

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2801
Cache-Control: max-age=125153
Date: Fri, 18 Nov 2022 00:01:55 GMT
Etag: "63760663-139"
Expires: Sat, 19 Nov 2022 10:47:48 GMT
Last-Modified: Thu, 17 Nov 2022 10:01:07 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 313

                                        
                                            POST /tracking/collect?b=1 HTTP/1.1 
Host: cdn.firstimpression.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 519
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Cookie: OAID=GDPR
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.77
HTTP/2 200 OK
content-type: text/plain
                                        
content-length: 2
date: Fri, 18 Nov 2022 00:01:55 GMT
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-request-method: *
access-control-allow-methods: OPTIONS, GET, POST
x-cache: Miss from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: SvNhxP99cNQebr0D6zKH07YLua5W53yNLO57gLwhbJuGR6JOh3qAbg==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   2
Md5:    e0aa021e21dddbd6d8cecec71e9cf564
Sha1:   9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
Sha256: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E96A2D6C00FEF3A2FF4951E4FA58C71FC8B2B0414493583D5B64792CF218A906"
Last-Modified: Wed, 16 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4137
Expires: Fri, 18 Nov 2022 01:10:53 GMT
Date: Fri, 18 Nov 2022 00:01:56 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 18 Nov 2022 00:01:56 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 16 Nov 2022 13:42:54 GMT
Expires: Wed, 23 Nov 2022 13:42:53 GMT
Etag: "3f2a31d95da4de1d20fb90bb99662f0993880b6a"
Cache-Control: max-age=480656,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76bc6f34e9efb4f3-OSL

                                        
                                            GET /sid/json?origin=publishertag&domain=ouo.press&sn=FirefoxSyncframe&so=3&topUrl=ouo.press&bundle=kB7wil9qSUZqY0s2T0RkSVhFNFk1UnBabk1NTDFKMnpaYXZCUGtuaG5hVmJ4czE3TjVMUXViQmVwMnVicERCJTJCYzkwMjlXSzNIdXUlMkJWMEpnZ1kwck5wWHJGV2pnejQlMkZBaFIlMkJtVkZ1UyUyRnpOZ3d3OER0NHZ3ZU5nbkRIQjQ0cDRjJTJGOE9tVA&info=uMCZSl80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3htSDQ4dFlVQkw0RGw4QzVPbHRhNGk0NHBBNXdVRTMzODZnRzgweWZ3TiUyQg&idsd=1741627973,-734983246&cw=1&lsw=1 HTTP/1.1 
Host: gum.criteo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ouo.press
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         178.250.2.146
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Fri, 18 Nov 2022 00:01:55 GMT
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 1402615
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1737
Md5:    1ed106402e0024efb264806e663cd99c
Sha1:   7285ba028cb0954cd94f633d639123edcf5cbd92
Sha256: 701d2a531be8c4223bcdc996736c59a76435430a4ac6498b04e49fc820d25b1e
                                        
                                            POST /g/v2/806.json HTTP/1.1 
Host: id5-sync.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 193
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         162.19.138.118
HTTP/1.1 200
content-type: application/json;charset=UTF-8
                                        
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
transfer-encoding: chunked
date: Fri, 18 Nov 2022 00:01:56 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   216
Md5:    6496e1a54f4f1a993fd04b3ec1476874
Sha1:   d2bdc004db206b91a2f8511ef6fd60e9f7de2478
Sha256: 13d8f74c29bf7ab35f10a98ed0cb30ced8a55c28ab20ed6d541765fee50469f2
                                        
                                            GET /api/identity/envelope?pid=1258 HTTP/1.1 
Host: api.rlcdn.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.133.55
HTTP/2 401 Unauthorized
content-type: text/plain; charset=utf-8
                                        
x-content-type-options: nosniff
date: Fri, 18 Nov 2022 00:01:56 GMT
content-length: 19
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   19
Md5:    63dfbd2b39fe4f536a04e7b32ada47b4
Sha1:   207298c4a215ad5d97d888522927910ae772ba48
Sha256: 26e51290d12b4fea0bb98da3ed118837b744555ba723061771ab3df30000b6b7
                                        
