Overview

URLouo.io/PRvPzF
IP 172.67.6.151 (United States)
ASN#13335 CLOUDFLARENET
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-11-15 07:28:20 UTC
StatusLoading report..
IDS alerts0
Blocklist alert1
urlquery alerts No alerts detected
Tags None

Domain Summary (49)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
jsc.adskeeper.com (2) 31191 2020-07-04 10:58:29 UTC 2022-11-15 06:55:09 UTC 104.18.36.64
ecdn.firstimpression.io (3) 18146 2021-02-01 12:00:32 UTC 2022-11-14 21:15:00 UTC 54.230.111.77
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-11-14 06:01:23 UTC 34.102.187.140
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-15 06:00:48 UTC 34.117.237.239
ocsp.pki.goog (9) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.3
fonts.gstatic.com (1) 0 2014-09-09 00:40:21 UTC 2022-11-15 06:07:55 UTC 216.58.207.195 Domain (gstatic.com) ranked at: 540
cdn.jsdelivr.net (1) 439 2012-09-30 00:15:09 UTC 2020-08-10 12:12:39 UTC 151.101.85.229
status.geotrust.com (2) 3662 2018-06-23 22:14:44 UTC 2020-01-21 11:48:52 UTC 93.184.220.29
gum.criteo.com (5) 381 2015-01-22 10:58:57 UTC 2020-03-06 00:06:09 UTC 178.250.0.157
api.rlcdn.com (1) 791 2018-09-26 05:12:06 UTC 2022-11-14 06:09:24 UTC 34.120.133.55
fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-11-15 06:11:48 UTC 142.250.74.10
itineraryupper.com (1) 280787 2020-07-23 02:40:11 UTC 2022-11-15 01:56:04 UTC 192.243.59.20
ads.pubmatic.com (3) 469 2012-10-30 07:42:53 UTC 2020-05-06 07:34:52 UTC 23.38.200.201
hhklc.com (1) 0 2022-06-12 16:30:56 UTC 2022-11-14 21:15:00 UTC 104.21.70.122 Unknown ranking
d3div1mtym39ic.cloudfront.net (1) 0 2022-11-14 20:24:37 UTC 2022-11-15 03:32:57 UTC 54.230.245.70 Unknown ranking
ib.adnxs.com (3) 241 2013-11-13 21:17:09 UTC 2020-03-22 02:54:33 UTC 37.252.171.84
ocsp.godaddy.com (1) 698 2012-05-20 19:28:57 UTC 2020-05-02 20:58:10 UTC 192.124.249.24
ad.doubleclick.net (1) 186 2013-05-06 20:24:43 UTC 2022-11-15 05:59:39 UTC 142.250.74.102
bidder.criteo.com (2) 750 2017-01-30 05:01:16 UTC 2020-04-04 21:53:35 UTC 178.250.0.165
aax-dtb-cf.amazon-adsystem.com (1) 0 No data No data 54.230.241.131 Domain (amazon-adsystem.com) ranked at: 3190
static.criteo.net (2) 652 2012-05-22 17:01:05 UTC 2020-04-10 07:40:42 UTC 178.250.2.130
id5-sync.com (1) 504 2017-04-26 01:01:49 UTC 2022-11-14 06:05:22 UTC 141.95.98.64
cdn.firstimpression.io (2) 18692 2021-01-14 07:12:29 UTC 2022-11-15 07:17:16 UTC 54.230.111.77
ouo.io (2) 50761 2015-02-15 06:06:38 UTC 2022-11-14 06:39:55 UTC 172.67.6.151
widgets.outbrain.com (1) 1272 2012-05-22 16:25:59 UTC 2021-09-19 11:36:18 UTC 23.38.201.81
www.gstatic.com (1) 0 2016-07-26 09:37:06 UTC 2022-11-14 23:26:02 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
tag.1rx.io (1) 1330 2017-01-30 04:25:47 UTC 2022-11-14 14:20:17 UTC 213.19.147.42
c.amazon-adsystem.com (2) 300 2013-12-19 15:10:01 UTC 2020-03-20 03:39:56 UTC 54.230.111.210
dnacdn.net (2) 3760 2019-09-02 15:07:45 UTC 2022-11-14 06:35:25 UTC 178.250.0.157
www.google.com (1) 7 2016-03-22 03:56:07 UTC 2022-11-15 01:18:27 UTC 142.250.74.164
ecdn.analysis.fi (1) 22604 2021-04-26 06:44:49 UTC 2022-11-15 07:17:16 UTC 54.230.111.15
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 52.42.74.230
ocsp.globalsign.com (1) 2075 2012-07-20 17:46:16 UTC 2020-05-02 20:58:10 UTC 104.18.20.226
fptadtrue-d.openx.net (1) 50626 2017-10-16 10:35:43 UTC 2022-11-14 21:50:34 UTC 34.98.64.218
img-getpocket.cdn.mozilla.net (6) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
ocsp.sectigo.com (3) 487 2019-11-29 11:50:24 UTC 2021-09-17 20:05:40 UTC 104.18.32.68
fastlane.rubiconproject.com (1) 459 2018-06-14 02:15:35 UTC 2019-11-13 04:41:44 UTC 213.19.162.51
match.adsrvr.org (1) 349 2014-10-06 17:59:33 UTC 2022-11-14 06:03:29 UTC 3.33.220.150
id.crwdcntrl.net (1) 1695 2020-11-30 15:11:25 UTC 2022-11-15 05:52:07 UTC 54.195.100.225
ocsp.digicert.com (12) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
ouo.press (6) 89754 2016-10-08 20:09:51 UTC 2022-11-15 06:27:50 UTC 104.22.58.251
www.google-analytics.com (1) 40 2012-10-03 01:04:21 UTC 2022-11-15 04:05:59 UTC 142.250.74.174
ouo.io (2) 50761 2015-02-15 06:06:38 UTC 2022-11-14 06:39:55 UTC 104.22.22.162
simage4.pubmatic.com (1) 1129 2013-08-22 13:21:53 UTC 2020-05-04 02:07:07 UTC 198.47.127.20
r3.o.lencr.org (9) 344 No data No data 23.36.76.226
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
www.googletagmanager.com (1) 75 2013-05-22 02:07:37 UTC 2022-11-15 06:20:06 UTC 142.250.74.168
ag.gbc.criteo.com (1) 5925 2018-12-17 13:17:41 UTC 2019-12-16 16:26:43 UTC 178.250.6.245
cdn.adtrue.com (1) 52823 2017-08-21 09:17:37 UTC 2022-11-14 21:50:33 UTC 172.67.144.172

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-11-15 2 itineraryupper.com/ed/36/01/ed36014633829dc70a42dccaefdf3f11.js Malware

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 172.67.6.151
Date UQ / IDS / BL URL IP
2023-02-05 07:01:01 +0000 0 - 6 - 0 ouo.io/6htoBEh 172.67.6.151
2023-02-04 23:18:07 +0000 0 - 7 - 0 ouo.io/KQCoxY 172.67.6.151
2023-02-04 19:03:58 +0000 0 - 7 - 0 ouo.io/TBrkwIH 172.67.6.151
2023-02-04 07:01:46 +0000 0 - 0 - 10 ouo.io/UW1GsW 172.67.6.151
2023-02-03 17:00:24 +0000 0 - 5 - 0 ouo.io/DW8tO3 172.67.6.151


Last 5 reports on ASN: CLOUDFLARENET
Date UQ / IDS / BL URL IP
2023-02-05 07:24:33 +0000 3 - 1 - 10 ntutdc1995.com/wp-content/plugins/advanced-fl (...) 104.26.1.51
2023-02-05 07:23:18 +0000 0 - 2 - 2 prelands.vikolo.live/meta/India/hammer/mens-club/ 104.21.28.242
2023-02-05 07:21:13 +0000 0 - 1 - 0 cdn.discordapp.com/attachments/10633959135796 (...) 162.159.135.233
2023-02-05 07:20:16 +0000 0 - 1 - 2 www.jacquieetmichelelite.com/ 104.19.129.59
2023-02-05 07:19:31 +0000 0 - 2 - 1 ru-info-block.biz/ 172.67.186.207


Last 5 reports on domain: ouo.io
Date UQ / IDS / BL URL IP
2023-02-05 07:01:01 +0000 0 - 6 - 0 ouo.io/6htoBEh 172.67.6.151
2023-02-04 23:18:07 +0000 0 - 7 - 0 ouo.io/KQCoxY 172.67.6.151
2023-02-04 23:18:04 +0000 0 - 6 - 0 ouo.io/kfclB0 104.22.23.162
2023-02-04 21:01:04 +0000 0 - 7 - 0 ouo.io/hX3Ybwh 104.22.23.162
2023-02-04 19:03:58 +0000 0 - 7 - 0 ouo.io/TBrkwIH 172.67.6.151


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2022-11-27 23:09:45 +0000 0 - 0 - 8 ouo.press/rX618eN 104.22.59.251
2022-11-18 00:02:03 +0000 0 - 0 - 1 ouo.io/l6f7zP 104.22.23.162
2022-11-17 23:19:17 +0000 0 - 0 - 1 ouo.press/Y1Mh4my 104.22.59.251
2022-11-14 21:53:15 +0000 0 - 0 - 1 ouo.io/599QOVX 104.22.23.162
2022-11-14 00:06:18 +0000 0 - 0 - 1 ouo.io/4srK5m 104.22.22.162

JavaScript

Executed Scripts (40)

