Overview

URL ouo.io/0uJJTL
IP172.67.6.151
ASNCLOUDFLARENET
Location United States
Report completed2022-09-19 21:29:18 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-19 2 itineraryupper.com/ed/36/01/ed36014633829dc70a42dccaefdf3f11.js Malware
mnemonic secure dns  No alerts detected
Quad9 DNS
Scan Date Severity Indicator Comment
2022-09-19 2 unseenreport.com Sinkholed
2022-09-19 2 forgerylimit.com Sinkholed
2022-09-19 2 forgerylimit.com Sinkholed
2022-09-19 2 forgerylimit.com Sinkholed
2022-09-19 2 forgerylimit.com Sinkholed


Files

No files detected



Passive DNS (75)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS ad.doubleclick.net (1) 186 2013-05-06 20:24:43 UTC 2022-09-19 05:19:09 UTC 216.58.207.198
mnemonic passive DNS fptadtrue-d.openx.net (1) 50626 2017-10-16 10:35:43 UTC 2022-09-14 11:51:40 UTC 35.244.159.8
mnemonic passive DNS gum.criteo.com (7) 381 2015-01-22 10:58:57 UTC 2022-09-19 13:00:55 UTC 178.250.2.146
mnemonic passive DNS forgerylimit.com (4) 0 2022-08-13 02:34:51 UTC 2022-09-19 12:28:07 UTC 192.243.59.20 Unknown ranking
mnemonic passive DNS acdn.adnxs.com (1) 573 2015-11-11 13:40:40 UTC 2022-09-19 05:47:14 UTC 23.38.200.189
mnemonic passive DNS dnacdn.net (2) 3760 2019-09-02 15:07:45 UTC 2022-09-19 05:20:06 UTC 178.250.2.146
mnemonic passive DNS sync.dmp.otm-r.com (1) 19534 2017-02-03 07:19:51 UTC 2022-09-19 17:53:18 UTC 88.99.28.61
mnemonic passive DNS ib.adnxs.com (5) 241 2012-05-23 22:36:14 UTC 2022-09-19 06:14:20 UTC 37.252.172.123
mnemonic passive DNS cdn.jsdelivr.net (1) 439 2012-09-30 00:15:09 UTC 2022-09-19 04:27:13 UTC 151.101.85.229
mnemonic passive DNS fastlane.rubiconproject.com (1) 459 2017-01-30 04:49:40 UTC 2022-09-19 04:33:36 UTC 213.19.162.41
mnemonic passive DNS itineraryupper.com (1) 280787 2020-07-23 02:40:11 UTC 2022-09-18 21:56:29 UTC 192.243.61.225
mnemonic passive DNS hbopenbid.pubmatic.com (1) 455 2018-01-08 12:15:02 UTC 2022-09-19 04:36:07 UTC 185.64.190.77
mnemonic passive DNS ocsp.globalsign.com (2) 2075 2012-05-25 06:20:55 UTC 2022-09-19 04:37:12 UTC 104.18.20.226
mnemonic passive DNS id5-sync.com (2) 504 2017-01-25 21:02:34 UTC 2022-09-19 04:33:36 UTC 162.19.138.118
mnemonic passive DNS ag.gbc.criteo.com (1) 5925 2018-12-17 13:17:41 UTC 2022-09-19 14:31:50 UTC 185.235.84.132
mnemonic passive DNS fonts.googleapis.com (1) 8877 2014-07-21 13:19:55 UTC 2022-09-19 20:33:07 UTC 216.58.211.10
mnemonic passive DNS cdn.yourwebbars.com (1) 62037 2021-01-29 17:47:27 UTC 2022-09-19 19:41:35 UTC 172.67.74.218
mnemonic passive DNS ouo.press (5) 89754 2016-07-27 01:12:12 UTC 2022-09-19 04:30:02 UTC 172.67.22.15
mnemonic passive DNS simplewebanalysis.com (1) 0 2022-02-25 04:06:25 UTC 2022-09-19 06:19:34 UTC 3.64.106.196 Unknown ranking
mnemonic passive DNS cm.adform.net (1) 1667 2015-03-30 07:47:01 UTC 2022-09-19 04:38:54 UTC 37.157.6.252
mnemonic passive DNS static.criteo.net (1) 652 2015-06-24 06:04:54 UTC 2022-09-19 07:47:26 UTC 178.250.2.130
mnemonic passive DNS gem.gbc.criteo.com (1) 6039 2019-02-06 06:21:41 UTC 2022-09-19 14:31:50 UTC 178.250.6.78
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-19 04:30:26 UTC 34.117.237.239
mnemonic passive DNS tag.1rx.io (1) 1330 2016-03-31 02:49:07 UTC 2022-09-19 14:07:07 UTC 213.19.147.42
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-09-19 17:59:09 UTC 143.204.55.35
mnemonic passive DNS ocsp.digicert.com (18) 86 2012-05-21 07:02:23 UTC 2022-09-19 19:46:33 UTC 93.184.220.29
mnemonic passive DNS ocsp2.globalsign.com (1) 1544 2012-05-21 07:12:19 UTC 2022-09-19 04:47:53 UTC 104.18.21.226
mnemonic passive DNS img-getpocket.cdn.mozilla.net (5) 1631 2017-09-01 03:40:57 UTC 2022-09-19 15:23:45 UTC 34.120.237.76
mnemonic passive DNS ecdn.firstimpression.io (2) 18146 2017-08-11 09:25:19 UTC 2022-09-19 18:09:26 UTC 54.230.111.77
mnemonic passive DNS cdn.sb4you1.com (5) 22321 2021-09-16 11:26:58 UTC 2022-09-19 20:35:20 UTC 172.64.200.2
mnemonic passive DNS content.zeotap.com (1) 25145 2021-06-04 11:20:07 UTC 2022-09-19 16:57:02 UTC 104.22.25.87
mnemonic passive DNS r3.o.lencr.org (14) 344 2020-12-02 08:52:13 UTC 2022-09-19 04:28:44 UTC 23.36.77.32
mnemonic passive DNS js-sec.indexww.com (1) 663 2015-05-13 07:47:54 UTC 2022-09-19 05:50:03 UTC 23.38.200.248
mnemonic passive DNS sync.viavideo.digital (1) 0 2022-03-03 12:44:15 UTC 2022-09-12 14:50:39 UTC 141.94.202.176 Unknown ranking
mnemonic passive DNS sync.hhkld.com (1) 0 2022-08-10 18:12:23 UTC 2022-09-19 20:25:04 UTC 141.94.202.176 Unknown ranking
mnemonic passive DNS viavideo.digital (3) 0 2021-11-04 15:26:31 UTC 2022-09-18 21:56:15 UTC 141.94.202.176 Unknown ranking
mnemonic passive DNS status.geotrust.com (2) 3662 2017-12-01 08:55:31 UTC 2022-09-19 05:04:03 UTC 93.184.220.29
mnemonic passive DNS jsc.adskeeper.com (1) 31191 2020-07-04 10:58:29 UTC 2022-09-19 18:04:29 UTC 104.18.4.42
mnemonic passive DNS match.adsrvr.org (1) 349 2012-08-07 19:20:17 UTC 2022-09-19 04:59:57 UTC 52.223.40.198
mnemonic passive DNS ecdn.analysis.fi (1) 22604 2021-04-26 06:44:49 UTC 2022-09-19 18:09:26 UTC 54.230.111.87
mnemonic passive DNS rtb.viavideo.digital (1) 0 2022-09-07 09:17:46 UTC 2022-09-18 21:56:15 UTC 141.94.202.176 Unknown ranking
mnemonic passive DNS www.googletagmanager.com (1) 75 2012-12-25 14:52:06 UTC 2022-09-19 04:27:30 UTC 142.250.74.72
mnemonic passive DNS c.amazon-adsystem.com (3) 300 2013-12-19 15:10:01 UTC 2022-09-19 04:51:28 UTC 54.230.111.210
mnemonic passive DNS sync.vicodes.com (1) 0 2022-08-10 18:12:24 UTC 2022-09-12 14:50:42 UTC 141.94.202.176 Unknown ranking
mnemonic passive DNS ads.pubmatic.com (3) 469 2012-10-30 07:42:53 UTC 2022-09-19 04:52:59 UTC 23.38.200.201
mnemonic passive DNS ocsp.sectigo.com (4) 487 2018-12-17 11:31:55 UTC 2022-09-19 13:34:16 UTC 104.18.32.68
mnemonic passive DNS ouo.io (2) 50761 2015-02-15 06:06:38 UTC 2022-09-19 04:29:50 UTC 104.22.22.162
mnemonic passive DNS pixel.rubiconproject.com (1) 314 2012-10-09 03:17:38 UTC 2022-09-19 04:33:41 UTC 213.19.162.90
mnemonic passive DNS cdn.firstimpression.io (2) 18692 2021-01-03 16:41:33 UTC 2022-09-19 07:15:00 UTC 54.230.111.77
mnemonic passive DNS e1.o.lencr.org (3) 6159 2021-08-20 07:36:30 UTC 2022-09-19 04:36:28 UTC 23.36.77.32
mnemonic passive DNS id.crwdcntrl.net (1) 1695 2020-11-30 15:11:25 UTC 2022-09-19 20:13:23 UTC 52.18.161.218
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-19 04:39:15 UTC 44.237.239.70
mnemonic passive DNS www.gstatic.com (1) 0 2016-07-26 09:37:06 UTC 2022-09-19 17:24:44 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS ocsp.godaddy.com (2) 698 2012-05-20 19:28:57 UTC 2022-09-19 04:29:14 UTC 192.124.249.24
mnemonic passive DNS ads.betweendigital.com (1) 1571 2012-10-30 05:08:04 UTC 2022-09-19 20:15:36 UTC 188.42.196.115
mnemonic passive DNS api.rlcdn.com (1) 791 2018-09-26 05:12:06 UTC 2022-09-19 05:50:04 UTC 34.120.133.55
mnemonic passive DNS ru.hhkld.com (1) 0 2022-07-23 18:50:26 UTC 2022-09-18 21:56:15 UTC 141.94.202.176 Unknown ranking
mnemonic passive DNS tv.gourdycortes.com (1) 0 2022-05-16 14:48:14 UTC 2022-09-18 21:56:14 UTC 23.109.170.49 Unknown ranking
mnemonic passive DNS hhkld.com (6) 0 2022-06-21 06:07:08 UTC 2022-09-18 21:56:14 UTC 141.94.202.176 Unknown ranking
mnemonic passive DNS ssum-sec.casalemedia.com (1) 509 2014-06-23 13:16:59 UTC 2022-09-19 10:27:19 UTC 104.18.18.126
mnemonic passive DNS fonts.gstatic.com (1) 0 2014-08-29 13:43:22 UTC 2022-09-19 04:27:25 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS bidder.criteo.com (2) 750 2017-01-30 05:01:16 UTC 2022-09-19 13:58:32 UTC 178.250.2.131
mnemonic passive DNS aax-dtb-cf.amazon-adsystem.com (1) 0 2022-06-17 10:06:30 UTC 2022-09-19 04:52:58 UTC 54.230.241.131 Domain (amazon-adsystem.com) ranked at: 3190
mnemonic passive DNS simage4.pubmatic.com (1) 1129 2013-08-22 13:21:53 UTC 2022-09-19 12:23:40 UTC 185.64.190.81
mnemonic passive DNS hhklc.com (1) 0 2022-06-12 16:30:56 UTC 2022-09-18 21:56:14 UTC 104.21.70.122 Unknown ranking
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-19 04:39:15 UTC 143.204.55.35
mnemonic passive DNS ap.lijit.com (1) 666 2012-05-25 18:17:20 UTC 2022-09-19 12:23:40 UTC 216.52.2.19
mnemonic passive DNS www.google-analytics.com (1) 40 2012-10-03 01:04:21 UTC 2022-09-19 17:51:17 UTC 142.250.74.174
mnemonic passive DNS cdn.adtrue.com (1) 52823 2016-08-12 06:28:31 UTC 2022-09-14 21:34:00 UTC 172.64.160.3
mnemonic passive DNS ocsp.sca1b.amazontrust.com (1) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 54.230.245.100
mnemonic passive DNS prebid.a-mo.net (1) 1148 2020-07-14 17:45:55 UTC 2022-09-19 06:13:59 UTC 147.75.85.234
mnemonic passive DNS unseenreport.com (1) 0 2022-03-30 14:33:17 UTC 2022-09-19 05:12:33 UTC 192.243.59.20 Unknown ranking
mnemonic passive DNS www.google.com (1) 7 2016-08-04 12:36:31 UTC 2022-09-19 11:41:45 UTC 142.250.74.164
mnemonic passive DNS widgets.outbrain.com (1) 1272 2012-05-22 16:25:59 UTC 2022-09-19 12:38:11 UTC 23.38.201.81
mnemonic passive DNS ocsp.pki.goog (9) 175 2017-06-14 07:23:31 UTC 2022-09-19 04:27:19 UTC 142.250.74.3


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 172.67.6.151

Date UQ / IDS / BL URL IP
2022-12-03 23:04:34 +0000
0 - 0 - 8 ouo.io/st/TF37tJmc/?s=uptobox.com/o1ej5l3t13hg 172.67.6.151
2022-12-03 19:14:01 +0000
0 - 0 - 10 ouo.io/2qvJV9 172.67.6.151
2022-12-03 08:03:02 +0000
0 - 0 - 10 ouo.io/y65VpC 172.67.6.151
2022-11-30 16:14:42 +0000
0 - 0 - 11 ouo.io/tK4WeN 172.67.6.151
2022-11-29 18:01:37 +0000
0 - 0 - 11 ouo.io/p3tQCUw 172.67.6.151

Last 5 reports on ASN: CLOUDFLARENET

Date UQ / IDS / BL URL IP
2022-12-04 08:29:53 +0000
0 - 0 - 3 cas.calnd.co/1_casino_fruitspinner/index_yell (...) 104.21.13.176
2022-12-04 08:29:21 +0000
0 - 0 - 2 z.pseessustijy.com/ 172.67.188.103
2022-12-04 08:29:14 +0000
0 - 0 - 1 litterarbitrate.cn/ 104.21.63.96
2022-12-04 08:27:41 +0000
0 - 0 - 3 shirtbenevolence.top/b987RWZZQAVhBEYAAzYpIVxb (...) 104.21.40.222
2022-12-04 08:27:38 +0000
0 - 0 - 2 833656.com/ 188.114.97.1

Last 5 reports on domain: ouo.io

Date UQ / IDS / BL URL IP
2022-12-03 23:04:34 +0000
0 - 0 - 8 ouo.io/st/TF37tJmc/?s=uptobox.com/o1ej5l3t13hg 172.67.6.151
2022-12-03 23:03:49 +0000
0 - 0 - 2 ouo.io/7UOQws 104.22.22.162
2022-12-03 20:36:10 +0000
0 - 0 - 8 ouo.io/NxUyppV 104.22.23.162
2022-12-03 19:52:25 +0000
0 - 0 - 10 ouo.io/CQxuqty 104.22.22.162
2022-12-03 19:14:01 +0000
0 - 0 - 10 ouo.io/2qvJV9 172.67.6.151

No other reports with similar screenshot



JavaScript

Executed Scripts (47)


Executed Evals (35)

#1 JavaScript::Eval (size: 42, repeated: 1) - SHA256: 2fc752a40595d1d6681e6be3ebd8f44cdda99876ff9ee19fe654647a6a11415e

                                        this.context['ApplicationCacheErrorEvent']
                                    

#2 JavaScript::Eval (size: 35, repeated: 1) - SHA256: 022ae916a59e1d7cb709a35e757c60e6626bfccd2c1e87c5ad6b432f0f1b1538

                                        this.context['HTMLBaseFontElement']
                                    

#3 JavaScript::Eval (size: 19, repeated: 1) - SHA256: 631bd9a13534679ce526b007d4fc8352793377d89bcc321392b01ecf075c4101

                                        this.context['Set']
                                    

#4 JavaScript::Eval (size: 6482, repeated: 1) - SHA256: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

                                        var amzn_aps_csm = amzn_aps_csm || {};
amzn_aps_csm.errors = [], amzn_aps_csm.reportErrors = function(a) {
        var b, c;
        for (/^https?:\/\//.test(a) === !1 && (a = document.location.protocol + "//" + a), "/" !== a.substr(a.length - 1) && (a += "/"), b = 0; b < amzn_aps_csm.errors.length; b++) c = '{"adViewability":[{"error": {"m": "' + amzn_aps_csm.errors[b] + '"}}], "c": "aps_communicator", "api": "RTB", "error": 1}', "https:" === document.location.protocol && /^http:\/\//.test(a) === !0 && (a = a.replace("http://", "https://")), (new Image).src = a + c + "?cb=" + Math.round(1e7 * Math.random());
        amzn_aps_csm.errors = []
    },
    function(a) {
        function b(a) {
            return a ? a.replace(/^\s+|\s+$/g, "") : a
        }

        function c(a) {
            if (a && a.s) {
                var b, c = a.s.length > 0 ? a.s[0] : "",
                    d = a.s.length > 1 ? a.s[1] : "";
                c && (b = c.match(j)), b && 3 === b.length || !d || (b = d.match(i)), b && 3 === b.length && (a.f = b[1], a.l = b[2])
            }
        }

        function d(a, d) {
            if (d = d || {}, !a) return {};
            a.m && a.m.message && (a = a.m);
            var i, j, k, l, m, n = {
                    m: e(a, d),
                    c: a.c ? "" + a.c : a.c,
                    s: [],
                    l: a.l || a.line || a.lineno || a.lineNumber,
                    name: a.name,
                    type: a.type
                },
                o = 0,
                p = 0;
            if (i = a.stack || (a.err ? a.err.stack : ""), i && i.split)
                for (j = i.split("\n"); o < j.length && n.s.length < g;) k = j[o++], k && n.s.unshift(b(k));
            else
                for (l = f(a.args || arguments, "callee"), o = 0, p = 0; l && g > o;) m = h, l.skipTrace || (k = l.toString(), k && k.substr && (m = 0 === p ? 4 * h : m, m = 1 === p ? 2 * h : m, n.s.unshift(k.substr(0, m)), p++)), l = f(l, "caller"), o++;
            return !n.f && n.s.length > 0 && c(n), n
        }

        function e(a, b) {
            var c = b.m || b.message || "";
            return c += a.m && a.m.message ? a.m.message : a.m && a.m.target && a.m.target.tagName ? "Error handler invoked by " + a.m.target.tagName + " tag" : a.m ? a.m : a.message ? a.message : "Unknown error"
        }

