Overview

URL ouo.io/U8nrpN
IP104.22.22.162
ASNCLOUDFLARENET
Location
Report completed2022-09-22 16:27:59 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-22 2 itineraryupper.com/ed/36/01/ed36014633829dc70a42dccaefdf3f11.js Malware
mnemonic secure dns  No alerts detected
Quad9 DNS
Scan Date Severity Indicator Comment
2022-09-22 2 varietiesplea.com Sinkholed
2022-09-22 2 varietiesplea.com Sinkholed
2022-09-22 2 varietiesplea.com Sinkholed
2022-09-22 2 varietiesplea.com Sinkholed
2022-09-22 2 varietiesplea.com Sinkholed
2022-09-22 2 varietiesplea.com Sinkholed
2022-09-22 2 varietiesplea.com Sinkholed
2022-09-22 2 unseenreport.com Sinkholed


Files

No files detected



Passive DNS (58)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS www.google.com (1) 7 2016-08-04 12:36:31 UTC 2022-09-22 10:31:04 UTC 142.250.74.164
mnemonic passive DNS prebid.a-mo.net (1) 1148 2020-07-14 17:45:55 UTC 2022-09-22 07:33:49 UTC 147.75.85.234
mnemonic passive DNS widgets.outbrain.com (1) 1272 2012-05-22 16:25:59 UTC 2022-09-22 05:25:16 UTC 23.38.201.81
mnemonic passive DNS bidder.criteo.com (1) 750 2017-01-30 05:01:16 UTC 2022-09-22 05:17:46 UTC 178.250.2.131
mnemonic passive DNS r3.o.lencr.org (10) 344 2020-12-02 08:52:13 UTC 2022-09-22 04:32:00 UTC 23.36.77.32
mnemonic passive DNS ouo.press (6) 89754 2016-07-27 01:12:12 UTC 2022-09-22 04:35:01 UTC 172.67.22.15
mnemonic passive DNS ru.hhkld.com (1) 0 2022-07-23 18:50:26 UTC 2022-09-22 13:54:25 UTC 141.94.202.176 Unknown ranking
mnemonic passive DNS rtb.viavideo.digital (1) 0 2022-09-07 09:17:46 UTC 2022-09-22 13:54:25 UTC 141.94.202.176 Unknown ranking
mnemonic passive DNS ib.adnxs.com (2) 241 2012-05-23 22:36:14 UTC 2022-09-22 04:31:50 UTC 185.89.211.132
mnemonic passive DNS ocsp.digicert.com (9) 86 2012-05-21 07:02:23 UTC 2022-09-22 14:06:31 UTC 93.184.220.29
mnemonic passive DNS ecdn.analysis.fi (1) 22604 2021-04-26 06:44:49 UTC 2022-09-22 12:50:54 UTC 54.230.111.8
mnemonic passive DNS ocsp.sectigo.com (6) 487 2018-12-17 11:31:55 UTC 2022-09-22 12:52:01 UTC 104.18.32.68
mnemonic passive DNS viavideo.digital (2) 0 2021-11-04 15:26:31 UTC 2022-09-21 23:14:28 UTC 141.94.202.176 Unknown ranking
mnemonic passive DNS ocsp.globalsign.com (1) 2075 2012-05-25 06:20:55 UTC 2022-09-22 04:42:02 UTC 104.18.20.226
mnemonic passive DNS tag.1rx.io (1) 1330 2016-03-31 02:49:07 UTC 2022-09-22 10:14:12 UTC 213.19.147.43
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-22 04:34:04 UTC 34.117.237.239
mnemonic passive DNS itineraryupper.com (1) 280787 2020-07-23 02:40:11 UTC 2022-09-22 12:51:14 UTC 192.243.61.225
mnemonic passive DNS simplewebanalysis.com (1) 0 2022-02-25 04:06:25 UTC 2022-09-22 05:37:23 UTC 35.158.153.212 Unknown ranking
mnemonic passive DNS www.gstatic.com (1) 0 2016-07-26 09:37:06 UTC 2022-09-22 04:32:02 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS ocsp.godaddy.com (1) 698 2012-05-20 19:28:57 UTC 2022-09-22 04:33:09 UTC 192.124.249.23
mnemonic passive DNS ice.360yield.com (2) 1494 2018-11-08 13:23:00 UTC 2022-09-22 05:43:36 UTC 3.124.49.32
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-09-22 05:09:58 UTC 143.204.55.115
mnemonic passive DNS cm.adform.net (1) 1667 2015-03-30 07:47:01 UTC 2022-09-22 04:50:58 UTC 37.157.4.41
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-22 05:01:22 UTC 54.186.209.73
mnemonic passive DNS cdn.runative-syndicate.com (1) 34853 2019-03-18 11:54:28 UTC 2022-09-22 14:29:52 UTC 8.247.218.249
mnemonic passive DNS fastlane.rubiconproject.com (1) 459 2017-01-30 04:49:40 UTC 2022-09-22 04:31:51 UTC 213.19.162.21
mnemonic passive DNS e1.o.lencr.org (3) 6159 2021-08-20 07:36:30 UTC 2022-09-22 05:01:59 UTC 23.36.76.226
mnemonic passive DNS creepingbrings.com (1) 0 2022-05-27 14:56:26 UTC 2022-09-22 15:53:05 UTC 172.64.104.16 Unknown ranking
mnemonic passive DNS pixel.rubiconproject.com (1) 314 2012-10-09 03:17:38 UTC 2022-09-22 04:34:38 UTC 213.19.162.90
mnemonic passive DNS ocsp2.globalsign.com (1) 1544 2012-05-21 07:12:19 UTC 2022-09-22 04:42:02 UTC 104.18.21.226
mnemonic passive DNS asia.hhkld.com (1) 0 2022-09-01 19:18:57 UTC 2022-09-22 12:50:54 UTC 141.94.202.176 Unknown ranking
mnemonic passive DNS ocsp.sca1b.amazontrust.com (2) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 143.204.42.158
mnemonic passive DNS run-syndicate.com (1) 35071 2017-12-01 10:35:57 UTC 2022-09-22 11:11:10 UTC 94.130.164.161
mnemonic passive DNS ap.lijit.com (1) 666 2012-05-25 18:17:20 UTC 2022-09-22 04:52:20 UTC 72.251.249.9
mnemonic passive DNS ouo.io (2) 50761 2015-02-15 06:06:38 UTC 2022-09-22 04:26:11 UTC 104.22.22.162
mnemonic passive DNS ecdn.firstimpression.io (1) 18146 2017-08-11 09:25:19 UTC 2022-09-22 09:10:52 UTC 54.230.111.73
mnemonic passive DNS ssum-sec.casalemedia.com (2) 509 2014-06-23 13:16:59 UTC 2022-09-22 12:47:56 UTC 104.18.19.126
mnemonic passive DNS hhklc.com (1) 0 2022-06-12 16:30:56 UTC 2022-09-22 12:50:54 UTC 104.21.70.122 Unknown ranking
mnemonic passive DNS cdn.run-syndicate.com (1) 36414 2018-01-28 18:16:24 UTC 2022-09-22 14:29:53 UTC 8.247.218.249
mnemonic passive DNS aax-dtb-cf.amazon-adsystem.com (1) 0 2022-06-17 10:06:30 UTC 2022-09-22 04:39:16 UTC 143.204.52.189 Domain (amazon-adsystem.com) ranked at: 3190
mnemonic passive DNS cdn.yourwebbars.com (1) 62037 2021-01-29 17:47:27 UTC 2022-09-22 12:50:58 UTC 104.26.7.19
mnemonic passive DNS unseenreport.com (1) 0 2022-03-30 14:33:17 UTC 2022-09-22 12:45:19 UTC 192.243.59.20 Unknown ranking
mnemonic passive DNS ads.betweendigital.com (2) 1571 2012-10-30 05:08:04 UTC 2022-09-22 12:50:55 UTC 188.42.191.196
mnemonic passive DNS varietiesplea.com (7) 0 2022-09-05 01:10:59 UTC 2022-09-22 05:42:56 UTC 173.233.137.52 Unknown ranking
mnemonic passive DNS sync.hhkld.com (2) 0 2022-08-10 18:12:23 UTC 2022-09-21 23:14:10 UTC 141.94.202.176 Unknown ranking
mnemonic passive DNS sync.vicodes.com (1) 0 2022-08-10 18:12:24 UTC 2022-09-21 23:14:10 UTC 141.94.202.176 Unknown ranking
mnemonic passive DNS img-getpocket.cdn.mozilla.net (4) 1631 2017-09-01 03:40:57 UTC 2022-09-22 14:28:12 UTC 34.120.237.76
mnemonic passive DNS sync.viavideo.digital (2) 0 2022-03-03 12:44:15 UTC 2022-09-22 13:54:22 UTC 141.94.202.176 Unknown ranking
mnemonic passive DNS fonts.googleapis.com (1) 8877 2014-07-21 13:19:55 UTC 2022-09-22 15:29:18 UTC 142.250.74.10
mnemonic passive DNS sync.dmp.otm-r.com (1) 19534 2017-02-03 07:19:51 UTC 2022-09-22 13:30:50 UTC 195.201.8.30
mnemonic passive DNS lcdn.tsyndicate.com (1) 12634 2020-03-31 14:26:34 UTC 2022-09-22 09:25:03 UTC 8.254.252.214
mnemonic passive DNS ad.doubleclick.net (1) 186 2013-05-06 20:24:43 UTC 2022-09-22 04:32:18 UTC 216.58.207.198
mnemonic passive DNS pxl.tsyndicate.com (2) 14763 2017-07-05 13:51:06 UTC 2022-09-22 12:06:56 UTC 94.130.141.49
mnemonic passive DNS cdn.sb4you1.com (7) 22321 2021-09-16 11:26:58 UTC 2022-09-22 08:10:46 UTC 172.64.201.2
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-22 05:24:31 UTC 143.204.55.110
mnemonic passive DNS ocsp.pki.goog (8) 175 2017-06-14 07:23:31 UTC 2022-09-22 04:32:28 UTC 142.250.74.3
mnemonic passive DNS hhkld.com (4) 0 2022-06-21 06:07:08 UTC 2022-09-22 13:54:25 UTC 141.94.202.176 Unknown ranking
mnemonic passive DNS c.amazon-adsystem.com (2) 300 2013-12-19 15:10:01 UTC 2022-09-22 04:40:39 UTC 143.204.46.73


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 104.22.22.162

Date UQ / IDS / BL URL IP
2022-11-22 05:06:54 +0000
0 - 0 - 8 ouo.io/63G1os 104.22.22.162
2022-11-20 06:08:16 +0000
0 - 0 - 3 ouo.io/QnVMXa 104.22.22.162
2022-11-19 08:28:34 +0000
0 - 0 - 8 ouo.io/9ot4aW 104.22.22.162
2022-11-18 09:32:29 +0000
0 - 0 - 1 ouo.io/npwR6p 104.22.22.162
2022-11-18 05:38:30 +0000
0 - 0 - 1 ouo.io/thFNIG 104.22.22.162

Last 5 reports on ASN: CLOUDFLARENET

Date UQ / IDS / BL URL IP
2022-11-30 04:24:36 +0000
0 - 0 - 2 aicewontonpopcor.xyz/ 172.67.170.177
2022-11-30 04:23:40 +0000
0 - 0 - 8 avtodom-kzn.ru/ 188.114.96.1
2022-11-30 04:23:35 +0000
0 - 0 - 3 9xbuddy.com/process?url=embedsito.com/v/l785q (...) 104.21.235.81
2022-11-30 04:21:31 +0000
0 - 0 - 1 binance-campaigns-check-november.net/ 172.67.179.100
2022-11-30 04:18:01 +0000
0 - 0 - 1 rhetoricemancipate.cn/ 104.21.95.189

Last 5 reports on domain: ouo.io

Date UQ / IDS / BL URL IP
2022-11-29 18:01:37 +0000
0 - 0 - 11 ouo.io/p3tQCUw 172.67.6.151
2022-11-29 07:03:35 +0000
0 - 0 - 9 ouo.io/eeonrE 104.22.23.162
2022-11-27 03:28:23 +0000
0 - 0 - 10 ouo.io/1NXtwF 172.67.6.151
2022-11-26 14:08:12 +0000
0 - 0 - 10 ouo.io/ZVf2P0 172.67.6.151
2022-11-25 10:04:18 +0000
0 - 0 - 8 ouo.io/AQUMg2Y 172.67.6.151

No other reports with similar screenshot



JavaScript

Executed Scripts (24)


Executed Evals (7)

#1 JavaScript::Eval (size: 15552, repeated: 1) - SHA256: b7bb0c5ac33ab436c5fe975360ef1af5f66987c6c8bf5c0569e749197b16ecaa