Executed Evals (35)
#1 JavaScript::Eval (size: 19) - SHA256: 631bd9a13534679ce526b007d4fc8352793377d89bcc321392b01ecf075c4101
this.context['Set']
#2 JavaScript::Eval (size: 35) - SHA256: 41aae560d6dd4b675e6e45d30c1572db537659e580ac434c4b89b76e4f3dc5ac
this.context['SiteBoundCredential']
#3 JavaScript::Eval (size: 30) - SHA256: 7ceacb36606d6f6599d3ed5454c31152cb4417fb3c02ebb66431c4227a653726
this.context['clearImmediate']
#4 JavaScript::Eval (size: 43) - SHA256: 0220aceb9c3413632235ce2598b94dd7a130a95558114c04ad41f9386b69777b
this.context['clientInformation']['vendor']
#5 JavaScript::Eval (size: 33) - SHA256: 92cc9c48ca7d897742a37b1578ba7c99e9d9c405fced233bb9a3270ef84fddfc
this.context['DeviceMotionEvent']
#6 JavaScript::Eval (size: 19) - SHA256: 67909fba812519f6eced963d195970a41923b591290d48f96704719fc6b74ec5
this.context['NaN']
#7 JavaScript::Eval (size: 22333) - SHA256: a7b0bd794eb053541b792049038bcc8a722ff65943a8f4a899ae7ccafd845e82
(function() {
    var u = function(A, I, D, n, M, T, e, g, h) {
            if ((D.J += (((g = (M = (e = (h = (A || D.v++, 0 < D.R && D.W && D.FY && 1 >= D.O && !D.D && !D.T && (!A || 1 < D.Y - I)) && 0 == document.hidden, T = 4 == D.v) || h ? D.H() : D.u, e - D.u), M) >> 14, D).I && (D.I ^= g * (M << 2)), D).h = g || D.h, g), T) || h) D.u = e, D.v = 0;
            if (!h || e - D.C < D.R - (n ? 255 : A ? 5 : 2)) return false;
            return (d(D, 411, (n = B(D, (D.Y = I, A ? 415 : 411)), D.A)), D.G).push([DG, n, A ? I + 1 : I]), D.T = p, true
        },
        X, j0 = function(A, I) {
            return A[I] << 24 | A[(I | 0) + 1] << 16 | A[(I | 0) + 2] << 8 | A[(I | 0) + 3]
        },
        B = function(A, I) {
            if (A = A.U[I], void 0 === A) throw [w, 30, I];
            if (A.value) return A.create();
            return A.create(5 * I * I + -98 * I + -22), A.prototype
        },
        I3 = function(A, I) {
            if ((I = q.trustedTypes, A = null, !I) || !I.createPolicy) return A;
            try {
                A = I.createPolicy("bg", {
                    createHTML: Au,
                    createScript: Au,
                    createScriptURL: Au
                })
            } catch (D) {
                q.console && q.console.error(D.message)
            }
            return A
        },
        U = function(A, I, D) {
            D[d(A, I, D), TH] = 2796
        },
        gn = function(A, I, D, n) {
            return B((d(D, ((n = B(D, 411), D.s) && n < D.A ? (d(D, 411, D.A), e0(D, A)) : d(D, 411, A), ng(D, I), 411), n), D), 141)
        },
        hu = function(A, I, D, n, M, T) {
            for (M = ((D = (n = A[sL] || {}, c(A)), n.qK = c(A), n).g = [], A).h == A ? (P(A) | 0) - 1 : 1, I = c(A), T = 0; T < M; T++) n.g.push(c(A));
            for (n.P = B(A, D); M--;) n.g[M] = B(A, n.g[M]);
            return n.UH = B(A, I), n
        },
        MO = function(A, I) {
            (I.push(A[0] << 24 | A[1] << 16 | A[2] << 8 | A[3]), I).push(A[4] << 24 | A[5] << 16 | A[6] << 8 | A[7]), I.push(A[8] << 24 | A[9] << 16 | A[10] << 8 | A[11])
        },
        Bh = function(A, I, D, n) {
            function M() {}
            return n = a3(A, (D = void 0, function(T) {
                M && (I && p(I), D = T, M(), M = void 0)
            }), !!I)[0], {
                invoke: function(T, e, g, h) {
                    function a() {
                        D(function(Y) {
                            p(function() {
                                T(Y)
                            })
                        }, g)
                    }
                    if (!e) return e = n(g), T && T(e), e;
                    D ? a() : (h = M, M = function() {
                        p((h(), a))
                    })
                }
            }
        },
        Y0 = function(A, I, D) {
            if (3 == A.length) {
                for (D = 0; 3 > D; D++) I[D] += A[D];
                for (D = (A = [13, 8, 13, 12, 16, 5, 3, 10, 15], 0); 9 > D; D++) I[3](I, D % 3, A[D])
            }
        },
        e0 = function(A, I) {
            d(((A.fe.push(A.U.slice()), A).U[411] = void 0, A), 411, I)
        },
        pg = function(A, I) {
            return x[A](x.prototype, {
                floor: I,
                call: I,
                pop: I,
                propertyIsEnumerable: I,
                console: I,
                parent: I,
                length: I,
                document: I,
                prototype: I,
                replace: I,
                splice: I,
                stack: I
            })
        },
        E = function(A, I, D) {
            D = this;
            try {
                ul(A, I, this)
            } catch (n) {
                k(this, n), I(function(M) {
                    M(D.F)
                })
            }
        },
        q = this || self,
        o3 = function(A, I) {
            return (I = I.create().shift(), A.D).create().length || A.j.create().length || (A.D = void 0, A.j = void 0), I
        },
        a3 = function(A, I, D, n) {
            return (n = l[A.substring(0, 3) + "_"]) ? n(A.substring(3), I, D) : y1(A, I)
        },
        GH = function(A, I, D) {
            if ((D = typeof A, "object") == D)
                if (A) {
                    if (A instanceof Array) return "array";
                    if (A instanceof Object) return D;
                    if (I = Object.prototype.toString.call(A), "[object Window]" == I) return "object";
                    if ("[object Array]" == I || "number" == typeof A.length && "undefined" != typeof A.splice && "undefined" != typeof A.propertyIsEnumerable && !A.propertyIsEnumerable("splice")) return "array";
                    if ("[object Function]" == I || "undefined" != typeof A.call && "undefined" != typeof A.propertyIsEnumerable && !A.propertyIsEnumerable("call")) return "function"
                } else return "null";
            else if ("function" == D && "undefined" == typeof A.call) return "object";
            return D
        },
        mt = function(A, I) {
            return I = P(A), I & 128 && (I = I & 127 | P(A) << 7), I
        },
        Wh = function(A, I, D, n, M, T) {
            function e() {
                if (D.h == D) {
                    if (D.U) {
                        var g = [r, n, A, void 0, M, T, arguments];
                        if (2 == I) var h = C(D, false, (F(D, g), false));
                        else if (1 == I) {
                            var a = !D.G.length;
                            F(D, g), a && C(D, false, false)
                        } else h = Xy(g, D);
                        return h
                    }
                    M && T && M.removeEventListener(T, e, O)
                }
            }
            return e
        },
        c = function(A, I) {
            if (A.D) return o3(A, A.j);
            return (I = z(A, 8, true), I) & 128 && (I ^= 128, A = z(A, 2, true), I = (I << 2) + (A | 0)), I
        },
        Xy = function(A, I, D, n, M) {
            if ((D = A[0], D) == J) I.X = 25, I.i(A);
            else if (D == v) {
                M = A[1];
                try {
                    n = I.F || I.i(A)
                } catch (T) {
                    k(I, T), n = I.F
                }
                M(n)
            } else if (D == DG) I.i(A);
            else if (D == K) I.i(A);
            else if (D == Q1) {
                try {
                    for (n = 0; n < I.N.length; n++) try {
                        M = I.N[n], M[0][M[1]](M[2])
                    } catch (T) {}
                } catch (T) {}(0, A[1])(function(T, e) {
                    I.o(T, true, e)
                }, (I.N = [], function(T) {
                    F(I, (T = !I.G.length, [wn])), T && C(I, false, true)
                }))
            } else {
                if (D == r) return n = A[2], d(I, 103, A[6]), d(I, 141, n), I.i(A);
                D == wn ? (I.U = null, I.K = [], I.s = []) : D == TH && "loading" === q.document.readyState && (I.T = function(T, e) {
                    function g() {
                        e || (e = true, T())
                    }
                    q.document.addEventListener("DOMContentLoaded", g, (e = false, O)), q.addEventListener("load", g, O)
                })
            }
        },
        P = function(A) {
            return A.D ? o3(A, A.j) : z(A, 8, true)
        },
        ng = function(A, I, D, n, M, T) {
            if (!A.F) {
                A.O++;
                try {
                    for (T = void 0, D = 0, M = A.A; --I;) try {
                        if (n = void 0, A.D) T = o3(A, A.D);
                        else {
                            if (D = B(A, 411), D >= M) break;
                            T = B(A, (n = c((d(A, 415, D), A)), n))
                        }
                        u(false, (T && T[wn] & 2048 ? T(A, I) : V(A, [w, 21, n], 0), I), A, false)
                    } catch (e) {
                        B(A, 27) ? V(A, e, 22) : d(A, 27, e)
                    }
                    if (!I) {
                        if (A.Da) {
                            ng(A, (A.O--, 342722082906));
                            return
                        }
                        V(A, [w, 33], 0)
                    }
                } catch (e) {
                    try {
                        V(A, e, 22)
                    } catch (g) {
                        k(A, g)
                    }
                }
                A.O--
            }
        },
        k = function(A, I) {
            A.F = ((A.F ? A.F + "~" : "E:") + I.message + ":" + I.stack).slice(0, 2048)
        },
        il = function(A, I, D, n, M) {
            for (M = I = (A = A.replace(/\r\n/g, "\n"), 0), n = []; I < A.length; I++) D = A.charCodeAt(I), 128 > D ? n[M++] = D : (2048 > D ? n[M++] = D >> 6 | 192 : (55296 == (D & 64512) && I + 1 < A.length && 56320 == (A.charCodeAt(I + 1) & 64512) ? (D = 65536 + ((D & 1023) << 10) + (A.charCodeAt(++I) & 1023), n[M++] = D >> 18 | 240, n[M++] = D >> 12 & 63 | 128) : n[M++] = D >> 12 | 224, n[M++] = D >> 6 & 63 | 128), n[M++] = D & 63 | 128);
            return n
        },
        Au = function(A) {
            return A
        },
        qO = function(A, I, D) {
            return (D = x[A.V](A.AG), D)[A.V] = function() {
                return I
            }, D.concat = function(n) {
                I = n
            }, D
        },
        UL = function(A, I, D, n) {
            for (n = (D = c(I), 0); 0 < A; A--) n = n << 8 | P(I);
            d(I, D, n)
        },
        ZG = function(A, I, D, n) {
            S(L(A, (n = (D = c(I), c(I)), B(I, D))), I, n)
        },
        Hh = function(A, I, D) {
            return I.o(function(n) {
                D = n
            }, false, A), D
        },
        L = function(A, I, D, n) {
            for (D = (n = (A | 0) - 1, []); 0 <= n; n--) D[(A | 0) - 1 - (n | 0)] = I >> 8 * n & 255;
            return D
        },
        $0 = function(A, I, D, n, M) {
            for (n = 0, M = A[2] | 0, A = A[3] | 0; 14 > n; n++) D = D >>> 8 | D << 24, D += I | 0, D ^= M + 2229, A = A >>> 8 | A << 24, I = I << 3 | I >>> 29, I ^= D, A += M | 0, A ^= n + 2229, M = M << 3 | M >>> 29, M ^= A;
            return [I >>> 24 & 255, I >>> 16 & 255, I >>> 8 & 255, I >>> 0 & 255, D >>> 24 & 255, D >>> 16 & 255, D >>> 8 & 255, D >>> 0 & 255]
        },
        S = function(A, I, D, n, M, T) {
            if (I.h == I)
                for (T = B(I, D), 114 == D ? (D = function(e, g, h, a) {
                        if (T.ne != (h = (a = T.length, (a | 0) - 4 >> 3), h)) {
                            g = (h = (T.ne = h, h << 3) - 4, [0, 0, M[1], M[2]]);
                            try {
                                T.VZ = $0(g, j0(T, h), j0(T, (h | 0) + 4))
                            } catch (Y) {
                                throw Y;
                            }
                        }
                        T.push(T.VZ[a & 7] ^ e)
                    }, M = B(I, 352)) : D = function(e) {
                        T.push(e)
                    }, n && D(n & 255), I = 0, n = A.length; I < n; I++) D(A[I])
        },
        f = function(A, I) {
            for (I = []; A--;) I.push(255 * Math.random() | 0);
            return I
        },
        C = function(A, I, D, n, M, T) {
            if (A.G.length) {
                A.W = !(A.FY = (A.W && 0(), D), 0);
                try {
                    n = A.H(), A.u = n, A.C = n, A.v = 0, T = ch(A, D), M = A.H() - A.C, A.Z += M, M < (I ? 0 : 10) || 0 >= A.X-- || (M = Math.floor(M), A.K.push(254 >= M ? M : 254))
                } finally {
                    A.W = false
                }
                return T
            }
        },
        x0 = function(A, I, D, n, M, T, e, g) {
            return ((T = x[(n = [10, (e = (M = Ph, A & 7), -98), 54, 77, 21, -31, n, 51, -77, 74], I).V](I.hG), T)[I.V] = function(h) {
                e += (g = h, 6 + 7 * A), e &= 7
            }, T).concat = function(h) {
                return (h = (g = (h = +e - -5390 * (h = D % 16 + 1, D) * g + 55 * g * g - 275 * D * D * g - -1210 * g + (M() | 0) * h + n[e + 19 & 7] * D * h - h * g + 5 * D * D * h, void 0), n[h]), n)[(e + 45 & 7) + (A & 2)] = h, n[e + (A & 2)] = -98, h
            }, T
        },
        z = function(A, I, D, n, M, T, e, g, h, a, Y, y, Q, m) {
            if ((h = B(A, 411), h) >= A.A) throw [w, 31];
            for (Q = (m = h, Y = (y = 0, I), A.S5.length); 0 < Y;) n = m % 8, e = m >> 3, T = 8 - (n | 0), T = T < Y ? T : Y, M = A.s[e], D && (g = A, g.S != m >> 6 && (g.S = m >> 6, a = B(g, 394), g.L = $0([0, 0, a[1], a[2]], g.I, g.S)), M ^= A.L[e & Q]), y |= (M >> 8 - (n | 0) - (T | 0) & (1 << T) - 1) << (Y | 0) - (T | 0), Y -= T, m += T;
            return d(A, 411, (h | (D = y, 0)) + (I | 0)), D
        },
        ch = function(A, I, D, n) {
            for (; A.G.length;) {
                D = (A.T = null, A.G.pop());
                try {
                    n = Xy(D, A)
                } catch (M) {
                    k(A, M)
                }
                if (I && A.T) {
                    (I = A.T, I)(function() {
                        C(A, true, true)
                    });
                    break
                }
            }
            return n
        },
        p = q.requestIdleCallback ? function(A) {
            requestIdleCallback(function() {
                A()
            }, {
                timeout: 4
            })
        } : q.setImmediate ? function(A) {
            setImmediate(A)
        } : function(A) {
            setTimeout(A, 0)
        },
        l, y1 = function(A, I) {
            return [(I(function(D) {
                D(A)
            }), function() {
                return A
            })]
        },
        d = function(A, I, D) {
            if (411 == I || 415 == I) A.U[I] ? A.U[I].concat(D) : A.U[I] = qO(A, D);
            else {
                if (A.B && 394 != I) return;
                161 == I || 114 == I || 437 == I || 261 == I || 352 == I ? A.U[I] || (A.U[I] = x0(118, A, I, D)) : A.U[I] = x0(121, A, I, D)
            }
            394 == I && (A.I = z(A, 32, false), A.S = void 0)
        },
        F = function(A, I) {
            A.G.splice(0, 0, I)
        },
        ul = function(A, I, D, n, M) {
            for (n = (M = ((D.hG = pg((D.by = k0, D.kb = (D.S5 = D[v], bl), D.V), {get: function() {
                        return this.concat()
                    }
                }), D).AG = x[D.V](D.hG, {
                    value: {
                        value: {}
                    }
                }), []), 0); 289 > n; n++) M[n] = String.fromCharCode(n);
            C(D, (F(D, (F((F(D, (U(D, (d(D, 239, (U(D, 331, (U(D, (U(D, 144, (U(D, (U(D, 17, (U(D, (U(D, 325, (d(D, 161, [160, (d(D, (U(D, (D.sH = (U(D, (U(D, 223, (d(D, 424, (d(D, 143, (U(D, (d(D, 434, (d(D, 352, (U(D, (U(D, 194, (U(D, 370, (d(D, 437, (U(D, 95, ((U(D, 154, (U((U(D, 21, (U(D, (U(D, 175, (U(D, 129, (U(D, 280, (d((d(D, 100, (D.iy = (d(D, 141, (U((U(D, (D.j5 = (d(D, (d(D, (D.T = (D.FY = false, (D.O = 0, D.G = [], D.D = (D.zX = function(T) {
                this.h = T
            }, D.B = false, D.C = 0, void 0), (D.fe = [], D).j = (D.R = ((D.F = void 0, D).J = 1, 0), n = (D.W = false, D.X = 25, window.performance || {}), D.N = [], (D.h = D, D).L = void 0, (D.QZ = 0, D.Z = 0, D.s = [], D).S = ((D.Y = 8001, D).v = void 0, void 0), D.U = [], void 0), D.A = (D.u = (D.K = [], 0), 0), D).I = void 0, D.Hn = n.timeOrigin || (n.timing || {}).navigationStart || 0, null), 411), 0), 415), 0), 0), U(D, 483, function() {}), 360), function(T, e, g, h) {
                h = (e = B(T, (g = (h = (e = c(T), c(T)), c(T)), e)), B(T, h)), d(T, g, e in h | 0)
            }), D), 202, function(T, e, g, h) {
                d(T, (g = B(T, (h = B(T, (e = (h = c((g = c(T), T)), c(T)), h)), g)) == h, e), +g)
            }), {})), 0), 0)), D), 27, 438), function(T, e, g, h, a) {
                for (h = c(T), g = mt(T), a = [], e = 0; e < g; e++) a.push(P(T));
                d(T, h, a)
            })), function(T, e, g, h, a, Y) {
                u(true, e, T, false) || (g = hu(T.h), e = g.qK, h = g.UH, Y = g.g, a = Y.length, g = g.P, h = 0 == a ? new h[g] : 1 == a ? new h[g](Y[0]) : 2 == a ? new h[g](Y[0], Y[1]) : 3 == a ? new h[g](Y[0], Y[1], Y[2]) : 4 == a ? new h[g](Y[0], Y[1], Y[2], Y[3]) : 2(), d(T, e, h))
            })), function(T, e, g, h) {
                if (e = T.fe.pop()) {
                    for (g = P(T); 0 < g; g--) h = c(T), e[h] = T.U[h];
                    T.U = (e[424] = (e[261] = T.U[261], T.U)[424], e)
                } else d(T, 411, T.A)
            })), 127), function(T, e, g, h) {
                !u(true, e, T, false) && (e = hu(T), g = e.P, h = e.UH, T.h == T || g == T.zX && h == T) && (d(T, e.qK, g.apply(h, e.g)), T.u = T.H())
            }), function(T, e, g, h, a, Y, y) {
                for (Y = (h = (g = mt((e = c(T), T)), a = "", y = B(T, 322), y.length), 0); g--;) Y = ((Y | 0) + (mt(T) | 0)) % h, a += M[y[Y]];
                d(T, e, a)
            })), D), 336, function(T) {
                ll(4, T)
            }), function(T, e) {
                e0((e = B(T, c(T)), T.h), e)
            })), U(D, 69, function(T) {
                ll(3, T)
            }), U)(D, 6, function(T, e, g) {
                d(T, (g = GH((g = B(T, (g = c(T), e = c(T), g)), g)), e), g)
            }), function(T, e, g, h, a) {
                d(T, (e = B(T, (h = B((a = B(T, (a = (e = c((h = c((g = c(T), T)), T)), c(T)), a)), T), h), e)), g), Wh(e, a, T, h))
            })), [])), function(T) {
                ZG(1, T)
            })), function(T, e, g, h) {
                (h = c((e = (g = c(T), P(T)), T)), d)(T, h, B(T, g) >>> e)
            })), 201), function(T, e, g, h) {
                d(T, (g = B(T, (e = B(T, (e = c(T), h = c(T), e)), h)), h), g + e)
            }), [0, 0, 0])), 0)), 151), function(T, e, g, h) {
                (h = (e = c(T), c)(T), g = c(T), T).h == T && (g = B(T, g), h = B(T, h), B(T, e)[h] = g, 394 == e && (T.S = void 0, 2 == h && (T.I = z(T, 32, false), T.S = void 0)))
            }), q)), 2048)), function(T, e, g, h) {
                d(T, (e = (h = c((g = c(T), T)), c(T)), e), B(T, g) || B(T, h))
            })), 215), function(T, e, g) {
                u(true, e, T, false) || (e = c(T), g = c(T), d(T, g, function(h) {
                    return eval(h)
                }(EL(B(T.h, e)))))
            }), 0), 86), function(T, e, g, h) {
                g = B(T, (e = c((g = c(T), T)), h = c(T), g)), e = B(T, e), d(T, h, g[e])
            }), 261), []), 0), 0]), function(T, e) {
                T = B((e = c(T), T).h, e), T[0].removeEventListener(T[1], T[2], O)
            })), 145), function(T) {
                UL(4, T)
            }), function(T, e, g, h, a, Y) {
                if (!u(true, e, T, true)) {
                    if ("object" == GH((T = (g = B((Y = (e = (e = (Y = c(T), g = c(T), c(T)), a = c(T), B(T, e)), B(T, Y)), T), g), B(T, a)), Y))) {
                        for (h in a = [], Y) a.push(h);
                        Y = a
                    }
                    for (a = (e = 0 < e ? e : 1, h = 0, Y).length; h < a; h += e) g(Y.slice(h, (h | 0) + (e | 0)), T)
                }
            })), 171), function(T, e, g, h, a, Y, y, Q, m, Z, W, G) {
                function N(H, b) {
                    for (; y < H;) m |= P(T) << y, y += 8;
                    return b = m & (y -= H, (1 << H) - 1), m >>= H, b
                }
                for (G = (W = (Z = (h = (y = (g = c(T), m = 0), (N(3) | 0) + 1), N)(5), 0), Q = [], 0); G < Z; G++) Y = N(1), Q.push(Y), W += Y ? 0 : 1;
                for (G = (e = (W = ((W | 0) - 1).toString(2).length, []), 0); G < Z; G++) Q[G] || (e[G] = N(W));
                for (W = 0; W < Z; W++) Q[W] && (e[W] = c(T));
                for (a = []; h--;) a.push(B(T, c(T)));
                U(T, g, function(H, b, t, R, dn) {
                    for (b = (dn = (t = [], []), 0); b < Z; b++) {
                        if (!Q[R = e[b], b]) {
                            for (; R >= t.length;) t.push(c(H));
                            R = t[R]
                        }
                        dn.push(R)
                    }
                    H.j = qO(H, (H.D = qO(H, a.slice()), dn))
                })
            }), function(T, e, g, h, a) {
                (h = (e = B(T, (a = (h = c((g = c(T), T)), e = c(T), c)(T), g = B(T.h, g), a = B(T, a), e)), B(T, h)), 0 !== g) && (e = Wh(a, 1, T, e, g, h), g.addEventListener(h, e, O), d(T, 434, [g, h, e]))
            })), 102), function(T, e, g) {
                (g = B(T, (g = c((e = c(T), T)), g)), 0 != B(T, e)) && d(T, 411, g)
            }), d(D, 114, f(4)), function(T, e, g) {
                d(T, (e = c((g = c(T), T)), e), "" + B(T, g))
            })), D)), 15), function(T) {
                ZG(4, T)
            }), [TH])), D), [K, A]), [Q1, I])), true), true)
        },
        V = function(A, I, D, n, M, T) {
            if (!A.B) {
                if (3 < (I = B(A, (D = (M = B((n = void 0, I && I[0] === w && (D = I[1], n = I[2], I = void 0), A), 261), 0 == M.length && (T = B(A, 415) >> 3, M.push(D, T >> 8 & 255, T & 255), void 0 != n && M.push(n & 255)), ""), I && (I.message && (D += I.message), I.stack && (D += ":" + I.stack)), 424)), I)) {
                    A.h = (n = (D = il((I -= (D = D.slice(0, (I | 0) - 3), (D.length | 0) + 3), D)), A).h, A);
                    try {
                        S(L(2, D.length).concat(D), A, 114, 9)
                    } finally {
                        A.h = n
                    }
                }
                d(A, 424, I)
            }
        },
        ll = function(A, I, D, n, M) {
            (n = (D = c((M = A & 3, A &= 4, I)), c(I)), D = B(I, D), A) && (D = il("" + D)), M && S(L(2, D.length), I, n), S(D, I, n)
        },
        NO = function(A, I, D, n) {
            try {
                n = A[((I | 0) + 2) % 3], A[I] = (A[I] | 0) - (A[((I | 0) + 1) % 3] | 0) - (n | 0) ^ (1 == I ? n << D : n >>> D)
            } catch (M) {
                throw M;
            }
        },
        O = {
            passive: true,
            capture: true
        },
        sL = String.fromCharCode(105, 110, 116, 101, 103, 67, 104, 101, 99, 107, 66, 121, 112, 97, 115, 115),
        K = [],
        r = [],
        DG = ((E.prototype.uy = void 0, E.prototype).l = "toString", []),
        J = [],
        v = [],
        TH = [],
        w = (E.prototype.Ce = void 0, {}),
        Q1 = (E.prototype.Da = false, []),
        wn = [],
        Ph = (((((MO, function() {})(f), function() {})(NO), function() {})(Y0), E).prototype.V = "create", void 0),
        x = w.constructor,
        bl = (((((((X = E.prototype, X.Iz = function() {
            return Math.floor(this.Z + (this.H() - this.C))
        }, X.yZ = function(A, I, D, n, M, T) {
            for (T = [], D = n = 0; n < A.length; n++)
                for (M = M << I | A[n], D += I; 7 < D;) D -= 8, T.push(M >> D & 255);
            return T
        }, X).H = (window.performance || {}).now ? function() {
            return this.Hn + window.performance.now()
        } : function() {
            return +new Date
        }, X).gd = function(A, I, D, n, M) {
            for (M = n = 0; n < A.length; n++) M += A.charCodeAt(n), M += M << 10, M ^= M >> 6;
            return n = (A = (M += M << 3, M ^= M >> 11, M) + (M << 15) >>> 0, new Number(A & (1 << I) - 1)), n[0] = (A >>> I) % D, n
        }, X).o = function(A, I, D, n, M) {
            if (D = "array" === GH(D) ? D : [D], this.F) A(this.F);
            else try {
                M = !this.G.length, n = [], F(this, [J, n, D]), F(this, [v, A, n]), I && !M || C(this, true, I)
            } catch (T) {
                k(this, T), A(this.F)
            }
        }, X.TX = function() {
            return Math.floor(this.H())
        }, X.MK = function(A, I, D) {
            return ((I ^= I << 13, I ^= I >> 17, I = (I ^ I << 5) & D) || (I = 1), A) ^ I
        }, E).prototype.i = function(A, I) {
            return Ph = (A = (I = {}, {}), function() {
                    return I == A ? -22 : -12
                }),
                function(D, n, M, T, e, g, h, a, Y, y, Q, m, Z, W, G) {
                    I = (T = I, A);
                    try {
                        if (a = D[0], a == K) {
                            g = D[1];
                            try {
                                for (G = Q = (e = (m = [], atob)(g), 0); G < e.length; G++) W = e.charCodeAt(G), 255 < W && (m[Q++] = W & 255, W >>= 8), m[Q++] = W;
                                (this.A = (this.s = m, this).s.length << 3, d)(this, 394, [0, 0, 0])
                            } catch (N) {
                                V(this, N, 17);
                                return
                            }
                            ng(this, 8001)
                        } else if (a == J) D[1].push(B(this, 161).length, B(this, 437).length, B(this, 114).length, B(this, 424)), d(this, 141, D[2]), this.U[307] && gn(B(this, 307), 8001, this);
                        else {
                            if (a == v) {
                                M = L(2, ((m = D[2], B(this, 161).length) | 0) + 2), y = this.h, this.h = this;
                                try {
                                    h = B(this, 261), 0 < h.length && S(L(2, h.length).concat(h), this, 161, 10), S(L(1, this.J), this, 161, 109), S(L(1, this[v].length), this, 161), e = 0, n = B(this, 114), e -= (B(this, 161).length | 0) + 5, e += B(this, 100) & 2047, 4 < n.length && (e -= (n.length | 0) + 3), 0 < e && S(L(2, e).concat(f(e)), this, 161, 15), 4 < n.length && S(L(2, n.length).concat(n), this, 161, 156)
                                } finally {
                                    this.h = y
                                }
                                if (((G = f(2).concat(B(this, 161)), G)[1] = G[0] ^ 6, G)[3] = G[1] ^ M[0], G[4] = G[1] ^ M[1], Z = this.GX(G)) Z = "!" + Z;
                                else
                                    for (e = 0, Z = ""; e < G.length; e++) Y = G[e][this.l](16), 1 == Y.length && (Y = "0" + Y), Z += Y;
                                return d(this, 424, (B(this, (B(((Q = Z, B)(this, 161).length = m.shift(), this), 437).length = m.shift(), 114)).length = m.shift(), m.shift())), Q
                            }
                            if (a == DG) gn(D[1], D[2], this);
                            else if (a == r) return gn(D[1], 8001, this)
                        }
                    } finally {
                        I = T
                    }
                }
        }(), E.prototype).OH = 0, E.prototype.EH = 0, E.prototype).GX = function(A, I, D, n) {
            if (D = window.btoa) {
                for (I = "", n = 0; n < A.length; n += 8192) I += String.fromCharCode.apply(null, A.slice(n, n + 8192));
                A = D(I).replace(/\+/g, "-").replace(/\//g, "_").replace(/=/g, "")
            } else A = void 0;
            return A
        }, /./),
        k0, rn = K.pop.bind((E.prototype[Q1] = [0, 0, 1, 1, 0, 1, 1], E.prototype[J])),
        EL = ((k0 = pg(E.prototype.V, (bl[E.prototype.l] = rn, {get: rn
        })), E.prototype).e5 = void 0, function(A, I) {
            return (I = I3()) && 1 === A.eval(I.createScript("1")) ? function(D) {
                return I.createScript(D)
            } : function(D) {
                return "" + D
            }
        })(q);
    40 < (l = q.botguard || (q.botguard = {}), l.m) || (l.m = 41, l.bg = Bh, l.a = a3), l.yDq_ = function(A, I, D) {
        return [(D = new E(A, I), function(n) {
            return Hh(n, D)
        })]
    };
}).call(this);
#8 JavaScript::Eval (size: 21) - SHA256: 5f7d79033f82e1d81e2e6490b1fe43f241e2889aae35ea6d5f968ca697f5a577
this.context['close']
#9 JavaScript::Eval (size: 42) - SHA256: 2fc752a40595d1d6681e6be3ebd8f44cdda99876ff9ee19fe654647a6a11415e
this.context['ApplicationCacheErrorEvent']
#10 JavaScript::Eval (size: 45) - SHA256: d7fff9897aaa9675a3652e7cac1a8c2a3427b896b5cc0ab5ffd628f9bb106e34
this.context['external']['AddSearchProvider']
#11 JavaScript::Eval (size: 28) - SHA256: 4f6a557989f79654728dcb244539b604c5329db30b964d6e8c524c72517b9fa6
this.context['Notification']
#12 JavaScript::Eval (size: 35) - SHA256: 022ae916a59e1d7cb709a35e757c60e6626bfccd2c1e87c5ad6b432f0f1b1538
this.context['HTMLBaseFontElement']
#13 JavaScript::Eval (size: 41) - SHA256: e9d851c02746b7bd4d9207264c143f76480b69aa3552b1cdaa79ee537d83f5ac
this.context['navigator']['taintEnabled']
#14 JavaScript::Eval (size: 39) - SHA256: aaa8c0ab87c7070701d0a29a610c65a4c1d29153c2d14623602acef3eea646dd
this.context['EventTarget']['toString']
#15 JavaScript::Eval (size: 25) - SHA256: cfd8889f26f46323b63c7766e414faf4a4171cc959c4c2b2e6a64c0ec3edf13f
this.context['CryptoKey']
#16 JavaScript::Eval (size: 41) - SHA256: 25fde17ee6ee622be6ebf83118c8802af55f2721a375a4017d6dec6edaf3b37b
this.context['DOMException']['ABORT_ERR']
#17 JavaScript::Eval (size: 22) - SHA256: 76fa5194b42930d151e7569cc0b9f77ea02344fef8104bda49d4318b5b438698
0,
function(T) {
    UL(1, T)
}
#18 JavaScript::Eval (size: 39) - SHA256: 04f881dff1163e4e36943700ddbcf25667dfe7e0b154d21e181a771955264d60
this.context['document']['createTouch']
#19 JavaScript::Eval (size: 36) - SHA256: a612f8985aebacd5c5fa6b17d16982a29983ae9131bae94403ff9abe1ce2ded2
this.context['navigator']['appName']
#20 JavaScript::Eval (size: 32) - SHA256: a535a9a97ed5a801419c63a6e764dd3b24c8456f177155717caf9ba3411ef756
this.context['chrome']['search']
#21 JavaScript::Eval (size: 46) - SHA256: e218a1ac15f252350ef2646dead414bf35db450215962e63da301cb7c3f064eb
this.context['navigator']['webkitGetGamepads']
#22 JavaScript::Eval (size: 31) - SHA256: fb71685befff6e5c6fb9e2dd5f9bea6c71a2a162b39920f3927ef5ebfcf0134d
this.context['BeforeLoadEvent']
#23 JavaScript::Eval (size: 60) - SHA256: dcbc8087c9f3488411409f0a3c9069e6a40b27851598c7a72361e97785aa874d
0,
function(T, e, g) {
    d(T, (g = c(T), e = c(T), g = T.U[g] && B(T, g), e), g)
}
#24 JavaScript::Eval (size: 26) - SHA256: 59d45abada49f5b514521b527330402a2d826ae3f0dab2199c58c38f1e511777
this.context['TouchEvent']
#25 JavaScript::Eval (size: 45) - SHA256: e44d38f746ee1fa3b3ef03ed6ea3f298c25e173b6daea3c4505afce8bb869508
this.context['CanvasCaptureMediaStreamTrack']
#26 JavaScript::Eval (size: 6482) - SHA256: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
var amzn_aps_csm = amzn_aps_csm || {};
amzn_aps_csm.errors = [], amzn_aps_csm.reportErrors = function(a) {
        var b, c;
        for (/^https?:\/\//.test(a) === !1 && (a = document.location.protocol + "//" + a), "/" !== a.substr(a.length - 1) && (a += "/"), b = 0; b < amzn_aps_csm.errors.length; b++) c = '{"adViewability":[{"error": {"m": "' + amzn_aps_csm.errors[b] + '"}}], "c": "aps_communicator", "api": "RTB", "error": 1}', "https:" === document.location.protocol && /^http:\/\//.test(a) === !0 && (a = a.replace("http://", "https://")), (new Image).src = a + c + "?cb=" + Math.round(1e7 * Math.random());
        amzn_aps_csm.errors = []
    },
    function(a) {
        function b(a) {
            return a ? a.replace(/^\s+|\s+$/g, "") : a
        }