                                            GET /track/rid?ttd_pid=pubmatic&fmt=json HTTP/1.1 
Host: match.adsrvr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         3.33.220.150
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Fri, 18 Nov 2022 00:01:56 GMT
content-length: 63
cache-control: private
expires: Sun, 18 Dec 2022 00:01:56 GMT
vary: Origin
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
x-aspnet-version: 4.0.30319
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   63
Md5:    df4d0e6a9344f4acf7582a338f2119ce
Sha1:   7ffe2d424252cc2d7d8a273f256ec25367c47453
Sha256: 1b187a5e0d53d27b82f9220c3403d9d8b431fe884001ec71f4ab60cb0d6085e0
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 18 Nov 2022 00:01:56 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 16 Nov 2022 13:42:54 GMT
Expires: Wed, 23 Nov 2022 13:42:53 GMT
Etag: "3f2a31d95da4de1d20fb90bb99662f0993880b6a"
Cache-Control: max-age=480656,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76bc6f35ca9cb4f3-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.godaddy.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         192.124.249.22
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Sucuri/Cloudproxy
Date: Fri, 18 Nov 2022 00:01:56 GMT
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 17 Nov 2022 21:25:59 GMT
Expires: Fri, 18 Nov 2022 21:25:59 GMT
ETag: "7d2f8969fff09766ee184701c433744c808d85cc"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"


--- Additional Info ---
Magic:  data
Size:   1777
Md5:    4228d80f72688c0386640fd92c2bd3d1
Sha1:   7d2f8969fff09766ee184701c433744c808d85cc
Sha256: 3cead07c1d49808a76f29c99d362732ca692e496d82c922143c9bb8c78b018dc
                                        
                                            GET /id HTTP/1.1 
Host: id.crwdcntrl.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         3.248.87.83
HTTP/2 200 OK
content-type: application/json;charset=utf-8
                                        
date: Fri, 18 Nov 2022 00:01:56 GMT
content-length: 43
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.13.5
access-control-allow-credentials: true
access-control-allow-origin: https://ouo.press
server: Jetty(9.4.38.v20210224)
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   43
Md5:    90eeff5111bbbdce769d4130cc3cca3c
Sha1:   d62886c1a85d51814cb7f124761c5e6aca6d8933
Sha256: a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
                                        
                                            GET /AdServer/js/user_sync.html?kdntuid=1&p=155495 HTTP/1.1 
Host: ads.pubmatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.200.201
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
server: Apache
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5549
cache-control: max-age=126255
expires: Sat, 19 Nov 2022 11:06:12 GMT
date: Fri, 18 Nov 2022 00:01:57 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document, ASCII text, with very long lines (15844), with no line terminators
Size:   5549
Md5:    7725e8e949141c8ded449d86975d4c04
Sha1:   8cd8c314a2002cc26f821d331ab9512f52a551a2
Sha256: a0c49aacf6f552bce544eb8516404f696918253cd934a6404ebeafd71f8780ae
                                        
                                            GET /AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB HTTP/1.1 
Host: image6.pubmatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.pubmatic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

search
                                         185.64.189.115
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
cache-control: private
expires: Wed, 15 Feb 2023 15:42:31 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Fri, 18 Nov 2022 00:01:56 GMT
content-length: 60
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   60
Md5:    838347615fcd305b1af6b0a6bee82b5b
Sha1:   1c2544229c5e89617de6cb896099a16c01ae620c
Sha256: b8ac675c2c98d5d8f07d0e01bc80994c8ac297464ebea9c3f3887fbca51e12fb
                                        