        function f(a, b) {
            try {
                return a[b]
            } catch (c) {
                return ""
            }
        }
        var g = 20,
            h = 256,
            i = /\(?([^\s]*):(\d+):\d+\)?/,
            j = /.*@(.*):(\d*)/;
        a.constructErrorMessage = d
    }(amzn_aps_csm), window.JSON || (window.JSON = {
        parse: function(sJSON) {
            return eval("(" + sJSON + ")")
        },
        stringify: function() {
            var a = Object.prototype.toString,
                b = Array.isArray || function(b) {
                    return "[object Array]" === a.call(b)
                },
                c = {
                    '"': '\\"',
                    "\\": "\\\\",
                    "\b": "\\b",
                    "\f": "\\f",
                    "\n": "\\n",
                    "\r": "\\r",
                    "	": "\\t"
                },
                d = function(a) {
                    return c[a] || "\\u" + (a.charCodeAt(0) + 65536).toString(16).substr(1)
                },
                e = /[\\"\u0000-\u001F\u2028\u2029]/g;
            return function f(c) {
                var g, h, i, j;
                if (null == c) return "null";
                if ("number" == typeof c) return isFinite(c) ? c.toString() : "null";
                if ("boolean" == typeof c) return c.toString();
                if ("object" == typeof c) {
                    if ("function" == typeof c.toJSON) return f(c.toJSON());
                    if (b(c)) {
                        for (g = "[", h = 0; h < c.length; h++) g += (h ? ", " : "") + f(c[h]);
                        return g + "]"
                    }
                    if ("[object Object]" === a.call(c)) {
                        i = [];
                        for (j in c) c.hasOwnProperty(j) && i.push(f(j) + ": " + f(c[j]));
                        return "{" + i.join(", ") + "}"
                    }
                }
                return '"' + c.toString().replace(e, d) + '"'
            }
        }()
    }), amzn_aps_csm = amzn_aps_csm || {}, amzn_aps_csm.log = function(a) {
        try {
            -1 !== window.location.href.indexOf("csm_debug_mode") && window.console && window.console.log(a)
        } catch (b) {
            b.message && amzn_aps_csm.errors.push(b.message)
        }
    }, amzn_aps_csm.loadModules = function(a) {
        var b, c, d;
        try {
            for (b = 0; b < a.length; b++) {
                if (c = a[b].name, d = a[b].params || [], window.performance && window.performance.mark && "function" == typeof window.performance.mark && window.performance.mark("loadStart" + c), "[object Array]" !== Object.prototype.toString.call(d) && amzn_aps_csm.log("Params passed in the amzn_aps_csm.loadModules methods must be an array"), amzn_aps_csm[c]) {
                    if (void 0 === amzn_aps_csm[c].shortName) throw new amzn_aps_csm.invalidModuleException("Module shortName not defined for module " + c + ". ");
                    amzn_aps_csm[c].init.apply(amzn_aps_csm[c], d), amzn_aps_csm.log("Initiated " + c + " module")
                } else amzn_aps_csm.log("Undefined module " + c);
                window.performance && window.performance.mark && "function" == typeof window.performance.mark && (window.performance.mark("loadEnd" + c), window.performance.measure("lt" + amzn_aps_csm[c].shortName, "loadStart" + c, "loadEnd" + c))
            }
        } catch (e) {
            e.message && amzn_aps_csm.errors.push(e.message)
        }
    }, amzn_aps_csm.define = function(a) {
        var b, c, d, e, f, g, h, i;
        try {
            for (b = function(a) {
                    return "string" == typeof a ? amzn_aps_csm[a] : a
                }, c = Array.prototype.slice.call(arguments), d = c[0], e = c.length > 2 ? c[1] : [], f = c[c.length - 1], g = [], h = 0, i = e.length; i > h; h++) g.push(b(e[h]));
            amzn_aps_csm[d] = f.apply(f, g)
        } catch (j) {
            j.message && amzn_aps_csm.errors.push(j.message)
        }
    }, amzn_aps_csm.invalidModuleException = function(a) {
        this.value = a, this.message = "does not conform to the expected format of a module", this.toString = function() {
            return this.value + this.message
        }
    }, amzn_aps_csm = amzn_aps_csm || {}, amzn_aps_csm.define("eventUtils", [], function() {
        var a = {
            shortName: "eu"
        };
        return a.init = function() {
            amzn_aps_csm.log("Initializing eventUtils"), a.eventHandlers = []
        }, a.addEvent = function(b, c, d, e) {
            b.addEventListener ? b.addEventListener(c, d, e) : b.attachEvent && b.attachEvent("on" + c, d);
            var f = {
                elem: b,
                eventName: c,
                cb: d
            };
            a.eventHandlers.push(f)
        }, a.registerPostMessageHandler = function(a) {
            var b = window.addEventListener ? "addEventListener" : "attachEvent",
                c = window[b],
                d = "attachEvent" == b ? "onmessage" : "message";
            c(d, function(b) {
                a(b)
            }, !1)
        }, a
    }), amzn_aps_csm = amzn_aps_csm || {}, amzn_aps_csm.define("pixelQueue", [], function() {
        var a = {
            shortName: "pq"
        };
        return a.init = function() {}, a.firePixel = function(a, b, c) {
            if ("" !== b) {
                /^https?:\/\//.test(b) === !1 && (b = document.location.protocol + "//" + b), "/" != b.substr(b.length - 1) && (b += "/"), "https:" === document.location.protocol && /^http:\/\//.test(b) === !0 && (b = b.replace("http://", "https://"));
                try {
                    var d = JSON.parse(a);
                    d.ver = amzn_aps_csm.version, a = JSON.stringify(d)
                } catch (e) {}
                void 0 !== c && "" !== c && (b += c), (new Image).src = b + a + "?cb=" + Math.round(1e7 * Math.random())
            } else amzn_aps_csm.log("instrURL is empty")
        }, a
    }), amzn_aps_csm = amzn_aps_csm || {},
    function() {
        var a, b;
        amzn_aps_csm.loadModules([{
            name: "eventUtils",
            params: []
        }]);
        for (a in amzn_aps_csm.eventUtils) amzn_aps_csm.eventUtils.hasOwnProperty(a) && (amzn_aps_csm[a] = amzn_aps_csm.eventUtils[a]);
        amzn_aps_csm.loadModules([{
            name: "pixelQueue",
            params: []
        }]), b = 5, amzn_aps_csm.registerPostMessageHandler(function(a) {
            var c, d, e, f, g, h, i, j, k, l, m;
            if (amzn_aps_csm.log("parent received message!: ", a.data), amzn_aps_csm.log(a.origin), /pixelId/.test(a.data)) {
                for (c = a.source, d = 0; c.parent !== top && b > d;) c = c.parent, d++;
                for (e = {}, "object" == typeof apstag && null !== apstag && "function" == typeof apstag._getSlotIdToNameMapping && null !== apstag._getSlotIdToNameMapping() && (e = apstag._getSlotIdToNameMapping()), f = "", g = document.getElementsByTagName("iframe"), h = 0; h < g.length; h++)
                    if (g[h].contentWindow === c) {
                        i = g[h].parentElement;
                        do j = i.id, i = i.parentElement; while (e.hasOwnProperty(j) === !1 && "body" !== i.tagName.toLowerCase());
                        f = e[j] || j
                    }
                k = JSON.parse(a.data), l = decodeURIComponent(k.instrURL), m = {
                    sn: encodeURIComponent(f),
                    pixelId: k.pixelId
                }, /amazon-adsystem\.com/.test(l) && amzn_aps_csm.pixelQueue.firePixel(JSON.stringify(m), l, "")
            }
        })
    }();
                                    

#5 JavaScript::Eval (size: 17095, repeated: 1) - SHA256: 010408c87e6bddce1279f95d72acd81be68e2ecde12128c2489ac90d514499fd