        function c(a) {
            if (a && a.s) {
                var b, c = a.s.length > 0 ? a.s[0] : "",
                    d = a.s.length > 1 ? a.s[1] : "";
                c && (b = c.match(j)), b && 3 === b.length || !d || (b = d.match(i)), b && 3 === b.length && (a.f = b[1], a.l = b[2])
            }
        }

        function d(a, d) {
            if (d = d || {}, !a) return {};
            a.m && a.m.message && (a = a.m);
            var i, j, k, l, m, n = {
                    m: e(a, d),
                    c: a.c ? "" + a.c : a.c,
                    s: [],
                    l: a.l || a.line || a.lineno || a.lineNumber,
                    name: a.name,
                    type: a.type
                },
                o = 0,
                p = 0;
            if (i = a.stack || (a.err ? a.err.stack : ""), i && i.split)
                for (j = i.split("\n"); o < j.length && n.s.length < g;) k = j[o++], k && n.s.unshift(b(k));
            else
                for (l = f(a.args || arguments, "callee"), o = 0, p = 0; l && g > o;) m = h, l.skipTrace || (k = l.toString(), k && k.substr && (m = 0 === p ? 4 * h : m, m = 1 === p ? 2 * h : m, n.s.unshift(k.substr(0, m)), p++)), l = f(l, "caller"), o++;
            return !n.f && n.s.length > 0 && c(n), n
        }

        function e(a, b) {
            var c = b.m || b.message || "";
            return c += a.m && a.m.message ? a.m.message : a.m && a.m.target && a.m.target.tagName ? "Error handler invoked by " + a.m.target.tagName + " tag" : a.m ? a.m : a.message ? a.message : "Unknown error"
        }

        function f(a, b) {
            try {
                return a[b]
            } catch (c) {
                return ""
            }
        }
        var g = 20,
            h = 256,
            i = /\(?([^\s]*):(\d+):\d+\)?/,
            j = /.*@(.*):(\d*)/;
        a.constructErrorMessage = d
    }(amzn_aps_csm), window.JSON || (window.JSON = {
        parse: function(sJSON) {
            return eval("(" + sJSON + ")")
        },
        stringify: function() {
            var a = Object.prototype.toString,
                b = Array.isArray || function(b) {
                    return "[object Array]" === a.call(b)
                },
                c = {
                    '"': '\\"',
                    "\\": "\\\\",
                    "\b": "\\b",
                    "\f": "\\f",
                    "\n": "\\n",
                    "\r": "\\r",
                    "	": "\\t"
                },
                d = function(a) {
                    return c[a] || "\\u" + (a.charCodeAt(0) + 65536).toString(16).substr(1)
                },
                e = /[\\"\u0000-\u001F\u2028\u2029]/g;
            return function f(c) {
                var g, h, i, j;
                if (null == c) return "null";
                if ("number" == typeof c) return isFinite(c) ? c.toString() : "null";
                if ("boolean" == typeof c) return c.toString();
                if ("object" == typeof c) {
                    if ("function" == typeof c.toJSON) return f(c.toJSON());
                    if (b(c)) {
                        for (g = "[", h = 0; h < c.length; h++) g += (h ? ", " : "") + f(c[h]);
                        return g + "]"
                    }
                    if ("[object Object]" === a.call(c)) {
                        i = [];
                        for (j in c) c.hasOwnProperty(j) && i.push(f(j) + ": " + f(c[j]));
                        return "{" + i.join(", ") + "}"
                    }
                }
                return '"' + c.toString().replace(e, d) + '"'
            }
        }()
    }), amzn_aps_csm = amzn_aps_csm || {}, amzn_aps_csm.log = function(a) {
        try {
            -1 !== window.location.href.indexOf("csm_debug_mode") && window.console && window.console.log(a)
        } catch (b) {
            b.message && amzn_aps_csm.errors.push(b.message)
        }
    }, amzn_aps_csm.loadModules = function(a) {
        var b, c, d;
        try {
            for (b = 0; b < a.length; b++) {
                if (c = a[b].name, d = a[b].params || [], window.performance && window.performance.mark && "function" == typeof window.performance.mark && window.performance.mark("loadStart" + c), "[object Array]" !== Object.prototype.toString.call(d) && amzn_aps_csm.log("Params passed in the amzn_aps_csm.loadModules methods must be an array"), amzn_aps_csm[c]) {
                    if (void 0 === amzn_aps_csm[c].shortName) throw new amzn_aps_csm.invalidModuleException("Module shortName not defined for module " + c + ". ");
                    amzn_aps_csm[c].init.apply(amzn_aps_csm[c], d), amzn_aps_csm.log("Initiated " + c + " module")
                } else amzn_aps_csm.log("Undefined module " + c);
                window.performance && window.performance.mark && "function" == typeof window.performance.mark && (window.performance.mark("loadEnd" + c), window.performance.measure("lt" + amzn_aps_csm[c].shortName, "loadStart" + c, "loadEnd" + c))
            }
        } catch (e) {
            e.message && amzn_aps_csm.errors.push(e.message)
        }
    }, amzn_aps_csm.define = function(a) {
        var b, c, d, e, f, g, h, i;
        try {
            for (b = function(a) {
                    return "string" == typeof a ? amzn_aps_csm[a] : a
                }, c = Array.prototype.slice.call(arguments), d = c[0], e = c.length > 2 ? c[1] : [], f = c[c.length - 1], g = [], h = 0, i = e.length; i > h; h++) g.push(b(e[h]));
            amzn_aps_csm[d] = f.apply(f, g)
        } catch (j) {
            j.message && amzn_aps_csm.errors.push(j.message)
        }
    }, amzn_aps_csm.invalidModuleException = function(a) {
        this.value = a, this.message = "does not conform to the expected format of a module", this.toString = function() {
            return this.value + this.message
        }
    }, amzn_aps_csm = amzn_aps_csm || {}, amzn_aps_csm.define("eventUtils", [], function() {
        var a = {
            shortName: "eu"
        };
        return a.init = function() {
            amzn_aps_csm.log("Initializing eventUtils"), a.eventHandlers = []
        }, a.addEvent = function(b, c, d, e) {
            b.addEventListener ? b.addEventListener(c, d, e) : b.attachEvent && b.attachEvent("on" + c, d);
            var f = {
                elem: b,
                eventName: c,
                cb: d
            };
            a.eventHandlers.push(f)
        }, a.registerPostMessageHandler = function(a) {
            var b = window.addEventListener ? "addEventListener" : "attachEvent",
                c = window[b],
                d = "attachEvent" == b ? "onmessage" : "message";
            c(d, function(b) {
                a(b)
            }, !1)
        }, a
    }), amzn_aps_csm = amzn_aps_csm || {}, amzn_aps_csm.define("pixelQueue", [], function() {
        var a = {
            shortName: "pq"
        };
        return a.init = function() {}, a.firePixel = function(a, b, c) {
            if ("" !== b) {
                /^https?:\/\//.test(b) === !1 && (b = document.location.protocol + "//" + b), "/" != b.substr(b.length - 1) && (b += "/"), "https:" === document.location.protocol && /^http:\/\//.test(b) === !0 && (b = b.replace("http://", "https://"));
                try {
                    var d = JSON.parse(a);
                    d.ver = amzn_aps_csm.version, a = JSON.stringify(d)
                } catch (e) {}
                void 0 !== c && "" !== c && (b += c), (new Image).src = b + a + "?cb=" + Math.round(1e7 * Math.random())
            } else amzn_aps_csm.log("instrURL is empty")
        }, a
    }), amzn_aps_csm = amzn_aps_csm || {},
    function() {
        var a, b;
        amzn_aps_csm.loadModules([{
            name: "eventUtils",
            params: []
        }]);
        for (a in amzn_aps_csm.eventUtils) amzn_aps_csm.eventUtils.hasOwnProperty(a) && (amzn_aps_csm[a] = amzn_aps_csm.eventUtils[a]);
        amzn_aps_csm.loadModules([{
            name: "pixelQueue",
            params: []
        }]), b = 5, amzn_aps_csm.registerPostMessageHandler(function(a) {
            var c, d, e, f, g, h, i, j, k, l, m;
            if (amzn_aps_csm.log("parent received message!: ", a.data), amzn_aps_csm.log(a.origin), /pixelId/.test(a.data)) {
                for (c = a.source, d = 0; c.parent !== top && b > d;) c = c.parent, d++;
                for (e = {}, "object" == typeof apstag && null !== apstag && "function" == typeof apstag._getSlotIdToNameMapping && null !== apstag._getSlotIdToNameMapping() && (e = apstag._getSlotIdToNameMapping()), f = "", g = document.getElementsByTagName("iframe"), h = 0; h < g.length; h++)
                    if (g[h].contentWindow === c) {
                        i = g[h].parentElement;
                        do j = i.id, i = i.parentElement; while (e.hasOwnProperty(j) === !1 && "body" !== i.tagName.toLowerCase());
                        f = e[j] || j
                    }
                k = JSON.parse(a.data), l = decodeURIComponent(k.instrURL), m = {
                    sn: encodeURIComponent(f),
                    pixelId: k.pixelId
                }, /amazon-adsystem\.com/.test(l) && amzn_aps_csm.pixelQueue.firePixel(JSON.stringify(m), l, "")
            }
        })
    }();
#27 JavaScript::Eval (size: 31) - SHA256: 0408d20a8555f96ab5cced9f89880c477f78d4ade576e5618b04094f034fb081
this.context['ArrayBufferView']
#28 JavaScript::Eval (size: 36) - SHA256: 2d498779a32244d72a8a7d953918ce95c00fab9d3b129b2a1c3125fb263ccb45
this.context['self']['SharedWorker']
#29 JavaScript::Eval (size: 21) - SHA256: 37ceb2a749341c51c7b8c25daaa71dc167b4aba7485c9b398b8ab004b685e492
this.context['Touch']
#30 JavaScript::Eval (size: 35) - SHA256: 7013ec5264e02f54f3b42e05b51fd1ad0f180fa3870b71acd2f1a384cc81d601
this.context['document']['prepend']
#31 JavaScript::Eval (size: 165) - SHA256: 7e4302335da0ce23c817a82d8d34836aef6ef7fb136f731d4ba29a7e4d762a7b
apstag.punt({
    "cmp": "https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-LoopMe_n-onetag_pm-db5_rbd_n-MediaNet_cnv_n-Outbrain",
    "cb": "0"
})
#32 JavaScript::Eval (size: 15598) - SHA256: 5e98214e0abbdd815117694f4ba8fa352052ada859b5f327e5d5f65a3166d9a4
/* Anti-spam. Want to say hello? Contact (base64) Ym90Z3VhcmQtY29udGFjdEBnb29nbGUuY29t */
(function() {
    var T = this || self,
        n = function(D, A) {
            if ((A = (D = null, T.trustedTypes), !A) || !A.createPolicy) return D;
            try {
                D = A.createPolicy("bg", {
                    createHTML: e,
                    createScript: e,
                    createScriptURL: e
                })
            } catch (I) {
                T.console && T.console.error(I.message)
            }
            return D
        },
        e = function(D) {
            return D
        };
    (0, eval)(function(D, A) {
        return (A = n()) && 1 === D.eval(A.createScript("1")) ? function(I) {
            return A.createScript(I)
        } : function(I) {
            return "" + I
        }
    }(T)(Array(7824 * Math.random() | 0).join("\n") + '(function(){var u=function(A,I,D,n,M,T,e,g,h){if((D.J+=(((g=(M=(e=(h=(A||D.v++,0<D.R&&D.W&&D.FY&&1>=D.O&&!D.D&&!D.T&&(!A||1<D.Y-I))&&0==document.hidden,T=4==D.v)||h?D.H():D.u,e-D.u),M)>>14,D).I&&(D.I^=g*(M<<2)),D).h=g||D.h,g),T)||h)D.u=e,D.v=0;if(!h||e-D.C<D.R-(n?255:A?5:2))return false;return(d(D,411,(n=B(D,(D.Y=I,A?415:411)),D.A)),D.G).push([DG,n,A?I+1:I]),D.T=p,true},X,j0=function(A,I){return A[I]<<24|A[(I|0)+1]<<16|A[(I|0)+2]<<8|A[(I|0)+3]},B=function(A,I){if(A=A.U[I],void 0===A)throw[w,30,I];if(A.value)return A.create();return A.create(5*I*I+-98*I+-22),A.prototype},I3=function(A,I){if((I=q.trustedTypes,A=null,!I)||!I.createPolicy)return A;try{A=I.createPolicy("bg",{createHTML:Au,createScript:Au,createScriptURL:Au})}catch(D){q.console&&q.console.error(D.message)}return A},U=function(A,I,D){D[d(A,I,D),TH]=2796},gn=function(A,I,D,n){return B((d(D,((n=B(D,411),D.s)&&n<D.A?(d(D,411,D.A),e0(D,A)):d(D,411,A),ng(D,I),411),n),D),141)},hu=function(A,I,D,n,M,T){for(M=((D=(n=A[sL]||{},c(A)),n.qK=c(A),n).g=[],A).h==A?(P(A)|0)-1:1,I=c(A),T=0;T<M;T++)n.g.push(c(A));for(n.P=B(A,D);M--;)n.g[M]=B(A,n.g[M]);return n.UH=B(A,I),n},MO=function(A,I){(I.push(A[0]<<24|A[1]<<16|A[2]<<8|A[3]),I).push(A[4]<<24|A[5]<<16|A[6]<<8|A[7]),I.push(A[8]<<24|A[9]<<16|A[10]<<8|A[11])},Bh=function(A,I,D,n){function M(){}return n=a3(A,(D=void 0,function(T){M&&(I&&p(I),D=T,M(),M=void 0)}),!!I)[0],{invoke:function(T,e,g,h){function a(){D(function(Y){p(function(){T(Y)})},g)}if(!e)return e=n(g),T&&T(e),e;D?a():(h=M,M=function(){p((h(),a))})}}},Y0=function(A,I,D){if(3==A.length){for(D=0;3>D;D++)I[D]+=A[D];for(D=(A=[13,8,13,12,16,5,3,10,15],0);9>D;D++)I[3](I,D%3,A[D])}},e0=function(A,I){d(((A.fe.push(A.U.slice()),A).U[411]=void 0,A),411,I)},pg=function(A,I){return x[A](x.prototype,{floor:I,call:I,pop:I,propertyIsEnumerable:I,console:I,parent:I,length:I,document:I,prototype:I,replace:I,splice:I,stack:I})},E=function(A,I,D){D=this;try{ul(A,I,this)}catch(n){k(this,n),I(function(M){M(D.F)})}},q=this||self,o3=function(A,I){return(I=I.create().shift(),A.D).create().length||A.j.create().length||(A.D=void 0,A.j=void 0),I},a3=function(A,I,D,n){return(n=l[A.substring(0,3)+"_"])?n(A.substring(3),I,D):y1(A,I)},GH=function(A,I,D){if((D=typeof A,"object")==D)if(A){if(A instanceof Array)return"array";if(A instanceof Object)return D;if(I=Object.prototype.toString.call(A),"[object Window]"==I)return"object";if("[object Array]"==I||"number"==typeof A.length&&"undefined"!=typeof A.splice&&"undefined"!=typeof A.propertyIsEnumerable&&!A.propertyIsEnumerable("splice"))return"array";if("[object Function]"==I||"undefined"!=typeof A.call&&"undefined"!=typeof A.propertyIsEnumerable&&!A.propertyIsEnumerable("call"))return"function"}else return"null";else if("function"==D&&"undefined"==typeof A.call)return"object";return D},mt=function(A,I){return I=P(A),I&128&&(I=I&127|P(A)<<7),I},Wh=function(A,I,D,n,M,T){function e(){if(D.h==D){if(D.U){var g=[r,n,A,void 0,M,T,arguments];if(2==I)var h=C(D,false,(F(D,g),false));else if(1==I){var a=!D.G.length;F(D,g),a&&C(D,false,false)}else h=Xy(g,D);return h}M&&T&&M.removeEventListener(T,e,O)}}return e},c=function(A,I){if(A.D)return o3(A,A.j);return(I=z(A,8,true),I)&128&&(I^=128,A=z(A,2,true),I=(I<<2)+(A|0)),I},Xy=function(A,I,D,n,M){if((D=A[0],D)==J)I.X=25,I.i(A);else if(D==v){M=A[1];try{n=I.F||I.i(A)}catch(T){k(I,T),n=I.F}M(n)}else if(D==DG)I.i(A);else if(D==K)I.i(A);else if(D==Q1){try{for(n=0;n<I.N.length;n++)try{M=I.N[n],M[0][M[1]](M[2])}catch(T){}}catch(T){}(0,A[1])(function(T,e){I.o(T,true,e)},(I.N=[],function(T){F(I,(T=!I.G.length,[wn])),T&&C(I,false,true)}))}else{if(D==r)return n=A[2],d(I,103,A[6]),d(I,141,n),I.i(A);D==wn?(I.U=null,I.K=[],I.s=[]):D==TH&&"loading"===q.document.readyState&&(I.T=function(T,e){function g(){e||(e=true,T())}q.document.addEventListener("DOMContentLoaded",g,(e=false,O)),q.addEventListener("load",g,O)})}},P=function(A){return A.D?o3(A,A.j):z(A,8,true)},ng=function(A,I,D,n,M,T){if(!A.F){A.O++;try{for(T=void 0,D=0,M=A.A;--I;)try{if(n=void 0,A.D)T=o3(A,A.D);else{if(D=B(A,411),D>=M)break;T=B(A,(n=c((d(A,415,D),A)),n))}u(false,(T&&T[wn]&2048?T(A,I):V(A,[w,21,n],0),I),A,false)}catch(e){B(A,27)?V(A,e,22):d(A,27,e)}if(!I){if(A.Da){ng(A,(A.O--,342722082906));return}V(A,[w,33],0)}}catch(e){try{V(A,e,22)}catch(g){k(A,g)}}A.O--}},k=function(A,I){A.F=((A.F?A.F+"~":"E:")+I.message+":"+I.stack).slice(0,2048)},il=function(A,I,D,n,M){for(M=I=(A=A.replace(/\\r\\n/g,"\\n"),0),n=[];I<A.length;I++)D=A.charCodeAt(I),128>D?n[M++]=D:(2048>D?n[M++]=D>>6|192:(55296==(D&64512)&&I+1<A.length&&56320==(A.charCodeAt(I+1)&64512)?(D=65536+((D&1023)<<10)+(A.charCodeAt(++I)&1023),n[M++]=D>>18|240,n[M++]=D>>12&63|128):n[M++]=D>>12|224,n[M++]=D>>6&63|128),n[M++]=D&63|128);return n},Au=function(A){return A},qO=function(A,I,D){return(D=x[A.V](A.AG),D)[A.V]=function(){return I},D.concat=function(n){I=n},D},UL=function(A,I,D,n){for(n=(D=c(I),0);0<A;A--)n=n<<8|P(I);d(I,D,n)},ZG=function(A,I,D,n){S(L(A,(n=(D=c(I),c(I)),B(I,D))),I,n)},Hh=function(A,I,D){return I.o(function(n){D=n},false,A),D},L=function(A,I,D,n){for(D=(n=(A|0)-1,[]);0<=n;n--)D[(A|0)-1-(n|0)]=I>>8*n&255;return D},$0=function(A,I,D,n,M){for(n=0,M=A[2]|0,A=A[3]|0;14>n;n++)D=D>>>8|D<<24,D+=I|0,D^=M+2229,A=A>>>8|A<<24,I=I<<3|I>>>29,I^=D,A+=M|0,A^=n+2229,M=M<<3|M>>>29,M^=A;return[I>>>24&255,I>>>16&255,I>>>8&255,I>>>0&255,D>>>24&255,D>>>16&255,D>>>8&255,D>>>0&255]},S=function(A,I,D,n,M,T){if(I.h==I)for(T=B(I,D),114==D?(D=function(e,g,h,a){if(T.ne!=(h=(a=T.length,(a|0)-4>>3),h)){g=(h=(T.ne=h,h<<3)-4,[0,0,M[1],M[2]]);try{T.VZ=$0(g,j0(T,h),j0(T,(h|0)+4))}catch(Y){throw Y;}}T.push(T.VZ[a&7]^e)},M=B(I,352)):D=function(e){T.push(e)},n&&D(n&255),I=0,n=A.length;I<n;I++)D(A[I])},f=function(A,I){for(I=[];A--;)I.push(255*Math.random()|0);return I},C=function(A,I,D,n,M,T){if(A.G.length){A.W=!(A.FY=(A.W&&0(),D),0);try{n=A.H(),A.u=n,A.C=n,A.v=0,T=ch(A,D),M=A.H()-A.C,A.Z+=M,M<(I?0:10)||0>=A.X--||(M=Math.floor(M),A.K.push(254>=M?M:254))}finally{A.W=false}return T}},x0=function(A,I,D,n,M,T,e,g){return((T=x[(n=[10,(e=(M=Ph,A&7),-98),54,77,21,-31,n,51,-77,74],I).V](I.hG),T)[I.V]=function(h){e+=(g=h,6+7*A),e&=7},T).concat=function(h){return(h=(g=(h=+e- -5390*(h=D%16+1,D)*g+55*g*g-275*D*D*g- -1210*g+(M()|0)*h+n[e+19&7]*D*h-h*g+5*D*D*h,void 0),n[h]),n)[(e+45&7)+(A&2)]=h,n[e+(A&2)]=-98,h},T},z=function(A,I,D,n,M,T,e,g,h,a,Y,y,Q,m){if((h=B(A,411),h)>=A.A)throw[w,31];for(Q=(m=h,Y=(y=0,I),A.S5.length);0<Y;)n=m%8,e=m>>3,T=8-(n|0),T=T<Y?T:Y,M=A.s[e],D&&(g=A,g.S!=m>>6&&(g.S=m>>6,a=B(g,394),g.L=$0([0,0,a[1],a[2]],g.I,g.S)),M^=A.L[e&Q]),y|=(M>>8-(n|0)-(T|0)&(1<<T)-1)<<(Y|0)-(T|0),Y-=T,m+=T;return d(A,411,(h|(D=y,0))+(I|0)),D},ch=function(A,I,D,n){for(;A.G.length;){D=(A.T=null,A.G.pop());try{n=Xy(D,A)}catch(M){k(A,M)}if(I&&A.T){(I=A.T,I)(function(){C(A,true,true)});break}}return n},p=q.requestIdleCallback?function(A){requestIdleCallback(function(){A()},{timeout:4})}:q.setImmediate?function(A){setImmediate(A)}:function(A){setTimeout(A,0)},l,y1=function(A,I){return[(I(function(D){D(A)}),function(){return A})]},d=function(A,I,D){if(411==I||415==I)A.U[I]?A.U[I].concat(D):A.U[I]=qO(A,D);else{if(A.B&&394!=I)return;161==I||114==I||437==I||261==I||352==I?A.U[I]||(A.U[I]=x0(118,A,I,D)):A.U[I]=x0(121,A,I,D)}394==I&&(A.I=z(A,32,false),A.S=void 0)},F=function(A,I){A.G.splice(0,0,I)},ul=function(A,I,D,n,M){for(n=(M=((D.hG=pg((D.by=k0,D.kb=(D.S5=D[v],bl),D.V),{get:function(){return this.concat()}}),D).AG=x[D.V](D.hG,{value:{value:{}}}),[]),0);289>n;n++)M[n]=String.fromCharCode(n);C(D,(F(D,(F((F(D,(U(D,(d(D,239,(U(D,331,(U(D,(U(D,144,(U(D,(U(D,17,(U(D,(U(D,325,(d(D,161,[160,(d(D,(U(D,(D.sH=(U(D,(U(D,223,(d(D,424,(d(D,143,(U(D,(d(D,434,(d(D,352,(U(D,(U(D,194,(U(D,370,(d(D,437,(U(D,95,((U(D,154,(U((U(D,21,(U(D,(U(D,175,(U(D,129,(U(D,280,(d((d(D,100,(D.iy=(d(D,141,(U((U(D,(D.j5=(d(D,(d(D,(D.T=(D.FY=false,(D.O=0,D.G=[],D.D=(D.zX=function(T){this.h=T},D.B=false,D.C=0,void 0),(D.fe=[],D).j=(D.R=((D.F=void 0,D).J=1,0),n=(D.W=false,D.X=25,window.performance||{}),D.N=[],(D.h=D,D).L=void 0,(D.QZ=0,D.Z=0,D.s=[],D).S=((D.Y=8001,D).v=void 0,void 0),D.U=[],void 0),D.A=(D.u=(D.K=[],0),0),D).I=void 0,D.Hn=n.timeOrigin||(n.timing||{}).navigationStart||0,null),411),0),415),0),0),U(D,483,function(){}),360),function(T,e,g,h){h=(e=B(T,(g=(h=(e=c(T),c(T)),c(T)),e)),B(T,h)),d(T,g,e in h|0)}),D),202,function(T,e,g,h){d(T,(g=B(T,(h=B(T,(e=(h=c((g=c(T),T)),c(T)),h)),g))==h,e),+g)}),{})),0),0)),D),27,438),function(T,e,g,h,a){for(h=c(T),g=mt(T),a=[],e=0;e<g;e++)a.push(P(T));d(T,h,a)})),function(T,e,g,h,a,Y){u(true,e,T,false)||(g=hu(T.h),e=g.qK,h=g.UH,Y=g.g,a=Y.length,g=g.P,h=0==a?new h[g]:1==a?new h[g](Y[0]):2==a?new h[g](Y[0],Y[1]):3==a?new h[g](Y[0],Y[1],Y[2]):4==a?new h[g](Y[0],Y[1],Y[2],Y[3]):2(),d(T,e,h))})),function(T,e,g,h){if(e=T.fe.pop()){for(g=P(T);0<g;g--)h=c(T),e[h]=T.U[h];T.U=(e[424]=(e[261]=T.U[261],T.U)[424],e)}else d(T,411,T.A)})),127),function(T,e,g,h){!u(true,e,T,false)&&(e=hu(T),g=e.P,h=e.UH,T.h==T||g==T.zX&&h==T)&&(d(T,e.qK,g.apply(h,e.g)),T.u=T.H())}),function(T,e,g,h,a,Y,y){for(Y=(h=(g=mt((e=c(T),T)),a="",y=B(T,322),y.length),0);g--;)Y=((Y|0)+(mt(T)|0))%h,a+=M[y[Y]];d(T,e,a)})),D),336,function(T){ll(4,T)}),function(T,e){e0((e=B(T,c(T)),T.h),e)})),U(D,69,function(T){ll(3,T)}),U)(D,6,function(T,e,g){d(T,(g=GH((g=B(T,(g=c(T),e=c(T),g)),g)),e),g)}),function(T,e,g,h,a){d(T,(e=B(T,(h=B((a=B(T,(a=(e=c((h=c((g=c(T),T)),T)),c(T)),a)),T),h),e)),g),Wh(e,a,T,h))})),[])),function(T){ZG(1,T)})),function(T,e,g,h){(h=c((e=(g=c(T),P(T)),T)),d)(T,h,B(T,g)>>>e)})),201),function(T,e,g,h){d(T,(g=B(T,(e=B(T,(e=c(T),h=c(T),e)),h)),h),g+e)}),[0,0,0])),0)),151),function(T,e,g,h){(h=(e=c(T),c)(T),g=c(T),T).h==T&&(g=B(T,g),h=B(T,h),B(T,e)[h]=g,394==e&&(T.S=void 0,2==h&&(T.I=z(T,32,false),T.S=void 0)))}),q)),2048)),function(T,e,g,h){d(T,(e=(h=c((g=c(T),T)),c(T)),e),B(T,g)||B(T,h))})),215),function(T,e,g){u(true,e,T,false)||(e=c(T),g=c(T),d(T,g,function(h){return eval(h)}(EL(B(T.h,e)))))}),0),86),function(T,e,g,h){g=B(T,(e=c((g=c(T),T)),h=c(T),g)),e=B(T,e),d(T,h,g[e])}),261),[]),0),0]),function(T,e){T=B((e=c(T),T).h,e),T[0].removeEventListener(T[1],T[2],O)})),145),function(T){UL(4,T)}),function(T,e,g,h,a,Y){if(!u(true,e,T,true)){if("object"==GH((T=(g=B((Y=(e=(e=(Y=c(T),g=c(T),c(T)),a=c(T),B(T,e)),B(T,Y)),T),g),B(T,a)),Y))){for(h in a=[],Y)a.push(h);Y=a}for(a=(e=0<e?e:1,h=0,Y).length;h<a;h+=e)g(Y.slice(h,(h|0)+(e|0)),T)}})),171),function(T,e,g,h,a,Y,y,Q,m,Z,W,G){function N(H,b){for(;y<H;)m|=P(T)<<y,y+=8;return b=m&(y-=H,(1<<H)-1),m>>=H,b}for(G=(W=(Z=(h=(y=(g=c(T),m=0),(N(3)|0)+1),N)(5),0),Q=[],0);G<Z;G++)Y=N(1),Q.push(Y),W+=Y?0:1;for(G=(e=(W=((W|0)-1).toString(2).length,[]),0);G<Z;G++)Q[G]||(e[G]=N(W));for(W=0;W<Z;W++)Q[W]&&(e[W]=c(T));for(a=[];h--;)a.push(B(T,c(T)));U(T,g,function(H,b,t,R,dn){for(b=(dn=(t=[],[]),0);b<Z;b++){if(!Q[R=e[b],b]){for(;R>=t.length;)t.push(c(H));R=t[R]}dn.push(R)}H.j=qO(H,(H.D=qO(H,a.slice()),dn))})}),function(T,e,g,h,a){(h=(e=B(T,(a=(h=c((g=c(T),T)),e=c(T),c)(T),g=B(T.h,g),a=B(T,a),e)),B(T,h)),0!==g)&&(e=Wh(a,1,T,e,g,h),g.addEventListener(h,e,O),d(T,434,[g,h,e]))})),102),function(T,e,g){(g=B(T,(g=c((e=c(T),T)),g)),0!=B(T,e))&&d(T,411,g)}),d(D,114,f(4)),function(T,e,g){d(T,(e=c((g=c(T),T)),e),""+B(T,g))})),D)),15),function(T){ZG(4,T)}),[TH])),D),[K,A]),[Q1,I])),true),true)},V=function(A,I,D,n,M,T){if(!A.B){if(3<(I=B(A,(D=(M=B((n=void 0,I&&I[0]===w&&(D=I[1],n=I[2],I=void 0),A),261),0==M.length&&(T=B(A,415)>>3,M.push(D,T>>8&255,T&255),void 0!=n&&M.push(n&255)),""),I&&(I.message&&(D+=I.message),I.stack&&(D+=":"+I.stack)),424)),I)){A.h=(n=(D=il((I-=(D=D.slice(0,(I|0)-3),(D.length|0)+3),D)),A).h,A);try{S(L(2,D.length).concat(D),A,114,9)}finally{A.h=n}}d(A,424,I)}},ll=function(A,I,D,n,M){(n=(D=c((M=A&3,A&=4,I)),c(I)),D=B(I,D),A)&&(D=il(""+D)),M&&S(L(2,D.length),I,n),S(D,I,n)},NO=function(A,I,D,n){try{n=A[((I|0)+2)%3],A[I]=(A[I]|0)-(A[((I|0)+1)%3]|0)-(n|0)^(1==I?n<<D:n>>>D)}catch(M){throw M;}},O={passive:true,capture:true},sL=String.fromCharCode(105,110,116,101,103,67,104,101,99,107,66,121,112,97,115,115),K=[],r=[],DG=((E.prototype.uy=void 0,E.prototype).l="toString",[]),J=[],v=[],TH=[],w=(E.prototype.Ce=void 0,{}),Q1=(E.prototype.Da=false,[]),wn=[],Ph=(((((MO,function(){})(f),function(){})(NO),function(){})(Y0),E).prototype.V="create",void 0),x=w.constructor,bl=(((((((X=E.prototype,X.Iz=function(){return Math.floor(this.Z+(this.H()-this.C))},X.yZ=function(A,I,D,n,M,T){for(T=[],D=n=0;n<A.length;n++)for(M=M<<I|A[n],D+=I;7<D;)D-=8,T.push(M>>D&255);return T},X).H=(window.performance||{}).now?function(){return this.Hn+window.performance.now()}:function(){return+new Date},X).gd=function(A,I,D,n,M){for(M=n=0;n<A.length;n++)M+=A.charCodeAt(n),M+=M<<10,M^=M>>6;return n=(A=(M+=M<<3,M^=M>>11,M)+(M<<15)>>>0,new Number(A&(1<<I)-1)),n[0]=(A>>>I)%D,n},X).o=function(A,I,D,n,M){if(D="array"===GH(D)?D:[D],this.F)A(this.F);else try{M=!this.G.length,n=[],F(this,[J,n,D]),F(this,[v,A,n]),I&&!M||C(this,true,I)}catch(T){k(this,T),A(this.F)}},X.TX=function(){return Math.floor(this.H())},X.MK=function(A,I,D){return((I^=I<<13,I^=I>>17,I=(I^I<<5)&D)||(I=1),A)^I},E).prototype.i=function(A,I){return Ph=(A=(I={},{}),function(){return I==A?-22:-12}),function(D,n,M,T,e,g,h,a,Y,y,Q,m,Z,W,G){I=(T=I,A);try{if(a=D[0],a==K){g=D[1];try{for(G=Q=(e=(m=[],atob)(g),0);G<e.length;G++)W=e.charCodeAt(G),255<W&&(m[Q++]=W&255,W>>=8),m[Q++]=W;(this.A=(this.s=m,this).s.length<<3,d)(this,394,[0,0,0])}catch(N){V(this,N,17);return}ng(this,8001)}else if(a==J)D[1].push(B(this,161).length,B(this,437).length,B(this,114).length,B(this,424)),d(this,141,D[2]),this.U[307]&&gn(B(this,307),8001,this);else{if(a==v){M=L(2,((m=D[2],B(this,161).length)|0)+2),y=this.h,this.h=this;try{h=B(this,261),0<h.length&&S(L(2,h.length).concat(h),this,161,10),S(L(1,this.J),this,161,109),S(L(1,this[v].length),this,161),e=0,n=B(this,114),e-=(B(this,161).length|0)+5,e+=B(this,100)&2047,4<n.length&&(e-=(n.length|0)+3),0<e&&S(L(2,e).concat(f(e)),this,161,15),4<n.length&&S(L(2,n.length).concat(n),this,161,156)}finally{this.h=y}if(((G=f(2).concat(B(this,161)),G)[1]=G[0]^6,G)[3]=G[1]^M[0],G[4]=G[1]^M[1],Z=this.GX(G))Z="!"+Z;else for(e=0,Z="";e<G.length;e++)Y=G[e][this.l](16),1==Y.length&&(Y="0"+Y),Z+=Y;return d(this,424,(B(this,(B(((Q=Z,B)(this,161).length=m.shift(),this),437).length=m.shift(),114)).length=m.shift(),m.shift())),Q}if(a==DG)gn(D[1],D[2],this);else if(a==r)return gn(D[1],8001,this)}}finally{I=T}}}(),E.prototype).OH=0,E.prototype.EH=0,E.prototype).GX=function(A,I,D,n){if(D=window.btoa){for(I="",n=0;n<A.length;n+=8192)I+=String.fromCharCode.apply(null,A.slice(n,n+8192));A=D(I).replace(/\\+/g,"-").replace(/\\//g,"_").replace(/=/g,"")}else A=void 0;return A},/./),k0,rn=K.pop.bind((E.prototype[Q1]=[0,0,1,1,0,1,1],E.prototype[J])),EL=((k0=pg(E.prototype.V,(bl[E.prototype.l]=rn,{get:rn})),E.prototype).e5=void 0,function(A,I){return(I=I3())&&1===A.eval(I.createScript("1"))?function(D){return I.createScript(D)}:function(D){return""+D}})(q);40<(l=q.botguard||(q.botguard={}),l.m)||(l.m=41,l.bg=Bh,l.a=a3),l.yDq_=function(A,I,D){return[(D=new E(A,I),function(n){return Hh(n,D)})]};}).call(this);'));
}).call(this);
#33 JavaScript::Eval (size: 22) - SHA256: 94ad18c1a336e08a4bfce57073e3f008391b324ebf524e0e7069827f300b075d
0,
function(T) {
    UL(2, T)
}
#34 JavaScript::Eval (size: 22) - SHA256: c624a79f9c72c617d0ed1ad3207a67a39f6243071e14c4ebeace5dcff97313a3
this.context['Entity']
#35 JavaScript::Eval (size: 28) - SHA256: fca3cd5a7ca3a44b75f81e0c169fe599fb48741835c83b5616e304b3f722522b
this.context['AnalyserNode']