                                            GET /AdServer/SPug?o=1&p=155495&sc=1&u=317D441D-AB9C-46AD-9F74-148E84509AEE&rs=3&gdpr=0&gdpr_consent=&us_privacy= HTTP/1.1 
Host: simage4.pubmatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site

search
                                         198.47.127.20
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
server: nginx
date: Fri, 18 Nov 2022 00:01:56 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document, ASCII text, with very long lines (1720)
Size:   1302
Md5:    7b47e5e480a6b680c4d60f014e9d7d7d
Sha1:   c04399a28d07f3768fcbed5f4010cc5bbb075ecb
Sha256: ace41fbc9328b9d4fba2d1cd68634c09b9f4c0290596ec8eb03e123d7150b2f5
                                        
                                            GET /aax2/apstag.js HTTP/1.1 
Host: d3div1mtym39ic.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ouo.press/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         54.230.245.230
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Thu, 17 Nov 2022 23:31:19 GMT
last-modified: Wed, 09 Nov 2022 20:51:50 GMT
etag: W/"fa24fe2b94a2fc864b1ec67f32e8db32"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: eXm4jv6gWW-vSnT8MAr4U16aREMBAC9f376I-MM1G0Kc93QOZq95MA==
age: 1836
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /bao-csm/aps-comm/aps_csm.js HTTP/1.1 
Host: c.amazon-adsystem.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.210
HTTP/2 200 OK
content-type: application/javascript
                                        
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 08 Nov 2022 20:12:15 GMT
x-amz-version-id: 73Lfxs6DHpOgTaZAZUymb39ifEt2PRR2
server: AmazonS3
content-encoding: gzip
date: Thu, 17 Nov 2022 02:33:35 GMT
cache-control: public, max-age=86400
etag: W/"a4d296427fc806b21335359e398c025c"
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 35UysbPGvPCja9JqiRayDhLJTPq8DR8vmgtjqmOOwYBKTcCNsGWriw==
age: 77319
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /syncframe?origin=publishertag&topUrl=ouo.press HTTP/1.1 
Host: gum.criteo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         178.250.2.146
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
date: Fri, 18 Nov 2022 00:01:54 GMT
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=29df59e0-b3b6-4c72-8958-3cad2026a98a; expires=Wed, 13 Dec 2023 00:01:54 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 947800
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /dna HTTP/1.1 
Host: dnacdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=64IibF80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3htSDQ4dFlVQkw0RGw4QzVPbHRhNGprYmEwdGlRQVIlMkIlMkY5QzJNNm1FbDVh
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         178.250.2.146
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Fri, 18 Nov 2022 00:01:54 GMT
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=uMCZSl80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3htSDQ4dFlVQkw0RGw4QzVPbHRhNGk0NHBBNXdVRTMzODZnRzgweWZ3TiUyQg; expires=Wed, 13 Dec 2023 00:01:55 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 342521
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /newidsd HTTP/1.1 
Host: ag.gbc.criteo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