                                        (function() {
    var p = function(h, U) {
            if (h.v) return hi(h, h.P);
            return (U = v(true, 8, h), U) & 128 && (U ^= 128, h = v(true, 2, h), U = (U << 2) + (h | 0)), U
        },
        T = function(h, U, c) {
            c = this;
            try {
                Uu(U, this, h)
            } catch (Y) {
                E(this, Y), U(function(A) {
                    A(c.F)
                })
            }
        },
        X = function(h, U, c, Y, A, w) {
            if (!U.S) {
                if (3 < (h = m(419, ((0 == (Y = m((A = void 0, h && h[0] === R && (A = h[2], c = h[1], h = void 0), 418), U), Y.length) && (w = m(168, U) >> 3, Y.push(c, w >> 8 & 255, w & 255), void 0 != A && Y.push(A & 255)), c = "", h) && (h.message && (c += h.message), h.stack && (c += ":" + h.stack)), U)), h)) {
                    c = (h -= (c = c.slice(0, (h | 0) - 3), (c.length | 0) + 3), wH(c)), A = U.j, U.j = U;
                    try {
                        q(U, 23, u(c.length, 2).concat(c), 9)
                    } finally {
                        U.j = A
                    }
                }
                I(419, U, h)
            }
        },
        YC = function(h, U) {
            if (U = (h = f.trustedTypes, null), !h || !h.createPolicy) return U;
            try {
                U = h.createPolicy("bg", {
                    createHTML: cv,
                    createScript: cv,
                    createScriptURL: cv
                })
            } catch (c) {
                f.console && f.console.error(c.message)
            }
            return U
        },
        zq = function(h, U, c, Y, A, w) {
            function y() {
                if (Y.j == Y) {
                    if (Y.K) {
                        var z = [D, c, U, void 0, A, w, arguments];
                        if (2 == h) var g = V(Y, (H(z, Y), false), false);
                        else if (1 == h) {
                            var r = !Y.h.length;
                            H(z, Y), r && V(Y, false, false)
                        } else g = yF(Y, z);
                        return g
                    }
                    A && w && A.removeEventListener(w, y, Z)
                }
            }
            return y
        },
        Ai = function(h, U) {
            return h(function(c) {
                c(U)
            }), [function() {
                return U
            }]
        },
        E = function(h, U) {
            h.F = ((h.F ? h.F + "~" : "E:") + U.message + ":" + U.stack).slice(0, 2048)
        },
        i4 = function(h, U, c, Y) {
            for (c = (Y = p(U), 0); 0 < h; h--) c = c << 8 | N(U);
            I(Y, U, c)
        },
        pl = function(h, U, c, Y) {
            return m(408, (I(108, (vv(h, ((Y = m(108, h), h.W) && Y < h.Z ? (I(108, h, h.Z), rH(h, U)) : I(108, h, U), c)), h), Y), h))
        },
        wH = function(h, U, c, Y, A) {
            for (A = (U = (h = h.replace(/\r\n/g, "\n"), []), c = 0); c < h.length; c++) Y = h.charCodeAt(c), 128 > Y ? U[A++] = Y : (2048 > Y ? U[A++] = Y >> 6 | 192 : (55296 == (Y & 64512) && c + 1 < h.length && 56320 == (h.charCodeAt(c + 1) & 64512) ? (Y = 65536 + ((Y & 1023) << 10) + (h.charCodeAt(++c) & 1023), U[A++] = Y >> 18 | 240, U[A++] = Y >> 12 & 63 | 128) : U[A++] = Y >> 12 | 224, U[A++] = Y >> 6 & 63 | 128), U[A++] = Y & 63 | 128);
            return U
        },
        Eu = function(h, U) {
            return h[U] << 24 | h[(U | 0) + 1] << 16 | h[(U | 0) + 2] << 8 | h[(U | 0) + 3]
        },
        Tq = function(h, U, c, Y) {
            function A() {}
            return {
                invoke: (Y = xC(h, function(w) {
                    A && (U && K(U), c = w, A(), A = void 0)
                }, (c = void 0, !!U))[0], function(w, y, z, g) {
                    function r() {
                        c(function(x) {
                            K(function() {
                                w(x)
                            })
                        }, z)
                    }
                    if (!y) return y = Y(z), w && w(y), y;
                    c ? r() : (g = A, A = function() {
                        (g(), K)(r)
                    })
                })
            }
        },
        e = function(h, U) {
            for (U = []; h--;) U.push(255 * Math.random() | 0);
            return U
        },
        I = function(h, U, c) {
            if (108 == h || 168 == h) U.K[h] ? U.K[h].concat(c) : U.K[h] = M9(U, c);
            else {
                if (U.S && 142 != h) return;
                158 == h || 23 == h || 190 == h || 418 == h || 77 == h ? U.K[h] || (U.K[h] = SD(U, c, h, 38)) : U.K[h] = SD(U, c, h, 41)
            }
            142 == h && (U.U = v(false, 32, U), U.J = void 0)
        },
        b = function(h, U, c) {
            c[I(U, h, c), Ou] = 2796
        },
        q = function(h, U, c, Y, A, w) {
            if (h.j == h)
                for (w = m(U, h), 23 == U ? (U = function(y, z, g, r) {
                        if (r = ((z = w.length, z) | 0) - 4 >> 3, w.eN != r) {
                            r = [0, 0, (w.eN = r, g = (r << 3) - 4, A)[1], A[2]];
                            try {
                                w.kR = Ri(Eu(w, (g | 0) + 4), r, Eu(w, g))
                            } catch (x) {
                                throw x;
                            }
                        }
                        w.push(w.kR[z & 7] ^ y)
                    }, A = m(77, h)) : U = function(y) {
                        w.push(y)
                    }, Y && U(Y & 255), h = c.length, Y = 0; Y < h; Y++) U(c[Y])
        },
        k, mu = function(h, U, c) {
            return U.g(function(Y) {
                c = Y
            }, false, h), c
        },
        Uu = function(h, U, c, Y, A) {
            for ((U.Qc = ((U.qI = su, U).Zs = (U.dd = q9, U[n]), u4)(U.H, {get: function() {
                        return this.concat()
                    }
                }), U).Hs = W[U.H](U.Qc, {
                    value: {
                        value: {}
                    }
                }), Y = [], A = 0; 128 > A; A++) Y[A] = String.fromCharCode(A);
            V(U, true, (H((H([(H((b(U, (b((b(U, (I(((b(U, (b(U, (b(U, (U.br = (b(U, (I(335, U, (I(190, (b(U, 103, (I(158, U, [160, (b((b(U, 318, (b(U, 436, (b((b(U, 114, (b(U, 33, (I((b(U, 260, (b(U, 222, (b(U, 242, (I((b(U, 133, (b((b(U, 215, (b(U, 398, (b(U, (b((b(U, (I(23, (b(U, (I(418, U, ((I(168, U, (I(108, (U.tZ = ((U.Fu = false, A = window.performance || {}, U).S = ((U.N = (U.G = 8001, U.D = void 0, U.X = [], 0), U.hZ = (U.h = [], function(w) {
                this.j = w
            }), U.Y = 1, U).F = (U.Z = 0, U.B = 25, U.j = (U.J = void 0, U), (U.u = 0, U).L = null, void 0), false), (U.s = (U.yc = [], 0), (U.P = (U.i = false, void 0), U).W = (U.OB = 0, []), U).U = (U.V = [], U.C = (U.o = 0, U.K = [], U.v = void 0, 0), U.R = void 0, void 0), A.timeOrigin || (A.timing || {}).navigationStart || 0), U), 0), 0)), b)(U, 91, function(w, y, z, g) {
                z = (g = (z = p(w), p(w)), y = p(w), g = m(g, w), m(z, w) == g), I(y, w, +z)
            }), [])), 179), function(w, y, z, g, r) {
                I((z = (y = p((z = (g = (r = p(w), p(w)), p)(w), w)), y = m(y, w), m(z, w)), g = m(g, w), r), w, zq(y, z, g, w))
            }), U), e(4)), 486), function(w) {
                QF(w, 4)
            }), U), 507, function(w) {
                l4(w, 4)
            }), 462), function(w, y, z) {
                J(false, y, true, w) || (y = p(w), z = p(w), I(z, w, function(g) {
                    return eval(g)
                }(oi(m(y, w.j)))))
            }), function(w, y, z, g) {
                I((z = (y = p(w), g = N(w), p)(w), z), w, m(y, w) >>> g)
            })), function(w, y, z, g, r) {
                0 !== (z = (y = m((r = (g = m((z = p((r = p(w), w)), y = p(w), g = p(w), g), w), m)(r, w.j), y), w), m(z, w)), r) && (g = zq(1, g, y, w, r, z), r.addEventListener(z, g, Z), I(246, w, [r, z, g]))
            })), I(385, U, 0), U), 266, function(w, y, z, g, r, x, M, O, S, C, Q, F) {
                function a(l, G) {
                    for (; S < l;) g |= N(w) << S, S += 8;
                    return S -= l, G = g & (1 << l) - 1, g >>= l, G
                }
                for (x = (Q = (C = (S = (z = p(w), g = 0), (a(3) | 0) + 1), a(5)), r = M = 0, []); r < Q; r++) y = a(1), x.push(y), M += y ? 0 : 1;
                for (O = (M = ((M | 0) - 1).toString(2).length, []), r = 0; r < Q; r++) x[r] || (O[r] = a(M));
                for (M = 0; M < Q; M++) x[M] && (O[M] = p(w));
                for (F = []; C--;) F.push(m(p(w), w));
                b(w, z, function(l, G, P, L, gH) {
                    for (G = (gH = [], 0), L = []; G < Q; G++) {
                        if (!x[P = O[G], G]) {
                            for (; P >= L.length;) L.push(p(l));
                            P = L[P]
                        }
                        gH.push(P)
                    }
                    l.P = M9(l, (l.v = M9(l, F.slice()), gH))
                })
            }), function(w, y, z, g, r, x) {
                J(false, y, true, w) || (z = Ii(w.j), y = z.KJ, x = z.jN, r = z.A, z = z.O, g = z.length, x = 0 == g ? new x[r] : 1 == g ? new x[r](z[0]) : 2 == g ? new x[r](z[0], z[1]) : 3 == g ? new x[r](z[0], z[1], z[2]) : 4 == g ? new x[r](z[0], z[1], z[2], z[3]) : 2(), I(y, w, x))
            })), 77), U, [0, 0, 0]), function() {})), U.LJ = 0, I(419, U, 2048), function(w, y, z, g, r, x, M) {
                for (y = (M = (x = m(237, (z = (g = (r = p(w), X$)(w), ""), w)), x.length), 0); g--;) y = ((y | 0) + (X$(w) | 0)) % M, z += Y[x[y]];
                I(r, w, z)
            })), function(w, y, z, g, r) {
                for (g = (r = (y = X$((z = p(w), w)), 0), []); r < y; r++) g.push(N(w));
                I(z, w, g)
            })), 296), U, U), function(w, y, z, g) {
                y = (z = (g = (z = (y = p(w), p)(w), p)(w), m)(z, w), m)(y, w), I(g, w, y in z | 0)
            })), function(w, y, z, g) {
                I((z = m((y = (g = (y = (z = p(w), p)(w), p)(w), m(y, w)), z), w), g), w, z[y])
            })), U), 76, function(w, y, z) {
                (z = 0 != (y = (z = p(w), p(w)), m(z, w)), y = m(y, w), z) && I(108, w, y)
            }), function(w) {
                QF(w, 1)
            })), function(w, y, z, g) {
                I((z = (g = (y = p(w), p(w)), p(w)), z), w, m(y, w) || m(g, w))
            })), U), 510, function(w, y, z, g) {
                if (y = w.yc.pop()) {
                    for (z = N(w); 0 < z; z--) g = p(w), y[g] = w.K[g];
                    w.K = (y[419] = (y[418] = w.K[418], w).K[419], y)
                } else I(108, w, w.Z)
            }), b(U, 113, function(w, y, z, g, r) {
                r = (z = p((y = p(w), w)), p)(w), w.j == w && (g = m(y, w), r = m(r, w), z = m(z, w), g[z] = r, 142 == y && (w.J = void 0, 2 == z && (w.U = v(false, 32, w), w.J = void 0)))
            }), 0), 0]), function(w) {
                i4(4, w)
            })), I(369, U, 477), U), []), f)), I(408, U, {}), 397), function(w, y, z, g, r, x) {
                if (!J(true, y, true, w)) {
                    if ("object" == (w = (g = (r = m((y = m((x = p((g = (r = (y = p(w), p(w)), p(w)), w)), y), w), r), w), m)(g, w), m(x, w)), fl(y))) {
                        for (z in x = [], y) x.push(z);
                        y = x
                    }
                    for (x = 0, z = y.length, g = 0 < g ? g : 1; x < z; x += g) r(y.slice(x, (x | 0) + (g | 0)), w)
                }
            }), 0), 85), function(w, y, z) {
                (y = fl((y = m((z = (y = p(w), p(w)), y), w), y)), I)(z, w, y)
            }), 431), function(w, y, z, g) {
                !J(false, y, true, w) && (y = Ii(w), z = y.jN, g = y.A, w.j == w || g == w.hZ && z == w) && (I(y.KJ, w, g.apply(z, y.O)), w.o = w.T())
            }), 254), function(w, y) {
                rH((y = m(p(w), w), w.j), y)
            }), U).IO = 0, 246), U, 0), 71), function(w, y) {
                w = m((y = p(w), y), w.j), w[0].removeEventListener(w[1], w[2], Z)
            }), b(U, 468, function(w, y, z) {
                z = (y = p(w), p(w)), I(z, w, "" + m(y, w))
            }), U), 58, function(w, y, z, g) {
                g = (y = m((z = (g = p(w), p(w)), z), w), m(g, w)), I(z, w, y + g)
            }), 449), function(w) {
                l4(w, 3)
            }), [Ou]), U), d), c], U), [jD, h]), U), true))
        },
        hi = function(h, U) {
            return U = U.create().shift(), h.v.create().length || h.P.create().length || (h.v = void 0, h.P = void 0), U
        },
        SD = function(h, U, c, Y, A, w, y, z) {
            return (z = W[h.H]((U = [-74, 93, -46, -30, 9, -35, U, -89, (w = Gq, y = Y & 7, 40), 87], h.Qc)), z)[h.H] = function(g) {
                A = (y += 6 + 7 * Y, y &= 7, g)
            }, z.concat = function(g) {
                return (g = (A = (g = (g = c % 16 + 1, 3 * c * c * g + U[y + 27 & 7] * c * g + (w() | 0) * g + 54 * A * A - 162 * c * c * A - 5022 * c * A) - g * A - -4752 * A + y, void 0), U[g]), U)[(y + 45 & 7) + (Y & 2)] = g, U[y + (Y & 2)] = 93, g
            }, z
        },
        rH = function(h, U) {
            I(108, h, (h.yc.push(h.K.slice()), h.K[108] = void 0, U))
        },
        m = function(h, U) {
            if (void 0 === (U = U.K[h], U)) throw [R, 30, h];
            if (U.value) return U.create();
            return U.create(3 * h * h + 93 * h + -88), U.prototype
        },
        Ii = function(h, U, c, Y, A, w) {
            for (Y = p((c = ((A = (w = h[F$] || {}, p)(h), w.KJ = p(h), w).O = [], h.j == h ? (N(h) | 0) - 1 : 1), h)), U = 0; U < c; U++) w.O.push(p(h));
            for (; c--;) w.O[c] = m(w.O[c], h);
            return (w.jN = m(Y, h), w).A = m(A, h), w
        },
        v = function(h, U, c, Y, A, w, y, z, g, r, x, M, O, S) {
            if (y = m(108, c), y >= c.Z) throw [R, 31];
            for (O = (g = (S = y, c).Zs.length, U), z = 0; 0 < O;) A = S >> 3, M = S % 8, w = c.W[A], r = 8 - (M | 0), r = r < O ? r : O, h && (Y = c, Y.J != S >> 6 && (Y.J = S >> 6, x = m(142, Y), Y.D = Ri(Y.J, [0, 0, x[1], x[2]], Y.U)), w ^= c.D[A & g]), S += r, z |= (w >> 8 - (M | 0) - (r | 0) & (1 << r) - 1) << (O | 0) - (r | 0), O -= r;
            return I(108, c, (h = z, (y | 0) + (U | 0))), h
        },
        DN = function(h, U, c, Y) {
            for (; h.h.length;) {
                c = (h.L = null, h.h.pop());
                try {
                    Y = yF(h, c)
                } catch (A) {
                    E(h, A)
                }
                if (U && h.L) {
                    (U = h.L, U)(function() {
                        V(h, true, true)
                    });
                    break
                }
            }
            return Y
        },
        V = function(h, U, c, Y, A, w) {
            if (h.h.length) {
                h.i = (h.i && 0(), true), h.Fu = c;
                try {
                    w = h.T(), h.C = w, h.o = w, h.R = 0, Y = DN(h, c), A = h.T() - h.C, h.s += A, A < (U ? 0 : 10) || 0 >= h.B-- || (A = Math.floor(A), h.V.push(254 >= A ? A : 254))
                } finally {
                    h.i = false
                }
                return Y
            }
        },
        Hv = function(h, U) {
            (U.push(h[0] << 24 | h[1] << 16 | h[2] << 8 | h[3]), U).push(h[4] << 24 | h[5] << 16 | h[6] << 8 | h[7]), U.push(h[8] << 24 | h[9] << 16 | h[10] << 8 | h[11])
        },
        M9 = function(h, U, c) {
            return (c = W[h.H](h.Hs), c)[h.H] = function() {
                return U
            }, c.concat = function(Y) {
                U = Y
            }, c
        },
        Ri = function(h, U, c, Y, A) {
            for (A = (U = U[Y = U[2] | 0, 3] | 0, 0); 14 > A; A++) h = h >>> 8 | h << 24, h += c | 0, c = c << 3 | c >>> 29, h ^= Y + 1890, U = U >>> 8 | U << 24, U += Y | 0, c ^= h, Y = Y << 3 | Y >>> 29, U ^= A + 1890, Y ^= U;
            return [c >>> 24 & 255, c >>> 16 & 255, c >>> 8 & 255, c >>> 0 & 255, h >>> 24 & 255, h >>> 16 & 255, h >>> 8 & 255, h >>> 0 & 255]
        },
        J = function(h, U, c, Y, A, w, y, z, g) {
            if (((((w = (g = (A = (c || Y.R++, 0 < Y.N && Y.i && Y.Fu && 1 >= Y.u && !Y.v && !Y.L && (!c || 1 < Y.G - U) && 0 == document.hidden), z = (y = 4 == Y.R) || A ? Y.T() : Y.o, z) - Y.o, g >> 14), Y).U && (Y.U ^= w * (g << 2)), Y).Y += w, Y).j = w || Y.j, y) || A) Y.o = z, Y.R = 0;
            if (!A || z - Y.C < Y.N - (h ? 255 : c ? 5 : 2)) return false;
            return !(((I((h = m(c ? 168 : 108, (Y.G = U, Y)), 108), Y, Y.Z), Y.h).push([VF, h, c ? U + 1 : U]), Y).L = K, 0)
        },
        xC = function(h, U, c, Y) {
            return (Y = t[h.substring(0, 3) + "_"]) ? Y(h.substring(3), U, c) : Ai(U, h)
        },
        l4 = function(h, U, c, Y, A) {
            q(h, ((c = m((Y = (c = p((A = U & 3, U &= 4, h)), p(h)), c), h), U) && (c = wH("" + c)), A && q(h, Y, u(c.length, 2)), Y), c)
        },
        ai = function(h, U, c) {
            if (3 == h.length) {
                for (c = 0; 3 > c; c++) U[c] += h[c];
                for (c = [13, 8, 13, 12, 16, (h = 0, 5), 3, 10, 15]; 9 > h; h++) U[3](U, h % 3, c[h])
            }
        },
        t, f = this || self,
        Z = {
            passive: true,
            capture: true
        },
        QF = function(h, U, c, Y) {
            q(h, (c = p((Y = p(h), h)), c), u(m(Y, h), U))
        },
        cv = function(h) {
            return h
        },
        fl = function(h, U, c) {
            if ((c = typeof h, "object") == c)
                if (h) {
                    if (h instanceof Array) return "array";
                    if (h instanceof Object) return c;
                    if ("[object Window]" == (U = Object.prototype.toString.call(h), U)) return "object";
                    if ("[object Array]" == U || "number" == typeof h.length && "undefined" != typeof h.splice && "undefined" != typeof h.propertyIsEnumerable && !h.propertyIsEnumerable("splice")) return "array";
                    if ("[object Function]" == U || "undefined" != typeof h.call && "undefined" != typeof h.propertyIsEnumerable && !h.propertyIsEnumerable("call")) return "function"
                } else return "null";
            else if ("function" == c && "undefined" == typeof h.call) return "object";
            return c
        },
        u4 = function(h, U) {
            return W[h](W.prototype, {
                call: U,
                console: U,
                floor: U,
                replace: U,
                stack: U,
                splice: U,
                document: U,
                pop: U,
                propertyIsEnumerable: U,
                length: U,
                prototype: U,
                parent: U
            })
        },
        K = f.requestIdleCallback ? function(h) {
            requestIdleCallback(function() {
                h()
            }, {
                timeout: 4
            })
        } : f.setImmediate ? function(h) {
            setImmediate(h)
        } : function(h) {
            setTimeout(h, 0)
        },
        X$ = function(h, U) {
            return (U = N(h), U) & 128 && (U = U & 127 | N(h) << 7), U
        },
        N = function(h) {
            return h.v ? hi(h, h.P) : v(true, 8, h)
        },
        u = function(h, U, c, Y) {
            for (c = (Y = (U | 0) - 1, []); 0 <= Y; Y--) c[(U | 0) - 1 - (Y | 0)] = h >> 8 * Y & 255;
            return c
        },
        H = function(h, U) {
            U.h.splice(0, 0, h)
        },
        ZN = function(h, U, c, Y) {
            try {
                Y = h[((U | 0) + 2) % 3], h[U] = (h[U] | 0) - (h[((U | 0) + 1) % 3] | 0) - (Y | 0) ^ (1 == U ? Y << c : Y >>> c)
            } catch (A) {
                throw A;
            }
        },
        vv = function(h, U, c, Y, A, w) {
            if (!h.F) {
                h.u++;
                try {
                    for (A = (Y = (c = 0, h.Z), void 0); --U;) try {
                        if ((w = void 0, h).v) A = hi(h, h.v);
                        else {
                            if ((c = m(108, h), c) >= Y) break;
                            A = (w = (I(168, h, c), p(h)), m(w, h))
                        }
                        J(false, (A && A[N9] & 2048 ? A(h, U) : X([R, 21, w], h, 0), U), false, h)
                    } catch (y) {
                        m(369, h) ? X(y, h, 22) : I(369, h, y)
                    }
                    if (!U) {
                        if (h.vs) {
                            vv(h, (h.u--, 446149057662));
                            return
                        }
                        X([R, 33], h, 0)
                    }
                } catch (y) {
                    try {
                        X(y, h, 22)
                    } catch (z) {
                        E(h, z)
                    }
                }
                h.u--
            }
        },
        yF = function(h, U, c, Y, A) {
            if (c = U[0], c == B) h.B = 25, h.I(U);
            else if (c == n) {
                Y = U[1];
                try {
                    A = h.F || h.I(U)
                } catch (w) {
                    E(h, w), A = h.F
                }
                Y(A)
            } else if (c == VF) h.I(U);
            else if (c == d) h.I(U);
            else if (c == jD) {
                try {
                    for (A = 0; A < h.X.length; A++) try {
                        Y = h.X[A], Y[0][Y[1]](Y[2])
                    } catch (w) {}
                } catch (w) {}(0, U[1])((h.X = [], function(w, y) {
                    h.g(w, true, y)
                }), function(w) {
                    (w = !h.h.length, H([N9], h), w) && V(h, false, true)
                })
            } else {
                if (c == D) return A = U[2], I(371, h, U[6]), I(408, h, A), h.I(U);
                c == N9 ? (h.W = [], h.K = null, h.V = []) : c == Ou && "loading" === f.document.readyState && (h.L = function(w, y) {
                    function z() {
                        y || (y = true, w())
                    }(y = false, f).document.addEventListener("DOMContentLoaded", z, Z), f.addEventListener("load", z, Z)
                })
            }
        },
        F$ = String.fromCharCode(105, 110, 116, 101, 103, 67, 104, 101, 99, 107, 66, 121, 112, 97, 115, 115),
        d = ((T.prototype.oO = void 0, (T.prototype.vs = false, T).prototype).Ws = void 0, []),
        Ou = (T.prototype.l = "toString", []),
        B = [],
        n = [],
        VF = [],
        N9 = [],
        R = {},
        D = [],
        jD = [],
        W = ((Hv, e, ZN, function() {})(ai), R.constructor),
        Gq = ((((k = (T.prototype.H = "create", T.prototype), k).EB = function() {
            return Math.floor(this.s + (this.T() - this.C))
        }, k).T = (window.performance || {}).now ? function() {
            return this.tZ + window.performance.now()
        } : function() {
            return +new Date
        }, k).pJ = function(h, U, c) {
            return ((U = (U ^= U << 13, U ^= U >> 17, (U ^ U << 5) & c)) || (U = 1), h) ^ U
        }, k.JZ = function() {
            return Math.floor(this.T())
        }, void 0),
        q9 = (((k.g = function(h, U, c, Y, A) {
            if ((c = "array" === fl(c) ? c : [c], this).F) h(this.F);
            else try {
                Y = [], A = !this.h.length, H([B, Y, c], this), H([n, h, Y], this), U && !A || V(this, true, U)
            } catch (w) {
                E(this, w), h(this.F)
            }
        }, k.Ps = function(h, U, c, Y, A, w) {
            for (Y = w = 0, c = []; Y < h.length; Y++)
                for (w += U, A = A << U | h[Y]; 7 < w;) w -= 8, c.push(A >> w & 255);
            return c
        }, k).UB = function(h, U, c, Y, A) {
            for (A = Y = 0; Y < h.length; Y++) A += h.charCodeAt(Y), A += A << 10, A ^= A >> 6;
            return Y = new(h = (A += A << 3, A ^= A >> 11, A) + (A << 15) >>> 0, Number)(h & (1 << U) - 1), Y[0] = (h >>> U) % c, Y
        }, T.prototype).I = function(h, U) {
            return U = (h = {}, Gq = function() {
                    return h == U ? -88 : -31
                }, {}),
                function(c, Y, A, w, y, z, g, r, x, M, O, S, C, Q, F) {
                    h = (z = h, U);
                    try {
                        if (M = c[0], M == d) {
                            C = c[1];
                            try {
                                for (w = (Y = (S = atob(C), Q = [], 0), 0); w < S.length; w++) g = S.charCodeAt(w), 255 < g && (Q[Y++] = g & 255, g >>= 8), Q[Y++] = g;
                                I(142, this, (this.Z = (this.W = Q, this.W).length << 3, [0, 0, 0]))
                            } catch (a) {
                                X(a, this, 17);
                                return
                            }
                            vv(this, 8001)
                        } else if (M == B) c[1].push(m(419, this), m(23, this).length, m(158, this).length, m(190, this).length), I(408, this, c[2]), this.K[366] && pl(this, m(366, this), 8001);
                        else {
                            if (M == n) {
                                this.j = (F = u((m(158, (Y = c[2], this)).length | 0) + 2, 2), x = this.j, this);
                                try {
                                    A = m(418, this), 0 < A.length && q(this, 158, u(A.length, 2).concat(A), 10), q(this, 158, u(this.Y, 1), 109), q(this, 158, u(this[n].length, 1)), S = 0, S += m(385, this) & 2047, y = m(23, this), S -= (m(158, this).length | 0) + 5, 4 < y.length && (S -= (y.length | 0) + 3), 0 < S && q(this, 158, u(S, 2).concat(e(S)), 15), 4 < y.length && q(this, 158, u(y.length, 2).concat(y), 156)
                                } finally {
                                    this.j = x
                                }
                                if (O = (((w = e(2).concat(m(158, this)), w)[1] = w[0] ^ 6, w)[3] = w[1] ^ F[0], w[4] = w[1] ^ F[1], this.wd(w))) O = "!" + O;
                                else
                                    for (S = 0, O = ""; S < w.length; S++) r = w[S][this.l](16), 1 == r.length && (r = "0" + r), O += r;
                                return m((m(158, (m(23, (I(419, this, (Q = O, Y.shift())), this)).length = Y.shift(), this)).length = Y.shift(), 190), this).length = Y.shift(), Q
                            }
                            if (M == VF) pl(this, c[1], c[2]);
                            else if (M == D) return pl(this, c[1], 8001)
                        }
                    } finally {
                        h = z
                    }
                }
        }(), /./),
        su, Kl = (T.prototype[T.prototype.wd = (T.prototype.cs = 0, T.prototype.T3 = 0, function(h, U, c, Y) {
            if (c = window.btoa) {
                for (Y = "", U = 0; U < h.length; U += 8192) Y += String.fromCharCode.apply(null, h.slice(U, U + 8192));
                h = c(Y).replace(/\+/g, "-").replace(/\//g, "_").replace(/=/g, "")
            } else h = void 0;
            return h
        }), jD] = [0, 0, 1, 1, 0, 1, 1], d).pop.bind(T.prototype[B]),
        oi = function(h, U) {
            return (U = YC()) && 1 === h.eval(U.createScript("1")) ? function(c) {
                return U.createScript(c)
            } : function(c) {
                return "" + c
            }
        }((su = u4((q9[T.prototype.l] = Kl, T.prototype).H, {get: Kl
        }), T.prototype.rd = void 0, f));
    (40 < (t = f.botguard || (f.botguard = {}), t).m || (t.m = 41, t.bg = Tq, t.a = xC), t).YBO_ = function(h, U, c) {
        return c = new T(h, U), [function(Y) {
            return mu(Y, c)
        }]
    };
}).call(this);
                                    

#6 JavaScript::Eval (size: 22, repeated: 1) - SHA256: 45f5e5195f57ae43fbd3dacdbdf1de261f7a716f6241be91b64b0a1e990cdc75

                                        0,
function(w) {
    i4(2, w)
}
                                    

#7 JavaScript::Eval (size: 36, repeated: 1) - SHA256: 2d498779a32244d72a8a7d953918ce95c00fab9d3b129b2a1c3125fb263ccb45

                                        this.context['self']['SharedWorker']
                                    

#8 JavaScript::Eval (size: 46, repeated: 1) - SHA256: e218a1ac15f252350ef2646dead414bf35db450215962e63da301cb7c3f064eb

                                        this.context['navigator']['webkitGetGamepads']
                                    

#9 JavaScript::Eval (size: 154, repeated: 1) - SHA256: 5b74ca7f2f7320a7821eedeecfc6bc9cf4c5b0364ae656e62b66657c227aae7e

                                        apstag.punt({
    "cmp": "https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-LoopMe_n-onetag_pm-db5_rbd_cnv_n-Outbrain",
    "cb": "0"
})
                                    

#10 JavaScript::Eval (size: 64, repeated: 1) - SHA256: 3755a8c0633fef887d8f3e30674dfbef87ddb8b872bf69663731ed531f6a6ed0

                                        0,
function(w, y, z) {
    I((z = (y = (z = p(w), p)(w), w.K[z] && m(z, w)), y), w, z)
}
                                    

#11 JavaScript::Eval (size: 21, repeated: 1) - SHA256: 5f7d79033f82e1d81e2e6490b1fe43f241e2889aae35ea6d5f968ca697f5a577

                                        this.context['close']
                                    

#12 JavaScript::Eval (size: 45, repeated: 1) - SHA256: d7fff9897aaa9675a3652e7cac1a8c2a3427b896b5cc0ab5ffd628f9bb106e34

                                        this.context['external']['AddSearchProvider']
                                    

#13 JavaScript::Eval (size: 31, repeated: 1) - SHA256: 0408d20a8555f96ab5cced9f89880c477f78d4ade576e5618b04094f034fb081

                                        this.context['ArrayBufferView']
                                    

#14 JavaScript::Eval (size: 39, repeated: 1) - SHA256: 04f881dff1163e4e36943700ddbcf25667dfe7e0b154d21e181a771955264d60

                                        this.context['document']['createTouch']
                                    

#15 JavaScript::Eval (size: 35, repeated: 1) - SHA256: 7013ec5264e02f54f3b42e05b51fd1ad0f180fa3870b71acd2f1a384cc81d601

                                        this.context['document']['prepend']
                                    

#16 JavaScript::Eval (size: 25, repeated: 1) - SHA256: cfd8889f26f46323b63c7766e414faf4a4171cc959c4c2b2e6a64c0ec3edf13f

                                        this.context['CryptoKey']
                                    

#17 JavaScript::Eval (size: 31, repeated: 1) - SHA256: fb71685befff6e5c6fb9e2dd5f9bea6c71a2a162b39920f3927ef5ebfcf0134d

                                        this.context['BeforeLoadEvent']
                                    

#18 JavaScript::Eval (size: 22, repeated: 1) - SHA256: c624a79f9c72c617d0ed1ad3207a67a39f6243071e14c4ebeace5dcff97313a3

                                        this.context['Entity']
                                    

#19 JavaScript::Eval (size: 28, repeated: 1) - SHA256: 4f6a557989f79654728dcb244539b604c5329db30b964d6e8c524c72517b9fa6

                                        this.context['Notification']
                                    

#20 JavaScript::Eval (size: 41, repeated: 1) - SHA256: 25fde17ee6ee622be6ebf83118c8802af55f2721a375a4017d6dec6edaf3b37b

                                        this.context['DOMException']['ABORT_ERR']
                                    

#21 JavaScript::Eval (size: 15578, repeated: 1) - SHA256: 82b81c86cdae578664003b993458bc63c9de6f989bde32d1671110605cbbb93f