                                        /* Anti-spam. Want to say hello? Contact (base64) Ym90Z3VhcmQtY29udGFjdEBnb29nbGUuY29t */
(function() {
    var c = function(E) {
            return E
        },
        h = this || self,
        L = function(E, R) {
            if (R = (E = h.trustedTypes, null), !E || !E.createPolicy) return R;
            try {
                R = E.createPolicy("bg", {
                    createHTML: c,
                    createScript: c,
                    createScriptURL: c
                })
            } catch (J) {
                h.console && h.console.error(J.message)
            }
            return R
        };
    (0, eval)(function(E, R) {
        return (R = L()) && 1 === E.eval(R.createScript("1")) ? function(J) {
            return R.createScript(J)
        } : function(J) {
            return "" + J
        }
    }(h)(Array(7824 * Math.random() | 0).join("\n") + '(function(){var R4=function(E,R,c,L,O,J){function h(){if(E.A==E){if(E.o){var S=[C,R,c,void 0,O,J,arguments];if(2==L)var q=a(false,false,(K(S,E),E));else if(1==L){var r=!E.j.length;K(S,E),r&&a(false,false,E)}else q=EI(E,S);return q}O&&J&&O.removeEventListener(J,h,u)}}return h},J_=function(E,R,c,L){function O(){}return{invoke:(L=sI(E,(c=void 0,function(J){O&&(R&&Y(R),c=J,O(),O=void 0)}),!!R)[0],function(J,h,S,q){function r(){c(function(A){Y(function(){J(A)})},S)}if(!h)return h=L(S),J&&J(h),h;c?r():(q=O,O=function(){Y((q(),r))})})}},D=function(E,R,c){if(260==R||63==R)E.o[R]?E.o[R].concat(c):E.o[R]=cO(E,c);else{if(E.l&&174!=R)return;139==R||279==R||115==R||108==R||485==R?E.o[R]||(E.o[R]=h_(134,c,R,E)):E.o[R]=h_(17,c,R,E)}174==R&&(E.S=e(32,E,false),E.X=void 0)},l=function(E,R){R.h=((R.h?R.h+"~":"E:")+E.message+":"+E.stack).slice(0,2048)},Sy=function(E,R,c,L){try{L=E[((R|0)+2)%3],E[R]=(E[R]|0)-(E[((R|0)+1)%3]|0)-(L|0)^(1==R?L<<c:L>>>c)}catch(O){throw O;}},OI=function(E,R){return R(function(c){c(E)}),[function(){return E}]},q0=function(E,R,c){return E.u(function(L){c=L},false,R),c},CU=function(E,R,c,L,O){(L=N((c=W((L=(E&=(O=E&4,3),W(R)),R)),R),L),O&&(L=rm(""+L)),E)&&B(c,X(L.length,2),R),B(c,L,R)},W=function(E,R){if(E.W)return KU(E.Z,E);return(R=e(8,E,true),R&128)&&(R^=128,E=e(2,E,true),R=(R<<2)+(E|0)),R},m=function(E,R,c){c=this;try{a4(this,R,E)}catch(L){l(L,this),R(function(O){O(c.h)})}},A_=function(E,R,c,L,O){for(R=(L=R[O=0,3]|0,R[2]|0);14>O;O++)c=c>>>8|c<<24,L=L>>>8|L<<24,c+=E|0,E=E<<3|E>>>29,c^=R+1890,L+=R|0,L^=O+1890,R=R<<3|R>>>29,E^=c,R^=L;return[E>>>24&255,E>>>16&255,E>>>8&255,E>>>0&255,c>>>24&255,c>>>16&255,c>>>8&255,c>>>0&255]},uN=function(E,R){D(R,260,((R.hh.push(R.o.slice()),R).o[260]=void 0,E))},Z=function(E,R){for(R=[];E--;)R.push(255*Math.random()|0);return R},sI=function(E,R,c,L){return(L=y[E.substring(0,3)+"_"])?L(E.substring(3),R,c):OI(E,R)},cO=function(E,R,c){return(c=g[E.U](E.sl),c[E.U]=function(){return R},c).concat=function(L){R=L},c},iN=function(E,R){((R.push(E[0]<<24|E[1]<<16|E[2]<<8|E[3]),R).push(E[4]<<24|E[5]<<16|E[6]<<8|E[7]),R).push(E[8]<<24|E[9]<<16|E[10]<<8|E[11])},X=function(E,R,c,L){for(c=(L=[],R|0)-1;0<=c;c--)L[(R|0)-1-(c|0)]=E>>8*c&255;return L},nU=function(E,R,c,L){L=(c=W(E),W(E)),B(L,X(N(E,c),R),E)},TT=function(E,R,c,L){for(;R.j.length;){c=(R.G=null,R.j.pop());try{L=EI(R,c)}catch(O){l(O,R)}if(E&&R.G){(E=R.G,E)(function(){a(true,true,R)});break}}return L},wm=function(E,R){return g[E](g.prototype,{parent:R,propertyIsEnumerable:R,prototype:R,console:R,floor:R,document:R,splice:R,replace:R,call:R,pop:R,length:R,stack:R})},h_=function(E,R,c,L,O,J,h,S){return h=g[L.U]((J=(R=[51,27,-23,78,28,-90,(O=Y1,R),37,-90,16],E&7),L).Ah),h[L.U]=function(q){J+=(S=q,6)+7*E,J&=7},h.concat=function(q){return(q=(q=c%16+1,5)*c*c*q- -1972*S-918*c*S+J+34*S*S+(O()|0)*q-q*S+R[J+35&7]*c*q-170*c*c*S,q=R[q],S=void 0,R)[(J+61&7)+(E&2)]=q,R[J+(E&2)]=27,q},h},a=function(E,R,c,L,O,J){if(c.j.length){c.qN=(c.i&&0(),E),c.i=true;try{O=c.K(),c.I=O,c.H=0,c.B=O,L=TT(E,c),J=c.K()-c.I,c.Y+=J,J<(R?0:10)||0>=c.L--||(J=Math.floor(J),c.N.push(254>=J?J:254))}finally{c.i=false}return L}},pU=function(E,R){if(R=(E=null,x).trustedTypes,!R||!R.createPolicy)return E;try{E=R.createPolicy("bg",{createHTML:zT,createScript:zT,createScriptURL:zT})}catch(c){x.console&&x.console.error(c.message)}return E},K=function(E,R){R.j.splice(0,0,E)},a4=function(E,R,c,L,O){for(L=(O=((E.Ah=((E.yp=D8,E).pz=ey,E.XL=E[P],wm)(E.U,{get:function(){return this.concat()}}),E).sl=g[E.U](E.Ah,{value:{value:{}}}),[]),0);128>L;L++)O[L]=String.fromCharCode(L);((K([(V(348,E,(V((V(390,E,((V(461,((V(452,E,(V(249,E,(V(364,(V((V(164,(V(188,((V(234,E,(D(E,139,[160,0,(D(E,115,(D(E,279,(V(69,E,(V((V(61,(V(141,(D(E,(E.eG=(D(E,(V((D((V(437,(D(E,485,(D(E,(V(229,E,(D(E,((D(E,408,(V(200,(V(402,E,(V(236,E,(D(E,(V(214,E,(V(0,((V(23,(D(E,293,(D(E,(D(E,260,(E.Kz=(E.WF=(E.g=((E.h=(E.P=[],void 0),E.X=void 0,E).W=void 0,E.T=(E.v=(E.C=1,E.Y=0,8001),0),(E.B=0,E).L=(E.A=E,E.o=[],E.F=[],(E.H=void 0,E).N=[],(E.qN=false,E.Z=void 0,E.G=null,E).S=void 0,(E.j=[],E.O=void 0,E).l=((E.ZX=0,E).s=0,L=(E.I=0,window.performance||{}),false),E.hh=[],25),0),function(J){this.A=J}),E.i=false,L.timeOrigin||(L.timing||{}).navigationStart||0),0)),63),0),E)),E),function(J,h,S,q,r,A,n){for(q=(h=N(J,(n=(A=W(J),r=vO(J),""),224)),h.length),S=0;r--;)S=((S|0)+(vO(J)|0))%q,n+=O[h[S]];D(J,A,n)}),V)(406,E,function(J){CU(3,J)}),E),function(J,h,S,q){D(J,(S=(h=W(J),W(J)),q=W(J),q),N(J,h)||N(J,S))}),function(){})),21),0),function(J,h,S,q){D(J,(S=N(J,(q=N(J,(h=(q=(S=W(J),W(J)),W(J)),q)),S)),h),S in q|0)})),function(J,h,S){0!=N(J,(h=N(J,(h=W((S=W(J),J)),h)),S))&&D(J,260,h)})),E),function(J){CU(4,J)}),2048)),V)(128,E,function(J,h,S){(h=N(J,(S=(h=W(J),W(J)),h)),h=t_(h),D)(J,S,h)}),207),467),function(J,h,S,q){S=(h=I((q=W(J),J)),W(J)),D(J,S,N(J,q)>>>h)})),416),x),[0,0,0])),E),function(J,h,S,q){D(J,(S=(h=(q=(h=W(J),W(J)),N(J,h)),N(J,q)),q),S+h)}),E),108,[]),317),E,function(J,h,S,q,r,A,n,z,T,v,w,p){function H(t,Q){for(;r<t;)p|=I(J)<<r,r+=8;return Q=(r-=t,p)&(1<<t)-1,p>>=t,Q}for(p=(n=W(J),r=0),T=(H(3)|0)+1,S=H(5),h=[],q=w=0;w<S;w++)z=H(1),h.push(z),q+=z?0:1;for(v=(q=(w=((q|0)-1).toString(2).length,0),[]);q<S;q++)h[q]||(v[q]=H(w));for(w=0;w<S;w++)h[w]&&(v[w]=W(J));for(A=[];T--;)A.push(N(J,W(J)));V(n,J,function(t,Q,d,k,LU){for(Q=(LU=(d=[],[]),0);Q<S;Q++){if(!h[k=v[Q],Q]){for(;k>=d.length;)d.push(W(t));k=d[k]}LU.push(k)}t.Z=cO(t,(t.W=cO(t,A.slice()),LU))})}),446),{}),0),278),0),E),function(J){nU(J,4)}),E),function(J,h,S,q){D(J,(q=(S=N(J,(q=(S=W(J),W(J)),h=W(J),S)),N)(J,q),h),+(S==q))}),409),E,function(J,h){(J=N((h=W(J),J.A),h),J[0]).removeEventListener(J[1],J[2],u)}),function(J,h,S,q,r){for(r=(S=(q=vO((h=W(J),J)),0),[]);S<q;S++)r.push(I(J));D(J,h,r)})),Z(4))),[])),0)]),function(J,h,S,q){(h=(S=W(J),W(J)),q=W(J),J.A==J)&&(q=N(J,q),h=N(J,h),N(J,S)[h]=q,174==S&&(J.X=void 0,2==h&&(J.S=e(32,J,false),J.X=void 0)))})),V)(209,E,function(J,h,S){D(J,(S=(h=W(J),W)(J),S),""+N(J,h))}),E),function(J,h,S,q,r){h=N(J,(r=(S=N((r=(h=(q=W(J),W(J)),W(J)),S=W(J),J),S),q=N(J.A,q),N(J,r)),h)),0!==q&&(S=R4(J,r,S,1,q,h),q.addEventListener(h,S,u),D(J,21,[q,h,S]))}),E),function(J){nU(J,1)}),225),E,function(J,h,S,q,r,A){G(h,J,false,true)||(q=N0(J.A),h=q.R,S=q.oe,A=q.D,r=A.length,q=q.El,h=0==r?new S[h]:1==r?new S[h](A[0]):2==r?new S[h](A[0],A[1]):3==r?new S[h](A[0],A[1],A[2]):4==r?new S[h](A[0],A[1],A[2],A[3]):2(),D(J,q,h))}),E.ae=0,E),function(J,h,S){G(h,J,false,true)||(h=W(J),S=W(J),D(J,S,function(q){return eval(q)}(lN(N(J.A,h)))))}),function(J,h){h=N(J,W(J)),uN(h,J.A)})),function(J,h,S,q,r,A){if(!G(h,J,true,true)){if("object"==t_((A=(h=N((q=W((A=(r=W((h=W(J),J)),W(J)),J)),J),h),r=N(J,r),N(J,A)),J=N(J,q),h))){for(S in q=[],h)q.push(S);h=q}for(A=0<A?A:1,S=0,q=h.length;S<q;S+=A)r(h.slice(S,(S|0)+(A|0)),J)}})),E).kt=0,E),function(J){WO(J,4)}),V)(252,E,function(J,h,S,q,r){S=N(J,(q=N(J,(r=N(J,(q=(r=(S=(h=W(J),W(J)),W(J)),W(J)),r)),q)),S)),D(J,h,R4(J,S,r,q))}),function(J,h,S,q){!G(h,J,false,true)&&(h=N0(J),S=h.R,q=h.oe,J.A==J||S==J.WF&&q==J)&&(D(J,h.El,S.apply(q,h.D)),J.B=J.K())})),447),E,function(J,h,S,q){if(S=J.hh.pop()){for(q=I(J);0<q;q--)h=W(J),S[h]=J.o[h];((S[108]=J.o[108],S)[408]=J.o[408],J).o=S}else D(J,260,J.s)}),function(J,h,S,q){h=(S=N(J,(q=W((h=(S=W(J),W(J)),J)),S)),N(J,h)),D(J,q,S[h])})),QE)],E),K)([M,c],E),K)([BO,R],E),a(true,true,E)},rm=function(E,R,c,L,O){for(O=(E=E.replace(/\\r\\n/g,"\\n"),[]),R=L=0;L<E.length;L++)c=E.charCodeAt(L),128>c?O[R++]=c:(2048>c?O[R++]=c>>6|192:(55296==(c&64512)&&L+1<E.length&&56320==(E.charCodeAt(L+1)&64512)?(c=65536+((c&1023)<<10)+(E.charCodeAt(++L)&1023),O[R++]=c>>18|240,O[R++]=c>>12&63|128):O[R++]=c>>12|224,O[R++]=c>>6&63|128),O[R++]=c&63|128);return O},x=this||self,e=function(E,R,c,L,O,J,h,S,q,r,A,n,z,T){if((S=N(R,260),S)>=R.s)throw[f,31];for(L=(J=0,R.XL.length),h=E,n=S;0<h;)T=n>>3,r=n%8,q=R.F[T],O=8-(r|0),O=O<h?O:h,c&&(z=R,z.X!=n>>6&&(z.X=n>>6,A=N(z,174),z.O=A_(z.S,[0,0,A[1],A[2]],z.X)),q^=R.O[T&L]),n+=O,J|=(q>>8-(r|0)-(O|0)&(1<<O)-1)<<(h|0)-(O|0),h-=O;return D(R,260,(c=J,(S|0)+(E|0))),c},Xf=function(E,R,c){if(3==E.length){for(c=0;3>c;c++)R[c]+=E[c];for(c=(E=[13,8,13,12,16,5,3,10,15],0);9>c;c++)R[3](R,c%3,E[c])}},t_=function(E,R,c){if("object"==(c=typeof E,c))if(E){if(E instanceof Array)return"array";if(E instanceof Object)return c;if("[object Window]"==(R=Object.prototype.toString.call(E),R))return"object";if("[object Array]"==R||"number"==typeof E.length&&"undefined"!=typeof E.splice&&"undefined"!=typeof E.propertyIsEnumerable&&!E.propertyIsEnumerable("splice"))return"array";if("[object Function]"==R||"undefined"!=typeof E.call&&"undefined"!=typeof E.propertyIsEnumerable&&!E.propertyIsEnumerable("call"))return"function"}else return"null";else if("function"==c&&"undefined"==typeof E.call)return"object";return c},G=function(E,R,c,L,O,J,h,S,q){if((R.A=((q=(O=(h=(S=4==(J=(L||R.H++,0<R.g&&R.i&&R.qN&&1>=R.T)&&!R.W&&!R.G&&(!L||1<R.v-E)&&0==document.hidden,R.H))||J?R.K():R.B,h)-R.B,O)>>14,R.S)&&(R.S^=q*(O<<2)),q)||R.A,R.C+=q,S)||J)R.B=h,R.H=0;if(!J||h-R.I<R.g-(c?255:L?5:2))return false;return(c=N(R,(R.v=E,L?63:260)),D(R,260,R.s),R.j).push([m4,c,L?E+1:E]),R.G=Y,true},vO=function(E,R){return(R=I(E),R)&128&&(R=R&127|I(E)<<7),R},o4=function(E,R,c,L){return N(c,(D(c,260,(HO(((L=N(c,260),c.F&&L<c.s)?(D(c,260,c.s),uN(R,c)):D(c,260,R),E),c),L)),446))},b=function(E,R,c,L,O,J){if(!E.l){if(3<(c=N(((R=((J=void 0,c&&c[0]===f&&(J=c[2],R=c[1],c=void 0),O=N(E,108),0)==O.length&&(L=N(E,63)>>3,O.push(R,L>>8&255,L&255),void 0!=J&&O.push(J&255)),""),c)&&(c.message&&(R+=c.message),c.stack&&(R+=":"+c.stack)),E),408),c)){J=(R=(c-=((R=R.slice(0,(c|0)-3),R).length|0)+3,rm(R)),E.A),E.A=E;try{B(279,X(R.length,2).concat(R),E,9)}finally{E.A=J}}D(E,408,c)}},Z8=function(E,R){return R[E]<<24|R[(E|0)+1]<<16|R[(E|0)+2]<<8|R[(E|0)+3]},I=function(E){return E.W?KU(E.Z,E):e(8,E,true)},zT=function(E){return E},EI=function(E,R,c,L,O){if(L=R[0],L==F)E.L=25,E.V(R);else if(L==P){O=R[1];try{c=E.h||E.V(R)}catch(J){l(J,E),c=E.h}O(c)}else if(L==m4)E.V(R);else if(L==M)E.V(R);else if(L==BO){try{for(c=0;c<E.P.length;c++)try{O=E.P[c],O[0][O[1]](O[2])}catch(J){}}catch(J){}(0,(E.P=[],R)[1])(function(J,h){E.u(J,true,h)},function(J){K([yE],(J=!E.j.length,E)),J&&a(true,false,E)})}else{if(L==C)return c=R[2],D(E,433,R[6]),D(E,446,c),E.V(R);L==yE?(E.o=null,E.F=[],E.N=[]):L==QE&&"loading"===x.document.readyState&&(E.G=function(J,h){function S(){h||(h=true,J())}(x.document.addEventListener("DOMContentLoaded",S,(h=false,u)),x).addEventListener("load",S,u)})}},B=function(E,R,c,L,O,J){if(c.A==c)for(O=N(c,E),279==E?(E=function(h,S,q,r){if((r=(S=O.length,S|0)-4>>3,O).Ul!=r){q=[0,(r=(r<<3)-(O.Ul=r,4),0),J[1],J[2]];try{O.z$=A_(Z8(r,O),q,Z8((r|0)+4,O))}catch(A){throw A;}}O.push(O.z$[S&7]^h)},J=N(c,485)):E=function(h){O.push(h)},L&&E(L&255),c=0,L=R.length;c<L;c++)E(R[c])},Y=x.requestIdleCallback?function(E){requestIdleCallback(function(){E()},{timeout:4})}:x.setImmediate?function(E){setImmediate(E)}:function(E){setTimeout(E,0)},WO=function(E,R,c,L){for(c=(L=W(E),0);0<R;R--)c=c<<8|I(E);D(E,L,c)},V=function(E,R,c){D(R,E,c),c[QE]=2796},y,U,N=function(E,R){if((E=E.o[R],void 0)===E)throw[f,30,R];if(E.value)return E.create();return(E.create(5*R*R+27*R+-58),E).prototype},HO=function(E,R,c,L,O,J){if(!R.h){R.T++;try{for(O=(J=(c=R.s,void 0),0);--E;)try{if((L=void 0,R).W)J=KU(R.W,R);else{if(O=N(R,260),O>=c)break;J=N(R,(D(R,63,O),L=W(R),L))}G((J&&J[yE]&2048?J(R,E):b(R,0,[f,21,L]),E),R,false,false)}catch(h){N(R,207)?b(R,22,h):D(R,207,h)}if(!E){if(R.bG){HO((R.T--,188885615751),R);return}b(R,0,[f,33])}}catch(h){try{b(R,22,h)}catch(S){l(S,R)}}R.T--}},N0=function(E,R,c,L,O,J){for(c=(O=E[gm]||{},R=W(E),O.El=W(E),O.D=[],J=E.A==E?(I(E)|0)-1:1,L=W(E),0);c<J;c++)O.D.push(W(E));for(O.oe=N(E,L);J--;)O.D[J]=N(E,O.D[J]);return O.R=N(E,R),O},KU=function(E,R){return(E=E.create().shift(),R).W.create().length||R.Z.create().length||(R.Z=void 0,R.W=void 0),E},u={passive:true,capture:true},gm=String.fromCharCode(105,110,116,101,103,67,104,101,99,107,66,121,112,97,115,115),BO=(m.prototype.bG=!(m.prototype.J="toString",1),[]),f=(m.prototype.mf=(m.prototype.Vp=void 0,void 0),{}),M=[],m4=[],F=[],yE=[],QE=[],P=[],C=[],Y1=((iN,Z,Sy,Xf,m.prototype).U="create",U=m.prototype,U.nz=function(E,R,c,L,O,J){for(O=(c=0,[]),J=0;J<E.length;J++)for(c+=R,L=L<<R|E[J];7<c;)c-=8,O.push(L>>c&255);return O},U.DX=function(E,R,c,L,O){for(L=O=0;L<E.length;L++)O+=E.charCodeAt(L),O+=O<<10,O^=O>>6;return(O=(E=(O+=O<<3,O^=O>>11,O+(O<<15)>>>0),new Number(E&(1<<R)-1)),O)[0]=(E>>>R)%c,O},void 0),g=f.constructor;(((U.K=(window.performance||{}).now?function(){return this.Kz+window.performance.now()}:function(){return+new Date},U.th=(U.dC=function(){return Math.floor(this.Y+(this.K()-this.I))},function(){return Math.floor(this.K())}),U).SG=function(E,R,c){return E^(R^=R<<13,R^=R>>17,(R=(R^R<<5)&c)||(R=1),R)},U).u=function(E,R,c,L,O){if(c="array"===t_(c)?c:[c],this.h)E(this.h);else try{O=[],L=!this.j.length,K([F,O,c],this),K([P,E,O],this),R&&!L||a(R,true,this)}catch(J){l(J,this),E(this.h)}},m.prototype).V=function(E,R){return R=(Y1=(E={},function(){return R==E?-58:-12}),{}),function(c,L,O,J,h,S,q,r,A,n,z,T,v,w,p){R=(n=R,E);try{if(S=c[0],S==M){z=c[1];try{for(h=(T=(p=[],atob(z)),v=0);v<T.length;v++)A=T.charCodeAt(v),255<A&&(p[h++]=A&255,A>>=8),p[h++]=A;D(this,(this.s=(this.F=p,this.F.length)<<3,174),[0,0,0])}catch(H){b(this,17,H);return}HO(8001,this)}else if(S==F)c[1].push(N(this,139).length,N(this,115).length,N(this,408),N(this,279).length),D(this,446,c[2]),this.o[479]&&o4(8001,N(this,479),this);else{if(S==P){this.A=(J=(O=X(((p=c[2],N(this,139).length)|0)+2,2),this.A),this);try{r=N(this,108),0<r.length&&B(139,X(r.length,2).concat(r),this,10),B(139,X(this.C,1),this,109),B(139,X(this[P].length,1),this),T=0,T+=N(this,278)&2047,T-=(N(this,139).length|0)+5,w=N(this,279),4<w.length&&(T-=(w.length|0)+3),0<T&&B(139,X(T,2).concat(Z(T)),this,15),4<w.length&&B(139,X(w.length,2).concat(w),this,156)}finally{this.A=J}if(((h=Z(2).concat(N(this,139)),h)[1]=h[0]^6,h)[3]=h[1]^O[0],h[4]=h[1]^O[1],L=this.jG(h))L="!"+L;else for(L="",T=0;T<h.length;T++)q=h[T][this.J](16),1==q.length&&(q="0"+q),L+=q;return N((D(this,408,(N(this,(N(this,(v=L,139)).length=p.shift(),115)).length=p.shift(),p.shift())),this),279).length=p.shift(),v}if(S==m4)o4(c[2],c[1],this);else if(S==C)return o4(8001,c[1],this)}}finally{R=n}}}();var ey,D8=(m.prototype.rC=((m.prototype.jG=function(E,R,c,L){if(c=window.btoa){for(L=0,R="";L<E.length;L+=8192)R+=String.fromCharCode.apply(null,E.slice(L,L+8192));E=c(R).replace(/\\+/g,"-").replace(/\\//g,"_").replace(/=/g,"")}else E=void 0;return E},m.prototype).xt=0,0),m.prototype[BO]=[0,0,1,1,0,1,1],/./),x1=M.pop.bind(m.prototype[F]),lN=function(E,R){return(R=pU())&&1===E.eval(R.createScript("1"))?function(c){return R.createScript(c)}:function(c){return""+c}}(((ey=(D8[m.prototype.J]=x1,wm(m.prototype.U,{get:x1})),m).prototype.G$=void 0,x));(40<(y=x.botguard||(x.botguard={}),y.m)||(y.m=41,y.bg=J_,y.a=sI),y).ABO_=function(E,R,c){return[(c=new m(E,R),function(L){return q0(c,L)})]};}).call(this);'));
}).call(this);
                                    

#2 JavaScript::Eval (size: 62, repeated: 1) - SHA256: 9a40ef33f7700831131770a8048c5a08faa312d7311fc2c6ced1909ea6e458ce

                                        0,
function(J, h, S) {
    S = (h = (S = W(J), W)(J), J.o)[S] && N(J, S), D(J, h, S)
}
                                    

#3 JavaScript::Eval (size: 22, repeated: 1) - SHA256: 531ec07d216cb5810b6ebf63f292c8c1759049139e175d847973b17cd08238fa

                                        0,
function(J) {
    WO(J, 1)
}
                                    

#4 JavaScript::Eval (size: 22, repeated: 1) - SHA256: d651a2902f113132877a12117727707b1031e8f12615f8a3a0ad138ea5eb79ea

                                        0,
function(J) {
    WO(J, 2)
}
                                    

#5 JavaScript::Eval (size: 154, repeated: 1) - SHA256: 5b74ca7f2f7320a7821eedeecfc6bc9cf4c5b0364ae656e62b66657c227aae7e

                                        apstag.punt({
    "cmp": "https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-LoopMe_n-onetag_pm-db5_rbd_cnv_n-Outbrain",
    "cb": "0"
})
                                    

#6 JavaScript::Eval (size: 15362, repeated: 1) - SHA256: c1d8cf18d3b7dd56b31c72ec5b5dde454f5ae5c25f07c7fffbe789b1d912ddf8