Executed Writes (8)
#1 JavaScript::Write (size: 192) - SHA256: df9913e17da94cf021a5cf7de21a12683e6020ed3b2cbeb6dca1f3169fdf87a4
< head > < /head><body><script type="text/javascript
">var adtrue_passback = {adtrue_pzoneid:'12953'};</script><script type="
text / javascript " src=" //cdn.adtrue.com/rtb/passback.js"></script></body>
#2 JavaScript::Write (size: 131) - SHA256: e87bbd83668c5791aa1f8361e48e178e5ce505f74db6568887189a2b4aec6b46
< script type = "text/javascript"
src = "//exchange.adtrue.com/tag/passback?adtrue_pzoneid=12953&divid=51987426&ref=undefined" > < /script>
#3 JavaScript::Write (size: 249) - SHA256: d69309a446845fa51459fb0bf23ba7e57d8cbdfd2833b544627e64ec727a2102
<!-- Composite Start -->
< style >
    .mgbox.mgheader {
        display: none!important;
    } < /style> < div id = "M624865ScriptRootC991771" >
    < /div> < script src = "https://jsc.adskeeper.com/a/d/adtrue.ouo.press.991771.js"
async >
    < /script>
    <!-- Composite End -->
#4 JavaScript::Write (size: 3268) - SHA256: f6f23742dc4afe826cbc68ed1a9c4bc9b667f75c253705b882bf0f11fe0acf14
< !DOCTYPE HTML > < html > < head > < /head><body><script type="text/javascript
">function showAdsByAdtrue(){document.getElementById("
adtrue_gc ").style.width = '105px';document.getElementById("
adtrue_gb ").style.display = 'none';document.getElementById("
adtrue_gs ").style.display = 'block';}function hideAdsByAdtrue(cb){setTimeout(function() {document.getElementById("
adtrue_gc ").style.width = '15px';document.getElementById("
adtrue_gb ").style.display = 'block';document.getElementById("
adtrue_gs ").style.display = 'none';}, 500);}</script><style>#block_adexchange svg:not(:root) {overflow: auto;!important}</style><div id="
block_adexchange " style="
width: 300 px;
height: 250 px;
position: relative;
font: 15 px / 1.2e m Arial, sans - serif!important;
">            <div dir="
ltr " id="
adtrue_gc " class="
adtrue_gc_12953 " style="
display: none;
width: 15 px;
height: 15 px;
height: 15 px;
position: absolute;
left: 0;
text - rendering: geometricprecision;
bottom: 0;
width: 15 px;
z - index: 9020;
">                <div id="
adtrue_gb " style="
display: block;
height: 100 % ;
" onmouseover="
showAdsByAdtrue()
"><svg width="
100 % " height="
100 % "><rect width="
100 % " height="
100 % " fill="
whitesmoke "/><svg stroke="
#000000" fill= "#000000"
x = "0px"
y = "0px" > < circle cx = "7.5px"
cy = "7.5px"
r = "5.5px"
fill = "none"
stroke - width = "1.1px" / > < circle cx = "7.5px"
cy = "4.75px"
r = "1px"
stroke = "none" / > < line x1 = "7.5px"
x2 = "7.5px"
y1 = "6.5px"
y2 = "11px"
fill = "none"
stroke - width = "1.75px" / > < /svg>                    </svg > < /div>                <div id="adtrue_gs" style="display: none;height: 100%;" onmouseleave="hideAdsByAdtrue()">                    <a target="_blank" href="https:/ / adtrue.com " style="
text - decoration: none;
" id="
abgl ">                        <svg height="
100 % " width="
100 % ">                        <path transform="
matrix(-1.18971, -0.00136069, 0.00161882, -0.999999, 105, 15)
" d="
M0, 0 l96, 0 l0, 15 l - 92, 0 s - 4, 0, -4, -4 Z " fill="
whitesmoke "/>                        <svg width="
34 px " y="
11 px " x="
17 px " overflow="
visible ">                        <text transform="
scale(0.11121408415723971)
" font-size="
100 px " font-family="
Arial " fill="
dimgray ">Ads by</text>                        </svg>                        <svg width="
38 px " y="
11 px " x="
53 px " overflow="
visible ">                        <text transform="
scale(0.11784163440459683)
" font-weight="
bold " font-size="
100 px " font-family="
Arial " fill="
black ">Adtrue</text>                        </svg>                        <svg y="
0 px " x="
0 px " fill="
#000000" stroke= "#000000" > < circle stroke - width = "1.1px"
fill = "none"
r = "5.5px"
cy = "7.5px"
cx = "7.5px" / > < circle stroke = "none"
r = "1px"
cy = "4.75px"
cx = "7.5px" / > < line stroke - width = "1.75px"
fill = "none"
y2 = "11px"
y1 = "6.5px"
x2 = "7.5px"
x1 = "7.5px" / > < /svg>                        </svg > < /a>                </div > < /div><script type="text/javascript
">document.write('<script type="
text / javascript " src=" //exchange.adtrue.com/delivery/impress?pzoneid=12953&ref=https%3A%2F%2Fouo.press%2FPRvPzF&cb=1354512257&timeZone=0&adWidth=300&adHeight=250&loc=https://ouo.press/PRvPzF"></'+'script>');</script>        </div></body></html>
#5 JavaScript::Write (size: 215) - SHA256: 9a51fad50ebdbd2026d349a243037c96462800fe9647d682a0fd1226d44d1e3e
< script type = "text/javascript"
src = "//exchange.adtrue.com/delivery/impress?pzoneid=12953&ref=https%3A%2F%2Fouo.press%2FPRvPzF&cb=1354512257&timeZone=0&adWidth=300&adHeight=250&loc=https://ouo.press/PRvPzF" > < /script>
#6 JavaScript::Write (size: 3384) - SHA256: ed7ca95a5ef57501bb0f1bdb3b35bdfd68d026942a6f2a7de907b43ca6bd1782
< script async src = "//cdn.adtrue.com/pb/prebid.js" > < /script><script>var zoneId = 12953;var sizes = [[300, 250]];var REFRESH = 60000;var REFRESH_TIMES = 3;var generateRandomString = Math.random().toString(36).substring(2, 15) + Math.random().toString(36).substring(2, 10);var adTagId = "adtrue_ads_" + zoneId + "_" + generateRandomString;var PREBID_TIMEOUT = 1000;var adUnits = [{code: adTagId,mediaTypes: {banner: {sizes: sizes,},},bids: [{bidder: 'pubmatic',params: {publisherId: '155495',adSlot: 'ouo.press_300x250_direct@300x250'}}, {bidder: 'openx',params: {unit: '558223497',delDomain: 'fptadtrue-d.openx.net',customFloor: 0.1}}, {bidder: 'criteo',params: {networkId: 10692,publisherSubId: zoneId}}, {bidder: 'oftmedia',params: {placementId: 27389997,reserve: 0.03}}],}, ];var pbjs = pbjs || {};pbjs.que = pbjs.que || [];pbjs.que.push(function() {pbjs.addAdUnits(adUnits);pbjs.requestBids({timeout: PREBID_TIMEOUT,bidsBackHandler: handlerPassback,});pbjs.setConfig({"schain": {"validation": "strict","config": {"ver": "1.0","complete": 1,"nodes": [{"asi": "adtruesyndication.com","sid": "3363","hp": 1}]}}});pbjs.setConfig({"bidders": ["oftmedia"],"schain": {"validation": "relaxed","config": {"ver": "1.0","complete": 1,"nodes": [{"asi": "152media.info","sid": "152M351","hp": 1}]}}});pbjs.setConfig({userSync: {filterSettings: {iframe: {bidders: "*",filter: "include",},},userIds: [{name: "criteo",}, ],},});pbjs.enableAnalytics({provider: 'adtrue',options: {"zoneId": 12953,"publisherId": 3363}});});function refreshBid() {pbjs.que.push(function() {pbjs.requestBids({timeout: PREBID_TIMEOUT,bidsBackHandler: handlerPassback,});});}var ntimes = 0;var intervalID = setInterval(function() {ntimes++;if (ntimes > REFRESH_TIMES) {window.clearInterval(intervalID);}refreshBid();}, REFRESH);function handlerPassback() {var iframe = document.getElementById(adTagId);var iframeDoc = iframe.contentWindow.document;var adServerTargeting = pbjs.getAdserverTargetingForAdUnitCode(adTagId);/ * If any bidders
return any creatives * /if (adServerTargeting && adServerTargeting["hb_adid"]) {pbjs.renderAd(iframeDoc, adServerTargeting["hb_adid"]);} else {iframe.width = sizes[0][0];iframe.height = sizes[0][1];iframeDoc.write("<head></head > < body > " + passbackTagHtml + " < /body>");iframeDoc.close();}}var passbackTagHtml = '<script type="text\/javascript">' + "var adtrue_passback = {adtrue_pzoneid:'" + zoneId + "'};" + "<\/script>" + '<script type="text\/javascript" src="/ / cdn.adtrue.com / rtb / passback.js "><\/script>';</script><iframe id="
pb_iframe " frameborder="
0 " scrolling="
no " marginheight="
0 " marginwidth="
0 " TOPMARGIN="
0 " LEFTMARGIN="
0 " ALLOWTRANSPARENCY="
true " width="
0 " height="
0 "></iframe><script>var iframe = document.getElementById("
pb_iframe ");iframe.setAttribute("
id ", adTagId);</script><script type="
text / javascript ">(function() {var purl = window.location.href;var url = '//ads.pubmatic.com/AdServer/js/pwt/155495/4202';var profileVersionId = '';if (purl.indexOf('pwtv=') > 0) {var regexp = /pwtv=(.*?)(&|$)/g;var matches = regexp.exec(purl);if (matches.length >= 2 && matches[1].length > 0) {profileVersionId = '/' + matches[1];}}var wtads = document.createElement('script');wtads.async = true;wtads.type = 'text/javascript';wtads.src = url + profileVersionId + '/pwt.js';var node = document.getElementsByTagName('script')[0];node.parentNode.insertBefore(wtads, node);})();</script>
#7 JavaScript::Write (size: 349) - SHA256: ed00582804f215f601bbf33a010cdf3694a975a5bfffae1b6a7ad13e97716600
< iframe name = "pbeacon"
frameborder = "0"
allowtransparency = "true"
hspace = "0"
vspace = "0"
marginheight = "0"
marginwidth = "0"
scrolling = "no"
width = "0"
height = "0"
style = "position:absolute;top:-20000px;"
src = "//track.adtrue.com/track/request?pzoneid=12953&domain=ouo.press&ref=https%3A%2F%2Fouo.press%2FPRvPzF&loc=https%3A%2F%2Fouo.press%2FPRvPzF" > < /iframe>
#8 JavaScript::Write (size: 173) - SHA256: 642f9705ec7d8c7b0f907d5fecc582d31d93a78c244f05c938e36bf016fe9d3c
< body style = "background-color:white;margin:0px;padding:0px;" > < div id = "c" > < /div><script src="https:/ / ecdn.firstimpression.io / static / js / fiamp.js "></script></body>