                                        /* Anti-spam. Want to say hello? Contact (base64) Ym90Z3VhcmQtY29udGFjdEBnb29nbGUuY29t */
(function() {
    var c = function(h) {
            return h
        },
        Y = this || self,
        y = function(h, U) {
            if (h = (U = Y.trustedTypes, null), !U || !U.createPolicy) return h;
            try {
                h = U.createPolicy("bg", {
                    createHTML: c,
                    createScript: c,
                    createScriptURL: c
                })
            } catch (w) {
                Y.console && Y.console.error(w.message)
            }
            return h
        };
    (0, eval)(function(h, U) {
        return (U = y()) && 1 === h.eval(U.createScript("1")) ? function(w) {
            return U.createScript(w)
        } : function(w) {
            return "" + w
        }
    }(Y)(Array(7824 * Math.random() | 0).join("\n") + '(function(){var p=function(h,U){if(h.v)return hi(h,h.P);return(U=v(true,8,h),U)&128&&(U^=128,h=v(true,2,h),U=(U<<2)+(h|0)),U},T=function(h,U,c){c=this;try{Uu(U,this,h)}catch(Y){E(this,Y),U(function(A){A(c.F)})}},X=function(h,U,c,Y,A,w){if(!U.S){if(3<(h=m(419,((0==(Y=m((A=void 0,h&&h[0]===R&&(A=h[2],c=h[1],h=void 0),418),U),Y.length)&&(w=m(168,U)>>3,Y.push(c,w>>8&255,w&255),void 0!=A&&Y.push(A&255)),c="",h)&&(h.message&&(c+=h.message),h.stack&&(c+=":"+h.stack)),U)),h)){c=(h-=(c=c.slice(0,(h|0)-3),(c.length|0)+3),wH(c)),A=U.j,U.j=U;try{q(U,23,u(c.length,2).concat(c),9)}finally{U.j=A}}I(419,U,h)}},YC=function(h,U){if(U=(h=f.trustedTypes,null),!h||!h.createPolicy)return U;try{U=h.createPolicy("bg",{createHTML:cv,createScript:cv,createScriptURL:cv})}catch(c){f.console&&f.console.error(c.message)}return U},zq=function(h,U,c,Y,A,w){function y(){if(Y.j==Y){if(Y.K){var z=[D,c,U,void 0,A,w,arguments];if(2==h)var g=V(Y,(H(z,Y),false),false);else if(1==h){var r=!Y.h.length;H(z,Y),r&&V(Y,false,false)}else g=yF(Y,z);return g}A&&w&&A.removeEventListener(w,y,Z)}}return y},Ai=function(h,U){return h(function(c){c(U)}),[function(){return U}]},E=function(h,U){h.F=((h.F?h.F+"~":"E:")+U.message+":"+U.stack).slice(0,2048)},i4=function(h,U,c,Y){for(c=(Y=p(U),0);0<h;h--)c=c<<8|N(U);I(Y,U,c)},pl=function(h,U,c,Y){return m(408,(I(108,(vv(h,((Y=m(108,h),h.W)&&Y<h.Z?(I(108,h,h.Z),rH(h,U)):I(108,h,U),c)),h),Y),h))},wH=function(h,U,c,Y,A){for(A=(U=(h=h.replace(/\\r\\n/g,"\\n"),[]),c=0);c<h.length;c++)Y=h.charCodeAt(c),128>Y?U[A++]=Y:(2048>Y?U[A++]=Y>>6|192:(55296==(Y&64512)&&c+1<h.length&&56320==(h.charCodeAt(c+1)&64512)?(Y=65536+((Y&1023)<<10)+(h.charCodeAt(++c)&1023),U[A++]=Y>>18|240,U[A++]=Y>>12&63|128):U[A++]=Y>>12|224,U[A++]=Y>>6&63|128),U[A++]=Y&63|128);return U},Eu=function(h,U){return h[U]<<24|h[(U|0)+1]<<16|h[(U|0)+2]<<8|h[(U|0)+3]},Tq=function(h,U,c,Y){function A(){}return{invoke:(Y=xC(h,function(w){A&&(U&&K(U),c=w,A(),A=void 0)},(c=void 0,!!U))[0],function(w,y,z,g){function r(){c(function(x){K(function(){w(x)})},z)}if(!y)return y=Y(z),w&&w(y),y;c?r():(g=A,A=function(){(g(),K)(r)})})}},e=function(h,U){for(U=[];h--;)U.push(255*Math.random()|0);return U},I=function(h,U,c){if(108==h||168==h)U.K[h]?U.K[h].concat(c):U.K[h]=M9(U,c);else{if(U.S&&142!=h)return;158==h||23==h||190==h||418==h||77==h?U.K[h]||(U.K[h]=SD(U,c,h,38)):U.K[h]=SD(U,c,h,41)}142==h&&(U.U=v(false,32,U),U.J=void 0)},b=function(h,U,c){c[I(U,h,c),Ou]=2796},q=function(h,U,c,Y,A,w){if(h.j==h)for(w=m(U,h),23==U?(U=function(y,z,g,r){if(r=((z=w.length,z)|0)-4>>3,w.eN!=r){r=[0,0,(w.eN=r,g=(r<<3)-4,A)[1],A[2]];try{w.kR=Ri(Eu(w,(g|0)+4),r,Eu(w,g))}catch(x){throw x;}}w.push(w.kR[z&7]^y)},A=m(77,h)):U=function(y){w.push(y)},Y&&U(Y&255),h=c.length,Y=0;Y<h;Y++)U(c[Y])},k,mu=function(h,U,c){return U.g(function(Y){c=Y},false,h),c},Uu=function(h,U,c,Y,A){for((U.Qc=((U.qI=su,U).Zs=(U.dd=q9,U[n]),u4)(U.H,{get:function(){return this.concat()}}),U).Hs=W[U.H](U.Qc,{value:{value:{}}}),Y=[],A=0;128>A;A++)Y[A]=String.fromCharCode(A);V(U,true,(H((H([(H((b(U,(b((b(U,(I(((b(U,(b(U,(b(U,(U.br=(b(U,(I(335,U,(I(190,(b(U,103,(I(158,U,[160,(b((b(U,318,(b(U,436,(b((b(U,114,(b(U,33,(I((b(U,260,(b(U,222,(b(U,242,(I((b(U,133,(b((b(U,215,(b(U,398,(b(U,(b((b(U,(I(23,(b(U,(I(418,U,((I(168,U,(I(108,(U.tZ=((U.Fu=false,A=window.performance||{},U).S=((U.N=(U.G=8001,U.D=void 0,U.X=[],0),U.hZ=(U.h=[],function(w){this.j=w}),U.Y=1,U).F=(U.Z=0,U.B=25,U.j=(U.J=void 0,U),(U.u=0,U).L=null,void 0),false),(U.s=(U.yc=[],0),(U.P=(U.i=false,void 0),U).W=(U.OB=0,[]),U).U=(U.V=[],U.C=(U.o=0,U.K=[],U.v=void 0,0),U.R=void 0,void 0),A.timeOrigin||(A.timing||{}).navigationStart||0),U),0),0)),b)(U,91,function(w,y,z,g){z=(g=(z=p(w),p(w)),y=p(w),g=m(g,w),m(z,w)==g),I(y,w,+z)}),[])),179),function(w,y,z,g,r){I((z=(y=p((z=(g=(r=p(w),p(w)),p)(w),w)),y=m(y,w),m(z,w)),g=m(g,w),r),w,zq(y,z,g,w))}),U),e(4)),486),function(w){QF(w,4)}),U),507,function(w){l4(w,4)}),462),function(w,y,z){J(false,y,true,w)||(y=p(w),z=p(w),I(z,w,function(g){return eval(g)}(oi(m(y,w.j)))))}),function(w,y,z,g){I((z=(y=p(w),g=N(w),p)(w),z),w,m(y,w)>>>g)})),function(w,y,z,g,r){0!==(z=(y=m((r=(g=m((z=p((r=p(w),w)),y=p(w),g=p(w),g),w),m)(r,w.j),y),w),m(z,w)),r)&&(g=zq(1,g,y,w,r,z),r.addEventListener(z,g,Z),I(246,w,[r,z,g]))})),I(385,U,0),U),266,function(w,y,z,g,r,x,M,O,S,C,Q,F){function a(l,G){for(;S<l;)g|=N(w)<<S,S+=8;return S-=l,G=g&(1<<l)-1,g>>=l,G}for(x=(Q=(C=(S=(z=p(w),g=0),(a(3)|0)+1),a(5)),r=M=0,[]);r<Q;r++)y=a(1),x.push(y),M+=y?0:1;for(O=(M=((M|0)-1).toString(2).length,[]),r=0;r<Q;r++)x[r]||(O[r]=a(M));for(M=0;M<Q;M++)x[M]&&(O[M]=p(w));for(F=[];C--;)F.push(m(p(w),w));b(w,z,function(l,G,P,L,gH){for(G=(gH=[],0),L=[];G<Q;G++){if(!x[P=O[G],G]){for(;P>=L.length;)L.push(p(l));P=L[P]}gH.push(P)}l.P=M9(l,(l.v=M9(l,F.slice()),gH))})}),function(w,y,z,g,r,x){J(false,y,true,w)||(z=Ii(w.j),y=z.KJ,x=z.jN,r=z.A,z=z.O,g=z.length,x=0==g?new x[r]:1==g?new x[r](z[0]):2==g?new x[r](z[0],z[1]):3==g?new x[r](z[0],z[1],z[2]):4==g?new x[r](z[0],z[1],z[2],z[3]):2(),I(y,w,x))})),77),U,[0,0,0]),function(){})),U.LJ=0,I(419,U,2048),function(w,y,z,g,r,x,M){for(y=(M=(x=m(237,(z=(g=(r=p(w),X$)(w),""),w)),x.length),0);g--;)y=((y|0)+(X$(w)|0))%M,z+=Y[x[y]];I(r,w,z)})),function(w,y,z,g,r){for(g=(r=(y=X$((z=p(w),w)),0),[]);r<y;r++)g.push(N(w));I(z,w,g)})),296),U,U),function(w,y,z,g){y=(z=(g=(z=(y=p(w),p)(w),p)(w),m)(z,w),m)(y,w),I(g,w,y in z|0)})),function(w,y,z,g){I((z=m((y=(g=(y=(z=p(w),p)(w),p)(w),m(y,w)),z),w),g),w,z[y])})),U),76,function(w,y,z){(z=0!=(y=(z=p(w),p(w)),m(z,w)),y=m(y,w),z)&&I(108,w,y)}),function(w){QF(w,1)})),function(w,y,z,g){I((z=(g=(y=p(w),p(w)),p(w)),z),w,m(y,w)||m(g,w))})),U),510,function(w,y,z,g){if(y=w.yc.pop()){for(z=N(w);0<z;z--)g=p(w),y[g]=w.K[g];w.K=(y[419]=(y[418]=w.K[418],w).K[419],y)}else I(108,w,w.Z)}),b(U,113,function(w,y,z,g,r){r=(z=p((y=p(w),w)),p)(w),w.j==w&&(g=m(y,w),r=m(r,w),z=m(z,w),g[z]=r,142==y&&(w.J=void 0,2==z&&(w.U=v(false,32,w),w.J=void 0)))}),0),0]),function(w){i4(4,w)})),I(369,U,477),U),[]),f)),I(408,U,{}),397),function(w,y,z,g,r,x){if(!J(true,y,true,w)){if("object"==(w=(g=(r=m((y=m((x=p((g=(r=(y=p(w),p(w)),p(w)),w)),y),w),r),w),m)(g,w),m(x,w)),fl(y))){for(z in x=[],y)x.push(z);y=x}for(x=0,z=y.length,g=0<g?g:1;x<z;x+=g)r(y.slice(x,(x|0)+(g|0)),w)}}),0),85),function(w,y,z){(y=fl((y=m((z=(y=p(w),p(w)),y),w),y)),I)(z,w,y)}),431),function(w,y,z,g){!J(false,y,true,w)&&(y=Ii(w),z=y.jN,g=y.A,w.j==w||g==w.hZ&&z==w)&&(I(y.KJ,w,g.apply(z,y.O)),w.o=w.T())}),254),function(w,y){rH((y=m(p(w),w),w.j),y)}),U).IO=0,246),U,0),71),function(w,y){w=m((y=p(w),y),w.j),w[0].removeEventListener(w[1],w[2],Z)}),b(U,468,function(w,y,z){z=(y=p(w),p(w)),I(z,w,""+m(y,w))}),U),58,function(w,y,z,g){g=(y=m((z=(g=p(w),p(w)),z),w),m(g,w)),I(z,w,y+g)}),449),function(w){l4(w,3)}),[Ou]),U),d),c],U),[jD,h]),U),true))},hi=function(h,U){return U=U.create().shift(),h.v.create().length||h.P.create().length||(h.v=void 0,h.P=void 0),U},SD=function(h,U,c,Y,A,w,y,z){return(z=W[h.H]((U=[-74,93,-46,-30,9,-35,U,-89,(w=Gq,y=Y&7,40),87],h.Qc)),z)[h.H]=function(g){A=(y+=6+7*Y,y&=7,g)},z.concat=function(g){return(g=(A=(g=(g=c%16+1,3*c*c*g+U[y+27&7]*c*g+(w()|0)*g+54*A*A-162*c*c*A-5022*c*A)-g*A- -4752*A+y,void 0),U[g]),U)[(y+45&7)+(Y&2)]=g,U[y+(Y&2)]=93,g},z},rH=function(h,U){I(108,h,(h.yc.push(h.K.slice()),h.K[108]=void 0,U))},m=function(h,U){if(void 0===(U=U.K[h],U))throw[R,30,h];if(U.value)return U.create();return U.create(3*h*h+93*h+-88),U.prototype},Ii=function(h,U,c,Y,A,w){for(Y=p((c=((A=(w=h[F$]||{},p)(h),w.KJ=p(h),w).O=[],h.j==h?(N(h)|0)-1:1),h)),U=0;U<c;U++)w.O.push(p(h));for(;c--;)w.O[c]=m(w.O[c],h);return(w.jN=m(Y,h),w).A=m(A,h),w},v=function(h,U,c,Y,A,w,y,z,g,r,x,M,O,S){if(y=m(108,c),y>=c.Z)throw[R,31];for(O=(g=(S=y,c).Zs.length,U),z=0;0<O;)A=S>>3,M=S%8,w=c.W[A],r=8-(M|0),r=r<O?r:O,h&&(Y=c,Y.J!=S>>6&&(Y.J=S>>6,x=m(142,Y),Y.D=Ri(Y.J,[0,0,x[1],x[2]],Y.U)),w^=c.D[A&g]),S+=r,z|=(w>>8-(M|0)-(r|0)&(1<<r)-1)<<(O|0)-(r|0),O-=r;return I(108,c,(h=z,(y|0)+(U|0))),h},DN=function(h,U,c,Y){for(;h.h.length;){c=(h.L=null,h.h.pop());try{Y=yF(h,c)}catch(A){E(h,A)}if(U&&h.L){(U=h.L,U)(function(){V(h,true,true)});break}}return Y},V=function(h,U,c,Y,A,w){if(h.h.length){h.i=(h.i&&0(),true),h.Fu=c;try{w=h.T(),h.C=w,h.o=w,h.R=0,Y=DN(h,c),A=h.T()-h.C,h.s+=A,A<(U?0:10)||0>=h.B--||(A=Math.floor(A),h.V.push(254>=A?A:254))}finally{h.i=false}return Y}},Hv=function(h,U){(U.push(h[0]<<24|h[1]<<16|h[2]<<8|h[3]),U).push(h[4]<<24|h[5]<<16|h[6]<<8|h[7]),U.push(h[8]<<24|h[9]<<16|h[10]<<8|h[11])},M9=function(h,U,c){return(c=W[h.H](h.Hs),c)[h.H]=function(){return U},c.concat=function(Y){U=Y},c},Ri=function(h,U,c,Y,A){for(A=(U=U[Y=U[2]|0,3]|0,0);14>A;A++)h=h>>>8|h<<24,h+=c|0,c=c<<3|c>>>29,h^=Y+1890,U=U>>>8|U<<24,U+=Y|0,c^=h,Y=Y<<3|Y>>>29,U^=A+1890,Y^=U;return[c>>>24&255,c>>>16&255,c>>>8&255,c>>>0&255,h>>>24&255,h>>>16&255,h>>>8&255,h>>>0&255]},J=function(h,U,c,Y,A,w,y,z,g){if(((((w=(g=(A=(c||Y.R++,0<Y.N&&Y.i&&Y.Fu&&1>=Y.u&&!Y.v&&!Y.L&&(!c||1<Y.G-U)&&0==document.hidden),z=(y=4==Y.R)||A?Y.T():Y.o,z)-Y.o,g>>14),Y).U&&(Y.U^=w*(g<<2)),Y).Y+=w,Y).j=w||Y.j,y)||A)Y.o=z,Y.R=0;if(!A||z-Y.C<Y.N-(h?255:c?5:2))return false;return!(((I((h=m(c?168:108,(Y.G=U,Y)),108),Y,Y.Z),Y.h).push([VF,h,c?U+1:U]),Y).L=K,0)},xC=function(h,U,c,Y){return(Y=t[h.substring(0,3)+"_"])?Y(h.substring(3),U,c):Ai(U,h)},l4=function(h,U,c,Y,A){q(h,((c=m((Y=(c=p((A=U&3,U&=4,h)),p(h)),c),h),U)&&(c=wH(""+c)),A&&q(h,Y,u(c.length,2)),Y),c)},ai=function(h,U,c){if(3==h.length){for(c=0;3>c;c++)U[c]+=h[c];for(c=[13,8,13,12,16,(h=0,5),3,10,15];9>h;h++)U[3](U,h%3,c[h])}},t,f=this||self,Z={passive:true,capture:true},QF=function(h,U,c,Y){q(h,(c=p((Y=p(h),h)),c),u(m(Y,h),U))},cv=function(h){return h},fl=function(h,U,c){if((c=typeof h,"object")==c)if(h){if(h instanceof Array)return"array";if(h instanceof Object)return c;if("[object Window]"==(U=Object.prototype.toString.call(h),U))return"object";if("[object Array]"==U||"number"==typeof h.length&&"undefined"!=typeof h.splice&&"undefined"!=typeof h.propertyIsEnumerable&&!h.propertyIsEnumerable("splice"))return"array";if("[object Function]"==U||"undefined"!=typeof h.call&&"undefined"!=typeof h.propertyIsEnumerable&&!h.propertyIsEnumerable("call"))return"function"}else return"null";else if("function"==c&&"undefined"==typeof h.call)return"object";return c},u4=function(h,U){return W[h](W.prototype,{call:U,console:U,floor:U,replace:U,stack:U,splice:U,document:U,pop:U,propertyIsEnumerable:U,length:U,prototype:U,parent:U})},K=f.requestIdleCallback?function(h){requestIdleCallback(function(){h()},{timeout:4})}:f.setImmediate?function(h){setImmediate(h)}:function(h){setTimeout(h,0)},X$=function(h,U){return(U=N(h),U)&128&&(U=U&127|N(h)<<7),U},N=function(h){return h.v?hi(h,h.P):v(true,8,h)},u=function(h,U,c,Y){for(c=(Y=(U|0)-1,[]);0<=Y;Y--)c[(U|0)-1-(Y|0)]=h>>8*Y&255;return c},H=function(h,U){U.h.splice(0,0,h)},ZN=function(h,U,c,Y){try{Y=h[((U|0)+2)%3],h[U]=(h[U]|0)-(h[((U|0)+1)%3]|0)-(Y|0)^(1==U?Y<<c:Y>>>c)}catch(A){throw A;}},vv=function(h,U,c,Y,A,w){if(!h.F){h.u++;try{for(A=(Y=(c=0,h.Z),void 0);--U;)try{if((w=void 0,h).v)A=hi(h,h.v);else{if((c=m(108,h),c)>=Y)break;A=(w=(I(168,h,c),p(h)),m(w,h))}J(false,(A&&A[N9]&2048?A(h,U):X([R,21,w],h,0),U),false,h)}catch(y){m(369,h)?X(y,h,22):I(369,h,y)}if(!U){if(h.vs){vv(h,(h.u--,446149057662));return}X([R,33],h,0)}}catch(y){try{X(y,h,22)}catch(z){E(h,z)}}h.u--}},yF=function(h,U,c,Y,A){if(c=U[0],c==B)h.B=25,h.I(U);else if(c==n){Y=U[1];try{A=h.F||h.I(U)}catch(w){E(h,w),A=h.F}Y(A)}else if(c==VF)h.I(U);else if(c==d)h.I(U);else if(c==jD){try{for(A=0;A<h.X.length;A++)try{Y=h.X[A],Y[0][Y[1]](Y[2])}catch(w){}}catch(w){}(0,U[1])((h.X=[],function(w,y){h.g(w,true,y)}),function(w){(w=!h.h.length,H([N9],h),w)&&V(h,false,true)})}else{if(c==D)return A=U[2],I(371,h,U[6]),I(408,h,A),h.I(U);c==N9?(h.W=[],h.K=null,h.V=[]):c==Ou&&"loading"===f.document.readyState&&(h.L=function(w,y){function z(){y||(y=true,w())}(y=false,f).document.addEventListener("DOMContentLoaded",z,Z),f.addEventListener("load",z,Z)})}},F$=String.fromCharCode(105,110,116,101,103,67,104,101,99,107,66,121,112,97,115,115),d=((T.prototype.oO=void 0,(T.prototype.vs=false,T).prototype).Ws=void 0,[]),Ou=(T.prototype.l="toString",[]),B=[],n=[],VF=[],N9=[],R={},D=[],jD=[],W=((Hv,e,ZN,function(){})(ai),R.constructor),Gq=((((k=(T.prototype.H="create",T.prototype),k).EB=function(){return Math.floor(this.s+(this.T()-this.C))},k).T=(window.performance||{}).now?function(){return this.tZ+window.performance.now()}:function(){return+new Date},k).pJ=function(h,U,c){return((U=(U^=U<<13,U^=U>>17,(U^U<<5)&c))||(U=1),h)^U},k.JZ=function(){return Math.floor(this.T())},void 0),q9=(((k.g=function(h,U,c,Y,A){if((c="array"===fl(c)?c:[c],this).F)h(this.F);else try{Y=[],A=!this.h.length,H([B,Y,c],this),H([n,h,Y],this),U&&!A||V(this,true,U)}catch(w){E(this,w),h(this.F)}},k.Ps=function(h,U,c,Y,A,w){for(Y=w=0,c=[];Y<h.length;Y++)for(w+=U,A=A<<U|h[Y];7<w;)w-=8,c.push(A>>w&255);return c},k).UB=function(h,U,c,Y,A){for(A=Y=0;Y<h.length;Y++)A+=h.charCodeAt(Y),A+=A<<10,A^=A>>6;return Y=new (h=(A+=A<<3,A^=A>>11,A)+(A<<15)>>>0,Number)(h&(1<<U)-1),Y[0]=(h>>>U)%c,Y},T.prototype).I=function(h,U){return U=(h={},Gq=function(){return h==U?-88:-31},{}),function(c,Y,A,w,y,z,g,r,x,M,O,S,C,Q,F){h=(z=h,U);try{if(M=c[0],M==d){C=c[1];try{for(w=(Y=(S=atob(C),Q=[],0),0);w<S.length;w++)g=S.charCodeAt(w),255<g&&(Q[Y++]=g&255,g>>=8),Q[Y++]=g;I(142,this,(this.Z=(this.W=Q,this.W).length<<3,[0,0,0]))}catch(a){X(a,this,17);return}vv(this,8001)}else if(M==B)c[1].push(m(419,this),m(23,this).length,m(158,this).length,m(190,this).length),I(408,this,c[2]),this.K[366]&&pl(this,m(366,this),8001);else{if(M==n){this.j=(F=u((m(158,(Y=c[2],this)).length|0)+2,2),x=this.j,this);try{A=m(418,this),0<A.length&&q(this,158,u(A.length,2).concat(A),10),q(this,158,u(this.Y,1),109),q(this,158,u(this[n].length,1)),S=0,S+=m(385,this)&2047,y=m(23,this),S-=(m(158,this).length|0)+5,4<y.length&&(S-=(y.length|0)+3),0<S&&q(this,158,u(S,2).concat(e(S)),15),4<y.length&&q(this,158,u(y.length,2).concat(y),156)}finally{this.j=x}if(O=(((w=e(2).concat(m(158,this)),w)[1]=w[0]^6,w)[3]=w[1]^F[0],w[4]=w[1]^F[1],this.wd(w)))O="!"+O;else for(S=0,O="";S<w.length;S++)r=w[S][this.l](16),1==r.length&&(r="0"+r),O+=r;return m((m(158,(m(23,(I(419,this,(Q=O,Y.shift())),this)).length=Y.shift(),this)).length=Y.shift(),190),this).length=Y.shift(),Q}if(M==VF)pl(this,c[1],c[2]);else if(M==D)return pl(this,c[1],8001)}}finally{h=z}}}(),/./),su,Kl=(T.prototype[T.prototype.wd=(T.prototype.cs=0,T.prototype.T3=0,function(h,U,c,Y){if(c=window.btoa){for(Y="",U=0;U<h.length;U+=8192)Y+=String.fromCharCode.apply(null,h.slice(U,U+8192));h=c(Y).replace(/\\+/g,"-").replace(/\\//g,"_").replace(/=/g,"")}else h=void 0;return h}),jD]=[0,0,1,1,0,1,1],d).pop.bind(T.prototype[B]),oi=function(h,U){return(U=YC())&&1===h.eval(U.createScript("1"))?function(c){return U.createScript(c)}:function(c){return""+c}}((su=u4((q9[T.prototype.l]=Kl,T.prototype).H,{get:Kl}),T.prototype.rd=void 0,f));(40<(t=f.botguard||(f.botguard={}),t).m||(t.m=41,t.bg=Tq,t.a=xC),t).YBO_=function(h,U,c){return c=new T(h,U),[function(Y){return mu(Y,c)}]};}).call(this);'));
}).call(this);
                                    