                                        (function() {
    var R4 = function(E, R, c, L, O, J) {
            function h() {
                if (E.A == E) {
                    if (E.o) {
                        var S = [C, R, c, void 0, O, J, arguments];
                        if (2 == L) var q = a(false, false, (K(S, E), E));
                        else if (1 == L) {
                            var r = !E.j.length;
                            K(S, E), r && a(false, false, E)
                        } else q = EI(E, S);
                        return q
                    }
                    O && J && O.removeEventListener(J, h, u)
                }
            }
            return h
        },
        J_ = function(E, R, c, L) {
            function O() {}
            return {
                invoke: (L = sI(E, (c = void 0, function(J) {
                    O && (R && Y(R), c = J, O(), O = void 0)
                }), !!R)[0], function(J, h, S, q) {
                    function r() {
                        c(function(A) {
                            Y(function() {
                                J(A)
                            })
                        }, S)
                    }
                    if (!h) return h = L(S), J && J(h), h;
                    c ? r() : (q = O, O = function() {
                        Y((q(), r))
                    })
                })
            }
        },
        D = function(E, R, c) {
            if (260 == R || 63 == R) E.o[R] ? E.o[R].concat(c) : E.o[R] = cO(E, c);
            else {
                if (E.l && 174 != R) return;
                139 == R || 279 == R || 115 == R || 108 == R || 485 == R ? E.o[R] || (E.o[R] = h_(134, c, R, E)) : E.o[R] = h_(17, c, R, E)
            }
            174 == R && (E.S = e(32, E, false), E.X = void 0)
        },
        l = function(E, R) {
            R.h = ((R.h ? R.h + "~" : "E:") + E.message + ":" + E.stack).slice(0, 2048)
        },
        Sy = function(E, R, c, L) {
            try {
                L = E[((R | 0) + 2) % 3], E[R] = (E[R] | 0) - (E[((R | 0) + 1) % 3] | 0) - (L | 0) ^ (1 == R ? L << c : L >>> c)
            } catch (O) {
                throw O;
            }
        },
        OI = function(E, R) {
            return R(function(c) {
                c(E)
            }), [function() {
                return E
            }]
        },
        q0 = function(E, R, c) {
            return E.u(function(L) {
                c = L
            }, false, R), c
        },
        CU = function(E, R, c, L, O) {
            (L = N((c = W((L = (E &= (O = E & 4, 3), W(R)), R)), R), L), O && (L = rm("" + L)), E) && B(c, X(L.length, 2), R), B(c, L, R)
        },
        W = function(E, R) {
            if (E.W) return KU(E.Z, E);
            return (R = e(8, E, true), R & 128) && (R ^= 128, E = e(2, E, true), R = (R << 2) + (E | 0)), R
        },
        m = function(E, R, c) {
            c = this;
            try {
                a4(this, R, E)
            } catch (L) {
                l(L, this), R(function(O) {
                    O(c.h)
                })
            }
        },
        A_ = function(E, R, c, L, O) {
            for (R = (L = R[O = 0, 3] | 0, R[2] | 0); 14 > O; O++) c = c >>> 8 | c << 24, L = L >>> 8 | L << 24, c += E | 0, E = E << 3 | E >>> 29, c ^= R + 1890, L += R | 0, L ^= O + 1890, R = R << 3 | R >>> 29, E ^= c, R ^= L;
            return [E >>> 24 & 255, E >>> 16 & 255, E >>> 8 & 255, E >>> 0 & 255, c >>> 24 & 255, c >>> 16 & 255, c >>> 8 & 255, c >>> 0 & 255]
        },
        uN = function(E, R) {
            D(R, 260, ((R.hh.push(R.o.slice()), R).o[260] = void 0, E))
        },
        Z = function(E, R) {
            for (R = []; E--;) R.push(255 * Math.random() | 0);
            return R
        },
        sI = function(E, R, c, L) {
            return (L = y[E.substring(0, 3) + "_"]) ? L(E.substring(3), R, c) : OI(E, R)
        },
        cO = function(E, R, c) {
            return (c = g[E.U](E.sl), c[E.U] = function() {
                return R
            }, c).concat = function(L) {
                R = L
            }, c
        },
        iN = function(E, R) {
            ((R.push(E[0] << 24 | E[1] << 16 | E[2] << 8 | E[3]), R).push(E[4] << 24 | E[5] << 16 | E[6] << 8 | E[7]), R).push(E[8] << 24 | E[9] << 16 | E[10] << 8 | E[11])
        },
        X = function(E, R, c, L) {
            for (c = (L = [], R | 0) - 1; 0 <= c; c--) L[(R | 0) - 1 - (c | 0)] = E >> 8 * c & 255;
            return L
        },
        nU = function(E, R, c, L) {
            L = (c = W(E), W(E)), B(L, X(N(E, c), R), E)
        },
        TT = function(E, R, c, L) {
            for (; R.j.length;) {
                c = (R.G = null, R.j.pop());
                try {
                    L = EI(R, c)
                } catch (O) {
                    l(O, R)
                }
                if (E && R.G) {
                    (E = R.G, E)(function() {
                        a(true, true, R)
                    });
                    break
                }
            }
            return L
        },
        wm = function(E, R) {
            return g[E](g.prototype, {
                parent: R,
                propertyIsEnumerable: R,
                prototype: R,
                console: R,
                floor: R,
                document: R,
                splice: R,
                replace: R,
                call: R,
                pop: R,
                length: R,
                stack: R
            })
        },
        h_ = function(E, R, c, L, O, J, h, S) {
            return h = g[L.U]((J = (R = [51, 27, -23, 78, 28, -90, (O = Y1, R), 37, -90, 16], E & 7), L).Ah), h[L.U] = function(q) {
                J += (S = q, 6) + 7 * E, J &= 7
            }, h.concat = function(q) {
                return (q = (q = c % 16 + 1, 5) * c * c * q - -1972 * S - 918 * c * S + J + 34 * S * S + (O() | 0) * q - q * S + R[J + 35 & 7] * c * q - 170 * c * c * S, q = R[q], S = void 0, R)[(J + 61 & 7) + (E & 2)] = q, R[J + (E & 2)] = 27, q
            }, h
        },
        a = function(E, R, c, L, O, J) {
            if (c.j.length) {
                c.qN = (c.i && 0(), E), c.i = true;
                try {
                    O = c.K(), c.I = O, c.H = 0, c.B = O, L = TT(E, c), J = c.K() - c.I, c.Y += J, J < (R ? 0 : 10) || 0 >= c.L-- || (J = Math.floor(J), c.N.push(254 >= J ? J : 254))
                } finally {
                    c.i = false
                }
                return L
            }
        },
        pU = function(E, R) {
            if (R = (E = null, x).trustedTypes, !R || !R.createPolicy) return E;
            try {
                E = R.createPolicy("bg", {
                    createHTML: zT,
                    createScript: zT,
                    createScriptURL: zT
                })
            } catch (c) {
                x.console && x.console.error(c.message)
            }
            return E
        },
        K = function(E, R) {
            R.j.splice(0, 0, E)
        },
        a4 = function(E, R, c, L, O) {
            for (L = (O = ((E.Ah = ((E.yp = D8, E).pz = ey, E.XL = E[P], wm)(E.U, {get: function() {
                        return this.concat()
                    }
                }), E).sl = g[E.U](E.Ah, {
                    value: {
                        value: {}
                    }
                }), []), 0); 128 > L; L++) O[L] = String.fromCharCode(L);
            ((K([(V(348, E, (V((V(390, E, ((V(461, ((V(452, E, (V(249, E, (V(364, (V((V(164, (V(188, ((V(234, E, (D(E, 139, [160, 0, (D(E, 115, (D(E, 279, (V(69, E, (V((V(61, (V(141, (D(E, (E.eG = (D(E, (V((D((V(437, (D(E, 485, (D(E, (V(229, E, (D(E, ((D(E, 408, (V(200, (V(402, E, (V(236, E, (D(E, (V(214, E, (V(0, ((V(23, (D(E, 293, (D(E, (D(E, 260, (E.Kz = (E.WF = (E.g = ((E.h = (E.P = [], void 0), E.X = void 0, E).W = void 0, E.T = (E.v = (E.C = 1, E.Y = 0, 8001), 0), (E.B = 0, E).L = (E.A = E, E.o = [], E.F = [], (E.H = void 0, E).N = [], (E.qN = false, E.Z = void 0, E.G = null, E).S = void 0, (E.j = [], E.O = void 0, E).l = ((E.ZX = 0, E).s = 0, L = (E.I = 0, window.performance || {}), false), E.hh = [], 25), 0), function(J) {
                this.A = J
            }), E.i = false, L.timeOrigin || (L.timing || {}).navigationStart || 0), 0)), 63), 0), E)), E), function(J, h, S, q, r, A, n) {
                for (q = (h = N(J, (n = (A = W(J), r = vO(J), ""), 224)), h.length), S = 0; r--;) S = ((S | 0) + (vO(J) | 0)) % q, n += O[h[S]];
                D(J, A, n)
            }), V)(406, E, function(J) {
                CU(3, J)
            }), E), function(J, h, S, q) {
                D(J, (S = (h = W(J), W(J)), q = W(J), q), N(J, h) || N(J, S))
            }), function() {})), 21), 0), function(J, h, S, q) {
                D(J, (S = N(J, (q = N(J, (h = (q = (S = W(J), W(J)), W(J)), q)), S)), h), S in q | 0)
            })), function(J, h, S) {
                0 != N(J, (h = N(J, (h = W((S = W(J), J)), h)), S)) && D(J, 260, h)
            })), E), function(J) {
                CU(4, J)
            }), 2048)), V)(128, E, function(J, h, S) {
                (h = N(J, (S = (h = W(J), W(J)), h)), h = t_(h), D)(J, S, h)
            }), 207), 467), function(J, h, S, q) {
                S = (h = I((q = W(J), J)), W(J)), D(J, S, N(J, q) >>> h)
            })), 416), x), [0, 0, 0])), E), function(J, h, S, q) {
                D(J, (S = (h = (q = (h = W(J), W(J)), N(J, h)), N(J, q)), q), S + h)
            }), E), 108, []), 317), E, function(J, h, S, q, r, A, n, z, T, v, w, p) {
                function H(t, Q) {
                    for (; r < t;) p |= I(J) << r, r += 8;
                    return Q = (r -= t, p) & (1 << t) - 1, p >>= t, Q
                }
                for (p = (n = W(J), r = 0), T = (H(3) | 0) + 1, S = H(5), h = [], q = w = 0; w < S; w++) z = H(1), h.push(z), q += z ? 0 : 1;
                for (v = (q = (w = ((q | 0) - 1).toString(2).length, 0), []); q < S; q++) h[q] || (v[q] = H(w));
                for (w = 0; w < S; w++) h[w] && (v[w] = W(J));
                for (A = []; T--;) A.push(N(J, W(J)));
                V(n, J, function(t, Q, d, k, LU) {
                    for (Q = (LU = (d = [], []), 0); Q < S; Q++) {
                        if (!h[k = v[Q], Q]) {
                            for (; k >= d.length;) d.push(W(t));
                            k = d[k]
                        }
                        LU.push(k)
                    }
                    t.Z = cO(t, (t.W = cO(t, A.slice()), LU))
                })
            }), 446), {}), 0), 278), 0), E), function(J) {
                nU(J, 4)
            }), E), function(J, h, S, q) {
                D(J, (q = (S = N(J, (q = (S = W(J), W(J)), h = W(J), S)), N)(J, q), h), +(S == q))
            }), 409), E, function(J, h) {
                (J = N((h = W(J), J.A), h), J[0]).removeEventListener(J[1], J[2], u)
            }), function(J, h, S, q, r) {
                for (r = (S = (q = vO((h = W(J), J)), 0), []); S < q; S++) r.push(I(J));
                D(J, h, r)
            })), Z(4))), [])), 0)]), function(J, h, S, q) {
                (h = (S = W(J), W(J)), q = W(J), J.A == J) && (q = N(J, q), h = N(J, h), N(J, S)[h] = q, 174 == S && (J.X = void 0, 2 == h && (J.S = e(32, J, false), J.X = void 0)))
            })), V)(209, E, function(J, h, S) {
                D(J, (S = (h = W(J), W)(J), S), "" + N(J, h))
            }), E), function(J, h, S, q, r) {
                h = N(J, (r = (S = N((r = (h = (q = W(J), W(J)), W(J)), S = W(J), J), S), q = N(J.A, q), N(J, r)), h)), 0 !== q && (S = R4(J, r, S, 1, q, h), q.addEventListener(h, S, u), D(J, 21, [q, h, S]))
            }), E), function(J) {
                nU(J, 1)
            }), 225), E, function(J, h, S, q, r, A) {
                G(h, J, false, true) || (q = N0(J.A), h = q.R, S = q.oe, A = q.D, r = A.length, q = q.El, h = 0 == r ? new S[h] : 1 == r ? new S[h](A[0]) : 2 == r ? new S[h](A[0], A[1]) : 3 == r ? new S[h](A[0], A[1], A[2]) : 4 == r ? new S[h](A[0], A[1], A[2], A[3]) : 2(), D(J, q, h))
            }), E.ae = 0, E), function(J, h, S) {
                G(h, J, false, true) || (h = W(J), S = W(J), D(J, S, function(q) {
                    return eval(q)
                }(lN(N(J.A, h)))))
            }), function(J, h) {
                h = N(J, W(J)), uN(h, J.A)
            })), function(J, h, S, q, r, A) {
                if (!G(h, J, true, true)) {
                    if ("object" == t_((A = (h = N((q = W((A = (r = W((h = W(J), J)), W(J)), J)), J), h), r = N(J, r), N(J, A)), J = N(J, q), h))) {
                        for (S in q = [], h) q.push(S);
                        h = q
                    }
                    for (A = 0 < A ? A : 1, S = 0, q = h.length; S < q; S += A) r(h.slice(S, (S | 0) + (A | 0)), J)
                }
            })), E).kt = 0, E), function(J) {
                WO(J, 4)
            }), V)(252, E, function(J, h, S, q, r) {
                S = N(J, (q = N(J, (r = N(J, (q = (r = (S = (h = W(J), W(J)), W(J)), W(J)), r)), q)), S)), D(J, h, R4(J, S, r, q))
            }), function(J, h, S, q) {
                !G(h, J, false, true) && (h = N0(J), S = h.R, q = h.oe, J.A == J || S == J.WF && q == J) && (D(J, h.El, S.apply(q, h.D)), J.B = J.K())
            })), 447), E, function(J, h, S, q) {
                if (S = J.hh.pop()) {
                    for (q = I(J); 0 < q; q--) h = W(J), S[h] = J.o[h];
                    ((S[108] = J.o[108], S)[408] = J.o[408], J).o = S
                } else D(J, 260, J.s)
            }), function(J, h, S, q) {
                h = (S = N(J, (q = W((h = (S = W(J), W(J)), J)), S)), N(J, h)), D(J, q, S[h])
            })), QE)], E), K)([M, c], E), K)([BO, R], E), a(true, true, E)
        },
        rm = function(E, R, c, L, O) {
            for (O = (E = E.replace(/\r\n/g, "\n"), []), R = L = 0; L < E.length; L++) c = E.charCodeAt(L), 128 > c ? O[R++] = c : (2048 > c ? O[R++] = c >> 6 | 192 : (55296 == (c & 64512) && L + 1 < E.length && 56320 == (E.charCodeAt(L + 1) & 64512) ? (c = 65536 + ((c & 1023) << 10) + (E.charCodeAt(++L) & 1023), O[R++] = c >> 18 | 240, O[R++] = c >> 12 & 63 | 128) : O[R++] = c >> 12 | 224, O[R++] = c >> 6 & 63 | 128), O[R++] = c & 63 | 128);
            return O
        },
        x = this || self,
        e = function(E, R, c, L, O, J, h, S, q, r, A, n, z, T) {
            if ((S = N(R, 260), S) >= R.s) throw [f, 31];
            for (L = (J = 0, R.XL.length), h = E, n = S; 0 < h;) T = n >> 3, r = n % 8, q = R.F[T], O = 8 - (r | 0), O = O < h ? O : h, c && (z = R, z.X != n >> 6 && (z.X = n >> 6, A = N(z, 174), z.O = A_(z.S, [0, 0, A[1], A[2]], z.X)), q ^= R.O[T & L]), n += O, J |= (q >> 8 - (r | 0) - (O | 0) & (1 << O) - 1) << (h | 0) - (O | 0), h -= O;
            return D(R, 260, (c = J, (S | 0) + (E | 0))), c
        },
        Xf = function(E, R, c) {
            if (3 == E.length) {
                for (c = 0; 3 > c; c++) R[c] += E[c];
                for (c = (E = [13, 8, 13, 12, 16, 5, 3, 10, 15], 0); 9 > c; c++) R[3](R, c % 3, E[c])
            }
        },
        t_ = function(E, R, c) {
            if ("object" == (c = typeof E, c))
                if (E) {
                    if (E instanceof Array) return "array";
                    if (E instanceof Object) return c;
                    if ("[object Window]" == (R = Object.prototype.toString.call(E), R)) return "object";
                    if ("[object Array]" == R || "number" == typeof E.length && "undefined" != typeof E.splice && "undefined" != typeof E.propertyIsEnumerable && !E.propertyIsEnumerable("splice")) return "array";
                    if ("[object Function]" == R || "undefined" != typeof E.call && "undefined" != typeof E.propertyIsEnumerable && !E.propertyIsEnumerable("call")) return "function"
                } else return "null";
            else if ("function" == c && "undefined" == typeof E.call) return "object";
            return c
        },
        G = function(E, R, c, L, O, J, h, S, q) {
            if ((R.A = ((q = (O = (h = (S = 4 == (J = (L || R.H++, 0 < R.g && R.i && R.qN && 1 >= R.T) && !R.W && !R.G && (!L || 1 < R.v - E) && 0 == document.hidden, R.H)) || J ? R.K() : R.B, h) - R.B, O) >> 14, R.S) && (R.S ^= q * (O << 2)), q) || R.A, R.C += q, S) || J) R.B = h, R.H = 0;
            if (!J || h - R.I < R.g - (c ? 255 : L ? 5 : 2)) return false;
            return (c = N(R, (R.v = E, L ? 63 : 260)), D(R, 260, R.s), R.j).push([m4, c, L ? E + 1 : E]), R.G = Y, true
        },
        vO = function(E, R) {
            return (R = I(E), R) & 128 && (R = R & 127 | I(E) << 7), R
        },
        o4 = function(E, R, c, L) {
            return N(c, (D(c, 260, (HO(((L = N(c, 260), c.F && L < c.s) ? (D(c, 260, c.s), uN(R, c)) : D(c, 260, R), E), c), L)), 446))
        },
        b = function(E, R, c, L, O, J) {
            if (!E.l) {
                if (3 < (c = N(((R = ((J = void 0, c && c[0] === f && (J = c[2], R = c[1], c = void 0), O = N(E, 108), 0) == O.length && (L = N(E, 63) >> 3, O.push(R, L >> 8 & 255, L & 255), void 0 != J && O.push(J & 255)), ""), c) && (c.message && (R += c.message), c.stack && (R += ":" + c.stack)), E), 408), c)) {
                    J = (R = (c -= ((R = R.slice(0, (c | 0) - 3), R).length | 0) + 3, rm(R)), E.A), E.A = E;
                    try {
                        B(279, X(R.length, 2).concat(R), E, 9)
                    } finally {
                        E.A = J
                    }
                }
                D(E, 408, c)
            }
        },
        Z8 = function(E, R) {
            return R[E] << 24 | R[(E | 0) + 1] << 16 | R[(E | 0) + 2] << 8 | R[(E | 0) + 3]
        },
        I = function(E) {
            return E.W ? KU(E.Z, E) : e(8, E, true)
        },
        zT = function(E) {
            return E
        },
        EI = function(E, R, c, L, O) {
            if (L = R[0], L == F) E.L = 25, E.V(R);
            else if (L == P) {
                O = R[1];
                try {
                    c = E.h || E.V(R)
                } catch (J) {
                    l(J, E), c = E.h
                }
                O(c)
            } else if (L == m4) E.V(R);
            else if (L == M) E.V(R);
            else if (L == BO) {
                try {
                    for (c = 0; c < E.P.length; c++) try {
                        O = E.P[c], O[0][O[1]](O[2])
                    } catch (J) {}
                } catch (J) {}(0, (E.P = [], R)[1])(function(J, h) {
                    E.u(J, true, h)
                }, function(J) {
                    K([yE], (J = !E.j.length, E)), J && a(true, false, E)
                })
            } else {
                if (L == C) return c = R[2], D(E, 433, R[6]), D(E, 446, c), E.V(R);
                L == yE ? (E.o = null, E.F = [], E.N = []) : L == QE && "loading" === x.document.readyState && (E.G = function(J, h) {
                    function S() {
                        h || (h = true, J())
                    }(x.document.addEventListener("DOMContentLoaded", S, (h = false, u)), x).addEventListener("load", S, u)
                })
            }
        },
        B = function(E, R, c, L, O, J) {
            if (c.A == c)
                for (O = N(c, E), 279 == E ? (E = function(h, S, q, r) {
                        if ((r = (S = O.length, S | 0) - 4 >> 3, O).Ul != r) {
                            q = [0, (r = (r << 3) - (O.Ul = r, 4), 0), J[1], J[2]];
                            try {
                                O.z$ = A_(Z8(r, O), q, Z8((r | 0) + 4, O))
                            } catch (A) {
                                throw A;
                            }
                        }
                        O.push(O.z$[S & 7] ^ h)
                    }, J = N(c, 485)) : E = function(h) {
                        O.push(h)
                    }, L && E(L & 255), c = 0, L = R.length; c < L; c++) E(R[c])
        },
        Y = x.requestIdleCallback ? function(E) {
            requestIdleCallback(function() {
                E()
            }, {
                timeout: 4
            })
        } : x.setImmediate ? function(E) {
            setImmediate(E)
        } : function(E) {
            setTimeout(E, 0)
        },
        WO = function(E, R, c, L) {
            for (c = (L = W(E), 0); 0 < R; R--) c = c << 8 | I(E);
            D(E, L, c)
        },
        V = function(E, R, c) {
            D(R, E, c), c[QE] = 2796
        },
        y, U, N = function(E, R) {
            if ((E = E.o[R], void 0) === E) throw [f, 30, R];
            if (E.value) return E.create();
            return (E.create(5 * R * R + 27 * R + -58), E).prototype
        },
        HO = function(E, R, c, L, O, J) {
            if (!R.h) {
                R.T++;
                try {
                    for (O = (J = (c = R.s, void 0), 0); --E;) try {
                        if ((L = void 0, R).W) J = KU(R.W, R);
                        else {
                            if (O = N(R, 260), O >= c) break;
                            J = N(R, (D(R, 63, O), L = W(R), L))
                        }
                        G((J && J[yE] & 2048 ? J(R, E) : b(R, 0, [f, 21, L]), E), R, false, false)
                    } catch (h) {
                        N(R, 207) ? b(R, 22, h) : D(R, 207, h)
                    }
                    if (!E) {
                        if (R.bG) {
                            HO((R.T--, 188885615751), R);
                            return
                        }
                        b(R, 0, [f, 33])
                    }
                } catch (h) {
                    try {
                        b(R, 22, h)
                    } catch (S) {
                        l(S, R)
                    }
                }
                R.T--
            }
        },
        N0 = function(E, R, c, L, O, J) {
            for (c = (O = E[gm] || {}, R = W(E), O.El = W(E), O.D = [], J = E.A == E ? (I(E) | 0) - 1 : 1, L = W(E), 0); c < J; c++) O.D.push(W(E));
            for (O.oe = N(E, L); J--;) O.D[J] = N(E, O.D[J]);
            return O.R = N(E, R), O
        },
        KU = function(E, R) {
            return (E = E.create().shift(), R).W.create().length || R.Z.create().length || (R.Z = void 0, R.W = void 0), E
        },
        u = {
            passive: true,
            capture: true
        },
        gm = String.fromCharCode(105, 110, 116, 101, 103, 67, 104, 101, 99, 107, 66, 121, 112, 97, 115, 115),
        BO = (m.prototype.bG = !(m.prototype.J = "toString", 1), []),
        f = (m.prototype.mf = (m.prototype.Vp = void 0, void 0), {}),
        M = [],
        m4 = [],
        F = [],
        yE = [],
        QE = [],
        P = [],
        C = [],
        Y1 = ((iN, Z, Sy, Xf, m.prototype).U = "create", U = m.prototype, U.nz = function(E, R, c, L, O, J) {
            for (O = (c = 0, []), J = 0; J < E.length; J++)
                for (c += R, L = L << R | E[J]; 7 < c;) c -= 8, O.push(L >> c & 255);
            return O
        }, U.DX = function(E, R, c, L, O) {
            for (L = O = 0; L < E.length; L++) O += E.charCodeAt(L), O += O << 10, O ^= O >> 6;
            return (O = (E = (O += O << 3, O ^= O >> 11, O + (O << 15) >>> 0), new Number(E & (1 << R) - 1)), O)[0] = (E >>> R) % c, O
        }, void 0),
        g = f.constructor;
    (((U.K = (window.performance || {}).now ? function() {
        return this.Kz + window.performance.now()
    } : function() {
        return +new Date
    }, U.th = (U.dC = function() {
        return Math.floor(this.Y + (this.K() - this.I))
    }, function() {
        return Math.floor(this.K())
    }), U).SG = function(E, R, c) {
        return E ^ (R ^= R << 13, R ^= R >> 17, (R = (R ^ R << 5) & c) || (R = 1), R)
    }, U).u = function(E, R, c, L, O) {
        if (c = "array" === t_(c) ? c : [c], this.h) E(this.h);
        else try {
            O = [], L = !this.j.length, K([F, O, c], this), K([P, E, O], this), R && !L || a(R, true, this)
        } catch (J) {
            l(J, this), E(this.h)
        }
    }, m.prototype).V = function(E, R) {
        return R = (Y1 = (E = {}, function() {
                return R == E ? -58 : -12
            }), {}),
            function(c, L, O, J, h, S, q, r, A, n, z, T, v, w, p) {
                R = (n = R, E);
                try {
                    if (S = c[0], S == M) {
                        z = c[1];
                        try {
                            for (h = (T = (p = [], atob(z)), v = 0); v < T.length; v++) A = T.charCodeAt(v), 255 < A && (p[h++] = A & 255, A >>= 8), p[h++] = A;
                            D(this, (this.s = (this.F = p, this.F.length) << 3, 174), [0, 0, 0])
                        } catch (H) {
                            b(this, 17, H);
                            return
                        }
                        HO(8001, this)
                    } else if (S == F) c[1].push(N(this, 139).length, N(this, 115).length, N(this, 408), N(this, 279).length), D(this, 446, c[2]), this.o[479] && o4(8001, N(this, 479), this);
                    else {
                        if (S == P) {
                            this.A = (J = (O = X(((p = c[2], N(this, 139).length) | 0) + 2, 2), this.A), this);
                            try {
                                r = N(this, 108), 0 < r.length && B(139, X(r.length, 2).concat(r), this, 10), B(139, X(this.C, 1), this, 109), B(139, X(this[P].length, 1), this), T = 0, T += N(this, 278) & 2047, T -= (N(this, 139).length | 0) + 5, w = N(this, 279), 4 < w.length && (T -= (w.length | 0) + 3), 0 < T && B(139, X(T, 2).concat(Z(T)), this, 15), 4 < w.length && B(139, X(w.length, 2).concat(w), this, 156)
                            } finally {
                                this.A = J
                            }
                            if (((h = Z(2).concat(N(this, 139)), h)[1] = h[0] ^ 6, h)[3] = h[1] ^ O[0], h[4] = h[1] ^ O[1], L = this.jG(h)) L = "!" + L;
                            else
                                for (L = "", T = 0; T < h.length; T++) q = h[T][this.J](16), 1 == q.length && (q = "0" + q), L += q;
                            return N((D(this, 408, (N(this, (N(this, (v = L, 139)).length = p.shift(), 115)).length = p.shift(), p.shift())), this), 279).length = p.shift(), v
                        }
                        if (S == m4) o4(c[2], c[1], this);
                        else if (S == C) return o4(8001, c[1], this)
                    }
                } finally {
                    R = n
                }
            }
    }();
    var ey, D8 = (m.prototype.rC = ((m.prototype.jG = function(E, R, c, L) {
            if (c = window.btoa) {
                for (L = 0, R = ""; L < E.length; L += 8192) R += String.fromCharCode.apply(null, E.slice(L, L + 8192));
                E = c(R).replace(/\+/g, "-").replace(/\//g, "_").replace(/=/g, "")
            } else E = void 0;
            return E
        }, m.prototype).xt = 0, 0), m.prototype[BO] = [0, 0, 1, 1, 0, 1, 1], /./),
        x1 = M.pop.bind(m.prototype[F]),
        lN = function(E, R) {
            return (R = pU()) && 1 === E.eval(R.createScript("1")) ? function(c) {
                return R.createScript(c)
            } : function(c) {
                return "" + c
            }
        }(((ey = (D8[m.prototype.J] = x1, wm(m.prototype.U, {get: x1
        })), m).prototype.G$ = void 0, x));
    (40 < (y = x.botguard || (x.botguard = {}), y.m) || (y.m = 41, y.bg = J_, y.a = sI), y).ABO_ = function(E, R, c) {
        return [(c = new m(E, R), function(L) {
            return q0(c, L)
        })]
    };
}).call(this);
                                    

#7 JavaScript::Eval (size: 6482, repeated: 1) - SHA256: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