search
                                         185.235.84.220
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Fri, 18 Nov 2022 00:01:54 GMT
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 117846
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            OPTIONS /sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&pbt=1&lsw=1 HTTP/1.1 
Host: gum.criteo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://ouo.press/
Origin: https://ouo.press
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         178.250.2.146
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Fri, 18 Nov 2022 00:01:56 GMT
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://ouo.press
server-processing-duration-in-ticks: 419138
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /css/bootstrap.css HTTP/1.1 
Host: ouo.press
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/l6f7zP
Cookie: ouoio_session=eyJpdiI6Ik92ZCthR2FZQUV6bzFcL0UyQ2d2RklMRmd6UVZSa0c0NWhzOUpDcXVGVEF3PSIsInZhbHVlIjoiWlRLY2F2ZVwvZjdGTnhRMkZMRGU2dkR1bkw5NkdiRzlRS2dmQ0YxWnhKTDRXY3M0VDhONXBXVmRHRkVMcXhPSW5JYjVcL0Z2N1Y3bGhMZUdLMmQyQ2xjZz09IiwibWFjIjoiOGUzMzUwYzI0ZTgyODMyOWNjMzY0NDFiNDZjZTQzOTRlMjU0MDMyYmUwYzQ5Zjg2MzgzNzQxZDkwMGY1MDU5YyJ9; language=eyJpdiI6Im1cL215MG1LdklcL1ZXMzlJd3JXdng0XC95endGZG16b0lQUHFaTkN1M1NZNWc9IiwidmFsdWUiOiJGR2RBZkFmbHBOUEZpV2ZydzNjdW5zdTZ5NEFuMkRVUWdHK1FTU1FsejBjPSIsIm1hYyI6IjkwMzVhN2FjNjRlY2M4MTVjMDM0ZDY5NWU4YTQyYjY1Mzg3MWJjNDY2NmQzMmRmM2FmNTJiNTY0Yjg1ZGFjMWIifQ%3D%3D; 39ed0c32e14f3c27c12bbe048af244fc4a789d78=eyJpdiI6InFpczNnSk5pOHF1N0g2YVwvdktQaUVLNVBwczVcL3U1N0VrMXMzbFVtMld3QT0iLCJ2YWx1ZSI6IiswaEZjYUJJRmo1XC82RkhuY05oMkpFbTY2Z1wvVW9EY1RCU1dqczlLREpFcHN5RG5IUUpJR3hlOTROSWtRaXhZTk45blNENkkrRGxEVlZucTZMSTkzM1R3OGY0dk1HVEZKbDJMeDFWSGRiTTNsT0VSbWNQdHR3Z1FqXC8xRWNYc2Erd1dPQUh1Z0x5dFZcL3JiR0RaTnBEZDBoUEJoOHo2ejJLN0V5XC8zM2NpTjY2ZDZvMjF1bW1oNlY1SWM1SGhpVHd2YzdMeHBrcTByS1BQdlwvd212YmtEdDlwTit3UG5yQ05lMElTcTJtRGxXU29SMUhUVWpaRzkxRnlSZmkwZVRJNlRcL1NcL2NXeW9RVWZ3VWg3YjhcLzlacmVIeUtPcGJ5YlZQRkxsZjNjR3RGNk1qUUtGenhMRkRzaHFzOVBSbWpkRndEbVM3dGlWM3Z0MGRvVUlqMUxHcTI4dDNvaUZGSXFiaVp2amxxME9qOHJiVTBVVVwvVFVxTWxQTjE5U0QwUmhZbE4iLCJtYWMiOiJmYzkxZDJkOWIyMDlkY2U2YzMxYjZkYTIyNWExMTkxZjQ3NDk5YmJjOTA1YTc0YTY5ZTcxZDcxYzhjYzY1YzEyIn0%3D; __cf_bm=32bd5NuppqY_RIAYYOtIzLx5_51EViwk_dGYKq2yM2Y-1668729712-0-ATAE5llxFZrWACPs182xtT6zwePEGsBVbGcqT3RFzoyNkFbwxRbQQpgMx37WO9k/32mB1VIZdDX9f7itukmuixc=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.22.58.251
HTTP/2 200 OK
content-type: text/css
                                        
date: Fri, 18 Nov 2022 00:01:52 GMT
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=109522
etag: W/"54def1fc-1abd2"
expires: Fri, 18 Nov 2022 09:21:10 GMT
last-modified: Sat, 14 Feb 2015 06:58:04 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 9642
vary: Accept-Encoding
server: cloudflare
cf-ray: 76bc6f21a8651c0a-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /delivery/spc_fi.php?id=7419&url=%2Fl6f7zP&charset=UTF-8&ch=0&ref=ouo.press&viewerId=null&referer=&_firid=33481576 HTTP/1.1 
Host: cdn.firstimpression.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.77
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
                                        