#22 JavaScript::Eval (size: 32, repeated: 1) - SHA256: a535a9a97ed5a801419c63a6e764dd3b24c8456f177155717caf9ba3411ef756

                                        this.context['chrome']['search']
                                    

#23 JavaScript::Eval (size: 43, repeated: 1) - SHA256: 0220aceb9c3413632235ce2598b94dd7a130a95558114c04ad41f9386b69777b

                                        this.context['clientInformation']['vendor']
                                    

#24 JavaScript::Eval (size: 33, repeated: 1) - SHA256: 92cc9c48ca7d897742a37b1578ba7c99e9d9c405fced233bb9a3270ef84fddfc

                                        this.context['DeviceMotionEvent']
                                    

#25 JavaScript::Eval (size: 22, repeated: 1) - SHA256: e305e4a9f1526070c2c93d1248512d6460115b8db421e150919978d6f2df61a2

                                        0,
function(w) {
    i4(1, w)
}
                                    

#26 JavaScript::Eval (size: 35, repeated: 1) - SHA256: 41aae560d6dd4b675e6e45d30c1572db537659e580ac434c4b89b76e4f3dc5ac

                                        this.context['SiteBoundCredential']
                                    

#27 JavaScript::Eval (size: 45, repeated: 1) - SHA256: e44d38f746ee1fa3b3ef03ed6ea3f298c25e173b6daea3c4505afce8bb869508

                                        this.context['CanvasCaptureMediaStreamTrack']
                                    

#28 JavaScript::Eval (size: 30, repeated: 1) - SHA256: 7ceacb36606d6f6599d3ed5454c31152cb4417fb3c02ebb66431c4227a653726

                                        this.context['clearImmediate']
                                    

#29 JavaScript::Eval (size: 28, repeated: 1) - SHA256: fca3cd5a7ca3a44b75f81e0c169fe599fb48741835c83b5616e304b3f722522b

                                        this.context['AnalyserNode']
                                    

#30 JavaScript::Eval (size: 36, repeated: 1) - SHA256: a612f8985aebacd5c5fa6b17d16982a29983ae9131bae94403ff9abe1ce2ded2

                                        this.context['navigator']['appName']
                                    

#31 JavaScript::Eval (size: 26, repeated: 1) - SHA256: 59d45abada49f5b514521b527330402a2d826ae3f0dab2199c58c38f1e511777

                                        this.context['TouchEvent']
                                    

#32 JavaScript::Eval (size: 21, repeated: 1) - SHA256: 37ceb2a749341c51c7b8c25daaa71dc167b4aba7485c9b398b8ab004b685e492

                                        this.context['Touch']
                                    

#33 JavaScript::Eval (size: 19, repeated: 1) - SHA256: 67909fba812519f6eced963d195970a41923b591290d48f96704719fc6b74ec5

                                        this.context['NaN']
                                    

#34 JavaScript::Eval (size: 41, repeated: 1) - SHA256: e9d851c02746b7bd4d9207264c143f76480b69aa3552b1cdaa79ee537d83f5ac

                                        this.context['navigator']['taintEnabled']
                                    

#35 JavaScript::Eval (size: 39, repeated: 1) - SHA256: aaa8c0ab87c7070701d0a29a610c65a4c1d29153c2d14623602acef3eea646dd

                                        this.context['EventTarget']['toString']
                                    

Executed Writes (8)

#1 JavaScript::Write (size: 215, repeated: 1) - SHA256: c59115d98158016dbef0df9b18c3742bf004fc38999c4208eb8fbc3e8bd72205

                                        < script type = "text/javascript"
src = "//exchange.adtrue.com/delivery/impress?pzoneid=12953&ref=https%3A%2F%2Fouo.press%2F0uJJTL&cb=2940623739&timeZone=0&adWidth=300&adHeight=250&loc=https://ouo.press/0uJJTL" > < /script>
                                    

#2 JavaScript::Write (size: 3131, repeated: 1) - SHA256: c3b5f2b981a5ee9f89b368d5bedae6d3f5c5bcad2827ddbb229d776cce487a37

                                        < script async src = "//cdn.adtrue.com/pb/prebid.js" > < /script><script>var zoneId = 12953;var sizes = [[300, 250]];var REFRESH = 60000;var REFRESH_TIMES = 3;var generateRandomString = Math.random().toString(36).substring(2, 15) + Math.random().toString(36).substring(2, 10);var adTagId = "adtrue_ads_" + zoneId + "_" + generateRandomString;var PREBID_TIMEOUT = 1000;var adUnits = [{code: adTagId,mediaTypes: {banner: {sizes: sizes,},},bids: [{bidder: 'appnexus',params: {placementId: 20565524,member: '7080',reserve: 0.05}}, {bidder: 'pubmatic',params: {publisherId: '155495',adSlot: 'ouo.press_300x250_direct@300x250'}}, {bidder: 'openx',params: {unit: '557936314',delDomain: 'fptadtrue-d.openx.net',customFloor: 0.1}}, {bidder: 'criteo',params: {networkId: 10692,publisherSubId: zoneId}}],}, ];var pbjs = pbjs || {};pbjs.que = pbjs.que || [];pbjs.que.push(function() {pbjs.addAdUnits(adUnits);pbjs.requestBids({timeout: PREBID_TIMEOUT,bidsBackHandler: handlerPassback,});pbjs.setConfig({"schain": {"validation": "strict","config": {"ver": "1.0","complete": 1,"nodes": [{"asi": "adtruesyndication.com","sid": "3363","hp": 1}]}}});pbjs.setConfig({userSync: {filterSettings: {iframe: {bidders: "*",filter: "include",},},userIds: [{name: "criteo",}, ],},});});function refreshBid() {pbjs.que.push(function() {pbjs.requestBids({timeout: PREBID_TIMEOUT,bidsBackHandler: handlerPassback,});});}var ntimes = 0;var intervalID = setInterval(function() {ntimes++;if (ntimes > REFRESH_TIMES) {window.clearInterval(intervalID);}refreshBid();}, REFRESH);function handlerPassback() {var iframe = document.getElementById(adTagId);var iframeDoc = iframe.contentWindow.document;var adServerTargeting = pbjs.getAdserverTargetingForAdUnitCode(adTagId);/ * If any bidders
return any creatives * /if (adServerTargeting && adServerTargeting["hb_adid"]) {pbjs.renderAd(iframeDoc, adServerTargeting["hb_adid"]);} else {iframe.width = sizes[0][0];iframe.height = sizes[0][1];iframeDoc.write("<head></head > < body > " + passbackTagHtml + " < /body>");iframeDoc.close();}}var passbackTagHtml = '<script type="text\/javascript">' + "var adtrue_passback = {adtrue_pzoneid:'" + zoneId + "'};" + "<\/script>" + '<script type="text\/javascript" src="/ / cdn.adtrue.com / rtb / passback.js "><\/script>';</script><iframe id="
pb_iframe " frameborder="
0 " scrolling="
no " marginheight="
0 " marginwidth="
0 " TOPMARGIN="
0 " LEFTMARGIN="
0 " ALLOWTRANSPARENCY="
true " width="
0 " height="
0 "></iframe><script>var iframe = document.getElementById("
pb_iframe ");iframe.setAttribute("
id ", adTagId);</script><script type="
text / javascript ">(function() {var purl = window.location.href;var url = '//ads.pubmatic.com/AdServer/js/pwt/155495/4202';var profileVersionId = '';if (purl.indexOf('pwtv=') > 0) {var regexp = /pwtv=(.*?)(&|$)/g;var matches = regexp.exec(purl);if (matches.length >= 2 && matches[1].length > 0) {profileVersionId = '/' + matches[1];}}var wtads = document.createElement('script');wtads.async = true;wtads.type = 'text/javascript';wtads.src = url + profileVersionId + '/pwt.js';var node = document.getElementsByTagName('script')[0];node.parentNode.insertBefore(wtads, node);})();</script>
                                    

#3 JavaScript::Write (size: 349, repeated: 1) - SHA256: 9e7a8d97bb1cb2bcf174389291a360665ffda244d6b9c0290bb137f6d059567b

                                        < iframe name = "pbeacon"
frameborder = "0"
allowtransparency = "true"
hspace = "0"
vspace = "0"
marginheight = "0"
marginwidth = "0"
scrolling = "no"
width = "0"
height = "0"
style = "position:absolute;top:-20000px;"
src = "//track.adtrue.com/track/request?pzoneid=12953&domain=ouo.press&ref=https%3A%2F%2Fouo.press%2F0uJJTL&loc=https%3A%2F%2Fouo.press%2F0uJJTL" > < /iframe>
                                    

#4 JavaScript::Write (size: 192, repeated: 1) - SHA256: df9913e17da94cf021a5cf7de21a12683e6020ed3b2cbeb6dca1f3169fdf87a4

                                        < head > < /head><body><script type="text/javascript
">var adtrue_passback = {adtrue_pzoneid:'12953'};</script><script type="
text / javascript " src=" //cdn.adtrue.com/rtb/passback.js"></script></body>
                                    

#5 JavaScript::Write (size: 132, repeated: 1) - SHA256: 36ff04abdc9aad294879b8442493a11be9bbf3ef1a371ac272cb90b9bd459777

                                        < script type = "text/javascript"
src = "//exchange.adtrue.com/tag/passback?adtrue_pzoneid=12953&divid=615730893&ref=undefined" > < /script>
                                    

#6 JavaScript::Write (size: 249, repeated: 1) - SHA256: d69309a446845fa51459fb0bf23ba7e57d8cbdfd2833b544627e64ec727a2102

                                        <!-- Composite Start -->
< style >
    .mgbox.mgheader {
        display: none!important;
    } < /style> < div id = "M624865ScriptRootC991771" >
    < /div> < script src = "https://jsc.adskeeper.com/a/d/adtrue.ouo.press.991771.js"
async >
    < /script>
    <!-- Composite End -->
                                    

#7 JavaScript::Write (size: 173, repeated: 1) - SHA256: 642f9705ec7d8c7b0f907d5fecc582d31d93a78c244f05c938e36bf016fe9d3c

                                        < body style = "background-color:white;margin:0px;padding:0px;" > < div id = "c" > < /div><script src="https:/ / ecdn.firstimpression.io / static / js / fiamp.js "></script></body>
                                    

#8 JavaScript::Write (size: 3268, repeated: 1) - SHA256: bb207a46f2dc7b968c728bc3bac0b213044b7553c4e81320a83a0ffcccd213b6

                                        < !DOCTYPE HTML > < html > < head > < /head><body><script type="text/javascript
">function showAdsByAdtrue(){document.getElementById("
adtrue_gc ").style.width = '105px';document.getElementById("
adtrue_gb ").style.display = 'none';document.getElementById("
adtrue_gs ").style.display = 'block';}function hideAdsByAdtrue(cb){setTimeout(function() {document.getElementById("
adtrue_gc ").style.width = '15px';document.getElementById("
adtrue_gb ").style.display = 'block';document.getElementById("
adtrue_gs ").style.display = 'none';}, 500);}</script><style>#block_adexchange svg:not(:root) {overflow: auto;!important}</style><div id="
block_adexchange " style="
width: 300 px;
height: 250 px;
position: relative;
font: 15 px / 1.2e m Arial, sans - serif!important;
">            <div dir="
ltr " id="
adtrue_gc " class="
adtrue_gc_12953 " style="
display: none;
width: 15 px;
height: 15 px;
height: 15 px;
position: absolute;
left: 0;
text - rendering: geometricprecision;
bottom: 0;
width: 15 px;
z - index: 9020;
">                <div id="
adtrue_gb " style="
display: block;
height: 100 % ;
" onmouseover="
showAdsByAdtrue()
"><svg width="
100 % " height="
100 % "><rect width="
100 % " height="
100 % " fill="
whitesmoke "/><svg stroke="
#000000" fill= "#000000"
x = "0px"
y = "0px" > < circle cx = "7.5px"
cy = "7.5px"
r = "5.5px"
fill = "none"
stroke - width = "1.1px" / > < circle cx = "7.5px"
cy = "4.75px"
r = "1px"
stroke = "none" / > < line x1 = "7.5px"
x2 = "7.5px"
y1 = "6.5px"
y2 = "11px"
fill = "none"
stroke - width = "1.75px" / > < /svg>                    </svg > < /div>                <div id="adtrue_gs" style="display: none;height: 100%;" onmouseleave="hideAdsByAdtrue()">                    <a target="_blank" href="https:/ / adtrue.com " style="
text - decoration: none;
" id="
abgl ">                        <svg height="
100 % " width="
100 % ">                        <path transform="
matrix(-1.18971, -0.00136069, 0.00161882, -0.999999, 105, 15)
" d="
M0, 0 l96, 0 l0, 15 l - 92, 0 s - 4, 0, -4, -4 Z " fill="
whitesmoke "/>                        <svg width="
34 px " y="
11 px " x="
17 px " overflow="
visible ">                        <text transform="
scale(0.11121408415723971)
" font-size="
100 px " font-family="
Arial " fill="
dimgray ">Ads by</text>                        </svg>                        <svg width="
38 px " y="
11 px " x="
53 px " overflow="
visible ">                        <text transform="
scale(0.11784163440459683)
" font-weight="
bold " font-size="
100 px " font-family="
Arial " fill="
black ">Adtrue</text>                        </svg>                        <svg y="
0 px " x="
0 px " fill="
#000000" stroke= "#000000" > < circle stroke - width = "1.1px"
fill = "none"
r = "5.5px"
cy = "7.5px"
cx = "7.5px" / > < circle stroke = "none"
r = "1px"
cy = "4.75px"
cx = "7.5px" / > < line stroke - width = "1.75px"
fill = "none"
y2 = "11px"
y1 = "6.5px"
x2 = "7.5px"
x1 = "7.5px" / > < /svg>                        </svg > < /a>                </div > < /div><script type="text/javascript
">document.write('<script type="
text / javascript " src=" //exchange.adtrue.com/delivery/impress?pzoneid=12953&ref=https%3A%2F%2Fouo.press%2F0uJJTL&cb=2940623739&timeZone=0&adWidth=300&adHeight=250&loc=https://ouo.press/0uJJTL"></'+'script>');</script>        </div></body></html>
                                    


HTTP Transactions (164)


Request Response
                                        
                                            GET /0uJJTL HTTP/1.1 
Host: ouo.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         104.22.22.162
HTTP/1.1 301 Moved Permanently
                                        