                                        var amzn_aps_csm = amzn_aps_csm || {};
amzn_aps_csm.errors = [], amzn_aps_csm.reportErrors = function(a) {
        var b, c;
        for (/^https?:\/\//.test(a) === !1 && (a = document.location.protocol + "//" + a), "/" !== a.substr(a.length - 1) && (a += "/"), b = 0; b < amzn_aps_csm.errors.length; b++) c = '{"adViewability":[{"error": {"m": "' + amzn_aps_csm.errors[b] + '"}}], "c": "aps_communicator", "api": "RTB", "error": 1}', "https:" === document.location.protocol && /^http:\/\//.test(a) === !0 && (a = a.replace("http://", "https://")), (new Image).src = a + c + "?cb=" + Math.round(1e7 * Math.random());
        amzn_aps_csm.errors = []
    },
    function(a) {
        function b(a) {
            return a ? a.replace(/^\s+|\s+$/g, "") : a
        }

        function c(a) {
            if (a && a.s) {
                var b, c = a.s.length > 0 ? a.s[0] : "",
                    d = a.s.length > 1 ? a.s[1] : "";
                c && (b = c.match(j)), b && 3 === b.length || !d || (b = d.match(i)), b && 3 === b.length && (a.f = b[1], a.l = b[2])
            }
        }

        function d(a, d) {
            if (d = d || {}, !a) return {};
            a.m && a.m.message && (a = a.m);
            var i, j, k, l, m, n = {
                    m: e(a, d),
                    c: a.c ? "" + a.c : a.c,
                    s: [],
                    l: a.l || a.line || a.lineno || a.lineNumber,
                    name: a.name,
                    type: a.type
                },
                o = 0,
                p = 0;
            if (i = a.stack || (a.err ? a.err.stack : ""), i && i.split)
                for (j = i.split("\n"); o < j.length && n.s.length < g;) k = j[o++], k && n.s.unshift(b(k));
            else
                for (l = f(a.args || arguments, "callee"), o = 0, p = 0; l && g > o;) m = h, l.skipTrace || (k = l.toString(), k && k.substr && (m = 0 === p ? 4 * h : m, m = 1 === p ? 2 * h : m, n.s.unshift(k.substr(0, m)), p++)), l = f(l, "caller"), o++;
            return !n.f && n.s.length > 0 && c(n), n
        }

        function e(a, b) {
            var c = b.m || b.message || "";
            return c += a.m && a.m.message ? a.m.message : a.m && a.m.target && a.m.target.tagName ? "Error handler invoked by " + a.m.target.tagName + " tag" : a.m ? a.m : a.message ? a.message : "Unknown error"
        }

        function f(a, b) {
            try {
                return a[b]
            } catch (c) {
                return ""
            }
        }
        var g = 20,
            h = 256,
            i = /\(?([^\s]*):(\d+):\d+\)?/,
            j = /.*@(.*):(\d*)/;
        a.constructErrorMessage = d
    }(amzn_aps_csm), window.JSON || (window.JSON = {
        parse: function(sJSON) {
            return eval("(" + sJSON + ")")
        },
        stringify: function() {
            var a = Object.prototype.toString,
                b = Array.isArray || function(b) {
                    return "[object Array]" === a.call(b)
                },
                c = {
                    '"': '\\"',
                    "\\": "\\\\",
                    "\b": "\\b",
                    "\f": "\\f",
                    "\n": "\\n",
                    "\r": "\\r",
                    "	": "\\t"
                },
                d = function(a) {
                    return c[a] || "\\u" + (a.charCodeAt(0) + 65536).toString(16).substr(1)
                },
                e = /[\\"\u0000-\u001F\u2028\u2029]/g;
            return function f(c) {
                var g, h, i, j;
                if (null == c) return "null";
                if ("number" == typeof c) return isFinite(c) ? c.toString() : "null";
                if ("boolean" == typeof c) return c.toString();
                if ("object" == typeof c) {
                    if ("function" == typeof c.toJSON) return f(c.toJSON());
                    if (b(c)) {
                        for (g = "[", h = 0; h < c.length; h++) g += (h ? ", " : "") + f(c[h]);
                        return g + "]"
                    }
                    if ("[object Object]" === a.call(c)) {
                        i = [];
                        for (j in c) c.hasOwnProperty(j) && i.push(f(j) + ": " + f(c[j]));
                        return "{" + i.join(", ") + "}"
                    }
                }
                return '"' + c.toString().replace(e, d) + '"'
            }
        }()
    }), amzn_aps_csm = amzn_aps_csm || {}, amzn_aps_csm.log = function(a) {
        try {
            -1 !== window.location.href.indexOf("csm_debug_mode") && window.console && window.console.log(a)
        } catch (b) {
            b.message && amzn_aps_csm.errors.push(b.message)
        }
    }, amzn_aps_csm.loadModules = function(a) {
        var b, c, d;
        try {
            for (b = 0; b < a.length; b++) {
                if (c = a[b].name, d = a[b].params || [], window.performance && window.performance.mark && "function" == typeof window.performance.mark && window.performance.mark("loadStart" + c), "[object Array]" !== Object.prototype.toString.call(d) && amzn_aps_csm.log("Params passed in the amzn_aps_csm.loadModules methods must be an array"), amzn_aps_csm[c]) {
                    if (void 0 === amzn_aps_csm[c].shortName) throw new amzn_aps_csm.invalidModuleException("Module shortName not defined for module " + c + ". ");
                    amzn_aps_csm[c].init.apply(amzn_aps_csm[c], d), amzn_aps_csm.log("Initiated " + c + " module")
                } else amzn_aps_csm.log("Undefined module " + c);
                window.performance && window.performance.mark && "function" == typeof window.performance.mark && (window.performance.mark("loadEnd" + c), window.performance.measure("lt" + amzn_aps_csm[c].shortName, "loadStart" + c, "loadEnd" + c))
            }
        } catch (e) {
            e.message && amzn_aps_csm.errors.push(e.message)
        }
    }, amzn_aps_csm.define = function(a) {
        var b, c, d, e, f, g, h, i;
        try {
            for (b = function(a) {
                    return "string" == typeof a ? amzn_aps_csm[a] : a
                }, c = Array.prototype.slice.call(arguments), d = c[0], e = c.length > 2 ? c[1] : [], f = c[c.length - 1], g = [], h = 0, i = e.length; i > h; h++) g.push(b(e[h]));
            amzn_aps_csm[d] = f.apply(f, g)
        } catch (j) {
            j.message && amzn_aps_csm.errors.push(j.message)
        }
    }, amzn_aps_csm.invalidModuleException = function(a) {
        this.value = a, this.message = "does not conform to the expected format of a module", this.toString = function() {
            return this.value + this.message
        }
    }, amzn_aps_csm = amzn_aps_csm || {}, amzn_aps_csm.define("eventUtils", [], function() {
        var a = {
            shortName: "eu"
        };
        return a.init = function() {
            amzn_aps_csm.log("Initializing eventUtils"), a.eventHandlers = []
        }, a.addEvent = function(b, c, d, e) {
            b.addEventListener ? b.addEventListener(c, d, e) : b.attachEvent && b.attachEvent("on" + c, d);
            var f = {
                elem: b,
                eventName: c,
                cb: d
            };
            a.eventHandlers.push(f)
        }, a.registerPostMessageHandler = function(a) {
            var b = window.addEventListener ? "addEventListener" : "attachEvent",
                c = window[b],
                d = "attachEvent" == b ? "onmessage" : "message";
            c(d, function(b) {
                a(b)
            }, !1)
        }, a
    }), amzn_aps_csm = amzn_aps_csm || {}, amzn_aps_csm.define("pixelQueue", [], function() {
        var a = {
            shortName: "pq"
        };
        return a.init = function() {}, a.firePixel = function(a, b, c) {
            if ("" !== b) {
                /^https?:\/\//.test(b) === !1 && (b = document.location.protocol + "//" + b), "/" != b.substr(b.length - 1) && (b += "/"), "https:" === document.location.protocol && /^http:\/\//.test(b) === !0 && (b = b.replace("http://", "https://"));
                try {
                    var d = JSON.parse(a);
                    d.ver = amzn_aps_csm.version, a = JSON.stringify(d)
                } catch (e) {}
                void 0 !== c && "" !== c && (b += c), (new Image).src = b + a + "?cb=" + Math.round(1e7 * Math.random())
            } else amzn_aps_csm.log("instrURL is empty")
        }, a
    }), amzn_aps_csm = amzn_aps_csm || {},
    function() {
        var a, b;
        amzn_aps_csm.loadModules([{
            name: "eventUtils",
            params: []
        }]);
        for (a in amzn_aps_csm.eventUtils) amzn_aps_csm.eventUtils.hasOwnProperty(a) && (amzn_aps_csm[a] = amzn_aps_csm.eventUtils[a]);
        amzn_aps_csm.loadModules([{
            name: "pixelQueue",
            params: []
        }]), b = 5, amzn_aps_csm.registerPostMessageHandler(function(a) {
            var c, d, e, f, g, h, i, j, k, l, m;
            if (amzn_aps_csm.log("parent received message!: ", a.data), amzn_aps_csm.log(a.origin), /pixelId/.test(a.data)) {
                for (c = a.source, d = 0; c.parent !== top && b > d;) c = c.parent, d++;
                for (e = {}, "object" == typeof apstag && null !== apstag && "function" == typeof apstag._getSlotIdToNameMapping && null !== apstag._getSlotIdToNameMapping() && (e = apstag._getSlotIdToNameMapping()), f = "", g = document.getElementsByTagName("iframe"), h = 0; h < g.length; h++)
                    if (g[h].contentWindow === c) {
                        i = g[h].parentElement;
                        do j = i.id, i = i.parentElement; while (e.hasOwnProperty(j) === !1 && "body" !== i.tagName.toLowerCase());
                        f = e[j] || j
                    }
                k = JSON.parse(a.data), l = decodeURIComponent(k.instrURL), m = {
                    sn: encodeURIComponent(f),
                    pixelId: k.pixelId
                }, /amazon-adsystem\.com/.test(l) && amzn_aps_csm.pixelQueue.firePixel(JSON.stringify(m), l, "")
            }
        })
    }();
                                    

Executed Writes (1)

#1 JavaScript::Write (size: 173, repeated: 1) - SHA256: 642f9705ec7d8c7b0f907d5fecc582d31d93a78c244f05c938e36bf016fe9d3c

                                        < body style = "background-color:white;margin:0px;padding:0px;" > < div id = "c" > < /div><script src="https:/ / ecdn.firstimpression.io / static / js / fiamp.js "></script></body>
                                    


HTTP Transactions (124)


Request Response
                                        
                                            GET /U8nrpN HTTP/1.1 
Host: ouo.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         104.22.22.162
HTTP/1.1 301 Moved Permanently
                                        
Date: Thu, 22 Sep 2022 16:27:48 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 22 Sep 2022 17:27:48 GMT
Location: https://ouo.io/U8nrpN
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74ec68fcef120b69-OSL

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 22 Sep 2022 16:14:01 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: nEiMUz-QvRRvCk2iSl8VgBBq9_ImFmXcy7Ll4X118Hp7Sf7sopbewA==
Age: 827


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    1b3053fa528e28810f8a2cc9284cc921
Sha1:   cca9eb471d941881a6b9a1793aecb6c281908f6a
Sha256: a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "35BAAAE7B3CE3110EBB2B075881CFAB55ECF3EAB57D834283FD18AC691B41FA2"
Last-Modified: Tue, 20 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4270
Expires: Thu, 22 Sep 2022 17:38:58 GMT
Date: Thu, 22 Sep 2022 16:27:48 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.110
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 22 Sep 2022 04:35:15 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: YN6VI7SUXKQl0qZXFuohZUxcqmFzQdnPRMYcjWoARdcKBhQccd5dew==
age: 42754
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Thu, 22 Sep 2022 16:27:48 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Thu, 22 Sep 2022 16:03:22 GMT
Cache-Control: max-age=3600
Expires: Thu, 22 Sep 2022 16:17:27 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: PLs3BeImLhG7pQ6L99YHp8BLSG0RqxxrIR1GregrlWLFaYqaonxnag==
Age: 1467


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5402
Cache-Control: 'max-age=158059'
Date: Thu, 22 Sep 2022 16:27:49 GMT
Last-Modified: Thu, 22 Sep 2022 14:57:47 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /images/world.png HTTP/1.1 
Host: ouo.press
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/U8nrpN
Cookie: ouoio_session=eyJpdiI6IkFvMDNjWXJFdnQ0dlNmNlY3aElyclU5VTRsVkJTUVhkbG5FMFRTXC90OVFvPSIsInZhbHVlIjoiRnRGNG5YdjJTMlwvVGxhaVU0SHkzamRieExRWHVvR2lCMnFPaDdiQ3lMcXJNRXBsSFl4dkxZcHVsazg3anM5T2lFZmZHSUV6eTNyY0czZk5kbW8zbm5RPT0iLCJtYWMiOiJiMTU5MDYyZTJlNTljOGZkNTkwMjFlOTQ1M2NmZWVlMjczNDExNzg5YTI4YmVmZjViM2JjMDU4NmIwOWY4MTliIn0%3D; language=eyJpdiI6IkhqQklWQWhIY09tMFViN2g2ekxZNjgrY0Q1Z2xCQnlWZzloN2tqSnRFN2c9IiwidmFsdWUiOiJwZ1hHTHM5M3pLWVpiMDVVaXZzYWV0amtEYUYxMVpmVDdJTVZGbUtzTEs4PSIsIm1hYyI6ImIzYTUwYzc1NmJmNzZiYjk1NmQ4YTA3N2Y5YTdmNjBhMzQ4ZjMwMzRjOWI4YzI0NDY0NWFiYmY1N2MzMDBlNDYifQ%3D%3D; e6343f55f8de1b93b28e99e178513f9efb2d3252=eyJpdiI6IjIxTG1yMHhnY0JtcFRISzhtcWtza1c0U1orXC9uWmgxajdKODg2MitKZXJFPSIsInZhbHVlIjoiaHNIbDBDVmJXSko1aDVvOFwvNUN4M0JoR2E5VWtrY0NjNnFsbSsrOHRyb1hLejM0NzlyOXZUWVBJYk40NHVQY0RxUkVSMTNvMW42dDZTZG92aERqXC9DNGl1RXFQUDNNb0Y4Y2ZMVWxDekZzM0pqeFN0WmVaclFcL1c4bHI5WmxldFBnM3NlM0xoNlM2SVdiVkF1ZllZd0VHXC9wT1NjbzN0eURtRWwrR1ZwYjA0Uk9CZnZobWRQUDRBR0RmU0gycmlLTUJKaGxUUW9HNnBRcXhtMTNcL0dtTGRlbFZzeEFPTFJ6TFdCbnZsMnN3ZmdVWm55TG9uVFk5WE84akw4V0R5R04yaXgyOXpmV1ZCQm5OU091UWpadm95YnpLODlBc3VXb0FMeERtSTdiWDE3S1h3bnJkVHE3bkpjZHBQNFBtNDA2eTIwc0FRR0VGdW5DRnRuQUJLMG0wdXNoRVU0TEZKcnhiMk82YmluVEdJd2FWc1lSNG41cGxWU1dZOW81dVc3SUoiLCJtYWMiOiJhODE3N2I4NzI1MjU2MTY4MDAzZjMyZTY4YzdkZTFhM2M1MDEyMTFkMjk5YjkyODhiN2Y2YmVlNmQyZjllYzNhIn0%3D; __cf_bm=N5JFHHVk8VfQJNpkhEU2kWCZCG3wmDh5a8ZWz5EmWVk-1663864069-0-ARrjo568ZUo8DrbloxV/buaEcRkj7lV5Uk8O3GxiyYWcOjAFP1BD3xHVduMWEA+aL7Sc3UZQdsJKSf03T93qIG4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.22.15
HTTP/2 200 OK
content-type: image/png
                                        
date: Thu, 22 Sep 2022 16:27:49 GMT
content-length: 5692
cache-control: max-age=2592000
cf-bgj: imgq:85,h2pri
cf-polished: status=not_needed
etag: "5549a07c-163c"
expires: Tue, 04 Oct 2022 22:31:44 GMT
last-modified: Wed, 06 May 2015 05:02:52 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 1533365
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ec6903ecc60b02-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Size:   5692
Md5:    4eea420a8830a6d695114427bf52b556
Sha1:   35579e7f1a656beb3a07a7093166ff37c634bade
Sha256: 70f03c74cc197cf154af36fa552a448d9ffebb55081c96e55ef4cf469123fe22
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 22 Sep 2022 16:27:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 22 Sep 2022 16:27:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2410
Cache-Control: 'max-age=158059'
Date: Thu, 22 Sep 2022 16:27:49 GMT
Last-Modified: Thu, 22 Sep 2022 15:47:40 GMT
Server: ECS (amb/6BA0)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "D44B41AB9668E5A736B6FBF3C36E08434F3DC50AA88FF6183A04445C0F7299F0"
Last-Modified: Wed, 21 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=55
Expires: Thu, 22 Sep 2022 16:28:44 GMT
Date: Thu, 22 Sep 2022 16:27:49 GMT
Connection: keep-alive

                                        
                                            GET /recaptcha/api.js?render=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.164
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
expires: Thu, 22 Sep 2022 16:27:49 GMT
date: Thu, 22 Sep 2022 16:27:49 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 585
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (884), with no line terminators
Size:   585
Md5:    ffc0e5974b36df4fbf86044645f56feb
Sha1:   582d8833edc2dab0f78d8f3a368dd36479481348
Sha256: 51fe629ea38f998cc3139171392cbae2a1348d03c75074cd60ae1fc03be69997
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2410
Cache-Control: 'max-age=158059'
Date: Thu, 22 Sep 2022 16:27:49 GMT
Last-Modified: Thu, 22 Sep 2022 15:47:40 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ZUrXg3obcuZphk7a38MCOA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         54.186.209.73
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: rI8c4ROfmZYQ8zRni9TjEwHb2LM=

                                        
                                            GET /static/js/fab.js HTTP/1.1 
Host: ecdn.analysis.fi
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.8
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 4240
server: nginx/1.20.0
last-modified: Tue, 14 Dec 2021 15:30:51 GMT
access-control-allow-origin: *
accept-ranges: bytes
date: Thu, 22 Sep 2022 15:38:45 GMT
expires: Thu, 22 Sep 2022 16:38:44 GMT
cache-control: max-age=3600
etag: "61b8b8ab-1090"
x-cache: Hit from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: VuJm7DwBlupDQgKF-r9w74gn0HM8cj_nAomXpOXtmX8I7Bw7E9a8GA==
age: 2945
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (574)
Size:   4240
Md5:    28a0bef1ecb63168106f97b637ab3414
Sha1:   e577575dd115f6a95aea8c2ae87d2c30c8464728
Sha256: d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6
                                        
                                            GET /U8nrpN HTTP/1.1 
Host: ouo.press
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         172.67.22.15
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Thu, 22 Sep 2022 16:27:49 GMT
cache-control: no-cache
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
set-cookie: ouoio_session=eyJpdiI6IkFvMDNjWXJFdnQ0dlNmNlY3aElyclU5VTRsVkJTUVhkbG5FMFRTXC90OVFvPSIsInZhbHVlIjoiRnRGNG5YdjJTMlwvVGxhaVU0SHkzamRieExRWHVvR2lCMnFPaDdiQ3lMcXJNRXBsSFl4dkxZcHVsazg3anM5T2lFZmZHSUV6eTNyY0czZk5kbW8zbm5RPT0iLCJtYWMiOiJiMTU5MDYyZTJlNTljOGZkNTkwMjFlOTQ1M2NmZWVlMjczNDExNzg5YTI4YmVmZjViM2JjMDU4NmIwOWY4MTliIn0%3D; path=/; httponly language=eyJpdiI6IkhqQklWQWhIY09tMFViN2g2ekxZNjgrY0Q1Z2xCQnlWZzloN2tqSnRFN2c9IiwidmFsdWUiOiJwZ1hHTHM5M3pLWVpiMDVVaXZzYWV0amtEYUYxMVpmVDdJTVZGbUtzTEs4PSIsIm1hYyI6ImIzYTUwYzc1NmJmNzZiYjk1NmQ4YTA3N2Y5YTdmNjBhMzQ4ZjMwMzRjOWI4YzI0NDY0NWFiYmY1N2MzMDBlNDYifQ%3D%3D; expires=Tue, 21-Sep-2027 16:27:49 GMT; Max-Age=157680000; path=/; httponly e6343f55f8de1b93b28e99e178513f9efb2d3252=eyJpdiI6IjIxTG1yMHhnY0JtcFRISzhtcWtza1c0U1orXC9uWmgxajdKODg2MitKZXJFPSIsInZhbHVlIjoiaHNIbDBDVmJXSko1aDVvOFwvNUN4M0JoR2E5VWtrY0NjNnFsbSsrOHRyb1hLejM0NzlyOXZUWVBJYk40NHVQY0RxUkVSMTNvMW42dDZTZG92aERqXC9DNGl1RXFQUDNNb0Y4Y2ZMVWxDekZzM0pqeFN0WmVaclFcL1c4bHI5WmxldFBnM3NlM0xoNlM2SVdiVkF1ZllZd0VHXC9wT1NjbzN0eURtRWwrR1ZwYjA0Uk9CZnZobWRQUDRBR0RmU0gycmlLTUJKaGxUUW9HNnBRcXhtMTNcL0dtTGRlbFZzeEFPTFJ6TFdCbnZsMnN3ZmdVWm55TG9uVFk5WE84akw4V0R5R04yaXgyOXpmV1ZCQm5OU091UWpadm95YnpLODlBc3VXb0FMeERtSTdiWDE3S1h3bnJkVHE3bkpjZHBQNFBtNDA2eTIwc0FRR0VGdW5DRnRuQUJLMG0wdXNoRVU0TEZKcnhiMk82YmluVEdJd2FWc1lSNG41cGxWU1dZOW81dVc3SUoiLCJtYWMiOiJhODE3N2I4NzI1MjU2MTY4MDAzZjMyZTY4YzdkZTFhM2M1MDEyMTFkMjk5YjkyODhiN2Y2YmVlNmQyZjllYzNhIn0%3D; expires=Thu, 22-Sep-2022 18:27:49 GMT; Max-Age=7200; path=/; httponly __cf_bm=N5JFHHVk8VfQJNpkhEU2kWCZCG3wmDh5a8ZWz5EmWVk-1663864069-0-ARrjo568ZUo8DrbloxV/buaEcRkj7lV5Uk8O3GxiyYWcOjAFP1BD3xHVduMWEA+aL7Sc3UZQdsJKSf03T93qIG4=; path=/; expires=Thu, 22-Sep-22 16:57:49 GMT; domain=.ouo.press; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 74ec69011a090b02-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1938)
Size:   3679
Md5:    df87fe1927c58ca22e9c1b5e3cf1e6f9
Sha1:   dfa971c22b80a9545c464450cac37b0fe59845ae
Sha256: b6947ae618375d96a59da6a326a42333d7c8f7fb9ada7e81abfbb2f5488e7834
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 22 Sep 2022 16:27:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 22 Sep 2022 16:27:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 22 Sep 2022 16:27:49 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 19 Sep 2022 20:45:59 GMT
Expires: Mon, 26 Sep 2022 20:45:58 GMT
Etag: "ce9e04917a4525b562b81b42e58cec55700ddabd"
Cache-Control: max-age=360488,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74ec6904c859b51e-OSL