date: Fri, 18 Nov 2022 00:01:53 GMT
server: nginx/1.20.0
vary: Accept-Encoding
x-powered-by: PHP/8.0.14
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
expires: 0
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
p3p: CP="CUR ADM OUR NOR STA NID"
set-cookie: OAID=GDPR; expires=Sat, 18-Nov-2023 00:01:53 GMT; Max-Age=31536000; path=/; secure; SameSite=none
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: PWSK4_UXGhpwjE4NImRFHptwXsqBmaCpiCqV4Bz0iOhmxx8cY1edVQ==
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /js/ld/publishertag.prebid.js HTTP/1.1 
Host: static.criteo.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         178.250.0.130
HTTP/2 200 OK
content-type: text/javascript
                                        
server: nginx
date: Fri, 18 Nov 2022 00:01:55 GMT
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
etag: W/"6356752f-16294"
expires: Sat, 19 Nov 2022 00:01:55 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&pbt=1&lsw=1 HTTP/1.1 
Host: gum.criteo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         178.250.2.146
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Fri, 18 Nov 2022 00:01:56 GMT
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://ouo.press
server-processing-duration-in-ticks: 898120
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /css/link-safe.css HTTP/1.1 
Host: ouo.press
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/l6f7zP
Cookie: ouoio_session=eyJpdiI6Ik92ZCthR2FZQUV6bzFcL0UyQ2d2RklMRmd6UVZSa0c0NWhzOUpDcXVGVEF3PSIsInZhbHVlIjoiWlRLY2F2ZVwvZjdGTnhRMkZMRGU2dkR1bkw5NkdiRzlRS2dmQ0YxWnhKTDRXY3M0VDhONXBXVmRHRkVMcXhPSW5JYjVcL0Z2N1Y3bGhMZUdLMmQyQ2xjZz09IiwibWFjIjoiOGUzMzUwYzI0ZTgyODMyOWNjMzY0NDFiNDZjZTQzOTRlMjU0MDMyYmUwYzQ5Zjg2MzgzNzQxZDkwMGY1MDU5YyJ9; language=eyJpdiI6Im1cL215MG1LdklcL1ZXMzlJd3JXdng0XC95endGZG16b0lQUHFaTkN1M1NZNWc9IiwidmFsdWUiOiJGR2RBZkFmbHBOUEZpV2ZydzNjdW5zdTZ5NEFuMkRVUWdHK1FTU1FsejBjPSIsIm1hYyI6IjkwMzVhN2FjNjRlY2M4MTVjMDM0ZDY5NWU4YTQyYjY1Mzg3MWJjNDY2NmQzMmRmM2FmNTJiNTY0Yjg1ZGFjMWIifQ%3D%3D; 39ed0c32e14f3c27c12bbe048af244fc4a789d78=eyJpdiI6InFpczNnSk5pOHF1N0g2YVwvdktQaUVLNVBwczVcL3U1N0VrMXMzbFVtMld3QT0iLCJ2YWx1ZSI6IiswaEZjYUJJRmo1XC82RkhuY05oMkpFbTY2Z1wvVW9EY1RCU1dqczlLREpFcHN5RG5IUUpJR3hlOTROSWtRaXhZTk45blNENkkrRGxEVlZucTZMSTkzM1R3OGY0dk1HVEZKbDJMeDFWSGRiTTNsT0VSbWNQdHR3Z1FqXC8xRWNYc2Erd1dPQUh1Z0x5dFZcL3JiR0RaTnBEZDBoUEJoOHo2ejJLN0V5XC8zM2NpTjY2ZDZvMjF1bW1oNlY1SWM1SGhpVHd2YzdMeHBrcTByS1BQdlwvd212YmtEdDlwTit3UG5yQ05lMElTcTJtRGxXU29SMUhUVWpaRzkxRnlSZmkwZVRJNlRcL1NcL2NXeW9RVWZ3VWg3YjhcLzlacmVIeUtPcGJ5YlZQRkxsZjNjR3RGNk1qUUtGenhMRkRzaHFzOVBSbWpkRndEbVM3dGlWM3Z0MGRvVUlqMUxHcTI4dDNvaUZGSXFiaVp2amxxME9qOHJiVTBVVVwvVFVxTWxQTjE5U0QwUmhZbE4iLCJtYWMiOiJmYzkxZDJkOWIyMDlkY2U2YzMxYjZkYTIyNWExMTkxZjQ3NDk5YmJjOTA1YTc0YTY5ZTcxZDcxYzhjYzY1YzEyIn0%3D; __cf_bm=32bd5NuppqY_RIAYYOtIzLx5_51EViwk_dGYKq2yM2Y-1668729712-0-ATAE5llxFZrWACPs182xtT6zwePEGsBVbGcqT3RFzoyNkFbwxRbQQpgMx37WO9k/32mB1VIZdDX9f7itukmuixc=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.22.58.251
HTTP/2 200 OK
content-type: text/css
                                        