HTTP Transactions (106)


Request Response
                                        
                                            GET /PRvPzF HTTP/1.1 
Host: ouo.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         172.67.6.151
HTTP/1.1 301 Moved Permanently
                                        
Date: Tue, 15 Nov 2022 07:28:09 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 15 Nov 2022 08:28:09 GMT
Location: https://ouo.io/PRvPzF
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76a644bb5d010b3d-OSL

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "9C297CCFD178EEC7E472FB64A6B2E34D4C7A6DEC32870F49982353E590196BA0"
Last-Modified: Mon, 14 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2903
Expires: Tue, 15 Nov 2022 08:16:32 GMT
Date: Tue, 15 Nov 2022 07:28:09 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3766
Cache-Control: max-age=101154
Date: Tue, 15 Nov 2022 07:28:09 GMT
Etag: "637218f5-1d7"
Expires: Wed, 16 Nov 2022 11:34:03 GMT
Last-Modified: Mon, 14 Nov 2022 10:31:17 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "DB1A82D8A2BACC0257B87EFEC0C365C1B769700FA27CE928321E082505F1D72A"
Last-Modified: Sun, 13 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10138
Expires: Tue, 15 Nov 2022 10:17:07 GMT
Date: Tue, 15 Nov 2022 07:28:09 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4680
Cache-Control: max-age=140902
Date: Tue, 15 Nov 2022 07:28:09 GMT
Etag: "6372b0a7-117"
Expires: Wed, 16 Nov 2022 22:36:31 GMT
Last-Modified: Mon, 14 Nov 2022 21:18:31 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Length, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 15 Nov 2022 06:44:37 GMT
cache-control: public,max-age=3600
age: 2612
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    4736bac84ca28f2b1e961159fb4ea098
Sha1:   1319612979f53896fcfeacd4215c2715d4951e4c
Sha256: 5e81213e111ddf68c7f884f72b4e06fc4dc95eb902c3cf0762236b2418840dba
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: ynwxYm///9BSf4LmE3mDFXk6hmtJL71ZNBKBHXqJ8NFLYR6GyL7vTPfGe0G5XFLuXb2nHLOmj0Q=
x-amz-request-id: 3TD0K6VG5SFERPPV
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 15 Nov 2022 07:14:10 GMT
age: 839
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    67d5a988edcda47bc3b3b3f65d32b4b6
Sha1:   d4f0e0da8b3690cc7da925026d3414b68c7d954f
Sha256: 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Tue, 15 Nov 2022 07:28:09 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Cache-Control, Pragma, Last-Modified, ETag, Alert, Backoff, Content-Type, Retry-After, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 15 Nov 2022 07:25:01 GMT
cache-control: public,max-age=3600
age: 189
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5822
Cache-Control: max-age=130520
Date: Tue, 15 Nov 2022 07:28:10 GMT
Etag: "637283a4-116"
Expires: Wed, 16 Nov 2022 19:43:30 GMT
Last-Modified: Mon, 14 Nov 2022 18:06:28 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 278

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4269
Cache-Control: max-age=96600
Date: Tue, 15 Nov 2022 07:28:10 GMT
Etag: "63720535-1d7"
Expires: Wed, 16 Nov 2022 10:18:10 GMT
Last-Modified: Mon, 14 Nov 2022 09:07:01 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /images/world.png HTTP/1.1 
Host: ouo.press
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/PRvPzF
Cookie: ouoio_session=eyJpdiI6ImJ2VEh1d3A0aFN0ZXBYT2hydHU5Uisyc0ZsR2JVV1M4QTVKdzBVRyt3UkU9IiwidmFsdWUiOiJCVkV0ZXFEcmFtcXZmQ3dUWENMZjdvd3FxcEVYcm9SQVwvWDdkcGJVOWVVaEk5RVRPcWlBd25HcmllK2xpXC9RRjlyUHExMVJ5NEJhZnVOc0JmZGN0WWxRPT0iLCJtYWMiOiI2NjMzMTE5Y2Q4YzYzYmRjZTJkZmEzOTIzYjdjZjM3MThhNWZlZDdiNmJlMTU0OGE5ZGUwYWU4Y2EwOTQ0ZTNkIn0%3D; language=eyJpdiI6IjczdXVzN3h5VzJqOU93NGxFT2NaTGh5TG90Z1A4dVFFcmZXMW1KTGd1MFU9IiwidmFsdWUiOiJnYXA0cWlkYnRrSWdJdlhxMVh5WjhTODRKQ3dXQVBLcmJYWTVXaEdCZFo4PSIsIm1hYyI6IjJmNjYzYzkyY2IyN2FkODVmNGI4ZjdjN2RiZTUxYmRkNDNiY2FhZWFmNjg4YWQwNjI1NjU3MjFhMzUyYjk1YjcifQ%3D%3D; 2d7b6492a0d90b4d7a580d52d3a9df09456b9a1f=eyJpdiI6IkRpN2IyeVZJb29rK09mempMaDloNHlPTmhadUZLclhHcGZ3eXkzb0E2SGM9IiwidmFsdWUiOiJFZStDdjhkaVRQS2pNalRQWTlKT016WWErT09ESDBHOSthVmlmTmJjUjUrNGQ4bXlsRDlBOFNBbitraVNSa1VwOWh6VWUzT1c0SmtraHpCaVdYa3hiUHFXRXdlVmw5a1pPWk9BaFI3MTNmS2lscnh1Mmh0N2p3V21NQSs2NFd6Vld1eGJldUp6MlhBcUQ0ejhXc2ZxNVZEUmlHR0xZcXBweEtHdXRGd09XaXFqRyt2TU02bHIzVHFlUXNOazJ3S1pUbk95N051NHJRUEk4QmxzWkhcLzVoa0p3TDI2dlh6NlpWSmUxdlZQcGNYZFwvcXYrTGN1S0NLWGYxYjYwY1wvY3VueENuOCtqK2lkTGticEpiWjJ5WWJ6dUREdGtBVHFITWFPUHVURzdQcFVGQUlkNjhaMHo0UjlyenlaenphVitGVXYxK3QxOUhWdXJZNHNrdXk0Zm9KXC9yakMrTHpyNXRNT1VWVnJvTXJmemIyZmM4Zks5dTZ0eWNZbTYzbEtIRXFRIiwibWFjIjoiM2ZhNjdjMGI0NmE1YjQ3NmFmYjZhNzNhZmE0ZmRkZGUxN2Y1MWJiMjkxZjBmYTEyMDBkNDE3ZWE0NWUzOTNiNyJ9; __cf_bm=qXTb3eJd.XJGCa0jxI4uqZBfF_vCaBGjeTggjwhTWMI-1668497290-0-AbfhQd3ZQEHrkrETjnrMYH6/XZJiW6wRNSmpl8sHoiMKKGOfo5Ug22w0qABaGVaWNRu8S9GTrGOo3zaAkpMAhrk=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.22.58.251
HTTP/2 200 OK
content-type: image/png
                                        
date: Tue, 15 Nov 2022 07:28:10 GMT
content-length: 5692
cache-control: max-age=2592000
cf-bgj: imgq:85,h2pri
cf-polished: status=not_needed
etag: "5549a07c-163c"
expires: Sat, 03 Dec 2022 22:33:44 GMT
last-modified: Wed, 06 May 2015 05:02:52 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 982466
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a644c208bc0b39-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Size:   5692
Md5:    4eea420a8830a6d695114427bf52b556
Sha1:   35579e7f1a656beb3a07a7093166ff37c634bade
Sha256: 70f03c74cc197cf154af36fa552a448d9ffebb55081c96e55ef4cf469123fe22
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 15 Nov 2022 07:28:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 15 Nov 2022 07:28:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /recaptcha/api.js?render=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.164
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
expires: Tue, 15 Nov 2022 07:28:10 GMT
date: Tue, 15 Nov 2022 07:28:10 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 585
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (884), with no line terminators
Size:   585
Md5:    d36fbadc19583158e0e17f2600407814
Sha1:   e99295beaa7c52e0b1f42759c67b40aebe4bab10
Sha256: dbf530370a0136951085663be32f33ad5e3a01e1a2883eebbd518fbee9816f50
                                        
                                            GET /css?family=Questrial HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 15 Nov 2022 07:28:10 GMT
date: Tue, 15 Nov 2022 07:28:10 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            GET /static/js/fab.js HTTP/1.1 
Host: ecdn.analysis.fi
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         54.230.111.15
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 4240
server: nginx/1.20.0
last-modified: Tue, 14 Dec 2021 15:30:51 GMT
access-control-allow-origin: *
accept-ranges: bytes
date: Tue, 15 Nov 2022 07:23:11 GMT
expires: Tue, 15 Nov 2022 08:23:10 GMT
cache-control: max-age=3600
etag: "61b8b8ab-1090"
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: K8t7Fs2HF5os2WGkJmp40sKfWi0zvuYG85fJteSZE6ekZuSjPvmsVw==
age: 300
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (574)
Size:   4240
Md5:    28a0bef1ecb63168106f97b637ab3414
Sha1:   e577575dd115f6a95aea8c2ae87d2c30c8464728
Sha256: d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 15 Nov 2022 07:28:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "8FC87491C7123547D40904B193D58AABDDDB4746E268E3569AD9B9E4B52CC029"
Last-Modified: Sun, 13 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4963
Expires: Tue, 15 Nov 2022 08:50:53 GMT
Date: Tue, 15 Nov 2022 07:28:10 GMT
Connection: keep-alive

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: MMemJLQTXjvzcp6mgtv7JQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         52.42.74.230
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: GFKTNYvWEJ0EhulmuUP81K9FmOU=

                                        
                                            GET /css/link-safe.css HTTP/1.1 
Host: ouo.press
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/PRvPzF
Cookie: ouoio_session=eyJpdiI6ImJ2VEh1d3A0aFN0ZXBYT2hydHU5Uisyc0ZsR2JVV1M4QTVKdzBVRyt3UkU9IiwidmFsdWUiOiJCVkV0ZXFEcmFtcXZmQ3dUWENMZjdvd3FxcEVYcm9SQVwvWDdkcGJVOWVVaEk5RVRPcWlBd25HcmllK2xpXC9RRjlyUHExMVJ5NEJhZnVOc0JmZGN0WWxRPT0iLCJtYWMiOiI2NjMzMTE5Y2Q4YzYzYmRjZTJkZmEzOTIzYjdjZjM3MThhNWZlZDdiNmJlMTU0OGE5ZGUwYWU4Y2EwOTQ0ZTNkIn0%3D; language=eyJpdiI6IjczdXVzN3h5VzJqOU93NGxFT2NaTGh5TG90Z1A4dVFFcmZXMW1KTGd1MFU9IiwidmFsdWUiOiJnYXA0cWlkYnRrSWdJdlhxMVh5WjhTODRKQ3dXQVBLcmJYWTVXaEdCZFo4PSIsIm1hYyI6IjJmNjYzYzkyY2IyN2FkODVmNGI4ZjdjN2RiZTUxYmRkNDNiY2FhZWFmNjg4YWQwNjI1NjU3MjFhMzUyYjk1YjcifQ%3D%3D; 2d7b6492a0d90b4d7a580d52d3a9df09456b9a1f=eyJpdiI6IkRpN2IyeVZJb29rK09mempMaDloNHlPTmhadUZLclhHcGZ3eXkzb0E2SGM9IiwidmFsdWUiOiJFZStDdjhkaVRQS2pNalRQWTlKT016WWErT09ESDBHOSthVmlmTmJjUjUrNGQ4bXlsRDlBOFNBbitraVNSa1VwOWh6VWUzT1c0SmtraHpCaVdYa3hiUHFXRXdlVmw5a1pPWk9BaFI3MTNmS2lscnh1Mmh0N2p3V21NQSs2NFd6Vld1eGJldUp6MlhBcUQ0ejhXc2ZxNVZEUmlHR0xZcXBweEtHdXRGd09XaXFqRyt2TU02bHIzVHFlUXNOazJ3S1pUbk95N051NHJRUEk4QmxzWkhcLzVoa0p3TDI2dlh6NlpWSmUxdlZQcGNYZFwvcXYrTGN1S0NLWGYxYjYwY1wvY3VueENuOCtqK2lkTGticEpiWjJ5WWJ6dUREdGtBVHFITWFPUHVURzdQcFVGQUlkNjhaMHo0UjlyenlaenphVitGVXYxK3QxOUhWdXJZNHNrdXk0Zm9KXC9yakMrTHpyNXRNT1VWVnJvTXJmemIyZmM4Zks5dTZ0eWNZbTYzbEtIRXFRIiwibWFjIjoiM2ZhNjdjMGI0NmE1YjQ3NmFmYjZhNzNhZmE0ZmRkZGUxN2Y1MWJiMjkxZjBmYTEyMDBkNDE3ZWE0NWUzOTNiNyJ9; __cf_bm=qXTb3eJd.XJGCa0jxI4uqZBfF_vCaBGjeTggjwhTWMI-1668497290-0-AbfhQd3ZQEHrkrETjnrMYH6/XZJiW6wRNSmpl8sHoiMKKGOfo5Ug22w0qABaGVaWNRu8S9GTrGOo3zaAkpMAhrk=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.22.58.251
HTTP/2 200 OK
content-type: text/css
                                        