                                        
                                            GET /sdk/v1/n.js HTTP/1.1 
Host: cdn.runative-syndicate.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         8.247.218.249
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Thu, 22 Sep 2022 16:27:49 GMT
content-length: 5220
last-modified: Wed, 23 Mar 2022 15:25:35 GMT
server: nginx
x-robots-tag: noindex, nofollow
content-encoding: gzip
vary: Accept-Encoding
etag: W/"623b3bef-3202"
age: 3569311
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (591)
Size:   5220
Md5:    e6b953ae4edfbe129269f196fe87eee9
Sha1:   eb99511c1d23000bc72b2c640bbcd5792eb431f2
Sha256: eb6d42f0cdeddc023b69947db248be42bc66aa2da8c59178b7f22b528c4dd60f
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A0FC507F1E014A458CA44DD7BEA70B5D2D36B11DA2AE73398CAD416A9465657A"
Last-Modified: Wed, 21 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2490
Expires: Thu, 22 Sep 2022 17:09:19 GMT
Date: Thu, 22 Sep 2022 16:27:49 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E666E5F16EFAB20876F06451B40FA8F1E596218DBB174F1B09289B0A8ADE06BA"
Last-Modified: Tue, 20 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20288
Expires: Thu, 22 Sep 2022 22:05:58 GMT
Date: Thu, 22 Sep 2022 16:27:50 GMT
Connection: keep-alive

                                        
                                            GET /cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D26%26uid%3D HTTP/1.1 
Host: prebid.a-mo.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         147.75.85.234
HTTP/2 302 Found
                                        
cache-control: max-age=0, private, must-revalidate
content-length: 0
date: Thu, 22 Sep 2022 16:27:49 GMT
location: https://sync.viavideo.digital/tools/sync?dsp=26&uid=80507b74-6432-4bda-9e26-1521f4e84277&gdpr=0&gdpr_consent=&us_privacy=
server: envoy
x-envoy-upstream-service-time: 1
X-Firefox-Spdy: h2

                                        
                                            GET /logs/req/site?sid=105641&uid=&event=playerLoaded&v=206231&cb=1663864069542 HTTP/1.1 
Host: hhkld.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         141.94.202.176
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Thu, 22 Sep 2022 16:27:50 GMT
content-length: 43
last-modified: Tue, 28 Jun 2022 15:48:44 GMT
etag: "62bb22dc-2b"
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    df3e567d6f16d040326c7a0ea29a4f41
Sha1:   ea7df583983133b62712b5e73bffbcd45cc53736
Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
                                        
                                            GET /rucdn/js/player/h6fdj3b5.js HTTP/1.1 
Host: hhkld.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         141.94.202.176
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Thu, 22 Sep 2022 16:27:50 GMT
last-modified: Tue, 13 Sep 2022 10:46:13 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public, no-transform
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   148368
Md5:    f40b198f7848be22b3a51946d7578d16
Sha1:   84c70819e857238aac3d0eaa416ecb26f0e6ab5b
Sha256: c5426425d63936956c77d0b04960d90c70356f2bd23b2ab5a1cf698b3a08bc90
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "BAD6354F9453D9EF22A85EC0671D30FD6E2AFDD5C7575069AEA14FF2683D6B96"
Last-Modified: Wed, 21 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10525
Expires: Thu, 22 Sep 2022 19:23:15 GMT
Date: Thu, 22 Sep 2022 16:27:50 GMT
Connection: keep-alive

                                        
                                            GET /tools/sync?dsp=26&uid=80507b74-6432-4bda-9e26-1521f4e84277&gdpr=0&gdpr_consent=&us_privacy= HTTP/1.1 
Host: sync.viavideo.digital
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ouo.press/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         141.94.202.176
HTTP/2 301 Moved Permanently
                                        
server: nginx
date: Thu, 22 Sep 2022 16:27:50 GMT
content-length: 0
location: https://sync.hhkld.com/tools/sync?dsp=26&uid=80507b74-6432-4bda-9e26-1521f4e84277&gdpr=0&gdpr_consent=&us_privacy=&viads_uid=ccm8q1n2tal37k3piv90Xx
set-cookie: uid=ccm8q1n2tal37k3piv90Xx; expires=Fri, 22 Sep 2023 16:27:50 GMT; domain=.viavideo.digital; path=/
X-Firefox-Spdy: h2

                                        
                                            GET /tools/sync?dsp=26&uid=80507b74-6432-4bda-9e26-1521f4e84277&gdpr=0&gdpr_consent=&us_privacy=&viads_uid=ccm8q1n2tal37k3piv90Xx HTTP/1.1 
Host: sync.hhkld.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ouo.press/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         141.94.202.176
HTTP/2 301 Moved Permanently
                                        
server: nginx
date: Thu, 22 Sep 2022 16:27:50 GMT
content-length: 0
location: https://sync.vicodes.com/tools/sync?dsp=26&uid=80507b74-6432-4bda-9e26-1521f4e84277&gdpr=0&gdpr_consent=&us_privacy=&viads_uid=ccm8q1n2tal37k3piv90Xx
set-cookie: uid=ccm8q1n2tal37k3piv90Xx; expires=Fri, 22 Sep 2023 16:27:50 GMT; domain=.hhkld.com; path=/
X-Firefox-Spdy: h2

                                        
                                            GET /rucdn/static/report.svg HTTP/1.1 
Host: hhkld.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         141.94.202.176
HTTP/2 200 OK
content-type: image/svg+xml
                                        
server: nginx
date: Thu, 22 Sep 2022 16:27:50 GMT
content-length: 3025
last-modified: Wed, 22 Jun 2022 05:10:01 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public, no-transform
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2042)
Size:   3025
Md5:    c12dad0e0d31548287471223d9118b54
Sha1:   d40516c15ebc64ab96d309a7c0e2e49443d04bb2
Sha256: 8f03524fcc1c423e5375ee91780af2493c8f24426b5b85b058d0a3fbf76fcb34
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C0BEFF48C86D93F96417085B8117CD9F40DE7C27779F9A6063462EAF00AE23FA"
Last-Modified: Wed, 21 Sep 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4556
Expires: Thu, 22 Sep 2022 17:43:46 GMT
Date: Thu, 22 Sep 2022 16:27:50 GMT
Connection: keep-alive

                                        
                                            GET /ed/36/01/ed36014633829dc70a42dccaefdf3f11.js HTTP/1.1 
Host: itineraryupper.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.61.225
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.22.0
Date: Thu, 22 Sep 2022 16:27:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d4630bb2ca5bc96ae4fc62aee94e746c
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (37149), with no line terminators
Size:   13426
Md5:    9525d85a999ec14d4ab9706002c4cbb9
Sha1:   531d3aebdcb5265b2b0b8441d07f1e9e9e68c421
Sha256: 2952a815f44f9ef3b17ff10bf66ab3202622001be2f0611a2a4d2608cbbed3a3

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /fi_client.js HTTP/1.1 
Host: ecdn.firstimpression.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.73
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Thu, 22 Sep 2022 15:34:42 GMT
server: nginx/1.20.0
x-powered-by: PHP/8.0.14
x-xss-protection: 0
last-modified: Thu, 22 Sep 2022 15:34:42 UTC
etag: W/"aee468a895239c65f4e1d581a15bc694"
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: zMzjpDGAXnET-qwQY4BuiYYrG7eCDuTCI7reJxhGS0OZS9Bmd3aUJA==
age: 3187
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (618)
Size:   205904
Md5:    f4a47c18e460154d9075fe8dc38c40b3
Sha1:   113190d40abb2a77d36a48fb3e3597b92f296b42
Sha256: dedc0fdbec4e64401385be5db540a6a6197632a0ecdbc1cf41fc0de46fd64102
                                        
                                            GET /ru/tag/msync.js?sid=105641&gdpr=0&consent= HTTP/1.1 
Host: hhkld.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         141.94.202.176
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Thu, 22 Sep 2022 16:27:50 GMT
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
set-cookie: uid=jV7KsGMsjQZyWQR9AxmUAg==; expires=Fri, 22-Sep-23 16:27:50 GMT; domain=.hhkld.com; path=/
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
content-encoding: gzip
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4250
Cache-Control: 'max-age=158059'
Date: Thu, 22 Sep 2022 16:27:50 GMT
Last-Modified: Thu, 22 Sep 2022 15:17:00 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 22 Sep 2022 16:27:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /tag/load-105641.js HTTP/1.1 
Host: asia.hhkld.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         141.94.202.176
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Thu, 22 Sep 2022 16:27:49 GMT
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
set-cookie: sync6=%7B%22adform%22%3A1663864069%2C%22otm%22%3A1663864069%2C%22indexww3%22%3A1663864069%2C%22adapt%22%3A1663864069%2C%22improve%22%3A1663864069%2C%22sovrn%22%3A1663864069%2C%22between%22%3A1663864069%2C%22magnite%22%3A1663864069%7D; expires=Fri, 30-Sep-2022 16:27:49 GMT; Max-Age=691200 uid=jV7KsGMsjQVyWQR9AxlTAg==; expires=Fri, 22-Sep-23 16:27:49 GMT; domain=.hhkld.com; path=/
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   23514
Md5:    acf062903207d9d8c4c837a6bd4f221b
Sha1:   839792ef2b48c052be9d7ec9287ffaab90ad9e0f
Sha256: 231f4c65b8b85d8717cc3c3ee7800b5a960131cdfb5485eb553869bbdd9c24cb
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 22 Sep 2022 16:27:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         143.204.42.158
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 22 Sep 2022 16:27:50 GMT
Last-Modified: Thu, 22 Sep 2022 14:57:29 GMT
Server: ECS (nyb/1D34)
X-Cache: Miss from cloudfront
Via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: QA-_bm_pmBdha4ap_zxpv9RMk0JYgesGyG9cavK969a5r5wJF2xr0A==
Age: 5422

                                        
                                            GET /stats HTTP/1.1 
Host: simplewebanalysis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         35.158.153.212
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Thu, 22 Sep 2022 16:27:50 GMT
content-length: 40
server: fasthttp
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
set-cookie: uid_id2=5ff5de9e-dd82-4f9d-a970-09e52d456dd8:1:1; expires=Sun, 19 Sep 2032 16:27:50 GMT; secure; SameSite=None
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   40
Md5:    231ff913107e7e4a9a3bd71ff20874e7
Sha1:   bbb0c47d7b666cbbf8cb223f85a35faaebd4026c
Sha256: 3e5d4fc5fdab91ba3b41649ff2ffa28a4da19a2ed65714a7f6733cbdaeb25d12
                                        
                                            GET /vi/19_ENG0.ts HTTP/1.1 
Host: viavideo.digital
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         141.94.202.176
HTTP/2 200 OK
content-type: video/mp2t
                                        
server: nginx
date: Thu, 22 Sep 2022 16:27:50 GMT
content-length: 515308
last-modified: Sun, 26 Jun 2022 07:47:49 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public, no-transform
access-control-allow-origin: https://ouo.press
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   515308
Md5:    c5a2a11a945751cdc42d2f10b12d9a92
Sha1:   ccf7adaff9640202056b64dc54a66daac236c48e
Sha256: 6787c997fd3be922e3a09fea77ecd244b9f9f381a953cc4bb3ea738045906eff
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 22 Sep 2022 16:27:50 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 20 Sep 2022 12:01:34 GMT
Expires: Tue, 27 Sep 2022 12:01:33 GMT
Etag: "1c38543b534fe648aaa669d26f520a8ecc7f0403"
Cache-Control: max-age=415422,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74ec69091df5b51e-OSL

                                        
                                            GET /sdk/v1/n.css HTTP/1.1 
Host: cdn.run-syndicate.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         8.247.218.249
HTTP/2 200 OK
content-type: text/css
                                        
date: Thu, 22 Sep 2022 16:27:50 GMT
content-length: 8277
etag: "6114dd75-2055"
last-modified: Thu, 12 Aug 2021 08:36:05 GMT
server: nginx
x-robots-tag: noindex, nofollow
age: 17516859
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (8277), with no line terminators
Size:   8277
Md5:    37ebbc4b85fb5383d08547f5fe9d8d9f
Sha1:   99dac34980b1fd00028f76e782444bdf948724c5
Sha256: 24b59f4e4fbf1d4a988ffa478952ceb54e0b2f0774da926bcd2cc0376200dbfe
                                        
                                            GET /do2/048b86cb1ea4453a9397baf204dd5474/dynamic?format=jsonp&count=2&w=1280&h=1024&keywords=ouo,press,short,links,link,shortener,free,URL,shortener,Free,URL,shorten,service,ouo,press,nrpN&adtype=label-under&callback=callback_GdgIP HTTP/1.1 
Host: run-syndicate.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         94.130.164.161
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
server: nginx
date: Thu, 22 Sep 2022 16:27:50 GMT
pragma: no-cache
expires: 0
vary: Accept-Encoding, *
x-api-version: 2
x-request-id: b58170c760143708
set-cookie: ts_uid=8508d0b2-8d62-4c94-9ba5-403845261f2d; expires=Wed, 22 Mar 2023 16:27:50 GMT; domain=.run-syndicate.com; path=/; HttpOnly; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.runative-syndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (26606)
Size:   13710
Md5:    5dd13d4794e6493e72135f7b0ae5fdc2
Sha1:   d9e3a5015f18e4ecf9269cdc252072d8332993ba
Sha256: e6b03c07ab0a13eb29f27df10558f302367e9c097519722fc3024e12570398cb
                                        
                                            GET /css?family=Questrial HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 22 Sep 2022 16:27:49 GMT
date: Thu, 22 Sep 2022 16:27:49 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   43800
Md5:    b5f8008b2513791436e08cca60fca275
Sha1:   cbdf1358226a0a7bcbcb904963978f49934e4744
Sha256: 5490379a2d170a7b3996b98b28bfdc05d1ad2b60f1fab5c8b166b8eebef3f505
                                        
                                            POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 22 Sep 2022 16:27:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "D0CE7B9F36BF3E4C7A64CE9BA080B7F24B0395C4"
Expires: Fri, 23 Sep 2022 03:00:00 GMT
Last-Modified: Thu, 22 Sep 2022 15:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2389
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74ec690afb60b518-OSL


--- Additional Info ---
Magic:  data
Size:   1462
Md5:    32f48cf38acca505d99a72f2344271dc
Sha1:   785d326ed92eb3b30e338817255bfa508341c5c4
Sha256: f6cf5ebb3d3f7b58f73b279eaebc46a0da3bab8f656eaf2ff46fd65a7f7028df
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 22 Sep 2022 16:27:50 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 03:56:18 GMT
Expires: Wed, 28 Sep 2022 03:56:17 GMT
Etag: "17d447e5e984a5c6e103eac541ad4138161e2213"
Cache-Control: max-age=472706,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74ec690b28ebb51e-OSL

                                        
                                            GET /images/4/1/bb18afba7f36c6d6d993b8757e46342039a372/300x250.webp HTTP/1.1 
Host: lcdn.tsyndicate.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         8.254.252.214
HTTP/2 200 OK
content-type: image/webp
                                        
date: Thu, 22 Sep 2022 16:27:50 GMT
content-length: 7919
last-modified: Wed, 07 Jul 2021 15:16:49 GMT
server: nginx
x-robots-tag: noindex, nofollow
content-encoding: gzip
vary: Accept-Encoding
etag: W/"60e5c561-1ed8"
age: 4306312
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 276x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   7919
Md5:    8267b6984f1b3de866ff6d7b509cfdfa
Sha1:   31298138831314383530efdcff2f8f837e17e9ff
Sha256: 7b5b3db26472119b0dafca0a3606c5f2b51c475443acaf41ca191c66cfca3c41
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 22 Sep 2022 16:27:50 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 03:56:18 GMT
Expires: Wed, 28 Sep 2022 03:56:17 GMT
Etag: "17d447e5e984a5c6e103eac541ad4138161e2213"
Cache-Control: max-age=472706,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74ec690b2d10fac0-OSL

                                        
                                            GET /tag/sync.php HTTP/1.1 
Host: ru.hhkld.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ouo.press/
Origin: https://ouo.press
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         141.94.202.176
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Thu, 22 Sep 2022 16:27:50 GMT
access-control-allow-origin: https://ouo.press
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
set-cookie: uid=jV7KsGMsjQZyWQR9AxmcAg==; expires=Fri, 22-Sep-23 16:27:50 GMT; domain=.hhkld.com; path=/
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- data
Size:   12641
Md5:    e46a987251343f049cdfe90cbd487943
Sha1:   00d4b141c9268b036216474cfc76c06523200efd
Sha256: 6194dae16bfc3fa3248acd4707e4896b561be824c2b597bb0c96743d58bdfee5
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4250
Cache-Control: 'max-age=158059'
Date: Thu, 22 Sep 2022 16:27:50 GMT
Last-Modified: Thu, 22 Sep 2022 15:17:00 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10003
Expires: Thu, 22 Sep 2022 19:14:34 GMT
Date: Thu, 22 Sep 2022 16:27:51 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10003
Expires: Thu, 22 Sep 2022 19:14:34 GMT
Date: Thu, 22 Sep 2022 16:27:51 GMT
Connection: keep-alive

                                        
                                            GET /sfp.js HTTP/1.1 
Host: creepingbrings.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.64.104.16
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Thu, 22 Sep 2022 16:27:50 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: d245361f8e75517f933cf421a8f16e7c
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Thu, 22 Sep 2022 16:27:50 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bHLxNNOwgj%2FbBKOTAShk8OQmut%2FlYz%2BAnQtKAbZZD%2FotzLgrX%2BD8Z22sC85U7vDAJYahziwcyI8EQvDaNm%2B%2Bq6EGIww0EELhLwHgg5rX98c34au063V0lbGcwFbTxXuBXDRvltg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ec6908dba08e14-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size:   34370
Md5:    91b6005d27ef5415f4f3e893250b14bc
Sha1:   56b3391f79aa7f8834bdee15a82a317b84dfbeed
Sha256: 5293d7c9790d84f229d314cce77fc34dcbd5ec489eda728f32342f6f3e6681b1
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dee9427-1c1b-4ddc-9f89-8c6e254bd0f1.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8549
x-amzn-requestid: 6d44626b-16c6-4f19-ae52-d5350065b390
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1GwPHJJoAMFdfA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b84ce-46ebc35612eb7a4473b36189;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:40:30 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: e5m6NaDUH_3GPDkxbk6iKhffSJzyYMA97Illy7mtg9um3jcYBR6TXQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 22:11:23 GMT
etag: "80e48c9ae48c89598780736b089c98e22d58df9a"
age: 65788
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8549
Md5:    62818de3c50f957b2e5680851a1768c9
Sha1:   80e48c9ae48c89598780736b089c98e22d58df9a
Sha256: 16f2c2d23e8641a3f297a175730343d11120a228c0fe846c0fdf1e39212c522c
                                        
                                            GET /vast/cs?zone=105641&w=432&h=243&vp=4&site=https://ouo.press/&cbb=1663864070374 HTTP/1.1 
Host: rtb.viavideo.digital
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ouo.press/
Origin: https://ouo.press
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         141.94.202.176
HTTP/2 200 OK
content-type: application/xml; charset=utf-8
                                        
server: nginx
date: Thu, 22 Sep 2022 16:27:50 GMT
age: 0
cache-control: no-store
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Accept
access-control-allow-methods: GET, POST
access-control-allow-origin: https://ouo.press
set-cookie: uid=ccm8q1n2tal37k3pj8agXx; expires=Fri, 22 Sep 2023 16:27:50 GMT; domain=.viavideo.digital; path=/
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   8767
Md5:    7bfcd3c76ded9692465adcd7357e82ff
Sha1:   51cc7ac1abd05e314a4ba91accf98ea749c7f051
Sha256: 4113f2a3d8e9d67b50744e24419ebf2b125c444a089ce4e4202182f8b8d17095
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2f739db-1c27-4929-8aff-997c0f66b2ed.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5650
x-amzn-requestid: 41ceb886-c038-4ba0-9e3a-a27879cf48ce
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1GwjFVjoAMFWNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b84d0-3f4f6a367c893c7a0669dffe;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:40:32 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: d8Kelwi2OY0jt17q80szh8-ErN3ZQM1hhl3HZeNQvlKijygQIJtNww==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 22:16:00 GMT
etag: "f95b843029e84dbb188427a8c2ff8c9f32740465"
age: 65511
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5650
Md5:    a5edcd9aee78a6cacc9241b47cbce598
Sha1:   f95b843029e84dbb188427a8c2ff8c9f32740465
Sha256: 6a56c3d0eb1d641e565d3d7d31b42be03bdad30beb20b994ffc9a6f2aaceee1e
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32d94aa1-e164-4f98-8fe2-beb3868db074.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5402
x-amzn-requestid: 56e3a080-a8df-4385-ab3e-20e1f822083f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYvaLH1-IAMFbgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63202c40-28f492196d5699066cb53d39;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 07:07:45 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: QJVjyx5R1h8EqiP1Utg85VU9JTO9ubMbY3DaHaM6KC66d72039Mo_w==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 13:11:04 GMT
age: 11807
etag: "a17fc7a7c30999b8789011c2064f5a8704b00eee"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5402
Md5:    5f4438521bfdc6871ae384abcb7da547
Sha1:   a17fc7a7c30999b8789011c2064f5a8704b00eee
Sha256: 2e40ac154724af625c4858b09b90fa3f6a600b70c9e5e959598f0cdb05a78847
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0788498f-41db-4d62-b749-e01caddb7f8d.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10754
x-amzn-requestid: 2d03531d-6055-477f-9cb6-9ea9fa27eeb9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1F0vHJ4IAMF42Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b8351-692620e80d5b2efe1d0e3a82;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:34:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: -3bQG5Av1EDxj7_3i8MktwjlPSEU8WDdxt5M6TsrWaodLWgSf3vdEA==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 21:34:22 GMT
age: 68009
etag: "c803e5866edbe6c9baec14e93677f610bdf09bff"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10754
Md5:    af5773255351157d72c28a670a355c60
Sha1:   c803e5866edbe6c9baec14e93677f610bdf09bff
Sha256: 3229b4aa1c698647ad96d114174782549ad240f1b2c4ba8c268165a16afc84f0
                                        
                                            GET /recaptcha/releases/zmiYzsHi8INTJBWt2QZC9aM5/recaptcha__en.js HTTP/1.1 
Host: www.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: text/javascript
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 157726
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 05:37:29 GMT
expires: Thu, 21 Sep 2023 05:37:29 GMT
cache-control: public, max-age=31536000
age: 125422
last-modified: Wed, 14 Sep 2022 00:24:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (581)
Size:   157726
Md5:    6519c7c04cf32a57b1c5ee45a73c233e
Sha1:   4939bb921988e9eb13780cc2244f3099776e9bfb
Sha256: 8352dd4e3e0fe82562cdc280c020fc31d2c6d054f7ead441a3b18de8ef04401b
                                        