date: Fri, 18 Nov 2022 00:01:52 GMT
cache-control: max-age=86400
cf-bgj: minify
cf-polished: status=cannot_optimize
etag: W/"5d951ace-1830"
expires: Fri, 18 Nov 2022 11:56:50 GMT
last-modified: Wed, 02 Oct 2019 21:46:54 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 302
vary: Accept-Encoding
server: cloudflare
cf-ray: 76bc6f21a8661c0a-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /static/js/fiamp.js HTTP/1.1 
Host: ecdn.firstimpression.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.77
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx/1.20.0
last-modified: Fri, 08 Apr 2022 08:48:22 GMT
access-control-allow-origin: *
content-encoding: gzip
date: Thu, 17 Nov 2022 23:29:55 GMT
expires: Fri, 18 Nov 2022 00:29:54 GMT
cache-control: max-age=3600
etag: W/"624ff6d6-1b8e9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: u7gRilFHGK_kjW4NTF4Zy6DWJVBPp0hAziGgX68nXongsnxqyzBjsA==
age: 1919
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /c.js HTTP/1.1 
Host: hhklc.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.21.70.122
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Fri, 18 Nov 2022 00:01:52 GMT
last-modified: Fri, 11 Nov 2022 16:10:23 GMT
etag: W/"636e73ef-2218"
server-asp-net: Asp Net
expires: Fri, 18 Nov 2022 00:32:19 GMT
cache-control: public, max-age=14400
cf-cache-status: HIT
age: 873
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PuL1nzY40iOgzt0KHG9aE%2B2peeHShJelkynHapvRilErj9BkU%2FxAjc4khPxWhsKXbqg3rlxBe9I46fGRnp67N67xPb4eTZs66ngJtzdLKrj5bA076CIUPBGvHa8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76bc6f221acdb50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /static/js/prebidamp.js HTTP/1.1 
Host: ecdn.firstimpression.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.77
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx/1.20.0
last-modified: Tue, 14 Dec 2021 15:30:51 GMT
access-control-allow-origin: *
content-encoding: gzip
date: Thu, 17 Nov 2022 23:10:34 GMT
expires: Fri, 18 Nov 2022 00:10:31 GMT
cache-control: max-age=3600
etag: W/"61b8b8ab-4e128"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: k0s2IHe_7KOyWgvM2adOG33vnFI4CG38aM6IjCnXRFjvX4ebtw6GiA==
age: 3082
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /l6f7zP HTTP/1.1 
Host: ouo.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         104.22.22.162
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
                                        