date: Tue, 15 Nov 2022 07:28:10 GMT
cache-control: max-age=86400
cf-bgj: minify
cf-polished: status=cannot_optimize
etag: W/"5d951ace-1830"
expires: Tue, 15 Nov 2022 11:28:58 GMT
last-modified: Wed, 02 Oct 2019 21:46:54 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 28752
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a644c1f8a80b39-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   2002
Md5:    077cbe1d55e6b3f4c3bdfea89420f625
Sha1:   77bd036f0c1b9e09a4ac8ce0110c23d2093b7d8b
Sha256: be477628d1ec4f922b21178c28a4161a08e85ed5ca7e0ab782f8e66356c5405f
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=152463
Date: Tue, 15 Nov 2022 07:28:10 GMT
Etag: "6372f019-117"
Expires: Thu, 17 Nov 2022 01:49:13 GMT
Last-Modified: Tue, 15 Nov 2022 01:49:13 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET /PRvPzF HTTP/1.1 
Host: ouo.press
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         104.22.58.251
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Tue, 15 Nov 2022 07:28:10 GMT
cache-control: no-cache
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
set-cookie: ouoio_session=eyJpdiI6ImJ2VEh1d3A0aFN0ZXBYT2hydHU5Uisyc0ZsR2JVV1M4QTVKdzBVRyt3UkU9IiwidmFsdWUiOiJCVkV0ZXFEcmFtcXZmQ3dUWENMZjdvd3FxcEVYcm9SQVwvWDdkcGJVOWVVaEk5RVRPcWlBd25HcmllK2xpXC9RRjlyUHExMVJ5NEJhZnVOc0JmZGN0WWxRPT0iLCJtYWMiOiI2NjMzMTE5Y2Q4YzYzYmRjZTJkZmEzOTIzYjdjZjM3MThhNWZlZDdiNmJlMTU0OGE5ZGUwYWU4Y2EwOTQ0ZTNkIn0%3D; path=/; httponly language=eyJpdiI6IjczdXVzN3h5VzJqOU93NGxFT2NaTGh5TG90Z1A4dVFFcmZXMW1KTGd1MFU9IiwidmFsdWUiOiJnYXA0cWlkYnRrSWdJdlhxMVh5WjhTODRKQ3dXQVBLcmJYWTVXaEdCZFo4PSIsIm1hYyI6IjJmNjYzYzkyY2IyN2FkODVmNGI4ZjdjN2RiZTUxYmRkNDNiY2FhZWFmNjg4YWQwNjI1NjU3MjFhMzUyYjk1YjcifQ%3D%3D; expires=Sun, 14-Nov-2027 07:28:10 GMT; Max-Age=157680000; path=/; httponly 2d7b6492a0d90b4d7a580d52d3a9df09456b9a1f=eyJpdiI6IkRpN2IyeVZJb29rK09mempMaDloNHlPTmhadUZLclhHcGZ3eXkzb0E2SGM9IiwidmFsdWUiOiJFZStDdjhkaVRQS2pNalRQWTlKT016WWErT09ESDBHOSthVmlmTmJjUjUrNGQ4bXlsRDlBOFNBbitraVNSa1VwOWh6VWUzT1c0SmtraHpCaVdYa3hiUHFXRXdlVmw5a1pPWk9BaFI3MTNmS2lscnh1Mmh0N2p3V21NQSs2NFd6Vld1eGJldUp6MlhBcUQ0ejhXc2ZxNVZEUmlHR0xZcXBweEtHdXRGd09XaXFqRyt2TU02bHIzVHFlUXNOazJ3S1pUbk95N051NHJRUEk4QmxzWkhcLzVoa0p3TDI2dlh6NlpWSmUxdlZQcGNYZFwvcXYrTGN1S0NLWGYxYjYwY1wvY3VueENuOCtqK2lkTGticEpiWjJ5WWJ6dUREdGtBVHFITWFPUHVURzdQcFVGQUlkNjhaMHo0UjlyenlaenphVitGVXYxK3QxOUhWdXJZNHNrdXk0Zm9KXC9yakMrTHpyNXRNT1VWVnJvTXJmemIyZmM4Zks5dTZ0eWNZbTYzbEtIRXFRIiwibWFjIjoiM2ZhNjdjMGI0NmE1YjQ3NmFmYjZhNzNhZmE0ZmRkZGUxN2Y1MWJiMjkxZjBmYTEyMDBkNDE3ZWE0NWUzOTNiNyJ9; expires=Tue, 15-Nov-2022 09:28:10 GMT; Max-Age=7200; path=/; httponly __cf_bm=qXTb3eJd.XJGCa0jxI4uqZBfF_vCaBGjeTggjwhTWMI-1668497290-0-AbfhQd3ZQEHrkrETjnrMYH6/XZJiW6wRNSmpl8sHoiMKKGOfo5Ug22w0qABaGVaWNRu8S9GTrGOo3zaAkpMAhrk=; path=/; expires=Tue, 15-Nov-22 07:58:10 GMT; domain=.ouo.press; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 76a644c04ef90b39-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1938)
Size:   3424
Md5:    f7c3fcd9e8b41fa3321f2079a374c0c7
Sha1:   d5b6d621859632837372bc602f60e1fa664f1440
Sha256: ed078b3c1cda8e7194586e466572b9b04c564883eac5c3a9da3ca0c20aa17eea
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F0566EF00B3B98A43A1EEA57717F982630EE9D9D5EBCD10D01E52E1C90D16748"
Last-Modified: Mon, 14 Nov 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18882
Expires: Tue, 15 Nov 2022 12:42:53 GMT
Date: Tue, 15 Nov 2022 07:28:11 GMT
Connection: keep-alive

                                        
                                            GET /ed/36/01/ed36014633829dc70a42dccaefdf3f11.js HTTP/1.1 
Host: itineraryupper.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         192.243.59.20
HTTP/1.1 403 Forbidden
Content-Type: application/javascript
                                        
Server: nginx/1.17.9
Date: Tue, 15 Nov 2022 07:28:11 GMT
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 15 Nov 2022 07:28:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ouo.press
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19292
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 14 Nov 2022 20:03:35 GMT
expires: Tue, 14 Nov 2023 20:03:35 GMT
cache-control: public, max-age=31536000
age: 41076
last-modified: Wed, 27 Apr 2022 16:12:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 19292, version 1.0\012- data
Size:   19292
Md5:    19007b17e56daa60133bce9e9b352a95
Sha1:   bac1384caeae5762e7a1d8c18037f69c8cd21bc4
Sha256: fd88a03358ba14440b78c6329717bdf6ed1a9fe97c3ad4e0a0a39d31fb1ac546
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: ouo.press
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/PRvPzF
Cookie: ouoio_session=eyJpdiI6ImJ2VEh1d3A0aFN0ZXBYT2hydHU5Uisyc0ZsR2JVV1M4QTVKdzBVRyt3UkU9IiwidmFsdWUiOiJCVkV0ZXFEcmFtcXZmQ3dUWENMZjdvd3FxcEVYcm9SQVwvWDdkcGJVOWVVaEk5RVRPcWlBd25HcmllK2xpXC9RRjlyUHExMVJ5NEJhZnVOc0JmZGN0WWxRPT0iLCJtYWMiOiI2NjMzMTE5Y2Q4YzYzYmRjZTJkZmEzOTIzYjdjZjM3MThhNWZlZDdiNmJlMTU0OGE5ZGUwYWU4Y2EwOTQ0ZTNkIn0%3D; language=eyJpdiI6IjczdXVzN3h5VzJqOU93NGxFT2NaTGh5TG90Z1A4dVFFcmZXMW1KTGd1MFU9IiwidmFsdWUiOiJnYXA0cWlkYnRrSWdJdlhxMVh5WjhTODRKQ3dXQVBLcmJYWTVXaEdCZFo4PSIsIm1hYyI6IjJmNjYzYzkyY2IyN2FkODVmNGI4ZjdjN2RiZTUxYmRkNDNiY2FhZWFmNjg4YWQwNjI1NjU3MjFhMzUyYjk1YjcifQ%3D%3D; 2d7b6492a0d90b4d7a580d52d3a9df09456b9a1f=eyJpdiI6IkRpN2IyeVZJb29rK09mempMaDloNHlPTmhadUZLclhHcGZ3eXkzb0E2SGM9IiwidmFsdWUiOiJFZStDdjhkaVRQS2pNalRQWTlKT016WWErT09ESDBHOSthVmlmTmJjUjUrNGQ4bXlsRDlBOFNBbitraVNSa1VwOWh6VWUzT1c0SmtraHpCaVdYa3hiUHFXRXdlVmw5a1pPWk9BaFI3MTNmS2lscnh1Mmh0N2p3V21NQSs2NFd6Vld1eGJldUp6MlhBcUQ0ejhXc2ZxNVZEUmlHR0xZcXBweEtHdXRGd09XaXFqRyt2TU02bHIzVHFlUXNOazJ3S1pUbk95N051NHJRUEk4QmxzWkhcLzVoa0p3TDI2dlh6NlpWSmUxdlZQcGNYZFwvcXYrTGN1S0NLWGYxYjYwY1wvY3VueENuOCtqK2lkTGticEpiWjJ5WWJ6dUREdGtBVHFITWFPUHVURzdQcFVGQUlkNjhaMHo0UjlyenlaenphVitGVXYxK3QxOUhWdXJZNHNrdXk0Zm9KXC9yakMrTHpyNXRNT1VWVnJvTXJmemIyZmM4Zks5dTZ0eWNZbTYzbEtIRXFRIiwibWFjIjoiM2ZhNjdjMGI0NmE1YjQ3NmFmYjZhNzNhZmE0ZmRkZGUxN2Y1MWJiMjkxZjBmYTEyMDBkNDE3ZWE0NWUzOTNiNyJ9; __cf_bm=qXTb3eJd.XJGCa0jxI4uqZBfF_vCaBGjeTggjwhTWMI-1668497290-0-AbfhQd3ZQEHrkrETjnrMYH6/XZJiW6wRNSmpl8sHoiMKKGOfo5Ug22w0qABaGVaWNRu8S9GTrGOo3zaAkpMAhrk=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.22.58.251
HTTP/2 200 OK
content-type: image/x-icon
                                        
date: Tue, 15 Nov 2022 07:28:11 GMT
content-length: 0
last-modified: Sat, 14 Feb 2015 06:41:24 GMT
etag: "54deee14-0"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=86400
cf-cache-status: HIT
age: 2858
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a644c71e500b39-OSL
X-Firefox-Spdy: h2

                                        
                                            GET /images/widgetIcons/achoice.svg HTTP/1.1 
Host: widgets.outbrain.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         23.38.201.81
HTTP/2 200 OK
content-type: image/svg+xml
                                        
accept-ranges: bytes
etag: "9d26fa4e7238ed94f1d0d92afb453b3e:1662969032.874716"
last-modified: Mon, 12 Sep 2022 07:37:47 GMT
server: AkamaiNetStorage
content-length: 2735
cache-control: max-age=2592000
expires: Thu, 15 Dec 2022 07:28:11 GMT
date: Tue, 15 Nov 2022 07:28:11 GMT
timing-allow-origin: *, *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2290)
Size:   2735
Md5:    9d26fa4e7238ed94f1d0d92afb453b3e
Sha1:   ae18efe7d09337bf2f580b3f5bc912284aad7821
Sha256: 2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 15 Nov 2022 07:28:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 15 Nov 2022 07:28:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /AdServer/js/pwt/155495/4202/pwt.js HTTP/1.1 
Host: ads.pubmatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         23.38.200.201
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Wed, 27 Oct 2021 05:33:12 GMT
etag: "1241a12-3fca8-5cf4eee137dd8"
server: Apache
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: https://ci-va2qa-mgmt.pubmatic.com
x-xss-protection: 1; mode=block
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 80538
cache-control: max-age=124133
expires: Wed, 16 Nov 2022 17:57:04 GMT
date: Tue, 15 Nov 2022 07:28:11 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   180179
Md5:    a3aaafb385b97544891f99fd2025572a
Sha1:   245d75161ba69b77bfa5e9ff21b68c313d929248
Sha256: 60eabdaaf1e8a22c1f2255eadb63b0527f7a0103492f48f5b659ca3c75d899ce
                                        
                                            GET /favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250 HTTP/1.1 
Host: ad.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.102
HTTP/2 200 OK
content-type: image/x-icon
                                        
accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 104
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Mon, 14 Nov 2022 12:36:02 GMT
expires: Tue, 15 Nov 2022 12:36:02 GMT
cache-control: public, max-age=86400
age: 67929
last-modified: Tue, 08 May 2012 13:08:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  MS Windows icon resource - 2 icons, 16x16, 16 colors, 32x32, 16 colors\012- data
Size:   104
Md5:    32ac8a9b81788b981a3a7e13c14082d4
Sha1:   fbfd48a2bfe8d4247a975176f88d18c3c2ad1952
Sha256: 00cc7617e054596ff0aaabd8a93a9214dc5304bfe317316022dbf4fb3ea073d2
                                        
                                            GET /recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/recaptcha__en.js HTTP/1.1 
Host: www.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.163
HTTP/2 200 OK
content-type: text/javascript
                                        
accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 408610
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 14 Nov 2022 23:36:34 GMT
expires: Tue, 14 Nov 2023 23:36:34 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 07 Nov 2022 23:32:29 GMT
age: 28297
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (668)
Size:   408610
Md5:    5e4857e008de71aa0e33e9cd123d008e
Sha1:   307c748fabe2497c790a20dcacde300ff7e20749
Sha256: fdfeba02862c96c6d6fa5c6ecc5db0b1f9c04b93941ffa0dd47b23e66a7f9e8f
                                        
                                            GET /c.js HTTP/1.1 
Host: hhklc.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.21.70.122
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 15 Nov 2022 07:28:10 GMT
last-modified: Fri, 11 Nov 2022 16:10:23 GMT
etag: W/"636e73ef-2218"
server-asp-net: Asp Net
expires: Tue, 15 Nov 2022 07:48:53 GMT
cache-control: public, max-age=14400
cf-cache-status: HIT
age: 1457
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9MIGBu590rWOsxKhdZL1t7oosltdtev9rl9CqV%2BE0dPKxLFbRD5q2FahOfjf2KzXs%2FTdAZeAMglQRKB7BzUR9BCyQoQbHtx7J0MlUQRm1lyttb4X8d%2Fpq98%2BQ%2F4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a644c36bfcb505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (8728), with no line terminators
Size:   2758
Md5:    30f1b8fd1687e351a21e18be833beadd
Sha1:   174c0cb37be51483ce0b661abc96c21727c1629f
Sha256: 55d9a26af048679c736549dc96933e6434d9302e47261351998f72c72802d58b
                                        
                                            GET /npm/prebid-universal-creative@latest/dist/creative.js HTTP/1.1 
Host: cdn.jsdelivr.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         151.101.85.229
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 1.14.1
x-jsd-version-type: version
etag: W/"6c5a-y+sK0xXzH8ASLq957N20gljeHO8"
content-encoding: gzip
accept-ranges: bytes
date: Tue, 15 Nov 2022 07:28:11 GMT
age: 3869
x-served-by: cache-fra-eddf8230118-FRA, cache-bma1639-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 9244
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (27677)
Size:   9244
Md5:    644ba7e773cf65b0bad3e0bfd876fadb
Sha1:   62e327afb13b45d6bd9cdb5b77259f4c48667ca5
Sha256: 44e73c184d22730c0b64b805501bad4b2bbbfc4e6a56de8832f0e5c0a211cb52
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 15 Nov 2022 07:28:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: status.geotrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5182
Cache-Control: max-age=118377
Date: Tue, 15 Nov 2022 07:28:11 GMT
Etag: "637256b7-1d7"
Expires: Wed, 16 Nov 2022 16:21:08 GMT
Last-Modified: Mon, 14 Nov 2022 14:54:47 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 15 Nov 2022 07:28:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "DD8DFCCDC6DCF97E58E3C6ACBD9529C454E51F54"
Expires: Tue, 15 Nov 2022 18:00:00 GMT
Last-Modified: Tue, 15 Nov 2022 06:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 89
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76a644c87b5d1c02-OSL


--- Additional Info ---
Magic:  data
Size:   1462
Md5:    e25888cd286218a3cf5f5aa564796f1a
Sha1:   42abdf6bfaa64a87ef5a64272be27567f25ed31c
Sha256: d81cea8ded8615f9de6d4c1688a7db4eabb95f4bb13201afada936d02d35ec21
                                        
                                            GET /aax2/apstag.js HTTP/1.1 
Host: d3div1mtym39ic.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ouo.press/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         54.230.245.70
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Wed, 09 Nov 2022 20:51:49 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Tue, 15 Nov 2022 07:16:06 GMT
cache-control: public, max-age=3600
etag: W/"fa24fe2b94a2fc864b1ec67f32e8db32"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: TAMxPr0EdZkV81WQoUR8fRyvu5KC8xrSrClVNSG9hduUGJOi5lPLmg==
age: 725
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   45316
Md5:    52df25aaf898a82e0e55267d59377554
Sha1:   a7359beffa10bb059c9e8b16c556576fb5dc394a
Sha256: d5477f0f94915df764c034bf02de34430eeb861ad4242127fe4130c3a44ea61e
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 15 Nov 2022 07:28:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6238
Cache-Control: max-age=100335
Date: Tue, 15 Nov 2022 07:28:11 GMT
Etag: "63720c1c-1d7"
Expires: Wed, 16 Nov 2022 11:20:26 GMT
Last-Modified: Mon, 14 Nov 2022 09:36:28 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /w/1.0/arj?ju=https%3A%2F%2Fouo.press%2FPRvPzF&ch=UTF-8&res=1280x1024x24&ifr=true&tz=0&tws=1280x939&be=1&bc=hb_pb_3.0.3&dddid=d728dfc6-97de-4a50-94de-a487a4ec6641&nocache=1668497291320&aus=300x250&divids=adtrue_ads_12953_8q0gcaagcbd47mkzwjr&aucs=adtrue_ads_12953_8q0gcaagcbd47mkzwjr&auid=558223497&aumfs=100 HTTP/1.1 
Host: fptadtrue-d.openx.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.98.64.218
HTTP/2 200 OK
content-type: application/json
                                        
vary: Accept, Accept-Encoding
server: OXGW/0.0.0
pragma: no-cache
p3p: CP="CUR ADM OUR NOR STA NID"
expires: Mon, 26 Jul 1997 05:00:00 GMT
date: Tue, 15 Nov 2022 07:28:11 GMT
content-length: 79
content-encoding: gzip
cache-control: private, max-age=0, no-cache
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   79
Md5:    15b8943548c897bc706ad3868e72a1e6
Sha1:   fb9926276a0d610afe3007e04c6d708a42a64ae0
Sha256: ecffcb8564f4dbc9f86aa1ccdb3d550a8b872e33b6e4b43880d82df922beb40d
                                        
                                            GET /gtag/js?id=GTM-NPLC9ST HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.adtrue.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.168
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 15 Nov 2022 07:28:11 GMT
expires: Tue, 15 Nov 2022 07:28:11 GMT
cache-control: private, max-age=900
last-modified: Tue, 15 Nov 2022 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 47045
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1921)
Size:   47045
Md5:    43efd361605121b20e8a78604dbe4d3b
Sha1:   9921327f7012200568e4b4b81081ecfd3d1eb6b3
Sha256: 79f00acb891299b76b8da78997caeea01dc19cbc1728f72626ad243fb67cd9bf
                                        
                                            POST / HTTP/1.1 
Host: status.geotrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3429
Cache-Control: max-age=116625
Date: Tue, 15 Nov 2022 07:28:11 GMT
Etag: "637256b7-1d7"
Expires: Wed, 16 Nov 2022 15:51:56 GMT
Last-Modified: Mon, 14 Nov 2022 14:54:47 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 15 Nov 2022 07:28:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1 
Host: ouo.press
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/PRvPzF
Cookie: ouoio_session=eyJpdiI6ImJ2VEh1d3A0aFN0ZXBYT2hydHU5Uisyc0ZsR2JVV1M4QTVKdzBVRyt3UkU9IiwidmFsdWUiOiJCVkV0ZXFEcmFtcXZmQ3dUWENMZjdvd3FxcEVYcm9SQVwvWDdkcGJVOWVVaEk5RVRPcWlBd25HcmllK2xpXC9RRjlyUHExMVJ5NEJhZnVOc0JmZGN0WWxRPT0iLCJtYWMiOiI2NjMzMTE5Y2Q4YzYzYmRjZTJkZmEzOTIzYjdjZjM3MThhNWZlZDdiNmJlMTU0OGE5ZGUwYWU4Y2EwOTQ0ZTNkIn0%3D; language=eyJpdiI6IjczdXVzN3h5VzJqOU93NGxFT2NaTGh5TG90Z1A4dVFFcmZXMW1KTGd1MFU9IiwidmFsdWUiOiJnYXA0cWlkYnRrSWdJdlhxMVh5WjhTODRKQ3dXQVBLcmJYWTVXaEdCZFo4PSIsIm1hYyI6IjJmNjYzYzkyY2IyN2FkODVmNGI4ZjdjN2RiZTUxYmRkNDNiY2FhZWFmNjg4YWQwNjI1NjU3MjFhMzUyYjk1YjcifQ%3D%3D; 2d7b6492a0d90b4d7a580d52d3a9df09456b9a1f=eyJpdiI6IkRpN2IyeVZJb29rK09mempMaDloNHlPTmhadUZLclhHcGZ3eXkzb0E2SGM9IiwidmFsdWUiOiJFZStDdjhkaVRQS2pNalRQWTlKT016WWErT09ESDBHOSthVmlmTmJjUjUrNGQ4bXlsRDlBOFNBbitraVNSa1VwOWh6VWUzT1c0SmtraHpCaVdYa3hiUHFXRXdlVmw5a1pPWk9BaFI3MTNmS2lscnh1Mmh0N2p3V21NQSs2NFd6Vld1eGJldUp6MlhBcUQ0ejhXc2ZxNVZEUmlHR0xZcXBweEtHdXRGd09XaXFqRyt2TU02bHIzVHFlUXNOazJ3S1pUbk95N051NHJRUEk4QmxzWkhcLzVoa0p3TDI2dlh6NlpWSmUxdlZQcGNYZFwvcXYrTGN1S0NLWGYxYjYwY1wvY3VueENuOCtqK2lkTGticEpiWjJ5WWJ6dUREdGtBVHFITWFPUHVURzdQcFVGQUlkNjhaMHo0UjlyenlaenphVitGVXYxK3QxOUhWdXJZNHNrdXk0Zm9KXC9yakMrTHpyNXRNT1VWVnJvTXJmemIyZmM4Zks5dTZ0eWNZbTYzbEtIRXFRIiwibWFjIjoiM2ZhNjdjMGI0NmE1YjQ3NmFmYjZhNzNhZmE0ZmRkZGUxN2Y1MWJiMjkxZjBmYTEyMDBkNDE3ZWE0NWUzOTNiNyJ9; __cf_bm=qXTb3eJd.XJGCa0jxI4uqZBfF_vCaBGjeTggjwhTWMI-1668497290-0-AbfhQd3ZQEHrkrETjnrMYH6/XZJiW6wRNSmpl8sHoiMKKGOfo5Ug22w0qABaGVaWNRu8S9GTrGOo3zaAkpMAhrk=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.22.58.251
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 15 Nov 2022 07:28:10 GMT
last-modified: Wed, 09 Nov 2022 12:52:00 GMT
etag: W/"636ba270-4d7"
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a644c208c40b39-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Thu, 17 Nov 2022 07:28:10 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (1238)
Size:   655
Md5:    bc3ba461c8a309acf61b6d9c41cb6236
Sha1:   88482306ecc9258d5e9cbb9ba5314dab223a5db4
Sha256: 31331f1b1519882d2f2fb60367708fd56a7a1ec0bddd0554c635547179c7dc8f
                                        