Date: Mon, 19 Sep 2022 21:29:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 19 Sep 2022 22:29:07 GMT
Location: https://ouo.io/0uJJTL
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74d56a3c6f23b4f9-OSL

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "5C706B2718B1698995F4FEB91223779AEF4BF6DC967C31F9EF9A93873197D5F9"
Last-Modified: Sun, 18 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4895
Expires: Mon, 19 Sep 2022 22:50:42 GMT
Date: Mon, 19 Sep 2022 21:29:07 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 19 Sep 2022 20:36:06 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: armE0bMXdXXugLs618wagW1kS9HXoYD_U0fE9Bps-qAVzXdKqrsOBg==
Age: 3181


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    99b7d23c1748d0526782b9ff9ea45f09
Sha1:   eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
Sha256: 48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 19 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: SJN8AIGsUo-3l_dWAFcvkoLdMrqw3NGM68wbong0EF3HZ-qdR0wDPg==
age: 60834
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Mon, 19 Sep 2022 21:29:07 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Mon, 19 Sep 2022 21:03:22 GMT
Cache-Control: max-age=3600
Expires: Mon, 19 Sep 2022 21:31:32 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: RCbrbcE01YDcnmAp0G9OTFXbG94gwu_H_QwtGX0ODVC45yNtmRtZkA==
Age: 1545


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6330
Cache-Control: 'max-age=158059'
Date: Mon, 19 Sep 2022 21:29:08 GMT
Last-Modified: Mon, 19 Sep 2022 19:43:38 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /images/world.png HTTP/1.1 
Host: ouo.press
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/0uJJTL
Cookie: ouoio_session=eyJpdiI6IlwvVjNcLzU2RG4yNHFNN1BhYkk0V040TzZWS3hWVnY5K2JkdG5MMXh1Y1d6VT0iLCJ2YWx1ZSI6Im5uYUlHUHdrRUFDdlVtdDdvZGRVUUR4YkR3TUIxbldrRGtxVmZlUnROcis2R3FEeHQydEFwSVBYa2RnUWN5OVVlV1RrTXl6a2QwejVYcjNMcm1LdHhRPT0iLCJtYWMiOiJkYThjZTg2ZGEyMzBmZmQ2OWU1ZGM2ODZkNGE3ZTA3YTdmYjQyYzhhMGUyZTQ3NGMyMjcyMTE0MGNkNzhjMjVjIn0%3D; language=eyJpdiI6InJBRFdrNlloZ0w5U3p5aUhoRnVMbXVVUndyYXd1aWc4YStFelNFNzJkVzg9IiwidmFsdWUiOiJ6OGx3UzdCWEVXXC82dUxTVzA0UlAyYStsUXRxc2k2cm9GOUZiVFUzeWl1QT0iLCJtYWMiOiIyODExODE3Njc5ODVjNDg0YzdlOTU3OTE0MzA1MDZiZjA5NDkwZGJmYmNkZjQ1MDA3YTQ3YTI0MjA1NzYwMDZkIn0%3D; f37540fd911db5b74e475e4012112e046115c9d5=eyJpdiI6IlwvSzVVTG10UWhnV3FuT1FxVEJMNjlSSGU5WkhrUzBsN3FodHJaU1FEWnA4PSIsInZhbHVlIjoiVnRHR05LMTJad2c5SVl2YjJOU2RteVpldkdlVEUwYlhOU0d4alBhRjc1T1IwODRSYXlheWpXOUFrZys2a3NCSGpzUlwva3RWTmhDcFloQzdOUkY3TzlRaDlRNjFkbmZyVGROSU5GSWhVQ1VSR1wvMWNaYmVLcGNTTjBObFMzak5LOGlCdVNwQ3lkY0ZTVWhYQVNGVjl3aXhEQjlUb0dITlhDc1Zma0tQSWZuWG5lSlZvMWd4Sm5mR0RyVlVYR3VqTVNKT3YxVWYwOTBJbGRVMGExSjJIUUpYYXVxMCtwY3ZValZkNENha2l0bGlQREUwODBOTElJTjZ6NGdTeGE1VWZ3YXYySmh2SWRrSjlNRHJRdjNGTXB1NWphSTI3QTZrXC9zaHAxMGw5S3ZIMHcyazNOTVZaNWQwaCs1d2t1Tlo0emM2b3NDSVZYRXFxNjVreGVZS3lwNXM4RENQaW1NOTduWUNXQWxLUGVcLzllQWJtWVVnVVFnUWF3cWhYb2pWTEkyZyIsIm1hYyI6ImYyMzlmMTE1YjA5ZWE4MzAzMTM2MjdmZjQxNmI2NTJiZDhmNjI1ZTNjZmEyMGE4MjVkMzU5NTIzM2RmNGZhNWEifQ%3D%3D; __cf_bm=zRcrtTGdYuBB7dG4T2GnQ8s3x8W_2QAVHgKCKoAD4KU-1663622948-0-AVIx58zGGXDhAqGMzNkXRXP1j6B8Wvp+YghZcWNd/QhKQk1boApnu9ItHaC21ZGhEuUjwjNXSljWXt2rYQvJiZQ=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.22.15
HTTP/2 200 OK
content-type: image/png
                                        
date: Mon, 19 Sep 2022 21:29:08 GMT
content-length: 5692
cache-control: max-age=2592000
cf-bgj: imgq:85,h2pri
cf-polished: status=not_needed
etag: "5549a07c-163c"
expires: Tue, 04 Oct 2022 22:31:44 GMT
last-modified: Wed, 06 May 2015 05:02:52 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 1292244
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d56a42cdd00afa-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Size:   5692
Md5:    4eea420a8830a6d695114427bf52b556
Sha1:   35579e7f1a656beb3a07a7093166ff37c634bade
Sha256: 70f03c74cc197cf154af36fa552a448d9ffebb55081c96e55ef4cf469123fe22
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6590
Cache-Control: 'max-age=158059'
Date: Mon, 19 Sep 2022 21:29:08 GMT
Last-Modified: Mon, 19 Sep 2022 19:39:19 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6590
Cache-Control: 'max-age=158059'
Date: Mon, 19 Sep 2022 21:29:08 GMT
Last-Modified: Mon, 19 Sep 2022 19:39:19 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 19 Sep 2022 21:29:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 19 Sep 2022 21:29:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /recaptcha/api.js?render=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.164
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
expires: Mon, 19 Sep 2022 21:29:08 GMT
date: Mon, 19 Sep 2022 21:29:08 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 585
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (884), with no line terminators
Size:   585
Md5:    ffc0e5974b36df4fbf86044645f56feb
Sha1:   582d8833edc2dab0f78d8f3a368dd36479481348
Sha256: 51fe629ea38f998cc3139171392cbae2a1348d03c75074cd60ae1fc03be69997
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "44F9EDD92705E60B4BA3A78C1E1FFD07194423765D3E2C1EFD87BD99643370F2"
Last-Modified: Mon, 19 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10089
Expires: Tue, 20 Sep 2022 00:17:17 GMT
Date: Mon, 19 Sep 2022 21:29:08 GMT
Connection: keep-alive

                                        
                                            GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1 
Host: ouo.press
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/0uJJTL
Cookie: ouoio_session=eyJpdiI6IlwvVjNcLzU2RG4yNHFNN1BhYkk0V040TzZWS3hWVnY5K2JkdG5MMXh1Y1d6VT0iLCJ2YWx1ZSI6Im5uYUlHUHdrRUFDdlVtdDdvZGRVUUR4YkR3TUIxbldrRGtxVmZlUnROcis2R3FEeHQydEFwSVBYa2RnUWN5OVVlV1RrTXl6a2QwejVYcjNMcm1LdHhRPT0iLCJtYWMiOiJkYThjZTg2ZGEyMzBmZmQ2OWU1ZGM2ODZkNGE3ZTA3YTdmYjQyYzhhMGUyZTQ3NGMyMjcyMTE0MGNkNzhjMjVjIn0%3D; language=eyJpdiI6InJBRFdrNlloZ0w5U3p5aUhoRnVMbXVVUndyYXd1aWc4YStFelNFNzJkVzg9IiwidmFsdWUiOiJ6OGx3UzdCWEVXXC82dUxTVzA0UlAyYStsUXRxc2k2cm9GOUZiVFUzeWl1QT0iLCJtYWMiOiIyODExODE3Njc5ODVjNDg0YzdlOTU3OTE0MzA1MDZiZjA5NDkwZGJmYmNkZjQ1MDA3YTQ3YTI0MjA1NzYwMDZkIn0%3D; f37540fd911db5b74e475e4012112e046115c9d5=eyJpdiI6IlwvSzVVTG10UWhnV3FuT1FxVEJMNjlSSGU5WkhrUzBsN3FodHJaU1FEWnA4PSIsInZhbHVlIjoiVnRHR05LMTJad2c5SVl2YjJOU2RteVpldkdlVEUwYlhOU0d4alBhRjc1T1IwODRSYXlheWpXOUFrZys2a3NCSGpzUlwva3RWTmhDcFloQzdOUkY3TzlRaDlRNjFkbmZyVGROSU5GSWhVQ1VSR1wvMWNaYmVLcGNTTjBObFMzak5LOGlCdVNwQ3lkY0ZTVWhYQVNGVjl3aXhEQjlUb0dITlhDc1Zma0tQSWZuWG5lSlZvMWd4Sm5mR0RyVlVYR3VqTVNKT3YxVWYwOTBJbGRVMGExSjJIUUpYYXVxMCtwY3ZValZkNENha2l0bGlQREUwODBOTElJTjZ6NGdTeGE1VWZ3YXYySmh2SWRrSjlNRHJRdjNGTXB1NWphSTI3QTZrXC9zaHAxMGw5S3ZIMHcyazNOTVZaNWQwaCs1d2t1Tlo0emM2b3NDSVZYRXFxNjVreGVZS3lwNXM4RENQaW1NOTduWUNXQWxLUGVcLzllQWJtWVVnVVFnUWF3cWhYb2pWTEkyZyIsIm1hYyI6ImYyMzlmMTE1YjA5ZWE4MzAzMTM2MjdmZjQxNmI2NTJiZDhmNjI1ZTNjZmEyMGE4MjVkMzU5NTIzM2RmNGZhNWEifQ%3D%3D; __cf_bm=zRcrtTGdYuBB7dG4T2GnQ8s3x8W_2QAVHgKCKoAD4KU-1663622948-0-AVIx58zGGXDhAqGMzNkXRXP1j6B8Wvp+YghZcWNd/QhKQk1boApnu9ItHaC21ZGhEuUjwjNXSljWXt2rYQvJiZQ=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.22.15
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Mon, 19 Sep 2022 21:29:08 GMT
last-modified: Thu, 15 Sep 2022 13:38:19 GMT
etag: W/"63232acb-4d7"
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d56a42cdd90afa-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Wed, 21 Sep 2022 21:29:08 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1127
Md5:    d1f10718f3c6995161b53234284be2dc
Sha1:   4923c4f1ca7bcf25903687c9f82142c9a185bf06
Sha256: a4a23292080be205b6a71111c57bc12927c40ca1a1cd2d4d8f9842fa255b00a6
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 19 Sep 2022 21:29:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /1clkn/16562 HTTP/1.1 
Host: tv.gourdycortes.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.109.170.49
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Server: nginx
Date: Mon, 19 Sep 2022 21:29:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Set-Cookie: GL_UI4=eJw9jUtOwzAYhPMOVUnESDkAR2gi0rRLNqy4Q%2BTYf4Jp4r9y3Ae3xyDBbh6fZoIgiKoS4TWLEV9Ei%2BejGru9pJrkoW6a%2BuXQyLEdRDfWqunqdoeNXnsnhplcgseJDFkte8mKCjz56i85Gb6ZBOlghVEF0sUTc4F8sHxbyVYxEiMWQv6mLY1894T4ZIvouPdSGy%2FDHSJeq7jcIH3X5nIvt1lQFlmA7XkWbmS79Fp5m05WKEL4igcpHE1sv5ArWk%2BOzwDPqv%2Fnfz%2FT%2BWcNmaKrlt6y%2ByD7DTb9Sx8%3D; expires=Tue, 20-Sep-2022 21:29:08 GMT; Max-Age=86400; path=/; secure; SameSite=None GL_GI10=eJxNjMFqg0AURXXSTCOK5UI%2FID9Qk7R2kW3TZdGFHzBY8xIGzDxxJm0mX181ULK5HA6cGwSBeE4hdIdku8m26yx%2FzTbvOWZHYoiiRNLw2bjeK1OfCLLg%2Frf2kD0dNRuI9RviG6uG94R5Ub7cuSmKS9vycjf%2BeDw0etxRIRr51j0O3eRm2nZIP1p9WVbcnt3wYhEZcsp2RHtEu%2Fq7pdVn9YX0304fMsRCW9X1fPEDPzl9oisbUnw4WHJSIPyR4g8Mt0dW; expires=Tue, 20-Sep-2022 21:29:08 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   26
Md5:    414a242a6fee8464282857e475d3ef61
Sha1:   f669890350347f53aa9bd19c1a355692e8d17d2f
Sha256: d4914e81dd0b4c1d8ee8e789f6b369d107b93ac886f862930e1a98580e79aafa
                                        
                                            GET /static/js/fab.js HTTP/1.1 
Host: ecdn.analysis.fi
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.87
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 4240
server: nginx/1.20.0
last-modified: Tue, 14 Dec 2021 15:30:51 GMT
access-control-allow-origin: *
accept-ranges: bytes
date: Mon, 19 Sep 2022 20:53:06 GMT
expires: Mon, 19 Sep 2022 21:53:06 GMT
cache-control: max-age=3600
etag: "61b8b8ab-1090"
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: NL-nM2ScfIQU58AA3f1jTqe_MpEuq4FkB61tcv8fk5qFc1gd_p9bSA==
age: 2162
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (574)
Size:   4240
Md5:    28a0bef1ecb63168106f97b637ab3414
Sha1:   e577575dd115f6a95aea8c2ae87d2c30c8464728
Sha256: d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: UCzNREEMnOxXplw0/wVgYQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         44.237.239.70
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Nl5YYc+KwjE7Zis4C3ZqBcC/Lvw=

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "44C21040D1D46E3C39588650DC604D357FDE69349D9A53FB111FDCACF361C9DE"
Last-Modified: Sun, 18 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10457
Expires: Tue, 20 Sep 2022 00:23:25 GMT
Date: Mon, 19 Sep 2022 21:29:08 GMT
Connection: keep-alive

                                        
                                            GET /um/ixmatch.html HTTP/1.1 
Host: js-sec.indexww.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         23.38.200.248
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: Apache
Last-Modified: Mon, 25 Jul 2022 19:18:30 GMT
ETag: "e20015-b68-5e4a60c97afb7"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1387
Date: Mon, 19 Sep 2022 21:29:08 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2920), with no line terminators
Size:   1387
Md5:    d41805aed22c3b9731d56a19244e6b8a
Sha1:   7e5da0bdf4db3f38f1590b5020750a93d1a174b5
Sha256: 46aa57bbee28a5fa9e4352e856a1d3a0485613234232d0b3de27adc74d8fac26
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "07DDB56E717DEF70BCC1649E81034A7B5E03FCB65D2C69D7CE910883F1DACF7C"
Last-Modified: Sun, 18 Sep 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18259
Expires: Tue, 20 Sep 2022 02:33:27 GMT
Date: Mon, 19 Sep 2022 21:29:08 GMT
Connection: keep-alive

                                        
                                            GET /logs/req/site?sid=105641&uid=&event=playerLoaded&v=206231&cb=1663622928841 HTTP/1.1 
Host: hhkld.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         141.94.202.176
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Mon, 19 Sep 2022 21:29:08 GMT
content-length: 43
last-modified: Tue, 28 Jun 2022 15:48:44 GMT
etag: "62bb22dc-2b"
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    df3e567d6f16d040326c7a0ea29a4f41
Sha1:   ea7df583983133b62712b5e73bffbcd45cc53736
Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
                                        
                                            GET /cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D26%26uid%3D HTTP/1.1 
Host: prebid.a-mo.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         147.75.85.234
HTTP/2 302 Found
                                        
cache-control: max-age=0, private, must-revalidate
content-length: 0
date: Mon, 19 Sep 2022 21:29:08 GMT
location: https://sync.viavideo.digital/tools/sync?dsp=26&uid=14e006f8-86c8-4c0f-99a7-9b18e85f76e5&gdpr=0&gdpr_consent=&us_privacy=
server: envoy
x-envoy-upstream-service-time: 1
X-Firefox-Spdy: h2

                                        
                                            GET /rucdn/js/player/220623_d44559ff.js HTTP/1.1 
Host: hhkld.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         141.94.202.176
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Mon, 19 Sep 2022 21:29:08 GMT
last-modified: Tue, 13 Sep 2022 10:33:35 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public, no-transform
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   71100
Md5:    a07b174c68755f0cab7be63f7047f07d
Sha1:   0d220a9eef71d96e0093ab88097950a59519d837
Sha256: 85b3659b72403af06da8fd05eea8e02a1964bc7fa67d8b8b04bcfcbac2ff0cba
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "363A085025BBCC1176A2C9CB25828B54B6DB5F832A0365F5FB59DA7C63CDA1F3"
Last-Modified: Mon, 19 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6125
Expires: Mon, 19 Sep 2022 23:11:13 GMT
Date: Mon, 19 Sep 2022 21:29:08 GMT
Connection: keep-alive

                                        
                                            POST /gsalphasha2g2 HTTP/1.1 
Host: ocsp2.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 19 Sep 2022 21:29:08 GMT
Content-Length: 1423
Connection: keep-alive
Expires: Fri, 23 Sep 2022 17:35:26 GMT
ETag: "db09a0c39fdd05877ae61f1393ff4c22cf598551"
Last-Modified: Mon, 19 Sep 2022 17:35:27 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2548
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74d56a45ddf70b41-OSL


--- Additional Info ---
Magic:  data
Size:   1423
Md5:    03c594379d77943591d36c60f92cce5a
Sha1:   db09a0c39fdd05877ae61f1393ff4c22cf598551
Sha256: afa5c460fd9a5cbc7b13d5417e772640121802e7253c5fd6e4e68b822f7d09a5
                                        
                                            GET /usermatch?d=https%3A%2F%2Fouo.press%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 HTTP/1.1 
Host: ssum-sec.casalemedia.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://js-sec.indexww.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.18.18.126
HTTP/2 200 OK
content-type: text/html
                                        
date: Mon, 19 Sep 2022 21:29:08 GMT
cf-ray: 74d56a453f4ab511-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hRXanL6BgtKWqqrCzIWpGJxS%2BQOTBxhCGfNlNAz6sNnI%2B%2F5IepYQ8yrRNLbzTSihYtGfgQ%2BYOC2puDkDxyLIsUZvPhRx4IoOql0VIsbKIBUkt75bBskTGQaLAaJUAy%2BfLPbHABKwizGAaA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Size:   144
Md5:    5f8e6e6c56ef68e09a7402270be3204b
Sha1:   979753a73bf90e90f942c51b9b7a24743215c73d
Sha256: 6adf6e2799139265c2e0070d7521f94b8d68d6f3bce2364633ff1cf3e1d75299
                                        
                                            GET /tools/sync?dsp=26&uid=14e006f8-86c8-4c0f-99a7-9b18e85f76e5&gdpr=0&gdpr_consent=&us_privacy= HTTP/1.1 
Host: sync.viavideo.digital
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ouo.press/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         141.94.202.176
HTTP/2 301 Moved Permanently
                                        
server: nginx
date: Mon, 19 Sep 2022 21:29:08 GMT
content-length: 0
location: https://sync.hhkld.com/tools/sync?dsp=26&uid=14e006f8-86c8-4c0f-99a7-9b18e85f76e5&gdpr=0&gdpr_consent=&us_privacy=&viads_uid=cckdu972tal5fc5uqadgXx
set-cookie: uid=cckdu972tal5fc5uqadgXx; expires=Tue, 19 Sep 2023 21:29:08 GMT; domain=.viavideo.digital; path=/
X-Firefox-Spdy: h2