date: Fri, 18 Nov 2022 00:01:52 GMT
location: https://ouo.press/l6f7zP
cache-control: no-cache
set-cookie: ouoio_session=eyJpdiI6IjZ5SzQ3K0JSYUh6eTRCdFIrQkRIN1BZTlBvaEUwU3NZOHZkdHp1OHRLRjA9IiwidmFsdWUiOiJkbHlBRkRoZVF2dExrSEtNVFBpQWNPanNyQUhzV012TDJxNEJQN2hJWFVnZExCc0dKclI0S1c1TWtWXC9mMFdHamJ2WXRHemlSUFo3NXhVZGdYU2p3U0E9PSIsIm1hYyI6ImYyZGYyNjViZTE0ZDc1YzFkNDVjODBlYWZmNGQyMDgzMjRlNGIyZjMyNDcwOThiZDcxZDM1YWRkMWI1ZTNkOWQifQ%3D%3D; path=/; httponly language=eyJpdiI6IlhSWjJUY0FoVGphb0xHcGtpZllFN1JRVG1EOTdsZGVzbFwvdEVGK3FtM1JVPSIsInZhbHVlIjoiNWtQc040eGJUcmxpOGptQklBcEVJcnRTb3Z3N25wOVdoYW1xbnpjR1hVUT0iLCJtYWMiOiI2OGY2NzA0YzYyZjQyMGU0NjU1OWJjNmUxN2QzOWVhYjU0NGQyMzZmYzk0Njk5YmUyMWI3Mjc2ZWNkODhmNGZjIn0%3D; expires=Wed, 17-Nov-2027 00:01:52 GMT; Max-Age=157680000; path=/; httponly dd0fab88c96a6cf90398474741cf1e4d18066989=eyJpdiI6Ilg3aER6Z2szS1FUd1pWRiswQkJNczhWWEFtb2hrRUQwM1J1aERFdm9mRk09IiwidmFsdWUiOiJtcm80cnpmeDhrMlZxTGswNTVTenp1Sk1DU3h6R0J6RkcrTVNLZytIT1dicktpTzR2MWdWeTdRRFpKdk5RdHpLMGVEMStGaDE5Z05nVHdUSDB2emhvOGN3YVkrakFmS1ZBNmExU08razFIXC9hUzBiOWRFRzNaMFptSE1VSGNRNXI1K2o3ZXY1Ym1iZU1zVnV3Wkl1RWZRV25FM1ZvVkltejcxQWNmVmI4UDZMRHhHcklhSGpVQW1LUUYxVDM0M0QyWCt4NUx6dEt0dTFOY3JEOVwvR2pWSkdNVk8ya0FNTU9lNzhiV04yNkh2XC81OWhRU3lkcW8xN3pEUkljcHF5U0I3UTVpV3BIWVRKRURzeHhZY2J1XC9uTDNJQmZidUphMTd2ak9IV2RXMldMeTZTYmZGNkthcGgxWENmSkVOZURuRm5QeUJkcTVkQzVKcUJpamRvUzhIdjdBPT0iLCJtYWMiOiIzOTM1OWExOWYwNWI3MjYyYTQ3Y2NkYmU2NDMzYjljOGU2OGIwMTI3ZjBkYjUwODM4MDc4MjlkMTQwZjdmZDliIn0%3D; expires=Fri, 18-Nov-2022 02:01:52 GMT; Max-Age=7200; path=/; httponly
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 76bc6f1bcf37b4fd-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /l6f7zP HTTP/1.1 
Host: ouo.press
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         104.22.58.251
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Fri, 18 Nov 2022 00:01:52 GMT
cache-control: no-cache
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
set-cookie: ouoio_session=eyJpdiI6Ik92ZCthR2FZQUV6bzFcL0UyQ2d2RklMRmd6UVZSa0c0NWhzOUpDcXVGVEF3PSIsInZhbHVlIjoiWlRLY2F2ZVwvZjdGTnhRMkZMRGU2dkR1bkw5NkdiRzlRS2dmQ0YxWnhKTDRXY3M0VDhONXBXVmRHRkVMcXhPSW5JYjVcL0Z2N1Y3bGhMZUdLMmQyQ2xjZz09IiwibWFjIjoiOGUzMzUwYzI0ZTgyODMyOWNjMzY0NDFiNDZjZTQzOTRlMjU0MDMyYmUwYzQ5Zjg2MzgzNzQxZDkwMGY1MDU5YyJ9; path=/; httponly