                                            POST /cdb?profileId=207&av=34&wv=7.12.0-pre&cb=866431727&lsavail=0 HTTP/1.1 
Host: bidder.criteo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 406
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         178.250.0.165
HTTP/2 204 No Content
                                        
date: Tue, 15 Nov 2022 07:28:11 GMT
vary: Origin
server: Finatra
timing-allow-origin: *
access-control-allow-origin: https://ouo.press
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2

                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.adtrue.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Tue, 15 Nov 2022 06:41:09 GMT
expires: Tue, 15 Nov 2022 08:41:09 GMT
cache-control: public, max-age=7200
age: 2822
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   20039
Md5:    47e6f374ca946fddd5b59871b325736c
Sha1:   baa9282efc8785e84d247c3bff518eaa45f101c4
Sha256: 16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
                                        
                                            POST /ut/v3/prebid HTTP/1.1 
Host: ib.adnxs.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 535
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         37.252.171.84
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
                                        
Server: nginx/1.21.3
Date: Tue, 15 Nov 2022 07:28:11 GMT
Content-Length: 145
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://ouo.press
AN-X-Request-Uuid: 68bfbb04-c94f-486f-bc1f-a2be3d6a2d31
Set-Cookie: icu=ChkItZqGARAKGAEgASgBMIv_zJsGOAFAAUgBEIv_zJsGGAA.; SameSite=None; Path=/; Max-Age=7776000; Expires=Mon, 13-Feb-2023 07:28:11 GMT; Domain=.adnxs.com; Secure; HttpOnly uuid2=1728002334827040056; SameSite=None; Path=/; Max-Age=7776000; Expires=Mon, 13-Feb-2023 07:28:11 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   145
Md5:    fe2a69229cfe35d0a1341301b7bf8164
Sha1:   97a1294446fa10aaecf551ac95e612087ffc78ba
Sha256: f8ce2b02072b9d62d32ef6c39df728de2b7b5a9180784470ea97af8a7b2d217b
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1F54C0FA57EA62F131E173D4A365D6D2D4D10E0993EB69EAF9E27D3788A5DAF8"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2702
Expires: Tue, 15 Nov 2022 08:13:13 GMT
Date: Tue, 15 Nov 2022 07:28:11 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1F54C0FA57EA62F131E173D4A365D6D2D4D10E0993EB69EAF9E27D3788A5DAF8"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2702
Expires: Tue, 15 Nov 2022 08:13:13 GMT
Date: Tue, 15 Nov 2022 07:28:11 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1F54C0FA57EA62F131E173D4A365D6D2D4D10E0993EB69EAF9E27D3788A5DAF8"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2702
Expires: Tue, 15 Nov 2022 08:13:13 GMT
Date: Tue, 15 Nov 2022 07:28:11 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b1ce583-5604-4223-b88e-880659fdc0e7.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8025
x-amzn-requestid: c876c502-bde1-4c03-a946-7af2117240ff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bg3EUF0foAMFfyA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63703881-0594a8076fb64f570f824ad1;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 00:21:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: eWpoQ8Bkfez0fw2HBZVlPIWIrtjeS6i6V-Dn0NthrKeeDYQEYq62kQ==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Mon, 14 Nov 2022 21:49:06 GMT
etag: "1651325ad361d1c86a4b81edb6b75af27f490a39"
age: 34745
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8025
Md5:    94c82cd0e4204ea23b9bd86a3f576fa8
Sha1:   1651325ad361d1c86a4b81edb6b75af27f490a39
Sha256: 0173a565be87e87b2a8fccb3bfe4f237ddd9fdafa5711e79f0c4381882238886
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1F54C0FA57EA62F131E173D4A365D6D2D4D10E0993EB69EAF9E27D3788A5DAF8"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2702
Expires: Tue, 15 Nov 2022 08:13:13 GMT
Date: Tue, 15 Nov 2022 07:28:11 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b12e479-a09c-431c-aecf-6e63c60a01f1.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5882
x-amzn-requestid: 3269a61b-6246-42bc-a3f6-ba2fc6708c4e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bhPteF0SIAMFp8w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63705fef-48758a23646243030346d9d9;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 03:09:35 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: fXm81LDpPcdG5wr5OA5jUT_wDh8oRuNYYRmlyOdjrPzj42J5FAEOQQ==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 03:32:32 GMT
age: 14139
etag: "746804d683bea55f44d5f6456a7e69d0048e4f58"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5882
Md5:    fe4f5dc12e097182fed4de0161bc5b8a
Sha1:   746804d683bea55f44d5f6456a7e69d0048e4f58
Sha256: d8a2095cd57455bab301ae68b7478997f3db056039886d85301eb85d7d196cf4
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf07797f-dd0a-4d91-86dd-362bcde1053e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 12942
x-amzn-requestid: fd589c13-7784-4e3a-b928-908fd2b8f98a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bd8hgHQvIAMFmfQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636f0e09-29db9a7832efa131593951f2;Sampled=0
x-amzn-remapped-date: Sat, 12 Nov 2022 03:07:53 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: f-hb5cPg2rs4xJls_0z3RbITwQlh__E1X7YkHZeISA2jOm3MX0CKrA==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 14 Nov 2022 07:49:47 GMT
age: 85104
etag: "032b8bfc63294a55ff49ee7186768bd9728ce103"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   12942
Md5:    14d5eaa5fe940564f077ca611f6e3fbe
Sha1:   032b8bfc63294a55ff49ee7186768bd9728ce103
Sha256: 7bed85f8f78ba7e1fad560d0ea311a65bff33aaf5f3226bef392ddc10f52d620
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c3081d3-ef42-45da-adea-67bbc90bf9a6.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4394
x-amzn-requestid: fd389a5e-b816-4bd8-a073-2f52fea5bfab
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bnEhtFfnIAMF1rQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6372b471-133a3285137912af436daffd;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 21:34:41 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 6i-blK0B05DT_CvizlmYpcDTpDV8IZLOIrukIQPW6FISAuXa1T0FdQ==
via: 1.1 34c44cb7892e57a3b6c51812bcf68ee4.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 14 Nov 2022 21:45:53 GMT
age: 34938
etag: "d5ba3b6a069a74b5db3560a265728e627f6fe18d"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4394
Md5:    b18dc101656c2e449e5f54ff7b7fb10b
Sha1:   d5ba3b6a069a74b5db3560a265728e627f6fe18d
Sha256: 53a73577e37651a936a5841fe06e40475e06ce6fa9e14fc0590ddc7aba421dd2
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd744cf1f-bbfc-4306-bf3d-5e1e6b8b1c90.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7873
x-amzn-requestid: 4a968a3c-c6ca-4d18-83b4-6a1d42e85fee
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bef9SFIMoAMFYuw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636f46bb-2cd01e7d191b3eda7d743866;Sampled=0
x-amzn-remapped-date: Sat, 12 Nov 2022 07:09:47 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: jjir5UM8aqq3T3akiZx_aAcsWL5GDKBnaPA_cDlM2e9Ce6oi-wGEQA==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Mon, 14 Nov 2022 08:21:23 GMT
age: 83208
etag: "2c5a98ad27133575ef4fa48a8ff379ee5ad51490"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7873
Md5:    edc9d97a2396dfc326736cb9b2b3b474
Sha1:   2c5a98ad27133575ef4fa48a8ff379ee5ad51490
Sha256: a89e1e9a13b72b0a826ed77a71ec92ac5548a996f6c17b11a4c002480a429333
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92501a28-163f-4c6e-aed7-d31c29354d1e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11667
x-amzn-requestid: 4778d1bd-28c3-4665-89da-046e356087f0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bjyD1HE-oAMF0QQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637163b1-53c7330c5fd36d3c4d9e6aed;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 21:37:53 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: CHi9V7-WaWmG6Y0249CZJnhe_RjvleaGFVXoOnJ62cjrcXoLLKwzgw==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 00:41:48 GMT
age: 24383
etag: "dd4fd6c803a9b333bace9a541c6bd183d0c56bb9"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11667
Md5:    032386e5c9dffff1ba1ee5e8a322d438
Sha1:   dd4fd6c803a9b333bace9a541c6bd183d0c56bb9
Sha256: 0e9f559a0aa7e114c5810a27ba243c0da7b44dc0bf7aec2b7ab32b8f0e2b536c
                                        
                                            POST /cdb?profileId=207&av=34&wv=6.2.0&cb=23260795047 HTTP/1.1 
Host: bidder.criteo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 484
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         178.250.0.165
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Tue, 15 Nov 2022 07:28:11 GMT
vary: Origin
server: Finatra
timing-allow-origin: *
access-control-allow-origin: https://ouo.press
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-encoding: gzip
content-length: 44
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   44
Md5:    5f1dcf53824ce88cdb7941d34db3f19d
Sha1:   4164a13e3f53e1f002606a807d64a92620720fb0
Sha256: 3a803b7520764b5266cfac90aa9f9b2ff931109f489d9a1deb24aa686c239a74
                                        
                                            POST /ut/v3/prebid HTTP/1.1 
Host: ib.adnxs.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 562
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         37.252.171.84
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
                                        
Server: nginx/1.21.3
Date: Tue, 15 Nov 2022 07:28:11 GMT
Content-Length: 139
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://ouo.press
AN-X-Request-Uuid: 1f144e43-503b-4fa8-973d-cb4601866192
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   139
Md5:    17e012ff87bb96f71a838c261eee2b9f
Sha1:   0d6a7f01e50d0359507b01db5871407632c23a0b
Sha256: a22e8a1a0a95097e30469ec75543ed637c10da3f3ff3f27e500ee900f8563a6b
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3147
Cache-Control: max-age=153072
Date: Tue, 15 Nov 2022 07:28:11 GMT
Etag: "6372e630-1d7"
Expires: Thu, 17 Nov 2022 01:59:23 GMT
Last-Modified: Tue, 15 Nov 2022 01:06:56 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /ut/v3/prebid HTTP/1.1 
Host: ib.adnxs.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 681
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         37.252.171.84
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
                                        
Server: nginx/1.21.3
Date: Tue, 15 Nov 2022 07:28:11 GMT
Content-Length: 144
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://ouo.press
AN-X-Request-Uuid: b1109ded-265a-42fd-8a96-15bf4fa3dee4
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   144
Md5:    149baf939e60ec091316b1ed65bf2cc0
Sha1:   edcbfdcffa255549da859011f8ecc83ca242d390
Sha256: acc72385ba82f43138bebf740ffa3d33260ddb6b000fa33f0bcfd628ad609ef8
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 15 Nov 2022 07:28:11 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 12 Nov 2022 13:55:53 GMT
Expires: Sat, 19 Nov 2022 13:55:52 GMT
Etag: "e343ed173717c9ac3594fc7c8dc9873ee88f5f8d"
Cache-Control: max-age=368260,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76a644ca9be1b4f4-OSL

                                        
                                            GET /a/api/fastlane.json?account_id=18438&site_id=202928&zone_id=1317174&size_id=2&rp_schain=1.0,1!firstimpression.io,7419,1,,,&rf=https%3A%2F%2Fouo.press%2FPRvPzF&kw=ouo.press%2Cshortlinks%2Clinkshortener%2CfreeURLshortener&tg_i.ref=https%3A%2F%2Fouo.press%2FPRvPzF&tg_i.page=https%3A%2F%2Fouo.press%2FPRvPzF&tg_i.domain=ouo.press&tg_i.figroup=a9&tk_flint=pbjs_lite_v6.2.0&x_source.tid=363390ed-7b39-4db8-95e8-f6546a396850&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4897777454154242 HTTP/1.1 
Host: fastlane.rubiconproject.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         213.19.162.51
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx/1.21.4
date: Tue, 15 Nov 2022 07:28:12 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://ouo.press
pragma: no-cache
vary: Accept-Encoding
set-cookie: khaos=LAHW7HYU-A-8R4Y; Domain=.rubiconproject.com; Path=/; Expires=Wed, 15-Nov-2023 07:28:11 GMT; Max-Age=31536000; SameSite=None; Secure audit=1|naVuGyos1qo9THNmo7NR1+9DtVM30fCg/QqPpZXCJvHsxXGD2ikSaJZjSCqH74hcJhsHlJbldDdJwe9iGXKQTKZr5ZVxLWDe; Domain=.rubiconproject.com; Path=/; Expires=Wed, 15-Nov-2023 07:28:11 GMT; Max-Age=31536000; SameSite=None; Secure
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 348
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (348), with no line terminators
Size:   348
Md5:    33a654b3a80bb273145cf4dbca945757
Sha1:   e805ff5bbe566686702d2e1848a4cdba5fc6aa67
Sha256: e65d4a9b9bc23bd8e77d30a7eea9813af590c8d339aaaa49f62972f87d25295b
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2166
Cache-Control: max-age=165749
Date: Tue, 15 Nov 2022 07:28:12 GMT
Etag: "63731b8c-116"
Expires: Thu, 17 Nov 2022 05:30:41 GMT
Last-Modified: Tue, 15 Nov 2022 04:54:36 GMT
Server: ECS (amb/6B71)
X-Cache: HIT
Content-Length: 278

                                        
                                            POST /rmp/212927/0/mvo?z=1r&hbv=6.2,2.1 HTTP/1.1 
Host: tag.1rx.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 615
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         213.19.147.42
HTTP/2 204 No Content
                                        
date: Tue, 15 Nov 2022 07:28:12 GMT
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
pragma: no-cache
cache-control: private, max-age=0, no-cache, no-store
X-Firefox-Spdy: h2

                                        
                                            GET /a/d/adtrue.ouo.press.991771.js HTTP/1.1 
Host: jsc.adskeeper.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.18.36.64
HTTP/2 200 OK
content-type: text/javascript
                                        
date: Tue, 15 Nov 2022 07:28:12 GMT
content-length: 931
x-amz-id-2: DpAKct+ZZ8szDYgVNbB8CXlKoVt69Zzm6eUVI25PqgSFU4H5qOaoZOc2FaKbUe1Lt6Kn8tZGGlY=
x-amz-request-id: C76KDVMKZRK8NR4W
last-modified: Thu, 03 Nov 2022 11:38:04 GMT
etag: "8e8d7a0a62663d5f7c415376384593c2"
content-encoding: gzip
x-amz-version-id: SBZDoO6KUGsi9aXrwr03p7YsWy_YVSlV
cf-cache-status: HIT
age: 4516
expires: Tue, 15 Nov 2022 11:28:12 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a644cb9af90b06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2388)
Size:   931
Md5:    8e8d7a0a62663d5f7c415376384593c2
Sha1:   f7cd825a352266b8c5b4b0dfea749c967d26b22d
Sha256: 222d7503ac4a040176b2029a74c3fda84012d21742a4b7deca73243d521fc3de
                                        
                                            GET /a/d/adtrue.ouo.press.991771.es6.js HTTP/1.1 
Host: jsc.adskeeper.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.18.36.64
HTTP/2 200 OK
content-type: text/javascript
                                        
date: Tue, 15 Nov 2022 07:28:12 GMT
content-length: 77407
x-amz-id-2: WWd9x0Gq6FvGsNtCKDMctOFIq+uCBEfh9T/M/AdM6C8Q45tvN/NL0hn3dvzjvhsTm8Q8n1X6W6CfG6NVPxWmcg==
x-amz-request-id: ZQANRS00VQFHFH7W
last-modified: Thu, 03 Nov 2022 14:15:36 GMT
etag: "230cc82ca6b0866e990314cbc9027a3a"
content-encoding: gzip
x-amz-version-id: lLRYvMywT8mphRmbRVyHVkxgXiOMWoKg
cf-cache-status: HIT
age: 4516
expires: Tue, 15 Nov 2022 11:28:12 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a644cbbb0c0b06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document, ASCII text, with very long lines (33588)
Size:   77407
Md5:    230cc82ca6b0866e990314cbc9027a3a
Sha1:   82d5affc0fcc38fc96045c481adf1da072ac1d3f
Sha256: 7d10f7267c9a69a121fd36026a7b5f25e9e94b310a9ea25e7b554507d02ba5a3
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2166
Cache-Control: max-age=165749
Date: Tue, 15 Nov 2022 07:28:12 GMT
Etag: "63731b8c-116"
Expires: Thu, 17 Nov 2022 05:30:41 GMT
Last-Modified: Tue, 15 Nov 2022 04:54:36 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 278

                                        
                                            GET /cdn/prod/config?src=600&u=https%3A%2F%2Fouo.press&pubid=4cd01fd0-0780-4b33-a4da-c39467660185 HTTP/1.1 
Host: c.amazon-adsystem.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.210
HTTP/2 204 No Content
                                        
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
cache-control: max-age=21550, s-maxage=21600
date: Tue, 15 Nov 2022 03:10:28 GMT
server: Server
x-cache: Hit from cloudfront
via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: BHdW3UiEDN_QPhcA8jbBFtkTeyx3f47KtWUTnGAihArEXu-ZsKh4pQ==
age: 15463
X-Firefox-Spdy: h2

                                        
                                            GET /e/dtb/bid?src=600&u=https%3A%2F%2Fouo.press%2FPRvPzF&pid=QHY14kYsTJYWC&cb=0&ws=728x90&v=22.1107.1609&t=2000&slots=%5B%7B%22sd%22%3A%2293863%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%5D&schain=1.0%2C1!firstimpression.io%2C7419%2C1%2C%2C%2C&pubid=4cd01fd0-0780-4b33-a4da-c39467660185&gdprl=%7B%22status%22%3A%22no-cmp%22%7D HTTP/1.1 
Host: aax-dtb-cf.amazon-adsystem.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         54.230.241.131
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
                                        
content-length: 165
server: Server
date: Tue, 15 Nov 2022 07:28:12 GMT
x-amz-rid: 5XN0HSG6REEKSXPDFKCB
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
timing-allow-origin: *
strict-transport-security: max-age=47474747; includeSubDomains; preload
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: DCvMr7SaYC_Sc2ggul7kZPJ3msyfvugqdOnh0QbmtkuLjKL1yHspMw==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   165
Md5:    524702d9c4ac8c61e27c3d850412f10f
Sha1:   199d4d5b602799e1a01577115d249b9707dbf37a
Sha256: 7e4302335da0ce23c817a82d8d34836aef6ef7fb136f731d4ba29a7e4d762a7b
                                        
                                            GET /sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1 HTTP/1.1 
Host: gum.criteo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         178.250.0.157
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Tue, 15 Nov 2022 07:28:11 GMT
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://ouo.press
server-processing-duration-in-ticks: 1032754
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6445
Cache-Control: max-age=129752
Date: Tue, 15 Nov 2022 07:28:12 GMT
Etag: "63727e37-138"
Expires: Wed, 16 Nov 2022 19:30:44 GMT
Last-Modified: Mon, 14 Nov 2022 17:43:19 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 312

                                        
                                            GET /dna HTTP/1.1 
Host: dnacdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         178.250.0.157
HTTP/2 200 OK
                                        
date: Tue, 15 Nov 2022 07:28:12 GMT
server: Kestrel
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=4h5KdV80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3cyOUJZUktXR2todDNqcnE1Y04lMkYlMkJqJTJCeHJVSHhnUUowbVEzdEluUUVOWEk; expires=Sun, 10 Dec 2023 07:28:12 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 322943
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1410
Cache-Control: max-age=96984
Date: Tue, 15 Nov 2022 07:28:12 GMT
Etag: "637211e2-138"
Expires: Wed, 16 Nov 2022 10:24:36 GMT
Last-Modified: Mon, 14 Nov 2022 10:01:06 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 312

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1410
Cache-Control: max-age=96984
Date: Tue, 15 Nov 2022 07:28:12 GMT
Etag: "637211e2-138"
Expires: Wed, 16 Nov 2022 10:24:36 GMT
Last-Modified: Mon, 14 Nov 2022 10:01:06 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 312

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "2C3C1BEC39DBEB3E9AC92ED750F28ED5DE134B1756B3EFCAB866608657EF866C"
Last-Modified: Mon, 14 Nov 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3132
Expires: Tue, 15 Nov 2022 08:20:25 GMT
Date: Tue, 15 Nov 2022 07:28:13 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 15 Nov 2022 07:28:13 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 13 Nov 2022 02:41:37 GMT
Expires: Sun, 20 Nov 2022 02:41:36 GMT
Etag: "ef7551f02d61e49ccbbd7c76687225092d8cea28"
Cache-Control: max-age=414202,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76a644d4ef36b4f4-OSL