                                        
                                            GET /tools/sync?dsp=26&uid=14e006f8-86c8-4c0f-99a7-9b18e85f76e5&gdpr=0&gdpr_consent=&us_privacy=&viads_uid=cckdu972tal5fc5uqadgXx HTTP/1.1 
Host: sync.hhkld.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ouo.press/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         141.94.202.176
HTTP/2 301 Moved Permanently
                                        
server: nginx
date: Mon, 19 Sep 2022 21:29:08 GMT
content-length: 0
location: https://sync.vicodes.com/tools/sync?dsp=26&uid=14e006f8-86c8-4c0f-99a7-9b18e85f76e5&gdpr=0&gdpr_consent=&us_privacy=&viads_uid=cckdu972tal5fc5uqadgXx
set-cookie: uid=cckdu972tal5fc5uqadgXx; expires=Tue, 19 Sep 2023 21:29:08 GMT; domain=.hhkld.com; path=/
X-Firefox-Spdy: h2

                                        
                                            GET /rucdn/static/report.svg HTTP/1.1 
Host: hhkld.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         141.94.202.176
HTTP/2 200 OK
content-type: image/svg+xml
                                        
server: nginx
date: Mon, 19 Sep 2022 21:29:08 GMT
content-length: 3025
last-modified: Wed, 22 Jun 2022 05:10:01 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public, no-transform
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2042)
Size:   3025
Md5:    c12dad0e0d31548287471223d9118b54
Sha1:   d40516c15ebc64ab96d309a7c0e2e49443d04bb2
Sha256: 8f03524fcc1c423e5375ee91780af2493c8f24426b5b85b058d0a3fbf76fcb34
                                        
                                            GET /match/vibe HTTP/1.1 
Host: sync.dmp.otm-r.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         88.99.28.61
HTTP/2 204 No Content
                                        
server: nginx/1.17.10
date: Mon, 19 Sep 2022 21:29:08 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            GET /ed/36/01/ed36014633829dc70a42dccaefdf3f11.js HTTP/1.1 
Host: itineraryupper.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.61.225
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.22.0
Date: Mon, 19 Sep 2022 21:29:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 10e1750934c3275c1f4926b82a1aca72
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (37146), with no line terminators
Size:   13426
Md5:    67cc901028d65d6acc4a5d1a2641e3d0
Sha1:   830132c1f2336313af161c28578838df27c4a339
Sha256: 0e80766db7dc0d2e780c89e51a6a5c2eaa8a89ebb80a3e167d47d9d91bcee3bd

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /css?family=Questrial HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.211.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 19 Sep 2022 21:29:08 GMT
date: Mon, 19 Sep 2022 21:29:08 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "6ECFFE1177051A970BB0688C29F4EAAFE675701F764172519E90D9C840598C88"
Last-Modified: Sun, 18 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2075
Expires: Mon, 19 Sep 2022 22:03:44 GMT
Date: Mon, 19 Sep 2022 21:29:09 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5697
Cache-Control: 'max-age=158059'
Date: Mon, 19 Sep 2022 21:29:09 GMT
Last-Modified: Mon, 19 Sep 2022 19:54:12 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 19 Sep 2022 21:29:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ouo.press
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19292
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 19 Sep 2022 20:03:15 GMT
expires: Tue, 19 Sep 2023 20:03:15 GMT
cache-control: public, max-age=31536000
age: 5154
last-modified: Wed, 27 Apr 2022 16:12:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 19292, version 1.0\012- data
Size:   19292
Md5:    19007b17e56daa60133bce9e9b352a95
Sha1:   bac1384caeae5762e7a1d8c18037f69c8cd21bc4
Sha256: fd88a03358ba14440b78c6329717bdf6ed1a9fe97c3ad4e0a0a39d31fb1ac546
                                        
                                            GET /tools/sync?dsp=26&uid=14e006f8-86c8-4c0f-99a7-9b18e85f76e5&gdpr=0&gdpr_consent=&us_privacy=&viads_uid=cckdu972tal5fc5uqadgXx HTTP/1.1 
Host: sync.vicodes.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ouo.press/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         141.94.202.176
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Mon, 19 Sep 2022 21:29:09 GMT
content-length: 43
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Accept
access-control-allow-methods: GET, POST
access-control-allow-origin: *
last-modified: Mon, 19 Sep 2022 21:29:09 GMT
expires: Wed, 11 Nov 1998 11:11:11 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
set-cookie: uid=cckdu972tal5fc5uqadgXx; expires=Tue, 19 Sep 2023 21:29:09 GMT; domain=.vicodes.com; path=/
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    df3e567d6f16d040326c7a0ea29a4f41
Sha1:   ea7df583983133b62712b5e73bffbcd45cc53736
Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 19 Sep 2022 21:29:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.100
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 19 Sep 2022 21:29:09 GMT
Last-Modified: Mon, 19 Sep 2022 20:32:00 GMT
Server: ECS (bsa/EB19)
X-Cache: Miss from cloudfront
Via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: WBnn_gLPhYU-tcIL9lrbySN15ovsgoxnRxjKkXRgVHkOksttGFtd2g==
Age: 3429

                                        
                                            GET /stats HTTP/1.1 
Host: simplewebanalysis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         3.64.106.196
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Mon, 19 Sep 2022 21:29:09 GMT
content-length: 40
server: fasthttp
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
set-cookie: uid_id2=df126ca4-6f42-4183-8b66-95566ff645aa:3:1; expires=Thu, 16 Sep 2032 21:29:09 GMT; secure; SameSite=None
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   40
Md5:    92d118a3fc48eb87961474d7ce1b5876
Sha1:   52aec91c9fc2ccf9d1ecc134f8f6ba87649c7b60
Sha256: 6a9856fa40c60bdeb3c20b8603645d1e493f862d671995f74a8a7f49295163a7
                                        
                                            GET /vi/19_ENG0.ts HTTP/1.1 
Host: viavideo.digital
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         141.94.202.176
HTTP/2 200 OK
content-type: video/mp2t
                                        
server: nginx
date: Mon, 19 Sep 2022 21:29:09 GMT
content-length: 515308
last-modified: Sun, 26 Jun 2022 07:47:49 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public, no-transform
access-control-allow-origin: https://ouo.press
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   515308
Md5:    c5a2a11a945751cdc42d2f10b12d9a92
Sha1:   ccf7adaff9640202056b64dc54a66daac236c48e
Sha256: 6787c997fd3be922e3a09fea77ecd244b9f9f381a953cc4bb3ea738045906eff
                                        
                                            GET /AdServer/js/pwt/155495/4202/pwt.js HTTP/1.1 
Host: ads.pubmatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.38.200.201
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Wed, 27 Oct 2021 05:33:12 GMT
server: Apache
etag: "1241a12-3fca8-5cf4eee137dd8"
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: https://ci-va2qa-mgmt.pubmatic.com
x-xss-protection: 1; mode=block
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 80538
cache-control: max-age=91936
expires: Tue, 20 Sep 2022 23:01:25 GMT
date: Mon, 19 Sep 2022 21:29:09 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   80538
Md5:    6a4ce36b0d03543974d71b88fa37145d
Sha1:   a5c1750aab7489f287c98bae25f5afff0ed16ce8
Sha256: 30fb02ff951a4220268d02c95e2dbd16adfad28b179a89e9643d75ade8809aaf
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: ouo.press
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/0uJJTL
Cookie: ouoio_session=eyJpdiI6IlwvVjNcLzU2RG4yNHFNN1BhYkk0V040TzZWS3hWVnY5K2JkdG5MMXh1Y1d6VT0iLCJ2YWx1ZSI6Im5uYUlHUHdrRUFDdlVtdDdvZGRVUUR4YkR3TUIxbldrRGtxVmZlUnROcis2R3FEeHQydEFwSVBYa2RnUWN5OVVlV1RrTXl6a2QwejVYcjNMcm1LdHhRPT0iLCJtYWMiOiJkYThjZTg2ZGEyMzBmZmQ2OWU1ZGM2ODZkNGE3ZTA3YTdmYjQyYzhhMGUyZTQ3NGMyMjcyMTE0MGNkNzhjMjVjIn0%3D; language=eyJpdiI6InJBRFdrNlloZ0w5U3p5aUhoRnVMbXVVUndyYXd1aWc4YStFelNFNzJkVzg9IiwidmFsdWUiOiJ6OGx3UzdCWEVXXC82dUxTVzA0UlAyYStsUXRxc2k2cm9GOUZiVFUzeWl1QT0iLCJtYWMiOiIyODExODE3Njc5ODVjNDg0YzdlOTU3OTE0MzA1MDZiZjA5NDkwZGJmYmNkZjQ1MDA3YTQ3YTI0MjA1NzYwMDZkIn0%3D; f37540fd911db5b74e475e4012112e046115c9d5=eyJpdiI6IlwvSzVVTG10UWhnV3FuT1FxVEJMNjlSSGU5WkhrUzBsN3FodHJaU1FEWnA4PSIsInZhbHVlIjoiVnRHR05LMTJad2c5SVl2YjJOU2RteVpldkdlVEUwYlhOU0d4alBhRjc1T1IwODRSYXlheWpXOUFrZys2a3NCSGpzUlwva3RWTmhDcFloQzdOUkY3TzlRaDlRNjFkbmZyVGROSU5GSWhVQ1VSR1wvMWNaYmVLcGNTTjBObFMzak5LOGlCdVNwQ3lkY0ZTVWhYQVNGVjl3aXhEQjlUb0dITlhDc1Zma0tQSWZuWG5lSlZvMWd4Sm5mR0RyVlVYR3VqTVNKT3YxVWYwOTBJbGRVMGExSjJIUUpYYXVxMCtwY3ZValZkNENha2l0bGlQREUwODBOTElJTjZ6NGdTeGE1VWZ3YXYySmh2SWRrSjlNRHJRdjNGTXB1NWphSTI3QTZrXC9zaHAxMGw5S3ZIMHcyazNOTVZaNWQwaCs1d2t1Tlo0emM2b3NDSVZYRXFxNjVreGVZS3lwNXM4RENQaW1NOTduWUNXQWxLUGVcLzllQWJtWVVnVVFnUWF3cWhYb2pWTEkyZyIsIm1hYyI6ImYyMzlmMTE1YjA5ZWE4MzAzMTM2MjdmZjQxNmI2NTJiZDhmNjI1ZTNjZmEyMGE4MjVkMzU5NTIzM2RmNGZhNWEifQ%3D%3D; __cf_bm=zRcrtTGdYuBB7dG4T2GnQ8s3x8W_2QAVHgKCKoAD4KU-1663622948-0-AVIx58zGGXDhAqGMzNkXRXP1j6B8Wvp+YghZcWNd/QhKQk1boApnu9ItHaC21ZGhEuUjwjNXSljWXt2rYQvJiZQ=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.22.15
HTTP/2 200 OK
content-type: image/x-icon
                                        
date: Mon, 19 Sep 2022 21:29:09 GMT
content-length: 0
last-modified: Sat, 14 Feb 2015 06:41:24 GMT
etag: "54deee14-0"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=86400
cf-cache-status: HIT
age: 642
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d56a48ba810afa-OSL
X-Firefox-Spdy: h2

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 19 Sep 2022 21:29:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /recaptcha/releases/zmiYzsHi8INTJBWt2QZC9aM5/recaptcha__en.js HTTP/1.1 
Host: www.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: text/javascript
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 157726
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 05:37:29 GMT
expires: Thu, 14 Sep 2023 05:37:29 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 14 Sep 2022 00:24:01 GMT
age: 489100
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (581)
Size:   157726
Md5:    6519c7c04cf32a57b1c5ee45a73c233e
Sha1:   4939bb921988e9eb13780cc2244f3099776e9bfb
Sha256: 8352dd4e3e0fe82562cdc280c020fc31d2c6d054f7ead441a3b18de8ef04401b
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5697
Cache-Control: 'max-age=158059'
Date: Mon, 19 Sep 2022 21:29:09 GMT
Last-Modified: Mon, 19 Sep 2022 19:54:12 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET /images/widgetIcons/achoice.svg HTTP/1.1 
Host: widgets.outbrain.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.38.201.81
HTTP/2 200 OK
content-type: image/svg+xml
                                        
accept-ranges: bytes
etag: "9d26fa4e7238ed94f1d0d92afb453b3e:1662969032.874716"
last-modified: Mon, 12 Sep 2022 07:37:47 GMT
server: AkamaiNetStorage
content-length: 2735
cache-control: max-age=2592000
expires: Wed, 19 Oct 2022 21:29:09 GMT
date: Mon, 19 Sep 2022 21:29:09 GMT
timing-allow-origin: *, *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2290)
Size:   2735
Md5:    9d26fa4e7238ed94f1d0d92afb453b3e
Sha1:   ae18efe7d09337bf2f580b3f5bc912284aad7821
Sha256: 2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 19 Sep 2022 21:29:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1762
Cache-Control: 'max-age=158059'
Date: Mon, 19 Sep 2022 21:29:09 GMT
Last-Modified: Mon, 19 Sep 2022 20:59:47 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /gtag/js?id=GTM-NPLC9ST HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.adtrue.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.72
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 19 Sep 2022 21:29:09 GMT
expires: Mon, 19 Sep 2022 21:29:09 GMT
cache-control: private, max-age=900
last-modified: Mon, 19 Sep 2022 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 45634
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1720)
Size:   45634
Md5:    0300e569e2554301ecd93e1989f27a3a
Sha1:   a0d2674d2e55c028c347ca293c35796e961b4dd5
Sha256: 34114b6b926ab16a31e8c9247a11370543ab6ae50ee01243b00416054367e5e2
                                        
                                            GET /favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250 HTTP/1.1 
Host: ad.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.198
HTTP/2 200 OK
content-type: image/x-icon
                                        
accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 104
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Mon, 19 Sep 2022 19:35:31 GMT
expires: Tue, 20 Sep 2022 19:35:31 GMT
cache-control: public, max-age=86400
age: 6818
last-modified: Tue, 08 May 2012 13:08:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  MS Windows icon resource - 2 icons, 16x16, 16 colors, 32x32, 16 colors\012- data
Size:   104
Md5:    32ac8a9b81788b981a3a7e13c14082d4
Sha1:   fbfd48a2bfe8d4247a975176f88d18c3c2ad1952
Sha256: 00cc7617e054596ff0aaabd8a93a9214dc5304bfe317316022dbf4fb3ea073d2
                                        
                                            GET /cookie?redirect_url=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D30%26uid%3D%24UID HTTP/1.1 
Host: cm.adform.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         37.157.6.252
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Mon, 19 Sep 2022 21:29:09 GMT
content-length: 43
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    325472601571f31e1bf00674c368d335
Sha1:   2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
Sha256: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5850
Cache-Control: 'max-age=158059'
Date: Mon, 19 Sep 2022 21:29:09 GMT
Last-Modified: Mon, 19 Sep 2022 19:51:39 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: status.geotrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2638
Cache-Control: 'max-age=158059'
Date: Mon, 19 Sep 2022 21:29:09 GMT
Last-Modified: Mon, 19 Sep 2022 20:45:11 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 19 Sep 2022 21:29:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /exchange/sync.php?p=pbs-viads&gdpr=0&gdpr_consent=&us_privacy=0 HTTP/1.1 
Host: pixel.rubiconproject.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         213.19.162.90
HTTP/1.1 204 No Content
Content-Type: image/gif
                                        
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: d0cea2fb47f5ddedaddf61763f0aedb4

                                        
                                            POST /translator?source=prebid-client HTTP/1.1 
Host: hbopenbid.pubmatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 767
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         185.64.190.77
HTTP/2 204 No Content
                                        
access-control-allow-credentials: true
access-control-allow-origin: https://ouo.press
cache-control: no-cache, no-store, must-revalidate
date: Mon, 19 Sep 2022 21:29:09 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   90381
Md5:    48c7f50ae0b5f14a786be871c4339523
Sha1:   146b26bdbba3803b1684a9a9d96459f1c4e1e6fa
Sha256: 8b26b52522e2edc87d10b41c00e6b8e3413930a615da483e0e31a23f5c48b679
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1536
Cache-Control: 'max-age=158059'
Date: Mon, 19 Sep 2022 21:29:09 GMT
Last-Modified: Mon, 19 Sep 2022 21:03:33 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 313

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 19 Sep 2022 21:29:09 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 16 Sep 2022 16:09:17 GMT
Expires: Fri, 23 Sep 2022 16:09:16 GMT
Etag: "ffd032f87d40fb4adf6c7ee0d4906160f2bf4984"
Cache-Control: max-age=325806,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74d56a49a81b0b45-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.godaddy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         192.124.249.24
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Sucuri/Cloudproxy
Date: Mon, 19 Sep 2022 21:29:09 GMT
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 19 Sep 2022 20:09:43 GMT
Expires: Tue, 20 Sep 2022 20:09:43 GMT
ETag: "4875b97065fb87c6ff17db45f2d4b6b091f0bcb8"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"


--- Additional Info ---
Magic:  data
Size:   1778
Md5:    6f55a56b1cc8a4d72d7390c82a55110f
Sha1:   4875b97065fb87c6ff17db45f2d4b6b091f0bcb8
Sha256: 66d164e32ec80d275a48ccebf24019b8fe9dac2ba81bf31855c02f7d3d4acc8e
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 19 Sep 2022 21:29:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /w/1.0/arj?ju=https%3A%2F%2Fouo.press%2F0uJJTL&ch=UTF-8&res=1280x1024x24&ifr=true&tz=0&tws=1280x939&be=1&bc=hb_pb_3.0.3&dddid=7cd4bd41-861a-4b96-aa36-1ee9c7a1e94c&nocache=1663622929539&aus=300x250&divids=adtrue_ads_12953_i2yj54v54zwak0i97u&aucs=adtrue_ads_12953_i2yj54v54zwak0i97u&auid=557936314&aumfs=100 HTTP/1.1 
Host: fptadtrue-d.openx.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         35.244.159.8
HTTP/2 200 OK
content-type: application/json
                                        
vary: Accept, Accept-Encoding
server: OXGW/0.0.0
pragma: no-cache
p3p: CP="CUR ADM OUR NOR STA NID"
expires: Mon, 26 Jul 1997 05:00:00 GMT
date: Mon, 19 Sep 2022 21:29:09 GMT
content-length: 79
content-encoding: gzip
cache-control: private, max-age=0, no-cache
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   79
Md5:    ac8990cd14c34cbf199556aa8b8f520e
Sha1:   cd25dd4c08ef8e601c9c245b4aa4cf08f493f591
Sha256: 61ec8307574ccacf21ff651cca43fc6f5adcf4d94d6da07c77fe397d85fb07cb
                                        
                                            POST /ut/v3/prebid HTTP/1.1 
Host: ib.adnxs.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 545
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         37.252.172.123
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
                                        
Server: nginx/1.21.3
Date: Mon, 19 Sep 2022 21:29:09 GMT
Content-Length: 42
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://ouo.press
AN-X-Request-Uuid: b3b2dfcd-901e-4892-84d4-a702c6ce1da2
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   42
Md5:    821c8141b8f7c192072ca7730d09e6ec
Sha1:   85f9a621087ac2a6c7ecad3f3c245d89003b987c
Sha256: dedd81f9590e4534677ed3e1801c27f37f3837af1843524d8923087ef6f20997
                                        
                                            GET /pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D38%26uid%3D%24UID HTTP/1.1 
Host: ap.lijit.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         216.52.2.19
HTTP/1.1 204 No Content
                                        
date: Mon, 19 Sep 2022 21:29:09 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
pod: X-Sovrn-Pod: ad_ap4ams1

                                        
                                            GET /match?bidder_id=44738&callback_url=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D39%26uid%3D%24%7BUSER_ID%7D HTTP/1.1 
Host: ads.betweendigital.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         188.42.196.115
HTTP/2 302 Found
                                        
location: /match?bidder_id=44738&callback_url=https%3A%2F%2Fsync.viavideo.digital%2Ftools%2Fsync%3Fdsp%3D39%26uid%3D%24%7BUSER_ID%7D&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Tue, 19 Sep 2023 21:29:09 GMT; Path=/; Domain=.betweendigital.com tuuid=5bf6748f-a813-5207-86dd-2e3be5f5f11e; Max-Age=31536000; Expires=Tue, 19 Sep 2023 21:29:09 GMT; Path=/; Domain=.betweendigital.com ut=YyjfJQAG8Vi9SNXj0GLyCMUji7_gVKOIdyrBGw==; Max-Age=31536000; Expires=Tue, 19 Sep 2023 21:29:09 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2