                                            GET /images/widgetIcons/achoice.svg HTTP/1.1 
Host: widgets.outbrain.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.38.201.81
HTTP/2 200 OK
content-type: image/svg+xml
                                        
accept-ranges: bytes
etag: "9d26fa4e7238ed94f1d0d92afb453b3e:1662969032.874716"
last-modified: Mon, 12 Sep 2022 07:37:47 GMT
server: AkamaiNetStorage
content-length: 2735
cache-control: max-age=2592000
expires: Sat, 22 Oct 2022 16:27:51 GMT
date: Thu, 22 Sep 2022 16:27:51 GMT
timing-allow-origin: *, *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2290)
Size:   2735
Md5:    9d26fa4e7238ed94f1d0d92afb453b3e
Sha1:   ae18efe7d09337bf2f580b3f5bc912284aad7821
Sha256: 2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3919
Cache-Control: 'max-age=158059'
Date: Thu, 22 Sep 2022 16:27:51 GMT
Last-Modified: Thu, 22 Sep 2022 15:22:32 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /usermatchredir?s=197828&cb=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D50%26uid%3D HTTP/1.1 
Host: ssum-sec.casalemedia.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.18.19.126
HTTP/2 302 Found
                                        
date: Thu, 22 Sep 2022 16:27:51 GMT
content-length: 0
location: /usermatchredir?cb=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D50%26uid%3D&s=197828&C=1
cf-ray: 74ec690c6f30b517-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
set-cookie: CMID=YyyNBziQLbEYkAzMNr7ncAAA; Path=/; Domain=casalemedia.com; Expires=Fri, 22 Sep 2023 16:27:51 GMT; Max-Age=31536000; Secure; SameSite=None CMPS=4345; Path=/; Domain=casalemedia.com; Expires=Wed, 21 Dec 2022 16:27:51 GMT; Max-Age=7776000; Secure; SameSite=None CMPRO=4345; Path=/; Domain=casalemedia.com; Expires=Wed, 21 Dec 2022 16:27:51 GMT; Max-Age=7776000; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y4aHVJ0zrUQDkfqQo8mCU%2F6secHCBkze5pf%2Bu2lr8dkf5TXd4ClsJXK03wD2D8eAxF4%2FB5Suq2Y4hY4%2FdpniLlUabN5rD6Xos19vIIl8qsTVgf89DOaEUaneVvEci7w1lqmHojMoC6HEow%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            GET /cookie?redirect_url=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D30%26uid%3D%24UID HTTP/1.1 
Host: cm.adform.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         37.157.4.41
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Thu, 22 Sep 2022 16:27:51 GMT
content-length: 43
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    325472601571f31e1bf00674c368d335
Sha1:   2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
Sha256: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 22 Sep 2022 16:27:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2814
Cache-Control: 'max-age=158059'
Date: Thu, 22 Sep 2022 16:27:51 GMT
Last-Modified: Thu, 22 Sep 2022 15:40:57 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250 HTTP/1.1 
Host: ad.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.198
HTTP/2 200 OK
content-type: image/x-icon
                                        
accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 104
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:35:30 GMT
expires: Thu, 22 Sep 2022 19:35:30 GMT
cache-control: public, max-age=86400
age: 75141
last-modified: Tue, 08 May 2012 13:08:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  MS Windows icon resource - 2 icons, 16x16, 16 colors, 32x32, 16 colors\012- data
Size:   104
Md5:    32ac8a9b81788b981a3a7e13c14082d4
Sha1:   fbfd48a2bfe8d4247a975176f88d18c3c2ad1952
Sha256: 00cc7617e054596ff0aaabd8a93a9214dc5304bfe317316022dbf4fb3ea073d2
                                        
                                            GET /usermatchredir?cb=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D50%26uid%3D&s=197828&C=1 HTTP/1.1 
Host: ssum-sec.casalemedia.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ouo.press/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.18.19.126
HTTP/2 302 Found
                                        
date: Thu, 22 Sep 2022 16:27:51 GMT
content-length: 0
location: https://sync.viavideo.digital/tools/sync?dsp=50&uid=0
cf-ray: 74ec690cbfb6b517-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JptXHrwcRRtoUJYze4R2NZn7aI8qPGcsPDeM5R4ETBQ8SXGntSROlf8%2BfCnuSU9pVAjZqpUPVTnC02MEKliSXlhKhwfk%2B%2F8IqXFusFla9YIKP%2BgFWn%2FyjaOMsgOTeMJErpbysBXoomtx3w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            POST /ut/v3/prebid HTTP/1.1 
Host: ib.adnxs.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 681
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         185.89.211.132
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
                                        
Server: nginx/1.21.3
Date: Thu, 22 Sep 2022 16:27:51 GMT
Content-Length: 138
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://ouo.press
AN-X-Request-Uuid: 96fbb31f-a974-4456-9d21-c977f24aecf6
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   138
Md5:    72a4bb1a58d747cb26adf63110f8c1da
Sha1:   c64dbddf35c22b42c6c6baf4df77b1f8d3a18891
Sha256: 0f0977862c9f55546e998f6f70b554e60e4abfc696d883d9ad7dabc635377f1c
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4979
Cache-Control: 'max-age=158059'
Date: Thu, 22 Sep 2022 16:27:51 GMT
Last-Modified: Thu, 22 Sep 2022 15:04:52 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 312

                                        
                                            POST /ut/v3/prebid HTTP/1.1 
Host: ib.adnxs.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 563
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         185.89.211.132
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
                                        
Server: nginx/1.21.3
Date: Thu, 22 Sep 2022 16:27:51 GMT
Content-Length: 140
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://ouo.press
AN-X-Request-Uuid: 77eb14a8-5f62-4145-a071-00c0fbcae249
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   140
Md5:    ae179b85f845f7e49b2ecb3c0bff6b6d
Sha1:   1139b5ff13aa3557ba55edb856ddabecb85b77ee
Sha256: 55d4d5b62705cb3d5fa4f3be56c0569309bd979384e721808372b4c1772890e7
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 22 Sep 2022 16:27:51 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 01:55:54 GMT
Expires: Wed, 28 Sep 2022 01:55:53 GMT
Etag: "0abcd5577e335878a388f392e8947e91a91e010f"
Cache-Control: max-age=465481,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74ec690ccb3cb51e-OSL

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 22 Sep 2022 16:27:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /exchange/sync.php?p=pbs-viva&gdpr=0&gdpr_consent=&us_privacy=0 HTTP/1.1 
Host: pixel.rubiconproject.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         213.19.162.90
HTTP/1.1 204 No Content
Content-Type: image/gif
                                        
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 693f17ec94b6fd0c82d03268b1ba23d6

                                        
                                            GET /tools/sync?dsp=50&uid=0 HTTP/1.1 
Host: sync.viavideo.digital
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ouo.press/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         141.94.202.176
HTTP/2 301 Moved Permanently
                                        
server: nginx
date: Thu, 22 Sep 2022 16:27:51 GMT
content-length: 0
location: https://sync.hhkld.com/tools/sync?dsp=50&uid=0&viads_uid=ccm8q1v2tal37lvob7p0Xx
set-cookie: uid=ccm8q1v2tal37lvob7p0Xx; expires=Fri, 22 Sep 2023 16:27:51 GMT; domain=.viavideo.digital; path=/
X-Firefox-Spdy: h2

                                        
                                            POST /cdb?profileId=207&av=34&wv=6.2.0&cb=95903759577 HTTP/1.1 
Host: bidder.criteo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 487
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         178.250.2.131
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Thu, 22 Sep 2022 16:27:50 GMT
vary: Origin
server: Finatra
timing-allow-origin: *
access-control-allow-origin: https://ouo.press
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-encoding: gzip
content-length: 44
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   44
Md5:    5f1dcf53824ce88cdb7941d34db3f19d
Sha1:   4164a13e3f53e1f002606a807d64a92620720fb0
Sha256: 3a803b7520764b5266cfac90aa9f9b2ff931109f489d9a1deb24aa686c239a74
                                        
                                            POST /rmp/212927/0/mvo?z=1r&hbv=6.2,2.1 HTTP/1.1 
Host: tag.1rx.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 606
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         213.19.147.43
HTTP/2 204 No Content
                                        
date: Thu, 22 Sep 2022 16:27:51 GMT
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
pragma: no-cache
cache-control: private, max-age=0, no-cache, no-store
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.godaddy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         192.124.249.23
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Sucuri/Cloudproxy
Date: Thu, 22 Sep 2022 16:27:51 GMT
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 21 Sep 2022 22:01:50 GMT
Expires: Thu, 22 Sep 2022 22:01:50 GMT
ETag: "82994bae618d6138c571ff8825463d1c6b8c4d26"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"


--- Additional Info ---
Magic:  data
Size:   1778
Md5:    255604cdccb1ccc1278c88efc4381a13
Sha1:   82994bae618d6138c571ff8825463d1c6b8c4d26
Sha256: f07aecbce2952b447fa31aa7efea32e6549cfb0a79fb95c55a1844badca62c1d
                                        
                                            GET /tools/sync?dsp=50&uid=0&viads_uid=ccm8q1v2tal37lvob7p0Xx HTTP/1.1 
Host: sync.hhkld.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ouo.press/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         141.94.202.176
HTTP/2 301 Moved Permanently
                                        
server: nginx
date: Thu, 22 Sep 2022 16:27:51 GMT
content-length: 0
location: https://sync.vicodes.com/tools/sync?dsp=50&uid=0&viads_uid=ccm8q1v2tal37lvob7p0Xx
set-cookie: uid=ccm8q1v2tal37lvob7p0Xx; expires=Fri, 22 Sep 2023 16:27:51 GMT; domain=.hhkld.com; path=/
X-Firefox-Spdy: h2

                                        
                                            GET /a/api/fastlane.json?account_id=18438&site_id=202928&zone_id=1317174&size_id=2&rp_schain=1.0,1!firstimpression.io,7419,1,,,&rf=https%3A%2F%2Fouo.press%2FU8nrpN&kw=ouo.press%2Cshortlinks%2Clinkshortener%2CfreeURLshortener&tg_i.ref=https%3A%2F%2Fouo.press%2FU8nrpN&tg_i.page=https%3A%2F%2Fouo.press%2FU8nrpN&tg_i.domain=ouo.press&tg_i.figroup=a9&tk_flint=pbjs_lite_v6.2.0&x_source.tid=2ffc9f3a-05fd-47b4-8b35-fb7fc3e40529&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9438515014403722 HTTP/1.1 
Host: fastlane.rubiconproject.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         213.19.162.21
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Server: nginx/1.21.4
Date: Thu, 22 Sep 2022 16:27:51 GMT
Content-Length: 348
Connection: keep-alive
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Expires: Wed, 17 Sep 1975 21:32:10 GMT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://ouo.press
Pragma: no-cache
Vary: Accept-Encoding
Set-Cookie: khaos=L8D9PHYE-1A-AB3X; Domain=.rubiconproject.com; Path=/; Expires=Fri, 22-Sep-2023 16:27:51 GMT; Max-Age=31536000; SameSite=None; Secure audit=1|naVuGyos1qrbZE8sFjJdYe9DtVM30fCgNnV4EeGx3AYsvffT+fd8ZZZjSCqH74hcJhsHlJbldDdJwe9iGXKQTKZr5ZVxLWDe; Domain=.rubiconproject.com; Path=/; Expires=Fri, 22-Sep-2023 16:27:51 GMT; Max-Age=31536000; SameSite=None; Secure
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (348), with no line terminators
Size:   348
Md5:    58a1fb556724023fad641a80f0dacdaf
Sha1:   90ffbd37b0e7a4f990b012c2dff4048df7beef6f
Sha256: 1423a651ebeb5fa0140d51c67e08c65162744c2978b394fd40d71291a3b085d7
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         143.204.42.158
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 22 Sep 2022 16:27:51 GMT
Last-Modified: Thu, 22 Sep 2022 15:02:45 GMT
Server: ECS (nyb/1D2D)
X-Cache: Miss from cloudfront
Via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: CtdyvZ9PCIoT0-kKKXwk3CnMz6A6sRUsp0xFiyCrtSiEpT1soxfuew==
Age: 5106

                                        
                                            GET /pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D38%26uid%3D%24UID HTTP/1.1 
Host: ap.lijit.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         72.251.249.9
HTTP/1.1 204 No Content
                                        
Date: Thu, 22 Sep 2022 16:27:51 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type
X-Sovrn-Pod: ad_ap3ams1

                                        
                                            GET /server_match?partner_id=2046&r=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D53%26uid%3D{PUB_USER_ID} HTTP/1.1 
Host: ice.360yield.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         3.124.49.32
HTTP/2 302 Found
content-type: text/plain
                                        
date: Thu, 22 Sep 2022 16:27:51 GMT
content-length: 0
location: https://ice.360yield.com/ul_cb/server_match?partner_id=2046&r=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D53%26uid%3D%7BPUB_USER_ID%7D
set-cookie: tuuid=0a14d39f-5071-4d1b-a25e-0c170e6f405e; Expires=Wed, 21 Dec 2022 16:27:51 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure tuuid_lu=1663864071; Expires=Wed, 21 Dec 2022 16:27:51 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2

                                        
                                            GET /cdn/prod/config?src=600&u=https%3A%2F%2Fouo.press&pubid=4cd01fd0-0780-4b33-a4da-c39467660185 HTTP/1.1 
Host: c.amazon-adsystem.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         143.204.46.73
HTTP/2 204 No Content
                                        
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
cache-control: max-age=21550, s-maxage=21600
date: Thu, 22 Sep 2022 12:09:20 GMT
server: Server
x-cache: Hit from cloudfront
via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Y30-4rgCPEAbsJ-nbM-5Ilj1h6oZS90VDwNIpvFmiQFMDed-8WeFfQ==
age: 15510
X-Firefox-Spdy: h2

                                        
                                            GET /api/v1/p/p.gif?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zCyHmsJFDzJgcNVrkgFEDRwsaNMzAEHnQJA0yMHKYmTGGRhkYN8SIeBimzpiMMMKICRMjzAwzLWjeyHHSTI0wLYaWodGiTI4cBmfIwGFGhhgZOyGSsbNwawwYNh7CqaNTh9aGDiHCgVO2hg2tD-fAmeh2I1oZaUWMaUNXB0ocMM7yJGNmoQ0ZD8W4cVMWh-UcMWY8bOMGow4ZN2ZwVMvZc4yRoh_WkcNm4YyGNHLMuKEarI6BdOjAmaPjxQs7ZPKYYXNGzZg8eNyYcVHHTZoxb-S4gSMnzcEYMma4gN7mBRsXcNDA-QGnxxgda2QkvlMHzdUcZ758uXHmjg0udWDAAEymhw0YZdQgxkE3FEWGTGPUUANNMpDhEQ5l4KcfYHP0MINfj92X3342iNHDVpdlJiGHYljXAwwuJDYiYHCYOIQdeeCgxBNRMPHGHG9IkcMdYyABAxZLZLEGE1UEMUcRLdgARRZTPOHEGkVkgQUVR9gh4xFYMGFFkEksAcUNU7QRgxhUWBFHEkIkkYVuN8TRAhVf6MHUFzG88UUQMOCBXRtLGEFdFXLIcAeZaSghRxhtIJEDE1AsMcMQV8ihhRg3SAHDEkdMUcMaY8igRhtJRJEFHlF8cUYVSRAhRRVprGjDYOUdlhgMrq5RRh53RNffG3W8UYIMQ1BXxhxz_DrEHGhER4exbKThxhrFAtvss8Yiq2wZbiBkrBlylFGGsVVIwUS1ycpBB7baAmtEt98CG-64wFprLrbVImTHc-0OwauvwApLrLFuyAGHE66SIYN_MhQcQw-ynlXwDCcWTMOHdmlVcA09OPFEwTb0sC943RJb8A0e9wrysHOs4EQYdKRhRxkrNGEdGWxEuCF_OHwYFhxtlPXQGzz7LAIZb_R828f-KvTQGCwvtAUNMXShlhw_6YBiYmqFkUcbb5CxEGKRNWZ1ihWJIIcdhamnWh1pZIRDDTDgANNXLcj92EkfUdVRGCHRAMMMONBQA2AxdOX1Q2kUJgJmLozkAg0yuABbWHJ8kXhGjDsOueQ10BBWHWFk1MQbeqTBBhthvFBDiiCggEUMMewAAhPO1oEHCHjgYMMXNtAg-9k6bJRiCiAcUcYYa7zxgnpnzRoDCEak0a0Zb-DxgvAwhDVG1SJoHFZ0X2yfkfcPscF9EU6EdZAdX3TbGkM13HADDqIhBsNDcpxB2Wcl0TZ0GewTgxy-hoOHrO8LXPPaZ3RXNjLI4Q2u-ZlCPjO16uVhITTAXxnEhhvd8MY3SAvZHF4QljtkBDuICQsaTrgfz-XlbBl5IB1YFp0WNCcNdEgKDlxAhjFgR33cO8gXevhDixgtBja4i-78doP7iYAObbANEpXYO5xYMQeLad-w4PCFpjEkiYCrYhN5Iga-_M8MPWHDRNRivoU4cQw8Y9-hWgbBsUFOBjnw3xhMI4M-KCAg&r=1&s=37bff22c416776bfa0dacd39a6713289e894bcdda37a058e6347813edfa97ce11663864070&w=t&ir=245x208 HTTP/1.1 
Host: pxl.tsyndicate.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         94.130.141.49
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
                                        
server: nginx
date: Thu, 22 Sep 2022 16:27:51 GMT
content-length: 35
x-robots-tag: noindex, nofollow
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   35
Md5:    c2196de8ba412c60c22ab491af7b1409
Sha1:   5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
Sha256: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
                                        
                                            GET /api/v1/p/p.gif?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0WUoTEjjBgzZmq0iBFDxo0WNEKaaZEjJIwWOHB0tCEmhg0YYsrEEPEwTJ0xGWF4DBMjzIyVM8bcyIEyZJgWYsJsbFEmRw6DM2TgMCNDjAyeEMnYWag1BgwbD-HUEbMwa0OHEOHAIVvDRtaHc-BM1DEjx00bMtCKGNNmrg4aNUrW7UnGzELAD8W4cUM2B4waN2LkeNjGDUYdJmfY2CwCTufPmmGIflhHDpu2MW7AwGGDBuuvOgbSoQNnjo4XL-yQyWOGzRk1Y_LgcWPGRR03aca8keMGjpw0B0vOcCG9zQs2LuCggfMDTo8xOtbIgBHjTh00VnOc-fLlxpk7NrjUgQEjMJkeN5VRgxgHZWZQS2PUUENSMpAhxhg4lKEff4HN0UNffwU2YX809SCDZZhptmFgYmDXAwwusDeiDXCYeIYTMshxhhFWTKFGRGGwYdcTWvTHxhhlqGFHEG_c0UIaWiwRBhotFDGHEDdMsdQUSWTBxBgzoHFFC0jcQQYSTthwhBhxhHGHHDlgAYUUcECBQxo4TFHDG1Tg8AYeVrzxhRExNIEHDW7oocUXYizxRB40nDlFHXrEUAYUTgTxhB1mzLBgFVi0IEUZUXwBwxpYfDHEF0UE8cUZVSRBhBRVpLEiYeYhplh--3G4Rhl53DHdf2_U8UYJMgxhXRlzzAHsEHOgMR0dx7KRhhtrGBuss9Aem-yyZbiB0LFmyFFGGcdWIQUT1iorBx3ZbhusEd6CG6y45AZ77bnZWouQHdG5O0SvvwY7bLHHuiEHHE6sSIYMAMpgcAw9yCpDXQbPcKLBNHhYV1YG19CDE08YbEMP_IbnbbEG3wCyryITO8cKToRBRxp2lLFCE9iRwYaEtfqHg4dgmUbWQ2_4DNpDZLzRRkYh_6vQQ2O4vNAWNMTQRVpyAKUDiuylFUYebbxBxkI4wBCZY1enWJEIcthh2Hqs1ZFGRjjUMBsZOMkAExmAoTRGDjSwFJVINKiGA2KBxcDV1w-lYZgIOcTggmUu0CCDCw3RAJYcXyieUeOPoyg55TVYzloYGTXxhh5psMFGGC_UkCIIKGBB0g4gMPFsHXiAgAdtX9RGe9o6-JViCiAcUcYYa7zxwnpmscceCEak4a0Zd74gPAxgjWG1CByDNd0X2mfU_UM_ZlSEE2AdZMcX3r7GEGY3yGRD2GKjfQZloNWAww1El7G-GHIAGw76t76ufQ00tDkbGeTwhrYATSFDKw0D8ZCHhdgGbWUgm2544xvgJG1kc3gBWO6QkZKEDSxoKGF_RCeCOaQtIwykg8um04LnpIEOLZgBDlxAhjGUJH3bO8gXevhDixyNITawC20CJxsj4sYmSqwNDGQjG9IYhH3EgsMXnIbEKDKxfh7ZiwgOYgafsGEiaSkfQ5hmmvXJwWVpaGDZohYbwYwBNTLogwICAg%3D%3D&r=1&s=5847c2888249adb0e9b88953116849a8824c23ca21d6db2e5819cd955a0779681663864070&w=t&ir=245x208 HTTP/1.1 
Host: pxl.tsyndicate.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         94.130.141.49
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
                                        
server: nginx
date: Thu, 22 Sep 2022 16:27:51 GMT
content-length: 35
x-robots-tag: noindex, nofollow
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   35
Md5:    c2196de8ba412c60c22ab491af7b1409
Sha1:   5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
Sha256: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 22 Sep 2022 16:27:51 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 20 Sep 2022 04:09:18 GMT
Expires: Tue, 27 Sep 2022 04:09:17 GMT
Etag: "c0bbb9ac61662fda8781947855cf7074484ac540"
Cache-Control: max-age=387085,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74ec690d2ed7fac0-OSL