                                        
                                            POST /g/v2/806.json HTTP/1.1 
Host: id5-sync.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 193
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         141.95.98.64
HTTP/1.1 200
content-type: application/json;charset=UTF-8
                                        
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
transfer-encoding: chunked
date: Tue, 15 Nov 2022 07:28:13 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   216
Md5:    fdb27e246078db82db6af51d1e2e34f5
Sha1:   0d4c39302d27e2e8c47a5cd801574bb7858a8a13
Sha256: a791d43dd43eb9259dfefdbe10f60364105e8bb3a47b79bf705ce930f392bf4f
                                        
                                            GET /sid/json?origin=publishertag&domain=ouo.press&sn=FirefoxSyncframe&so=3&topUrl=ouo.press&bundle=WOcY219BbUVSeTM2b0xmTGUwS1Rha2tXQ1dFSFdlSkcwNElpdjhPbUlmSmhJaWZiZFRMekNSaUwlMkJkQjYlMkZnWFZKclZGSXR4cjFrZ0Z6VkV1OGNBV0dmYUs5NXI4Z2c4Q0x4dGp4WjBIdG1jWlREc2p0R0RscU5qMEVoNmdCTUhYS0RKTm4&info=xSgETV80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3cyOUJZUktXR2todDNqcnE1Y04lMkYlMkJoelc1YWpjNnUyc0VrZ0UlMkJZbUJjM0k&idsd=1647335484,1573851783&cw=1&lsw=1 HTTP/1.1 
Host: gum.criteo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ouo.press
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         178.250.0.157
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Tue, 15 Nov 2022 07:28:11 GMT
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 975137
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1737
Md5:    289d5efa29a79a8324a5c03bd048b1a8
Sha1:   aea35004ccb277de8911c0b3dd49e4194db7f629
Sha256: ba15b6ef92b67219a572083e7254752c91ca24aa6b5795f937542897973001f9
                                        
                                            GET /api/identity/envelope?pid=1258 HTTP/1.1 
Host: api.rlcdn.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.133.55
HTTP/2 401 Unauthorized
content-type: text/plain; charset=utf-8
                                        
x-content-type-options: nosniff
date: Tue, 15 Nov 2022 07:28:13 GMT
content-length: 19
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   19
Md5:    63dfbd2b39fe4f536a04e7b32ada47b4
Sha1:   207298c4a215ad5d97d888522927910ae772ba48
Sha256: 26e51290d12b4fea0bb98da3ed118837b744555ba723061771ab3df30000b6b7
                                        
                                            GET /track/rid?ttd_pid=pubmatic&fmt=json HTTP/1.1 
Host: match.adsrvr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         3.33.220.150
HTTP/2 500 Internal Server Error
content-type: text/html; charset=utf-8
                                        
date: Tue, 15 Nov 2022 07:28:13 GMT
content-length: 3495
cache-control: private
x-aspnet-version: 4.0.30319
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (379), with CRLF line terminators
Size:   3495
Md5:    9f725a31fe780e5ea72b653e7c615636
Sha1:   8dc2f425fa0808b7e95ac12e4ab9331eb405f8a9
Sha256: 1de262be26d4ed1c9c57765cc0d7d8f486202876cdeaa3b3cd2817ae3a47c2dc
                                        
                                            POST / HTTP/1.1 
Host: ocsp.godaddy.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         192.124.249.24
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Sucuri/Cloudproxy
Date: Tue, 15 Nov 2022 07:28:13 GMT
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 14 Nov 2022 21:21:16 GMT
Expires: Tue, 15 Nov 2022 21:21:16 GMT
ETag: "764b649a691c4b6bcd93ede1db8322d6600ce3a2"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"


--- Additional Info ---
Magic:  data
Size:   1777
Md5:    09d3a62c169f77d5d799943cc4455c22
Sha1:   764b649a691c4b6bcd93ede1db8322d6600ce3a2
Sha256: 285ed1f8925b074f8991c09435f29cdb411bc19a9d2ba8a6428b8f98f915552c
                                        
                                            GET /id HTTP/1.1 
Host: id.crwdcntrl.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         54.195.100.225
HTTP/2 200 OK
content-type: application/json;charset=utf-8
                                        
date: Tue, 15 Nov 2022 07:28:13 GMT
content-length: 43
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.20.177
access-control-allow-credentials: true
access-control-allow-origin: https://ouo.press
server: Jetty(9.4.38.v20210224)
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   43
Md5:    90eeff5111bbbdce769d4130cc3cca3c
Sha1:   d62886c1a85d51814cb7f124761c5e6aca6d8933
Sha256: a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 15 Nov 2022 07:28:13 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 13 Nov 2022 02:41:37 GMT
Expires: Sun, 20 Nov 2022 02:41:36 GMT
Etag: "ef7551f02d61e49ccbbd7c76687225092d8cea28"
Cache-Control: max-age=414202,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76a644d5986db4f4-OSL

                                        
                                            GET /AdServer/js/user_sync.html?kdntuid=1&p=155495 HTTP/1.1 
Host: ads.pubmatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.38.200.201
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
server: Apache
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5549
cache-control: max-age=47624
expires: Tue, 15 Nov 2022 20:41:58 GMT
date: Tue, 15 Nov 2022 07:28:14 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document, ASCII text, with very long lines (15844), with no line terminators
Size:   5549
Md5:    7725e8e949141c8ded449d86975d4c04
Sha1:   8cd8c314a2002cc26f821d331ab9512f52a551a2
Sha256: a0c49aacf6f552bce544eb8516404f696918253cd934a6404ebeafd71f8780ae
                                        
                                            OPTIONS /sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&pbt=1&lsw=1 HTTP/1.1 
Host: gum.criteo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://ouo.press/
Origin: https://ouo.press
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         178.250.0.157
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Tue, 15 Nov 2022 07:28:14 GMT
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://ouo.press
server-processing-duration-in-ticks: 521449
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2

                                        
                                            GET /AdServer/js/cl_partner.html?pid=2&gdpr=0&gdpr_consent=&rdu=https%3A%2F%2Fsimage4.pubmatic.com%2FAdServer%2FSPug%3Fo%3D3%26u%3DC382F3C5-8262-49CC-A15F-3995D2B81973%26vcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%23%23P_UID HTTP/1.1 
Host: ads.pubmatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simage4.pubmatic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers

search
                                         23.38.200.201
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: Apache
last-modified: Wed, 17 Aug 2016 09:36:32 GMT
etag: "fa18f0-6b8-53a413358bd01"
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 953
cache-control: max-age=131971
expires: Wed, 16 Nov 2022 20:07:46 GMT
date: Tue, 15 Nov 2022 07:28:15 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document, ASCII text, with very long lines (1720), with no line terminators
Size:   953
Md5:    499546dec064c08e4c7c354bab138f7f
Sha1:   f155d071d071e4e7c1d45e22943915df9d9f2b75
Sha256: 1a9219bc3962479cfa6ff0ca64e2f810aab8b816ae4f937b252d0ca044d693b4
                                        
                                            GET /dna HTTP/1.1 
Host: dnacdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=4h5KdV80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3cyOUJZUktXR2todDNqcnE1Y04lMkYlMkJqJTJCeHJVSHhnUUowbVEzdEluUUVOWEk
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         178.250.0.157
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Tue, 15 Nov 2022 07:28:12 GMT
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=xSgETV80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3cyOUJZUktXR2todDNqcnE1Y04lMkYlMkJoelc1YWpjNnUyc0VrZ0UlMkJZbUJjM0k; expires=Sun, 10 Dec 2023 07:28:12 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 295015
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /newidsd HTTP/1.1 
Host: ag.gbc.criteo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

search
                                         178.250.6.245
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Tue, 15 Nov 2022 07:28:12 GMT
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 103235
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /PRvPzF HTTP/1.1 
Host: ouo.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         104.22.22.162
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
                                        
date: Tue, 15 Nov 2022 07:28:10 GMT
location: https://ouo.press/PRvPzF
cache-control: no-cache
set-cookie: ouoio_session=eyJpdiI6IkpIam5CMm1vbjF6b2JPMSs2dk9Od3c4S1QzWWl6bWlLWWVqN2F4XC9UUWhNPSIsInZhbHVlIjoia0xSQThaY1NpSXVvaU9RdThPY1BcL1d0NytBZndkVUVqMU5ZUmFPaEtYMlVxMUROZkxQSFROSjF5N2t4SEFZQ0ZqNW55OE5RbEhTSEhidHdoQlVCOTlnPT0iLCJtYWMiOiIwY2ZiYzc2ZTMwMTRmYjNhYjJjMzczZTk4ZjIyNjJjYTFmYWMwNjk2YjU0NmJkYzQ5MzVhZWRhODIxZmJkYmEzIn0%3D; path=/; httponly language=eyJpdiI6InMrMFErVUUycVpWYjdaZnQ2NmswZDVLdlwvTk1QSWZzMm5HdVFNeGdxaGljPSIsInZhbHVlIjoicjF2Z1hveTVJeG0remFNeCtKUlVFdDh2VzJTcVZJWE5BZklGZkZpVUl3Zz0iLCJtYWMiOiI0YWJhNGE1YWNjOThjMTMxOTNlMGQ5MGM3YTY0OWUwM2RmMjIyZGVmNjNjZDI1YmZhOGFmZTRkZDM0YmRiOGQ5In0%3D; expires=Sun, 14-Nov-2027 07:28:10 GMT; Max-Age=157680000; path=/; httponly 1fa83b929448734c97264a6faa29bfe2ef2a8b38=eyJpdiI6IlVybUpOaW5qS1J4a0I3Z0cxa3gxK2pZTlluZkx1S3ZmQTRhZzRxQzF3UDg9IiwidmFsdWUiOiJzRHRHbnBZSjZXTXRlYWc2U2xWZEdISlEzNjNZNEpIUlB1eFhnc1J1QVUzV245ZHYranRuN2VzN1c2K3hGM2d5b3RmN1BxOUdNc1M4NnIyOVR1YjZvT054b1VwWmNNXC9TK0crOVpRb2RPdno4ZW9sR2pOVWdVWmR6a0c1b2wyTEJHb1pPQ04xNnR1Zm5nRElBOGdrbTIxSytRMWFEZ29cL2xPTXZqSEg3MzZiS2hiUTU1UVwvUU9SWjErc0xLaHZuWWh2NXZuTERYOXhpNVBFRTF1blluQjlwd1FPbTBaeU5kSktSVTZQRWFQaUljZFBHQ1owQkVlbzFtNWpuWHRoQW9VckdzeCtNdzNEWm04eDY2clNnaXJjZyt6a1l0bUpNU0RcLzFYanAxbjZuSTNBVmhLVEVqbDUxRVc3MHoxXC9QWjlGZTYrQ3VqWER0XC9OY0lQVEJvTXJpenc9PSIsIm1hYyI6IjQyYWM1ZmJjMGQzYzM4MThiNTgxNjE4NmZiMjIwZWEzMTY0YzViYjRiNTBhODM1MzY2OTYwYjI5YjRiYjMyMWQifQ%3D%3D; expires=Tue, 15-Nov-2022 09:28:10 GMT; Max-Age=7200; path=/; httponly
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 76a644bd98b0fac0-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /static/js/fiamp.js HTTP/1.1 
Host: ecdn.firstimpression.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.77
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx/1.20.0
last-modified: Fri, 08 Apr 2022 08:48:22 GMT
access-control-allow-origin: *
content-encoding: gzip
date: Tue, 15 Nov 2022 06:30:09 GMT
expires: Tue, 15 Nov 2022 07:29:54 GMT
cache-control: max-age=3600
etag: W/"624ff6d6-1b8e9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: r0hOoIlnDmU-_FkKkzMzl3_Sd6Ltk614k693ghEhuTaRo97WeEOk6w==
age: 3497
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /fi_client.js HTTP/1.1 
Host: ecdn.firstimpression.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         54.230.111.77
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 15 Nov 2022 07:21:53 GMT
server: nginx/1.20.0
x-powered-by: PHP/8.0.14
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 07:21:53 UTC
etag: W/"5e79c0170408096d20915075f22b0a5a"
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 6fiDw3HDMueYUlzD0EnXJ_V4l-INsrb-wXh6XR8CLzLKtZxOwvHpYQ==
age: 377
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /AdServer/SPug?o=1&p=155495&sc=1&u=C382F3C5-8262-49CC-A15F-3995D2B81973&rs=3&gdpr=0&gdpr_consent=&us_privacy= HTTP/1.1 
Host: simage4.pubmatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site

search
                                         198.47.127.20
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
server: nginx
date: Tue, 15 Nov 2022 07:28:14 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /delivery/spc_fi.php?id=7419&url=%2FPRvPzF&charset=UTF-8&ch=7&ref=ouo.press&viewerId=null&referer=&_firid=22097012 HTTP/1.1 
Host: cdn.firstimpression.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.77
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
                                        
date: Tue, 15 Nov 2022 07:28:11 GMT
server: nginx/1.20.0
vary: Accept-Encoding
x-powered-by: PHP/8.0.14
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
expires: 0
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
p3p: CP="CUR ADM OUR NOR STA NID"
set-cookie: OAID=GDPR; expires=Wed, 15-Nov-2023 07:28:11 GMT; Max-Age=31536000; path=/; secure; SameSite=none
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: rdnRPc2-i75LlIK1BQTqf3jey62kOnyoeMKY1ckjT7Bo2fxf7nEBOw==
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /bao-csm/aps-comm/aps_csm.js HTTP/1.1 
Host: c.amazon-adsystem.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.210
HTTP/2 200 OK
content-type: application/javascript
                                        
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 08 Nov 2022 20:12:15 GMT
x-amz-version-id: 73Lfxs6DHpOgTaZAZUymb39ifEt2PRR2
server: AmazonS3
content-encoding: gzip
date: Tue, 15 Nov 2022 02:33:16 GMT
cache-control: public, max-age=86400
etag: W/"a4d296427fc806b21335359e398c025c"
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: NFRv8qzD-zq_bgLteJY4-nE_9Pv44fNEpXlnext5llGt2CXT2m7AvQ==
age: 17697
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /js/ld/publishertag.prebid.123.js HTTP/1.1 
Host: static.criteo.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         178.250.2.130
HTTP/2 200 OK
content-type: text/javascript
                                        
server: nginx
date: Tue, 15 Nov 2022 07:28:12 GMT
last-modified: Tue, 03 May 2022 11:21:03 GMT
etag: W/"6271101f-15b58"
expires: Wed, 16 Nov 2022 07:28:12 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /js/ld/publishertag.prebid.js HTTP/1.1 
Host: static.criteo.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         178.250.2.130
HTTP/2 200 OK
content-type: text/javascript
                                        
server: nginx
date: Tue, 15 Nov 2022 07:28:12 GMT
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
etag: W/"6356752f-16294"
expires: Wed, 16 Nov 2022 07:28:12 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&pbt=1&lsw=1 HTTP/1.1 
Host: gum.criteo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         178.250.0.157
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Tue, 15 Nov 2022 07:28:14 GMT
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://ouo.press
server-processing-duration-in-ticks: 1114679
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /css/bootstrap.css HTTP/1.1 
Host: ouo.press
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/PRvPzF
Cookie: ouoio_session=eyJpdiI6ImJ2VEh1d3A0aFN0ZXBYT2hydHU5Uisyc0ZsR2JVV1M4QTVKdzBVRyt3UkU9IiwidmFsdWUiOiJCVkV0ZXFEcmFtcXZmQ3dUWENMZjdvd3FxcEVYcm9SQVwvWDdkcGJVOWVVaEk5RVRPcWlBd25HcmllK2xpXC9RRjlyUHExMVJ5NEJhZnVOc0JmZGN0WWxRPT0iLCJtYWMiOiI2NjMzMTE5Y2Q4YzYzYmRjZTJkZmEzOTIzYjdjZjM3MThhNWZlZDdiNmJlMTU0OGE5ZGUwYWU4Y2EwOTQ0ZTNkIn0%3D; language=eyJpdiI6IjczdXVzN3h5VzJqOU93NGxFT2NaTGh5TG90Z1A4dVFFcmZXMW1KTGd1MFU9IiwidmFsdWUiOiJnYXA0cWlkYnRrSWdJdlhxMVh5WjhTODRKQ3dXQVBLcmJYWTVXaEdCZFo4PSIsIm1hYyI6IjJmNjYzYzkyY2IyN2FkODVmNGI4ZjdjN2RiZTUxYmRkNDNiY2FhZWFmNjg4YWQwNjI1NjU3MjFhMzUyYjk1YjcifQ%3D%3D; 2d7b6492a0d90b4d7a580d52d3a9df09456b9a1f=eyJpdiI6IkRpN2IyeVZJb29rK09mempMaDloNHlPTmhadUZLclhHcGZ3eXkzb0E2SGM9IiwidmFsdWUiOiJFZStDdjhkaVRQS2pNalRQWTlKT016WWErT09ESDBHOSthVmlmTmJjUjUrNGQ4bXlsRDlBOFNBbitraVNSa1VwOWh6VWUzT1c0SmtraHpCaVdYa3hiUHFXRXdlVmw5a1pPWk9BaFI3MTNmS2lscnh1Mmh0N2p3V21NQSs2NFd6Vld1eGJldUp6MlhBcUQ0ejhXc2ZxNVZEUmlHR0xZcXBweEtHdXRGd09XaXFqRyt2TU02bHIzVHFlUXNOazJ3S1pUbk95N051NHJRUEk4QmxzWkhcLzVoa0p3TDI2dlh6NlpWSmUxdlZQcGNYZFwvcXYrTGN1S0NLWGYxYjYwY1wvY3VueENuOCtqK2lkTGticEpiWjJ5WWJ6dUREdGtBVHFITWFPUHVURzdQcFVGQUlkNjhaMHo0UjlyenlaenphVitGVXYxK3QxOUhWdXJZNHNrdXk0Zm9KXC9yakMrTHpyNXRNT1VWVnJvTXJmemIyZmM4Zks5dTZ0eWNZbTYzbEtIRXFRIiwibWFjIjoiM2ZhNjdjMGI0NmE1YjQ3NmFmYjZhNzNhZmE0ZmRkZGUxN2Y1MWJiMjkxZjBmYTEyMDBkNDE3ZWE0NWUzOTNiNyJ9; __cf_bm=qXTb3eJd.XJGCa0jxI4uqZBfF_vCaBGjeTggjwhTWMI-1668497290-0-AbfhQd3ZQEHrkrETjnrMYH6/XZJiW6wRNSmpl8sHoiMKKGOfo5Ug22w0qABaGVaWNRu8S9GTrGOo3zaAkpMAhrk=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.22.58.251
HTTP/2 200 OK
content-type: text/css
                                        
date: Tue, 15 Nov 2022 07:28:10 GMT
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=109522
etag: W/"54def1fc-1abd2"
expires: Tue, 15 Nov 2022 08:55:54 GMT
last-modified: Sat, 14 Feb 2015 06:58:04 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 37936
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a644c1f8a60b39-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /rtb/async.js HTTP/1.1 
Host: cdn.adtrue.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         172.67.144.172
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 15 Nov 2022 07:28:10 GMT
last-modified: Mon, 16 Nov 2020 01:20:45 GMT
etag: W/"5fb1d3ed-1c9f"
expires: Sun, 24 Sep 2023 03:46:20 GMT
cache-control: max-age=31104000
access-control-allow-origin: *
cf-cache-status: HIT
age: 4074110
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B8FKvBi0PCDuvgZeiIbNhszhkQPynSNMrhZ00c2o%2BgB9kITtC50kL1d6y76QQ8hQZ%2FSmQxxaJDu5KuBIG3J7QJiOtlrc7OaslfjgcPkThw0vK%2F73H75roue1E2dNORZYxA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a644c22a8cb4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /static/js/prebidamp.js HTTP/1.1 
Host: ecdn.firstimpression.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.77
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx/1.20.0
last-modified: Tue, 14 Dec 2021 15:30:51 GMT
access-control-allow-origin: *
content-encoding: gzip
date: Tue, 15 Nov 2022 07:10:24 GMT
expires: Tue, 15 Nov 2022 08:10:24 GMT
cache-control: max-age=3600
etag: W/"61b8b8ab-4e128"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 791KQxNSPXup_4m6kOATZ8Cx8nzmD7xFEnpW6eUNICCTbWhP9EqkOA==
age: 1067
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            POST /delivery/lg.php?bannerid=65637%7C65638%7C65639%7C83411%7C93863%7C100721&campaignid=18%7C15%7C9%7C44%7C43%7C22&zoneid=110459%7C110459%7C110459%7C110459%7C110459%7C110459 HTTP/1.1 
Host: cdn.firstimpression.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Cookie: OAID=GDPR
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.77
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Tue, 15 Nov 2022 07:28:11 GMT
server: nginx/1.20.0
vary: Accept-Encoding
x-powered-by: PHP/8.0.14
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
expires: 0
access-control-allow-origin: https://ouo.press
p3p: CP="CUR ADM OUR NOR STA NID"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: bg9AKdnxwllM19yhUKDbD0UqDq-7WFwnqjSXfcimRtsoO_B7xwuBwA==
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            OPTIONS /sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1 HTTP/1.1 
Host: gum.criteo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://ouo.press/
Origin: https://ouo.press
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         178.250.0.157
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Tue, 15 Nov 2022 07:28:11 GMT
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://ouo.press
server-processing-duration-in-ticks: 445877
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---