language=eyJpdiI6Im1cL215MG1LdklcL1ZXMzlJd3JXdng0XC95endGZG16b0lQUHFaTkN1M1NZNWc9IiwidmFsdWUiOiJGR2RBZkFmbHBOUEZpV2ZydzNjdW5zdTZ5NEFuMkRVUWdHK1FTU1FsejBjPSIsIm1hYyI6IjkwMzVhN2FjNjRlY2M4MTVjMDM0ZDY5NWU4YTQyYjY1Mzg3MWJjNDY2NmQzMmRmM2FmNTJiNTY0Yjg1ZGFjMWIifQ%3D%3D; expires=Wed, 17-Nov-2027 00:01:52 GMT; Max-Age=157680000; path=/; httponly 39ed0c32e14f3c27c12bbe048af244fc4a789d78=eyJpdiI6InFpczNnSk5pOHF1N0g2YVwvdktQaUVLNVBwczVcL3U1N0VrMXMzbFVtMld3QT0iLCJ2YWx1ZSI6IiswaEZjYUJJRmo1XC82RkhuY05oMkpFbTY2Z1wvVW9EY1RCU1dqczlLREpFcHN5RG5IUUpJR3hlOTROSWtRaXhZTk45blNENkkrRGxEVlZucTZMSTkzM1R3OGY0dk1HVEZKbDJMeDFWSGRiTTNsT0VSbWNQdHR3Z1FqXC8xRWNYc2Erd1dPQUh1Z0x5dFZcL3JiR0RaTnBEZDBoUEJoOHo2ejJLN0V5XC8zM2NpTjY2ZDZvMjF1bW1oNlY1SWM1SGhpVHd2YzdMeHBrcTByS1BQdlwvd212YmtEdDlwTit3UG5yQ05lMElTcTJtRGxXU29SMUhUVWpaRzkxRnlSZmkwZVRJNlRcL1NcL2NXeW9RVWZ3VWg3YjhcLzlacmVIeUtPcGJ5YlZQRkxsZjNjR3RGNk1qUUtGenhMRkRzaHFzOVBSbWpkRndEbVM3dGlWM3Z0MGRvVUlqMUxHcTI4dDNvaUZGSXFiaVp2amxxME9qOHJiVTBVVVwvVFVxTWxQTjE5U0QwUmhZbE4iLCJtYWMiOiJmYzkxZDJkOWIyMDlkY2U2YzMxYjZkYTIyNWExMTkxZjQ3NDk5YmJjOTA1YTc0YTY5ZTcxZDcxYzhjYzY1YzEyIn0%3D; expires=Fri, 18-Nov-2022 02:01:52 GMT; Max-Age=7200; path=/; httponly __cf_bm=32bd5NuppqY_RIAYYOtIzLx5_51EViwk_dGYKq2yM2Y-1668729712-0-ATAE5llxFZrWACPs182xtT6zwePEGsBVbGcqT3RFzoyNkFbwxRbQQpgMx37WO9k/32mB1VIZdDX9f7itukmuixc=; path=/; expires=Fri, 18-Nov-22 00:31:52 GMT; domain=.ouo.press; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 76bc6f1eaf221c0a-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /js/ld/publishertag.prebid.123.js HTTP/1.1 
Host: static.criteo.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         178.250.0.130
HTTP/2 200 OK
content-type: text/javascript
                                        
server: nginx
date: Fri, 18 Nov 2022 00:01:55 GMT
last-modified: Tue, 03 May 2022 11:21:03 GMT
etag: W/"6271101f-15b58"
expires: Sat, 19 Nov 2022 00:01:55 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /newidsd HTTP/1.1 
Host: gem.gbc.criteo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

search
                                         178.250.6.103
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Fri, 18 Nov 2022 00:01:54 GMT
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 114793
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---