                                        
                                            GET /favicon.ico HTTP/1.1 
Host: ouo.press
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/U8nrpN
Cookie: ouoio_session=eyJpdiI6IkFvMDNjWXJFdnQ0dlNmNlY3aElyclU5VTRsVkJTUVhkbG5FMFRTXC90OVFvPSIsInZhbHVlIjoiRnRGNG5YdjJTMlwvVGxhaVU0SHkzamRieExRWHVvR2lCMnFPaDdiQ3lMcXJNRXBsSFl4dkxZcHVsazg3anM5T2lFZmZHSUV6eTNyY0czZk5kbW8zbm5RPT0iLCJtYWMiOiJiMTU5MDYyZTJlNTljOGZkNTkwMjFlOTQ1M2NmZWVlMjczNDExNzg5YTI4YmVmZjViM2JjMDU4NmIwOWY4MTliIn0%3D; language=eyJpdiI6IkhqQklWQWhIY09tMFViN2g2ekxZNjgrY0Q1Z2xCQnlWZzloN2tqSnRFN2c9IiwidmFsdWUiOiJwZ1hHTHM5M3pLWVpiMDVVaXZzYWV0amtEYUYxMVpmVDdJTVZGbUtzTEs4PSIsIm1hYyI6ImIzYTUwYzc1NmJmNzZiYjk1NmQ4YTA3N2Y5YTdmNjBhMzQ4ZjMwMzRjOWI4YzI0NDY0NWFiYmY1N2MzMDBlNDYifQ%3D%3D; e6343f55f8de1b93b28e99e178513f9efb2d3252=eyJpdiI6IjIxTG1yMHhnY0JtcFRISzhtcWtza1c0U1orXC9uWmgxajdKODg2MitKZXJFPSIsInZhbHVlIjoiaHNIbDBDVmJXSko1aDVvOFwvNUN4M0JoR2E5VWtrY0NjNnFsbSsrOHRyb1hLejM0NzlyOXZUWVBJYk40NHVQY0RxUkVSMTNvMW42dDZTZG92aERqXC9DNGl1RXFQUDNNb0Y4Y2ZMVWxDekZzM0pqeFN0WmVaclFcL1c4bHI5WmxldFBnM3NlM0xoNlM2SVdiVkF1ZllZd0VHXC9wT1NjbzN0eURtRWwrR1ZwYjA0Uk9CZnZobWRQUDRBR0RmU0gycmlLTUJKaGxUUW9HNnBRcXhtMTNcL0dtTGRlbFZzeEFPTFJ6TFdCbnZsMnN3ZmdVWm55TG9uVFk5WE84akw4V0R5R04yaXgyOXpmV1ZCQm5OU091UWpadm95YnpLODlBc3VXb0FMeERtSTdiWDE3S1h3bnJkVHE3bkpjZHBQNFBtNDA2eTIwc0FRR0VGdW5DRnRuQUJLMG0wdXNoRVU0TEZKcnhiMk82YmluVEdJd2FWc1lSNG41cGxWU1dZOW81dVc3SUoiLCJtYWMiOiJhODE3N2I4NzI1MjU2MTY4MDAzZjMyZTY4YzdkZTFhM2M1MDEyMTFkMjk5YjkyODhiN2Y2YmVlNmQyZjllYzNhIn0%3D; __cf_bm=N5JFHHVk8VfQJNpkhEU2kWCZCG3wmDh5a8ZWz5EmWVk-1663864069-0-ARrjo568ZUo8DrbloxV/buaEcRkj7lV5Uk8O3GxiyYWcOjAFP1BD3xHVduMWEA+aL7Sc3UZQdsJKSf03T93qIG4=; dom3ic8zudi28v8lr6fgphwffqoz0j6c=5ff5de9e-dd82-4f9d-a970-09e52d456dd8%3A1%3A1; sb_page_ed36014633829dc70a42dccaefdf3f11=1; sb_idelay_ed36014633829dc70a42dccaefdf3f11=1; sb_onpage_ed36014633829dc70a42dccaefdf3f11=0; sb_main_ed36014633829dc70a42dccaefdf3f11=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.22.15
HTTP/2 200 OK
content-type: image/x-icon
                                        
date: Thu, 22 Sep 2022 16:27:51 GMT
content-length: 0
last-modified: Sat, 14 Feb 2015 06:41:24 GMT
etag: "54deee14-0"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=86400
cf-cache-status: REVALIDATED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ec690c3e520b02-OSL
X-Firefox-Spdy: h2

                                        
                                            GET /match?bidder_id=44738&callback_url=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D39%26uid%3D%24%7BUSER_ID%7D HTTP/1.1 
Host: ads.betweendigital.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         188.42.191.196
HTTP/2 302 Found
                                        
location: /match?bidder_id=44738&callback_url=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D39%26uid%3D%24%7BUSER_ID%7D&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Fri, 22 Sep 2023 16:27:51 GMT; Path=/; Domain=.betweendigital.com tuuid=8dc0b2cf-b5d3-5209-b7ac-3eadd480b3aa; Max-Age=31536000; Expires=Fri, 22 Sep 2023 16:27:51 GMT; Path=/; Domain=.betweendigital.com ut=YyyNBwAGqwjgj3wU5z8lt6bUhCm9xxwtnjmFnA==; Max-Age=31536000; Expires=Fri, 22 Sep 2023 16:27:51 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2

                                        
                                            GET /e/dtb/bid?src=600&u=https%3A%2F%2Fouo.press%2FU8nrpN&pid=izosApJRln5Az&cb=0&ws=728x90&v=22.9.81452&t=2000&slots=%5B%7B%22sd%22%3A%2293863%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%5D&schain=1.0%2C1!firstimpression.io%2C7419%2C1%2C%2C%2C&pubid=4cd01fd0-0780-4b33-a4da-c39467660185&gdprl=%7B%22status%22%3A%22no-cmp%22%7D HTTP/1.1 
Host: aax-dtb-cf.amazon-adsystem.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.52.189
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
                                        
content-length: 154
server: Server
date: Thu, 22 Sep 2022 16:27:51 GMT
x-amz-rid: 3MQ4EYNTR579E0RPRQ2T
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
timing-allow-origin: *
strict-transport-security: max-age=47474747; includeSubDomains; preload
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 3PPmXi9gifkbRwLL8idCKd56tqLOVE7yH6GNIiC6ZiSzVG-YPjjblw==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   154
Md5:    bb7b4ee21d41485b3c8d171a7bf8b853
Sha1:   04fdbd451ad2cf3aceb697a99ea093fa4c7b4522
Sha256: 5b74ca7f2f7320a7821eedeecfc6bc9cf4c5b0364ae656e62b66657c227aae7e
                                        
                                            GET /ul_cb/server_match?partner_id=2046&r=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D53%26uid%3D%7BPUB_USER_ID%7D HTTP/1.1 
Host: ice.360yield.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ouo.press/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         3.124.49.32
HTTP/2 200 OK
content-type: image/gif
                                        
date: Thu, 22 Sep 2022 16:27:51 GMT
content-length: 43
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    df3e567d6f16d040326c7a0ea29a4f41
Sha1:   ea7df583983133b62712b5e73bffbcd45cc53736
Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
                                        
                                            GET /tools/sync?dsp=50&uid=0&viads_uid=ccm8q1v2tal37lvob7p0Xx HTTP/1.1 
Host: sync.vicodes.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ouo.press/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         141.94.202.176
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Thu, 22 Sep 2022 16:27:51 GMT
content-length: 43
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Accept
access-control-allow-methods: GET, POST
access-control-allow-origin: *
last-modified: Thu, 22 Sep 2022 16:27:51 GMT
expires: Wed, 11 Nov 1998 11:11:11 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
set-cookie: uid=ccm8q1v2tal37lvob7p0Xx; expires=Fri, 22 Sep 2023 16:27:51 GMT; domain=.vicodes.com; path=/
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    df3e567d6f16d040326c7a0ea29a4f41
Sha1:   ea7df583983133b62712b5e73bffbcd45cc53736
Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
                                        
                                            GET /match?bidder_id=44738&callback_url=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D39%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP/1.1 
Host: ads.betweendigital.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ouo.press/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         188.42.191.196
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Fri, 22 Sep 2023 16:27:51 GMT; Path=/; Domain=.betweendigital.com tuuid=c9dea1a1-9e01-5209-816e-1968e242946f; Max-Age=31536000; Expires=Fri, 22 Sep 2023 16:27:51 GMT; Path=/; Domain=.betweendigital.com ut=YyyNBwAIEmhY-a89Xv3Zp60ZqejD_jY3J-Yr7Q==; Max-Age=31536000; Expires=Fri, 22 Sep 2023 16:27:51 GMT; Path=/; Domain=.betweendigital.com
content-length: 68
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Size:   68
Md5:    c4a2b870062c2bb98c500bc1526c0498
Sha1:   528666ccdb12997358077bc8fcdbfb6b825c7788
Sha256: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C750F941BE5C0642B732586E27BFCC7048FBFF5A5E7F0EFAAEF30492680D5F67"
Last-Modified: Wed, 21 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6695
Expires: Thu, 22 Sep 2022 18:19:27 GMT
Date: Thu, 22 Sep 2022 16:27:52 GMT
Connection: keep-alive

                                        
                                            GET /sbar.json?key=ed36014633829dc70a42dccaefdf3f11&uuid=5ff5de9e-dd82-4f9d-a970-09e52d456dd8%3A1%3A1 HTTP/1.1 
Host: varietiesplea.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         173.233.137.52
HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
                                        
Server: nginx/1.19.5
Date: Thu, 22 Sep 2022 16:27:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://ouo.press
Access-Control-Allow-Origin: https://ouo.press
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=15424691; expires=Fri, 23 Sep 2022 16:27:52 GMT; secure; SameSite=None uid_id2=5ff5de9e-dd82-4f9d-a970-09e52d456dd8:1:1; expires=Thu, 29 Sep 2022 16:27:52 GMT; secure; SameSite=None pdhtkv=true; expires=Fri, 23 Sep 2022 16:27:52 GMT; secure; SameSite=None uncs=1; expires=Fri, 23 Sep 2022 16:27:52 GMT; secure; SameSite=None pdhtkv29=true; expires=Fri, 23 Sep 2022 16:27:52 GMT; secure; SameSite=None uncs29=1; expires=Fri, 23 Sep 2022 16:27:52 GMT; secure; SameSite=None sleced36014633829dc70a42dccaefdf3f11=[3364848]; expires=Thu, 22 Sep 2022 16:27:57 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 022eb8fc8e1d03e6dace33c0c5507a54
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (5703), with no line terminators
Size:   3759
Md5:    4ce7b7dcb33a9d93ff199a04d33e4f32
Sha1:   aa69e390ca9ff0d931ede619337cc0dc5e1961ea
Sha256: c74fbe95ee077cc4fbc435c25b9a5c4257a228fb830ceac9648b3fbfe47a6072

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5631
Cache-Control: 'max-age=158059'
Date: Thu, 22 Sep 2022 16:27:52 GMT
Last-Modified: Thu, 22 Sep 2022 14:54:01 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET /ren.gif?sid=H4sIAAAAAAAC%2F1SSz2skxRvGq3f3C%2FtFEJS9KCiDeFDYTPrHTM%2BMe1iMMRLM%2FmBXWQ%2BCVldVT8rUdDVVXdOTHCS4KHsRxv%2Bg80yyIbqIolcXmSzsIaeMB8nB%2FANeFMGTB5nZ4OgLxfu%2B9byHTz31frbjTokPR0%2BWr%2BktqRRdbNb92ivvBcGV2prM3KA2aMcfxI0rNdN%2FrRPX%2FVdrbwm2oRdDP%2FD9wA9qK9KIVA8WpyJk%2FqAT1Dt%2BvRHWg2YDA%2FPf3joPlnrg%2FVPyLCSfXHjkXYJkY2S9b5aF3Sh0fvnNnlO00AZ9vv9utpHpMkNvXqbGQ5rtn01D2%2BOVh9DZ3gwXuv%2FPYCInxHv8EEm2fwaJpL8740wURIaEP4WyP4ZQY0g6BtN3IfkxARjH9RvIeveva1PSzScqnaoTcuHPPyDLCbnwyyVkva%2BXlBzUbmvlCqkzi0FaQQ7GkN0xcneIYuscZHkIVnwCyQmyXgXJT15upmmTi45Y4LwdLjTSDl%2BgnZa%2F4HdEM%2BSNZsx5e2aMlGPIdAwlhqDWg5se6cGlHlzuocdPaiwIgpbPGfXbHcYi3hJJzP2AttKABn7chmNT9iGKfAimhmBmG7nZxoYcwrgfYdcrWO7BFgR9XqEUBKUlKClBKQnKgqDsV3tc2dBW97myLgnOcniWo2qki%2B4O3dNFV2RkJz8lz8wM%2B%2FX977AhTmqCR7EfNOIoaocdzlo%2BbYScMSpSnkZpEMDKCtKemz1zSx4%2F%2FTNyefz%2FCgk9hFWHYPIlUPcCaDlqhT7o%2BqjR9rGVHWin67kR1oLrCnnxPxSb3o46Jc%2FNAKI7v0Gwo6sfJtcmvx%2F8BWYq5KbCR%2FIRQVfdG93SJdm9pUtLvr2RF7Int%2Bj0N28XtBDnv3xbbJba8NVlOzx4nU2FafngHWGLNZpxmXUt%2BWpJci7MijZMkB9W7R2R3HR2fcmZzOVrN99YWe3NAKXOxqByQsjjIzA5IRe%2F35st6vOffgxpxjCuQs8dkbOA1Idg%2BTZsPue3%2BjyMms8kuYfSVSMTJvNLJQmUmPc0qWD%2F1SfzesfeQ9e8CFrcne1n31ToqwpUDWHd%2BVGRm6OrP0WzQKK8UaKMt5soo754Yq6VJ7VWFPk07jSDVouKVtII22kccErDRhzGMY1Q2Am7%2FPnFvwEAAP%2F%2FAQAA%2F%2F%2BU%2F%2BdUcwQAAA%3D%3D HTTP/1.1 
Host: varietiesplea.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Cookie: u_pl=15424691; uid_id2=5ff5de9e-dd82-4f9d-a970-09e52d456dd8:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleced36014633829dc70a42dccaefdf3f11=[3364848]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         173.233.137.52
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.19.5
Date: Thu, 22 Sep 2022 16:27:52 GMT
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9cf537f6d880792af2cb691df54c8a7b
Strict-Transport-Security: max-age=0; includeSubdomains


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   7
Md5:    132d6af1b46048b45cf86cdee7991d31
Sha1:   eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
Sha256: ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "5F18E2035118B6323CC8D9000DC10EA05EC18DF8B1D62DFCAF283C79ED0F410B"
Last-Modified: Wed, 21 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5631
Expires: Thu, 22 Sep 2022 18:01:43 GMT
Date: Thu, 22 Sep 2022 16:27:52 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "5F18E2035118B6323CC8D9000DC10EA05EC18DF8B1D62DFCAF283C79ED0F410B"
Last-Modified: Wed, 21 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5631
Expires: Thu, 22 Sep 2022 18:01:43 GMT
Date: Thu, 22 Sep 2022 16:27:52 GMT
Connection: keep-alive

                                        
                                            GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/index.html HTTP/1.1 
Host: cdn.yourwebbars.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.26.7.19
HTTP/2 200 OK
content-type: text/html
                                        
date: Thu, 22 Sep 2022 16:27:52 GMT
last-modified: Wed, 09 Feb 2022 14:12:53 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 610092
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GSAwf2UwdUGp7o4%2Fz92PmNAyZIFsprTrMPn2nPm591d%2BTFAjr%2FYGIaTG5W%2FLblXD2DrskWRxBlwQss020%2BRXnRxkBTMok%2FciZYuLedB6YyA%2BPvOWkZVwcCH9JlgyXNFT2VvG7Js%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ec69158a7ab4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text
Size:   596
Md5:    2bb74ed6057da5549215f27be9259978
Sha1:   29d846959f23ecc05066ff6d4a5a81ce43990c2c
Sha256: 3b13560546a94267cefba02c4ba81853c9de6e01d439c0f3550d0d712eff6717
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "5F18E2035118B6323CC8D9000DC10EA05EC18DF8B1D62DFCAF283C79ED0F410B"
Last-Modified: Wed, 21 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5631
Expires: Thu, 22 Sep 2022 18:01:43 GMT
Date: Thu, 22 Sep 2022 16:27:52 GMT
Connection: keep-alive

                                        
                                            GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/arrow.png HTTP/1.1 
Host: cdn.sb4you1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.64.201.2
HTTP/2 200 OK
content-type: image/png
                                        
date: Thu, 22 Sep 2022 16:27:52 GMT
content-length: 2008
last-modified: Fri, 21 May 2021 10:10:48 GMT
etag: "60a78728-7d8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4342984
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QjRXXo8Wgjn%2FHe3HrAd%2FAR9%2F7sKqVaA%2BCP97R%2F5EqprIZxiHD8XdIdahmnvLq8DZVV13RJ07QG1wZK7WdtWcgtSeltUorQRIh9srSV5sbQLb8HjovRlBhgR6drkPsQDmwhY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ec6916dd3b71db-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 52 x 81, 8-bit/color RGBA, non-interlaced\012- data
Size:   2008
Md5:    ef2bad0eceeff00bf615df0a433a5bff
Sha1:   a910af81d23d78c96283b46c241d3d9652562009
Sha256: 9c362044a93ac6919b7174a1620d4d82dbe1940a450aea1abca32a48fd160d40
                                        
                                            GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/number.png HTTP/1.1 
Host: cdn.sb4you1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.64.201.2
HTTP/2 200 OK
content-type: image/png
                                        
date: Thu, 22 Sep 2022 16:27:52 GMT
content-length: 1138
last-modified: Fri, 21 May 2021 10:10:48 GMT
etag: "60a78728-472"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4342984
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ftd%2FhEyr%2BnhL5w4lcBpoQf75nUBRBQHiWtmGYkLH5TKatYI1TFmCHwh5nhUvYt%2FaAoMt1HeEk2DpVQpLKWfYon9a7uMr1AIr%2B%2F6iJwZHCPEaccXgnGiMixotPNQGFpftZbA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ec6916dd3d71db-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 43 x 43, 8-bit/color RGBA, non-interlaced\012- data
Size:   1138
Md5:    9e4414e85c588bf7db195e49c02ab2bb
Sha1:   09254e79b255f1b2dfe45adbbe44583a4b433782
Sha256: 0b977ec6e7cf5d35df03cd3a8041f5f523f5d4059ac67c152c0a7b613e20b762
                                        
                                            GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/css/style.css HTTP/1.1 
Host: cdn.sb4you1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         172.64.201.2
HTTP/2 200 OK
content-type: text/css
                                        
date: Thu, 22 Sep 2022 16:27:52 GMT
last-modified: Mon, 31 Jan 2022 14:46:40 GMT
etag: W/"61f7f650-2516"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 3740803
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6GO3KyEKt0K%2FrgVWNVarK8kRC1StQUuRod%2BnH%2BI66Nrfl1GZ2kInAmJ8KHI8CRUTXmlinAkuqTN5sT30vIfcZvTztBlF7YuQ7rtHMv44mVHVNqMrRtX%2BCRFMQkIu1s6QCl0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ec69165c3c71db-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   8237
Md5:    7920429feece7f6690e4f2b13a6d3a08
Sha1:   a9cd32defb3a95cb88f175cdb1d5b7dc21bf4351
Sha256: 8c8cfbebb501a41bc8c6a9e5fdf29f7cd9d788ac27b76b1776828b5468fe5567
                                        
                                            GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/icon.png HTTP/1.1 
Host: cdn.sb4you1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.64.201.2
HTTP/2 200 OK
content-type: image/png
                                        
date: Thu, 22 Sep 2022 16:27:52 GMT
content-length: 157252
last-modified: Tue, 08 Feb 2022 14:14:59 GMT
etag: "62027ae3-26644"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4342984
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UzGVmc03nXAdZRlyd3TpLLnzYGWNVvGcCGid5R%2B1r18RLv2sVIgIiy1DhtHSMu1h9goXHWUvCOi%2BQLIBqvsGx9qvLxh18WexMCYGIqzcxpqk5sYgHqHhgZZA05%2FfeG7HnmI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ec6916dd4771db-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 340 x 340, 8-bit/color RGB, non-interlaced\012- data
Size:   157252
Md5:    70ffdd6375de1144c67e71e385cedb80
Sha1:   6d5c9590fa9a156851435bcefc963949de13ceb1
Sha256: 18515abb1bfe26c5b54bbbdc24aac4e8a757f879eeaa9c0ad986dc0c8d5ca0af
                                        
                                            GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F15%2Fcss%2Fstyle.css&l=9494&fd=103 HTTP/1.1 
Host: varietiesplea.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Cookie: u_pl=15424691; uid_id2=5ff5de9e-dd82-4f9d-a970-09e52d456dd8:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleced36014633829dc70a42dccaefdf3f11=[3364848]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         173.233.137.52
HTTP/1.1 200 OK
                                        
Server: nginx/1.19.5
Date: Thu, 22 Sep 2022 16:27:52 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F15%2Fcss%2Fanimate.css&l=79249&fd=103 HTTP/1.1 
Host: varietiesplea.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Cookie: u_pl=15424691; uid_id2=5ff5de9e-dd82-4f9d-a970-09e52d456dd8:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleced36014633829dc70a42dccaefdf3f11=[3364848]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         173.233.137.52
HTTP/1.1 200 OK
                                        
Server: nginx/1.19.5
Date: Thu, 22 Sep 2022 16:27:52 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F15%2Fjs%2Fscript.js&l=711&fd=41 HTTP/1.1 
Host: varietiesplea.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Cookie: u_pl=15424691; uid_id2=5ff5de9e-dd82-4f9d-a970-09e52d456dd8:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleced36014633829dc70a42dccaefdf3f11=[3364848]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         173.233.137.52
HTTP/1.1 200 OK
                                        
Server: nginx/1.19.5
Date: Thu, 22 Sep 2022 16:27:53 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /impr.gif?sid=H4sIAAAAAAAC%2F1SSTWtkxRfG607yh%2FkjCMpsFJRGXChMOvf2ezuLwRgjwcwLM8q4ELTebqdM9a1L1a2%2BnSwkOCizEdpvcPN0MiE6iKJbB%2BkMzCKrtAvJwnwBN4rgyoV0T2PrgeKcU89Z%2FOqp89mePychPD1bvWZ2lNZ0uV4OS6%2B8F0VXShsq8f1Sv9X4oFG7UrK919qNcvhq6S3Jt8xyJYzCMAqj0pqyMjb95YkIlT5oR%2BV2WK5VylG9hr79b%2B98AEcDiN45eRZKjBcfBZeg%2BAhJ95tV6bYyk15%2Bs%2Bs1zYxFTxy%2Bm2wlJk%2FQnZexDRAnh7NpGHe69hAmOZjiwvT%2BGWRqTILHD8GSwxkkWG9%2Fysk0ZAImnkLeG0HqERQdgZu7UOKUAFzg%2Bg0k3fvXjc3p9hOVTtQxWfzzD6h8TBZ%2FuYSk%2B%2FWKVv3SbaN9pkzi0I8LqP4IqjNC6o%2BR7VyAyo%2FBs0%2BgBEHSLaDE2cv1OK4L2ZZLQrQqS7W4LZZouxkuhW1Zr4havSFEa2qMUiOoeAQtB6AugJ8cFcDHAXwaoCvOSjyKomYoOA1bbc6roilZQ4QRbcYRjcJGC55P2AfI0gG4HoDbXaR2F1tqAOt%2FhNss4EQAlxH0RIFcEuSOIKcEuSLIM4K8VxwI7SquuC%2B08yya5cosV4uhyTp79MBkHZmQvfScPDM17Nf3v8OWPCtJUW2EUa1RrbYqbcGbIa1VBOdUxiKuxlEEpwood2H6zB11%2BvTPSNXp%2Fwswegynj8HVS6D%2BBdB82KyEoJvDWivETnJkvCmnVjoHYQqk2f%2BQbQd7%2Bpw8NwWo3vkNkp9c%2FZBdG%2F9%2B9Be4LZDaAh%2BpRwQdfW94y%2BRk%2F5bJHfn2Rpqprtqhk9%2B8ndFMLnz5ttzOjRXrq25w9DqfCJPywTvSZRs0ESrpOPLVihJC2jVjuSQ%2FrLs7kt30bnPF28SnGzffWFvvTgGVSUagakzI4xNwNSYXvz%2BYLurzn34MZUewvkDXn5BZQJlj8HQXLp3zO7MAq%2BczLA2Q%2B2JoK2x%2BqRWBlvOesgLuXz2b13vuHjr2RdDs7nQ%2Fe7ZATxegegDnF4ZZak%2Bu%2FlSdBpgOhkzbYJ9pq794Yq5TZ6VqKJpMxrLJZK1eiyUXrF5nIY85q4pWiyNzY37584t%2FAwAA%2F%2F8BAAD%2F%2FxQrMrxzBAAA HTTP/1.1 
Host: varietiesplea.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Cookie: u_pl=15424691; uid_id2=5ff5de9e-dd82-4f9d-a970-09e52d456dd8:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleced36014633829dc70a42dccaefdf3f11=[3364848]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         173.233.137.52
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.19.5
Date: Thu, 22 Sep 2022 16:27:53 GMT
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4b6b06a919b624a0f1424a2538f109f5
Strict-Transport-Security: max-age=0; includeSubdomains


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   7
Md5:    132d6af1b46048b45cf86cdee7991d31
Sha1:   eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
Sha256: ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /pixel/sbs?c=1 HTTP/1.1 
Host: varietiesplea.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Cookie: u_pl=15424691; uid_id2=5ff5de9e-dd82-4f9d-a970-09e52d456dd8:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleced36014633829dc70a42dccaefdf3f11=[3364848]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         173.233.137.52
HTTP/1.1 200 OK
                                        
Server: nginx/1.19.5
Date: Thu, 22 Sep 2022 16:27:53 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST /gsalphasha2g2 HTTP/1.1 
Host: ocsp2.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 22 Sep 2022 16:27:55 GMT
Content-Length: 1423
Connection: keep-alive
Expires: Mon, 26 Sep 2022 15:09:52 GMT
ETag: "2ee9b04f2c29ea894e326d0952b15ba35b4e756c"
Last-Modified: Thu, 22 Sep 2022 15:09:53 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3057
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74ec692acfc4b4eb-OSL


--- Additional Info ---
Magic:  data
Size:   1423
Md5:    c8a9e4a8d229fca3b7efb437896b7835
Sha1:   2ee9b04f2c29ea894e326d0952b15ba35b4e756c
Sha256: 305b62b8216ee5d268d92aeb3550dc7f8257883bf60e1babeba2af53ca3b6751
                                        
                                            GET /match/vibe HTTP/1.1 
Host: sync.dmp.otm-r.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         195.201.8.30
HTTP/2 204 No Content
                                        
server: nginx/1.21.6
date: Thu, 22 Sep 2022 16:27:57 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "082A60873ED6DB1331E1718E81355E1D4952F03AC0D27E078F7EC76567B69894"
Last-Modified: Wed, 21 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10572
Expires: Thu, 22 Sep 2022 19:24:09 GMT
Date: Thu, 22 Sep 2022 16:27:57 GMT
Connection: keep-alive

                                        
                                            GET /pxf.gif?uuid=5ff5de9e-dd82-4f9d-a970-09e52d456dd8&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=ed36014633829dc70a42dccaefdf3f11&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=16 HTTP/1.1 
Host: unseenreport.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.59.20
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.17.9
Date: Thu, 22 Sep 2022 16:27:57 GMT
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 72bc2ea208000c96805a5adbb90bb408
Strict-Transport-Security: max-age=0; includeSubdomains


--- Additional Info ---
Magic:  very short file (no magic)
Size:   1
Md5:    93b885adfe0da089cdf634904fd59f71
Sha1:   5ba93c9db0cff93f52b521d7420e43f6eda2784f
Sha256: 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/js/script.js HTTP/1.1 
Host: cdn.sb4you1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.64.201.2
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Thu, 22 Sep 2022 16:27:52 GMT
last-modified: Fri, 21 May 2021 10:10:50 GMT
etag: W/"60a7872a-2c7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4342824
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pl7hHcEz%2BtdbQ2SHrU7WSNPdoQ9na3YVJVPwYHKdSZ14%2F1bBfMX5C%2B75xL9kUPbseqSihi9naGOl%2F519w%2BzROhLJ9NlL%2FxYcKp50vZphwjRDIjIOh1T6WcsXXqTvaXKBeec%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ec69177e7871db-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /css/bootstrap.css HTTP/1.1 
Host: ouo.press
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/U8nrpN
Cookie: ouoio_session=eyJpdiI6IkFvMDNjWXJFdnQ0dlNmNlY3aElyclU5VTRsVkJTUVhkbG5FMFRTXC90OVFvPSIsInZhbHVlIjoiRnRGNG5YdjJTMlwvVGxhaVU0SHkzamRieExRWHVvR2lCMnFPaDdiQ3lMcXJNRXBsSFl4dkxZcHVsazg3anM5T2lFZmZHSUV6eTNyY0czZk5kbW8zbm5RPT0iLCJtYWMiOiJiMTU5MDYyZTJlNTljOGZkNTkwMjFlOTQ1M2NmZWVlMjczNDExNzg5YTI4YmVmZjViM2JjMDU4NmIwOWY4MTliIn0%3D; language=eyJpdiI6IkhqQklWQWhIY09tMFViN2g2ekxZNjgrY0Q1Z2xCQnlWZzloN2tqSnRFN2c9IiwidmFsdWUiOiJwZ1hHTHM5M3pLWVpiMDVVaXZzYWV0amtEYUYxMVpmVDdJTVZGbUtzTEs4PSIsIm1hYyI6ImIzYTUwYzc1NmJmNzZiYjk1NmQ4YTA3N2Y5YTdmNjBhMzQ4ZjMwMzRjOWI4YzI0NDY0NWFiYmY1N2MzMDBlNDYifQ%3D%3D; e6343f55f8de1b93b28e99e178513f9efb2d3252=eyJpdiI6IjIxTG1yMHhnY0JtcFRISzhtcWtza1c0U1orXC9uWmgxajdKODg2MitKZXJFPSIsInZhbHVlIjoiaHNIbDBDVmJXSko1aDVvOFwvNUN4M0JoR2E5VWtrY0NjNnFsbSsrOHRyb1hLejM0NzlyOXZUWVBJYk40NHVQY0RxUkVSMTNvMW42dDZTZG92aERqXC9DNGl1RXFQUDNNb0Y4Y2ZMVWxDekZzM0pqeFN0WmVaclFcL1c4bHI5WmxldFBnM3NlM0xoNlM2SVdiVkF1ZllZd0VHXC9wT1NjbzN0eURtRWwrR1ZwYjA0Uk9CZnZobWRQUDRBR0RmU0gycmlLTUJKaGxUUW9HNnBRcXhtMTNcL0dtTGRlbFZzeEFPTFJ6TFdCbnZsMnN3ZmdVWm55TG9uVFk5WE84akw4V0R5R04yaXgyOXpmV1ZCQm5OU091UWpadm95YnpLODlBc3VXb0FMeERtSTdiWDE3S1h3bnJkVHE3bkpjZHBQNFBtNDA2eTIwc0FRR0VGdW5DRnRuQUJLMG0wdXNoRVU0TEZKcnhiMk82YmluVEdJd2FWc1lSNG41cGxWU1dZOW81dVc3SUoiLCJtYWMiOiJhODE3N2I4NzI1MjU2MTY4MDAzZjMyZTY4YzdkZTFhM2M1MDEyMTFkMjk5YjkyODhiN2Y2YmVlNmQyZjllYzNhIn0%3D; __cf_bm=N5JFHHVk8VfQJNpkhEU2kWCZCG3wmDh5a8ZWz5EmWVk-1663864069-0-ARrjo568ZUo8DrbloxV/buaEcRkj7lV5Uk8O3GxiyYWcOjAFP1BD3xHVduMWEA+aL7Sc3UZQdsJKSf03T93qIG4=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.22.15
HTTP/2 200 OK
content-type: text/css
                                        
date: Thu, 22 Sep 2022 16:27:49 GMT
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=109522
etag: W/"54def1fc-1abd2"
expires: Thu, 22 Sep 2022 20:48:57 GMT
last-modified: Sat, 14 Feb 2015 06:58:04 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 27532
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ec6903ecb90b02-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /c.js HTTP/1.1 
Host: hhklc.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.70.122
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Thu, 22 Sep 2022 16:27:49 GMT
last-modified: Mon, 19 Sep 2022 19:48:44 GMT
etag: W/"6328c79c-2088"
server-asp-net: Asp Net
expires: Thu, 22 Sep 2022 16:32:39 GMT
cache-control: public, max-age=14400
cf-cache-status: HIT
age: 2410
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IF8VB2URaCQQUVhaHUC%2B4aQqCUTydQ8HVdjOz9KTAZ9X4x3xaU%2FJ%2FTwJKmziIaoFi1stWp0l0qsWxEhCQfphi3KuniMIAdTEsV9lG2zD1G%2BzX9MlD6WiD3wlaGY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ec690459bfb50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/css/animate.css HTTP/1.1 
Host: cdn.sb4you1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         172.64.201.2
HTTP/2 200 OK
content-type: text/css
                                        
date: Thu, 22 Sep 2022 16:27:52 GMT
last-modified: Fri, 21 May 2021 10:10:46 GMT
etag: W/"60a78726-13591"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4342825
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A0BZZV1UFgH7wLnGa92HL05sOuENFYw%2FYj%2FlxFYumpGoMoc7%2BrWtFoFR09hgRF1TQiUNsfEWczibcAJA3ONH3Kua6ouOMkLWm9EPovWQq80ftaXR71Fn19joLnuIgpmPnhM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ec69165c3971db-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /U8nrpN HTTP/1.1 
Host: ouo.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         104.22.22.162
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
                                        
date: Thu, 22 Sep 2022 16:27:49 GMT
location: https://ouo.press/U8nrpN
cache-control: no-cache
set-cookie: ouoio_session=eyJpdiI6Ik5PSm1FV2dZSW1icUJUQ2VVU2tcLzRmclIya00yMGRwUG1tWGZnMzZEMU9VPSIsInZhbHVlIjoiSm4wWlg1TUJQN09xUWVoc01kdUs2OWJVYk5XQnZFNjd5YzBBYjdUVmRiblNta1BlTlk1R01UREVkNndkcXg5eTJuQjZsOFNxUjE2NU5rVFRZUHpKdVE9PSIsIm1hYyI6IjhlZmYwZjUyNTZjOWZiNTY3NzM3M2NkOWJmZThhZGYyNDE1NDcwYTNlNjZjZmYxYzdlNWQwM2EwNTNjNGJhMGIifQ%3D%3D; path=/; httponly language=eyJpdiI6IjFwbjN1MGRmVHllNVQzSDhyalpnWlNlWnA3dm9LOUlTOTA0NXlHTGFPbDQ9IiwidmFsdWUiOiIwQW9GeXljWEFjQUF4OTVjbWZjUmgzYWJHaUhzWE1OZGhhR1wvNEdhZlwvdlE9IiwibWFjIjoiYjc5MzgwNDQzZjNlMjliNmFkMjBlMTFjOTZmNTk3OTRhMjhjODUzNGNjOGYwMzU4ODYzYmQ0MzY1ZDcyZTA3NiJ9; expires=Tue, 21-Sep-2027 16:27:49 GMT; Max-Age=157680000; path=/; httponly 6a32f189e2180ae22c50abd27691b5294bffc2a9=eyJpdiI6IjhDWk5wNU5RK2xPZHNndVhGTHRrbllhc1NcL21mZXdrSlZ1MlZ0eW9Sb0M4PSIsInZhbHVlIjoibGdoampVVnMrMU5mY1BjTGVVTWdYb1VFRjVrUzhPejFobWtqNXJ3NWJoeStLXC9oQ0p0YlFkb21HU2pUdTdoRmVWSFZOeFV1Qk8wbzRpTHRGVUdqUmZQV205V2xndHpBQlNqN1Fta0dpemc0bVhPRkZHY3RcL05vTE9KTkUySkt1eFdOWTdLWVhkRVpBd0FWdWlxT29FWU1EU1k3XC9zcGZuRHhyS2tBYldTbmFER0tZaUpLM0F4NEhZOHNhRmlqMGd3cW9GdklvaGE0aGE2NkwzZFBXOHNJZGNuUVh3Z2dxU1BLZmVzTG9MWUJnMnU4NjlJNmd6QXFPVmIrVHNEZjZLSXQ4d21nQkRtQ1RZMk15WlZIaFBqWDQzcWpQXC9TNDZcL0xiUnR0TTFDTFpoQkpZXC9scmlpdTB1a29GNFlRRVVaeERZNGhWREhmYTlxYXpDUE9pUnl3VG5nPT0iLCJtYWMiOiI3Zjk0NmYyYjUyMzMxY2IzM2ViZWQxYmFlOWU4YjI5Y2IyYTRiNjZiYjBmZTlmNDVmNGI2ZDk4ZjVlNjMwYjhhIn0%3D; expires=Thu, 22-Sep-2022 18:27:49 GMT; Max-Age=7200; path=/; httponly
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74ec68fe8a5f1c16-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1 
Host: ouo.press
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/U8nrpN
Cookie: ouoio_session=eyJpdiI6IkFvMDNjWXJFdnQ0dlNmNlY3aElyclU5VTRsVkJTUVhkbG5FMFRTXC90OVFvPSIsInZhbHVlIjoiRnRGNG5YdjJTMlwvVGxhaVU0SHkzamRieExRWHVvR2lCMnFPaDdiQ3lMcXJNRXBsSFl4dkxZcHVsazg3anM5T2lFZmZHSUV6eTNyY0czZk5kbW8zbm5RPT0iLCJtYWMiOiJiMTU5MDYyZTJlNTljOGZkNTkwMjFlOTQ1M2NmZWVlMjczNDExNzg5YTI4YmVmZjViM2JjMDU4NmIwOWY4MTliIn0%3D; language=eyJpdiI6IkhqQklWQWhIY09tMFViN2g2ekxZNjgrY0Q1Z2xCQnlWZzloN2tqSnRFN2c9IiwidmFsdWUiOiJwZ1hHTHM5M3pLWVpiMDVVaXZzYWV0amtEYUYxMVpmVDdJTVZGbUtzTEs4PSIsIm1hYyI6ImIzYTUwYzc1NmJmNzZiYjk1NmQ4YTA3N2Y5YTdmNjBhMzQ4ZjMwMzRjOWI4YzI0NDY0NWFiYmY1N2MzMDBlNDYifQ%3D%3D; e6343f55f8de1b93b28e99e178513f9efb2d3252=eyJpdiI6IjIxTG1yMHhnY0JtcFRISzhtcWtza1c0U1orXC9uWmgxajdKODg2MitKZXJFPSIsInZhbHVlIjoiaHNIbDBDVmJXSko1aDVvOFwvNUN4M0JoR2E5VWtrY0NjNnFsbSsrOHRyb1hLejM0NzlyOXZUWVBJYk40NHVQY0RxUkVSMTNvMW42dDZTZG92aERqXC9DNGl1RXFQUDNNb0Y4Y2ZMVWxDekZzM0pqeFN0WmVaclFcL1c4bHI5WmxldFBnM3NlM0xoNlM2SVdiVkF1ZllZd0VHXC9wT1NjbzN0eURtRWwrR1ZwYjA0Uk9CZnZobWRQUDRBR0RmU0gycmlLTUJKaGxUUW9HNnBRcXhtMTNcL0dtTGRlbFZzeEFPTFJ6TFdCbnZsMnN3ZmdVWm55TG9uVFk5WE84akw4V0R5R04yaXgyOXpmV1ZCQm5OU091UWpadm95YnpLODlBc3VXb0FMeERtSTdiWDE3S1h3bnJkVHE3bkpjZHBQNFBtNDA2eTIwc0FRR0VGdW5DRnRuQUJLMG0wdXNoRVU0TEZKcnhiMk82YmluVEdJd2FWc1lSNG41cGxWU1dZOW81dVc3SUoiLCJtYWMiOiJhODE3N2I4NzI1MjU2MTY4MDAzZjMyZTY4YzdkZTFhM2M1MDEyMTFkMjk5YjkyODhiN2Y2YmVlNmQyZjllYzNhIn0%3D; __cf_bm=N5JFHHVk8VfQJNpkhEU2kWCZCG3wmDh5a8ZWz5EmWVk-1663864069-0-ARrjo568ZUo8DrbloxV/buaEcRkj7lV5Uk8O3GxiyYWcOjAFP1BD3xHVduMWEA+aL7Sc3UZQdsJKSf03T93qIG4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.22.15
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Thu, 22 Sep 2022 16:27:49 GMT
last-modified: Tue, 20 Sep 2022 14:16:51 GMT
etag: W/"6329cb53-4d7"
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ec6903ecc70b02-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Sat, 24 Sep 2022 16:27:49 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /css/link-safe.css HTTP/1.1 
Host: ouo.press
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/U8nrpN
Cookie: ouoio_session=eyJpdiI6IkFvMDNjWXJFdnQ0dlNmNlY3aElyclU5VTRsVkJTUVhkbG5FMFRTXC90OVFvPSIsInZhbHVlIjoiRnRGNG5YdjJTMlwvVGxhaVU0SHkzamRieExRWHVvR2lCMnFPaDdiQ3lMcXJNRXBsSFl4dkxZcHVsazg3anM5T2lFZmZHSUV6eTNyY0czZk5kbW8zbm5RPT0iLCJtYWMiOiJiMTU5MDYyZTJlNTljOGZkNTkwMjFlOTQ1M2NmZWVlMjczNDExNzg5YTI4YmVmZjViM2JjMDU4NmIwOWY4MTliIn0%3D; language=eyJpdiI6IkhqQklWQWhIY09tMFViN2g2ekxZNjgrY0Q1Z2xCQnlWZzloN2tqSnRFN2c9IiwidmFsdWUiOiJwZ1hHTHM5M3pLWVpiMDVVaXZzYWV0amtEYUYxMVpmVDdJTVZGbUtzTEs4PSIsIm1hYyI6ImIzYTUwYzc1NmJmNzZiYjk1NmQ4YTA3N2Y5YTdmNjBhMzQ4ZjMwMzRjOWI4YzI0NDY0NWFiYmY1N2MzMDBlNDYifQ%3D%3D; e6343f55f8de1b93b28e99e178513f9efb2d3252=eyJpdiI6IjIxTG1yMHhnY0JtcFRISzhtcWtza1c0U1orXC9uWmgxajdKODg2MitKZXJFPSIsInZhbHVlIjoiaHNIbDBDVmJXSko1aDVvOFwvNUN4M0JoR2E5VWtrY0NjNnFsbSsrOHRyb1hLejM0NzlyOXZUWVBJYk40NHVQY0RxUkVSMTNvMW42dDZTZG92aERqXC9DNGl1RXFQUDNNb0Y4Y2ZMVWxDekZzM0pqeFN0WmVaclFcL1c4bHI5WmxldFBnM3NlM0xoNlM2SVdiVkF1ZllZd0VHXC9wT1NjbzN0eURtRWwrR1ZwYjA0Uk9CZnZobWRQUDRBR0RmU0gycmlLTUJKaGxUUW9HNnBRcXhtMTNcL0dtTGRlbFZzeEFPTFJ6TFdCbnZsMnN3ZmdVWm55TG9uVFk5WE84akw4V0R5R04yaXgyOXpmV1ZCQm5OU091UWpadm95YnpLODlBc3VXb0FMeERtSTdiWDE3S1h3bnJkVHE3bkpjZHBQNFBtNDA2eTIwc0FRR0VGdW5DRnRuQUJLMG0wdXNoRVU0TEZKcnhiMk82YmluVEdJd2FWc1lSNG41cGxWU1dZOW81dVc3SUoiLCJtYWMiOiJhODE3N2I4NzI1MjU2MTY4MDAzZjMyZTY4YzdkZTFhM2M1MDEyMTFkMjk5YjkyODhiN2Y2YmVlNmQyZjllYzNhIn0%3D; __cf_bm=N5JFHHVk8VfQJNpkhEU2kWCZCG3wmDh5a8ZWz5EmWVk-1663864069-0-ARrjo568ZUo8DrbloxV/buaEcRkj7lV5Uk8O3GxiyYWcOjAFP1BD3xHVduMWEA+aL7Sc3UZQdsJKSf03T93qIG4=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.22.15
HTTP/2 200 OK
content-type: text/css
                                        
date: Thu, 22 Sep 2022 16:27:49 GMT
cache-control: max-age=86400
cf-bgj: minify
cf-polished: status=cannot_optimize
etag: W/"5d951ace-1830"
expires: Fri, 23 Sep 2022 00:48:12 GMT
last-modified: Wed, 02 Oct 2019 21:46:54 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 13177
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ec6903ecba0b02-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /rux/abcdef/105641/?pub_sid=105641&VIA_WIDTH=432&VIA_HEIGHT=243&v=206231&rc=1&cb=1663864070153&page_url=https%3A%2F%2Fouo.press%2FU8nrpN HTTP/1.1 
Host: viavideo.digital
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ouo.press/
Origin: https://ouo.press
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         141.94.202.176
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Thu, 22 Sep 2022 16:27:50 GMT
access-control-allow-origin: https://ouo.press
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
set-cookie: uid=jV7KsGMsjQZw9wR4Ayz1Ag==; expires=Fri, 22-Sep-23 16:27:50 GMT; domain=.viavideo.digital; path=/
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /bao-csm/aps-comm/aps_csm.js HTTP/1.1 
Host: c.amazon-adsystem.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         143.204.46.73
HTTP/2 200 OK
content-type: application/javascript
                                        
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Mon, 19 Sep 2022 09:37:07 GMT
x-amz-version-id: I95TjGhhrR3O7F99m0mjPLrSrnJRj9o4
server: AmazonS3
content-encoding: gzip
date: Thu, 22 Sep 2022 09:42:04 GMT
cache-control: public, max-age=86400
etag: W/"a4d296427fc806b21335359e398c025c"
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: rKFAHEEz3yHrJr56rDPgwox7OmihKVoV6Rt9iUDs4eizqZfvQwt-sQ==
age: 24639
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/js/jquery.min.js HTTP/1.1 
Host: cdn.sb4you1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.64.201.2
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Thu, 22 Sep 2022 16:27:52 GMT
last-modified: Fri, 21 May 2021 10:10:50 GMT
etag: W/"60a7872a-15d94"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4342984
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hiE1audz1zjRwSkNA%2FnFtDSNgmzJNt0wOzxhRHZlJtGywg3oTCyLaq%2FTjF309wq4neRqrFHZ%2FoBAggQaBFzRLjl0XrVsOriV6PsppsREcWso47lOUi5QRgj30wDs6Bew28U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ec6916dd4971db-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---