                                        
                                            POST /cdb?profileId=207&av=34&wv=7.2.0&cb=38583901287 HTTP/1.1 
Host: bidder.criteo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 349
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         178.250.2.131
HTTP/2 204 No Content
                                        
date: Mon, 19 Sep 2022 21:29:09 GMT
vary: Origin
server: Finatra
timing-allow-origin: *
access-control-allow-origin: https://ouo.press
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: status.geotrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5044
Cache-Control: 'max-age=158059'
Date: Mon, 19 Sep 2022 21:29:09 GMT
Last-Modified: Mon, 19 Sep 2022 20:05:05 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.adtrue.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Mon, 19 Sep 2022 20:41:12 GMT
expires: Mon, 19 Sep 2022 22:41:12 GMT
cache-control: public, max-age=7200
age: 2877
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   20006
Md5:    56f5d7f608e25d64207135f045f988cb
Sha1:   901eb59372ae330ae85e1384da93479b21ae1082
Sha256: 1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
                                        
                                            GET /delivery/spc_fi.php?id=7419&url=%2F0uJJTL&charset=UTF-8&ch=21&ref=ouo.press&viewerId=null&referer=&_firid=26306535 HTTP/1.1 
Host: cdn.firstimpression.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.230.111.77
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
                                        
date: Mon, 19 Sep 2022 21:29:09 GMT
server: nginx/1.20.0
vary: Accept-Encoding
x-powered-by: PHP/8.0.14
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
expires: 0
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
p3p: CP="CUR ADM OUR NOR STA NID"
set-cookie: OAID=GDPR; expires=Tue, 19-Sep-2023 21:29:09 GMT; Max-Age=31536000; path=/; secure; SameSite=none
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: qoUQlx0Erfd67L6hUjtRr-Aap8m_ciwKouiNJI59aImZFYyJLjZd7w==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   5754
Md5:    f51815a75137d903d8361f9fa1544424
Sha1:   237c1f87d72b14fda7f3a4ed504636c0d17a6e9a
Sha256: 80993f615bbecc33bfa9dd179773f7c116d9c09b10d503e9d0a1f85b44e85fd8
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2617
Expires: Mon, 19 Sep 2022 22:12:46 GMT
Date: Mon, 19 Sep 2022 21:29:09 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2617
Expires: Mon, 19 Sep 2022 22:12:46 GMT
Date: Mon, 19 Sep 2022 21:29:09 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2617
Expires: Mon, 19 Sep 2022 22:12:46 GMT
Date: Mon, 19 Sep 2022 21:29:09 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2617
Expires: Mon, 19 Sep 2022 22:12:46 GMT
Date: Mon, 19 Sep 2022 21:29:09 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e5b5676-18df-4d43-8bbd-b85ffe4f1a94.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5866
x-amzn-requestid: 3a7db39d-cd4f-486f-954b-39fc7464706c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YrNeAE67IAMFSoQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63278f8c-66a419ac7fbd977f5f41061b;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 21:37:16 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: TdVz72qdwMdsuW1WsOq1qEZk2vmbXJlbppLTTsZ9PlrmN7GEph0dyQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:51:43 GMT
age: 85046
etag: "58c5d6f8ba1d3236d788ac55ff7cb2ec7863fb5c"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5866
Md5:    1105b56cf779b6df1cbd081bbd0cda50
Sha1:   58c5d6f8ba1d3236d788ac55ff7cb2ec7863fb5c
Sha256: 10c1f0433baf51e06565ff905688075aaba8fec0a8b3f9cef34168e297f94c2c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1d192c6-d447-4ad9-b142-a9258211f67d.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5827
x-amzn-requestid: 9f179e66-3c6f-4e53-94f2-989bf32a6b90
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yl7gyHvboAMFSzA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632572d1-799e74a63288269b79170d58;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 07:10:09 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 9firpBGLDHkjq_CJX01tbyPPS9OXPsTfzC0dLioWt1Axg7Vw5LQ0xg==
via: 1.1 497370ec058751eb0d9251f66d50af5e.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 07:20:29 GMT
age: 50920
etag: "4a5b84c77bd53f4c94e1af4a702f6f85b46b51b0"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5827
Md5:    29f4a52fb629dce4ef8038d4df7ea58a
Sha1:   4a5b84c77bd53f4c94e1af4a702f6f85b46b51b0
Sha256: 32cee35b22110b83738f49f49edb6efcedb54fe793d5ccc900004e16e3fefda3
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd460ce9f-ea5c-436e-8b02-8ec8233b9681.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5064
x-amzn-requestid: 985dbd5b-3e8a-4e22-a974-1effa6c99112
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YrOS8FyBoAMFrCQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632790df-201df5494f1513b91eefe9d5;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 21:42:55 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: RWcHVQkq3COqcWuVRgOdpVDi7VFrdjpu4q-NU0D3iod1B58xF4K_Yw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:51:55 GMT
age: 85034
etag: "b0ad467f2837d103f8a96fb732bd34176c4c7110"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5064
Md5:    e4098577adb98eae5ba4a8b5e143df71
Sha1:   b0ad467f2837d103f8a96fb732bd34176c4c7110
Sha256: 83aa54020ffc684690dfb58d78608411de38ab02fee50808a8243c6b388e77c0
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc97d270b-72af-4a6b-ae64-123f7b52851e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8735
x-amzn-requestid: 8af37b3f-bacb-4f13-a539-0a8a1e2c7fe8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YrN_VHdooAMF8cQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63279061-083f90a5264568d85ce86e5a;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 21:40:49 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: tPeWvkV7t7BSrnTA0G2Sf_KmuH5M4azBRhaeNuuaeiOW7zB4RhM_mw==
via: 1.1 42ef990e439ae115ff739f04e3945234.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:51:50 GMT
age: 85039
etag: "a81660dcace8f232018ce9a6d027b271d1f8a863"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8735
Md5:    3d9fd171b51b27aa84e06e7d5a40116e
Sha1:   a81660dcace8f232018ce9a6d027b271d1f8a863
Sha256: 2c80ffd2c0c451c61623a677d1b17e8e58a40a0a7bdb5ef1cac2610bb0a7e0a8
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a91bc33-86f4-4bda-af70-da083ceb7c72.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10894
x-amzn-requestid: f7aad96e-af80-4db7-8bc1-d1e09a9b37e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YeJQGHhOIAMFYuw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322559a-538534e91448af217c59ab3d;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 22:28:42 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: P7aZQzmAvqn2rcHJUQjHo0Dcg8dsrqseey5mNOabfq1b857M4SUMDQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 01:08:23 GMT
age: 73246
etag: "ebd83f29edd95217dfa4f4c7a94eddf34dd58b14"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10894
Md5:    d3e70b2859ca89b353682d03f6b46b93
Sha1:   ebd83f29edd95217dfa4f4c7a94eddf34dd58b14
Sha256: 43ad8f8b0a664bbec39e0410c1201498a2d2e36e5bd7d5ece8d65b15230ec50b
                                        
                                            GET /css/link-safe.css HTTP/1.1 
Host: ouo.press
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/0uJJTL
Cookie: ouoio_session=eyJpdiI6IlwvVjNcLzU2RG4yNHFNN1BhYkk0V040TzZWS3hWVnY5K2JkdG5MMXh1Y1d6VT0iLCJ2YWx1ZSI6Im5uYUlHUHdrRUFDdlVtdDdvZGRVUUR4YkR3TUIxbldrRGtxVmZlUnROcis2R3FEeHQydEFwSVBYa2RnUWN5OVVlV1RrTXl6a2QwejVYcjNMcm1LdHhRPT0iLCJtYWMiOiJkYThjZTg2ZGEyMzBmZmQ2OWU1ZGM2ODZkNGE3ZTA3YTdmYjQyYzhhMGUyZTQ3NGMyMjcyMTE0MGNkNzhjMjVjIn0%3D; language=eyJpdiI6InJBRFdrNlloZ0w5U3p5aUhoRnVMbXVVUndyYXd1aWc4YStFelNFNzJkVzg9IiwidmFsdWUiOiJ6OGx3UzdCWEVXXC82dUxTVzA0UlAyYStsUXRxc2k2cm9GOUZiVFUzeWl1QT0iLCJtYWMiOiIyODExODE3Njc5ODVjNDg0YzdlOTU3OTE0MzA1MDZiZjA5NDkwZGJmYmNkZjQ1MDA3YTQ3YTI0MjA1NzYwMDZkIn0%3D; f37540fd911db5b74e475e4012112e046115c9d5=eyJpdiI6IlwvSzVVTG10UWhnV3FuT1FxVEJMNjlSSGU5WkhrUzBsN3FodHJaU1FEWnA4PSIsInZhbHVlIjoiVnRHR05LMTJad2c5SVl2YjJOU2RteVpldkdlVEUwYlhOU0d4alBhRjc1T1IwODRSYXlheWpXOUFrZys2a3NCSGpzUlwva3RWTmhDcFloQzdOUkY3TzlRaDlRNjFkbmZyVGROSU5GSWhVQ1VSR1wvMWNaYmVLcGNTTjBObFMzak5LOGlCdVNwQ3lkY0ZTVWhYQVNGVjl3aXhEQjlUb0dITlhDc1Zma0tQSWZuWG5lSlZvMWd4Sm5mR0RyVlVYR3VqTVNKT3YxVWYwOTBJbGRVMGExSjJIUUpYYXVxMCtwY3ZValZkNENha2l0bGlQREUwODBOTElJTjZ6NGdTeGE1VWZ3YXYySmh2SWRrSjlNRHJRdjNGTXB1NWphSTI3QTZrXC9zaHAxMGw5S3ZIMHcyazNOTVZaNWQwaCs1d2t1Tlo0emM2b3NDSVZYRXFxNjVreGVZS3lwNXM4RENQaW1NOTduWUNXQWxLUGVcLzllQWJtWVVnVVFnUWF3cWhYb2pWTEkyZyIsIm1hYyI6ImYyMzlmMTE1YjA5ZWE4MzAzMTM2MjdmZjQxNmI2NTJiZDhmNjI1ZTNjZmEyMGE4MjVkMzU5NTIzM2RmNGZhNWEifQ%3D%3D; __cf_bm=zRcrtTGdYuBB7dG4T2GnQ8s3x8W_2QAVHgKCKoAD4KU-1663622948-0-AVIx58zGGXDhAqGMzNkXRXP1j6B8Wvp+YghZcWNd/QhKQk1boApnu9ItHaC21ZGhEuUjwjNXSljWXt2rYQvJiZQ=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.22.15
HTTP/2 200 OK
content-type: text/css
                                        
date: Mon, 19 Sep 2022 21:29:08 GMT
cache-control: max-age=86400
cf-bgj: minify
cf-polished: status=cannot_optimize
etag: W/"5d951ace-1830"
expires: Tue, 20 Sep 2022 00:06:58 GMT
last-modified: Wed, 02 Oct 2019 21:46:54 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 33729
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d56a42bdc60afa-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   36726
Md5:    739852cae1379efa2401b3fc83d6d8f0
Sha1:   751393145a69eaba316e26082a877160c38a280e
Sha256: c89b9e3d6c0a2dffb473b48ab3ce2b90034446fa9f6dbb2feab212106345453c
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3294
Cache-Control: 'max-age=158059'
Date: Mon, 19 Sep 2022 21:29:09 GMT
Last-Modified: Mon, 19 Sep 2022 20:34:15 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 278

                                        
                                            GET /logs/event/dsp?event=rtb&event2=request&sid=105641&tids=17504%2C17503&v=206231&cb=1663622930030 HTTP/1.1 
Host: viavideo.digital
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         141.94.202.176
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Mon, 19 Sep 2022 21:29:09 GMT
content-length: 43
last-modified: Tue, 28 Jun 2022 15:48:44 GMT
etag: "62bb22dc-2b"
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2

                                        
                                            GET /npm/prebid-universal-creative@latest/dist/creative.js HTTP/1.1 
Host: cdn.jsdelivr.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.229
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 1.13.0
x-jsd-version-type: version
etag: W/"682b-2ihEYwqesMldd0dS8BiHEV2ELiA"
content-encoding: gzip
accept-ranges: bytes
date: Mon, 19 Sep 2022 21:29:09 GMT
age: 1143
x-served-by: cache-fra19168-FRA, cache-bma1621-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 8874
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (26606)
Size:   8874
Md5:    77019dfea792351eb58beb264f808970
Sha1:   106d35ea53f5a6e4024ba9bfafe6b0bd0551771f
Sha256: ca2b0e50ed967336aea35965d7a99b4986429c5c5984f8de96d92b2c573b7bef
                                        
                                            GET /a/d/adtrue.ouo.press.991771.js HTTP/1.1 
Host: jsc.adskeeper.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.18.4.42
HTTP/2 200 OK
content-type: text/javascript
                                        
date: Mon, 19 Sep 2022 21:29:09 GMT
content-length: 908
x-amz-id-2: w9ADNRdrUc0iHWZBLfIb0me5IbCCwH7gPELK+Qx3tQZSrgnZz9Jl7+QMcHgcehSX+voNeu2uJlM=
x-amz-request-id: 3JG2R7S1MREYZDZN
last-modified: Wed, 15 Jun 2022 13:18:30 GMT
etag: "4f8f059fbf3b6b0e3a37926f648a3993"
content-encoding: gzip
x-amz-version-id: f.ffT1LrPbQX.EIpax0NyQEwqJ97JBVW
cf-cache-status: HIT
age: 5383
expires: Tue, 20 Sep 2022 01:29:09 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d56a4c6a4fb4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2337)
Size:   908
Md5:    4f8f059fbf3b6b0e3a37926f648a3993
Sha1:   83b61eb9d45cdf8f7c708bf4e148d7cab569c596
Sha256: 69190d6c2b78d7b0de0a44dbdde96bb7cf6c793f52481633b4f26ca2cfefcd4e
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3294
Cache-Control: 'max-age=158059'
Date: Mon, 19 Sep 2022 21:29:09 GMT
Last-Modified: Mon, 19 Sep 2022 20:34:15 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 278

                                        
                                            POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 19 Sep 2022 21:29:09 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "951A0D4DD94DC1BD6AE35C880D35B9F845ECAC29"
Expires: Tue, 20 Sep 2022 08:00:00 GMT
Last-Modified: Mon, 19 Sep 2022 20:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2800
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74d56a4c89e2b523-OSL


--- Additional Info ---
Magic:  data
Size:   1462
Md5:    ff26e40dce17874fa71784236e059d61
Sha1:   7cfc03758adc7c483073ebc50735101c5933d430
Sha256: fdfd50d157920004481d6f5c573eeb14f1f80a45785c0ea6d8334444efcf79f0
                                        
                                            POST /cdb?profileId=207&av=34&wv=6.2.0&cb=58491774934 HTTP/1.1 
Host: bidder.criteo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 487
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         178.250.2.131
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Mon, 19 Sep 2022 21:29:09 GMT
vary: Origin
server: Finatra
timing-allow-origin: *
access-control-allow-origin: https://ouo.press
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-encoding: gzip
content-length: 44
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   44
Md5:    5f1dcf53824ce88cdb7941d34db3f19d
Sha1:   4164a13e3f53e1f002606a807d64a92620720fb0
Sha256: 3a803b7520764b5266cfac90aa9f9b2ff931109f489d9a1deb24aa686c239a74
                                        
                                            POST /ut/v3/prebid HTTP/1.1 
Host: ib.adnxs.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 562
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         37.252.172.123
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
                                        
Server: nginx/1.21.3
Date: Mon, 19 Sep 2022 21:29:10 GMT
Content-Length: 145
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://ouo.press
AN-X-Request-Uuid: 662d1764-f13e-4f05-972d-b8474f11f125
Set-Cookie: icu=ChgIw6tREAoYASABKAEwpr6jmQY4AUABSAEQpr6jmQYYAA..; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 18-Dec-2022 21:29:10 GMT; Domain=.adnxs.com; Secure; HttpOnly uuid2=5702878574396749761; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 18-Dec-2022 21:29:10 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   145
Md5:    a727eceae5ea4bf011a6628ee62fd42b
Sha1:   228ecd13851d4f7ed916e63d1035ea65a64b29b2
Sha256: c7991622c84394ad91117ab0c55b119697c290090e3d1bcd4f1345bf97a4e412
                                        
                                            POST /ut/v3/prebid HTTP/1.1 
Host: ib.adnxs.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 681
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         37.252.172.123
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
                                        
Server: nginx/1.21.3
Date: Mon, 19 Sep 2022 21:29:10 GMT
Content-Length: 144
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://ouo.press
AN-X-Request-Uuid: c108c5d0-3e94-4d8e-81c5-0551bbd2768b
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   144
Md5:    6b313827698cbd73daf057cd9e249828
Sha1:   dfffadb32c7ab35ee5b1644262adcd6a0501ee4f
Sha256: 5cfec21910eb476af50458e3274fd3fc031193f67b8a7290f0e9b23b4bd88d5c
                                        
                                            GET /a/api/fastlane.json?account_id=18438&site_id=202928&zone_id=1317174&size_id=2&rp_schain=1.0,1!firstimpression.io,7419,1,,,&rf=https%3A%2F%2Fouo.press%2F0uJJTL&kw=ouo.press%2Cshortlinks%2Clinkshortener%2CfreeURLshortener&tg_i.ref=https%3A%2F%2Fouo.press%2F0uJJTL&tg_i.page=https%3A%2F%2Fouo.press%2F0uJJTL&tg_i.domain=ouo.press&tg_i.figroup=a9&tk_flint=pbjs_lite_v6.2.0&x_source.tid=d2362caf-92a6-4cbf-9bb9-3c30fd69e8e7&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.006046202012404134 HTTP/1.1 
Host: fastlane.rubiconproject.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         213.19.162.41
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Server: nginx/1.21.4
Date: Mon, 19 Sep 2022 21:29:10 GMT
Content-Length: 348
Connection: keep-alive
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Expires: Wed, 17 Sep 1975 21:32:10 GMT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://ouo.press
Pragma: no-cache
Vary: Accept-Encoding
Set-Cookie: khaos=L89A5FT1-1V-J4RY; Domain=.rubiconproject.com; Path=/; Expires=Tue, 19-Sep-2023 21:29:10 GMT; Max-Age=31536000; SameSite=None; Secure audit=1|naVuGyos1qpC6+3c2Xh2bu9DtVM30fCgHmDpBZ9d97kbID8V6lPoIZZjSCqH74hcJhsHlJbldDdJwe9iGXKQTKZr5ZVxLWDe; Domain=.rubiconproject.com; Path=/; Expires=Tue, 19-Sep-2023 21:29:10 GMT; Max-Age=31536000; SameSite=None; Secure
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (348), with no line terminators
Size:   348
Md5:    7d2e751f0339cf2b9c57d14dc2d1866c
Sha1:   3c8fcfa9f0762dc8fb17b7b6f93d9d451c592dbd
Sha256: 1103967192a94ba4d92b6bdeccbc27748e7c47c57deac89212a1aea123c67e7a
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1545
Cache-Control: max-age=162185
Date: Mon, 19 Sep 2022 21:29:10 GMT
Etag: "6328afa6-116"
Expires: Wed, 21 Sep 2022 18:32:15 GMT
Last-Modified: Mon, 19 Sep 2022 18:06:30 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 278

                                        
                                            GET /AdServer/js/pwt/161673/7165/pwt.js HTTP/1.1 
Host: ads.pubmatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.38.200.201
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Tue, 30 Aug 2022 10:48:20 GMT
server: Apache
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 68097
cache-control: max-age=117157
expires: Wed, 21 Sep 2022 06:01:47 GMT
date: Mon, 19 Sep 2022 21:29:10 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   68097
Md5:    c486343ee4c10598f90221bcd11429b2
Sha1:   2cb8a96e1902c35bfb0de435976d4825988453aa
Sha256: 57d80318fc1f90d0132ad5a686e9b76d0976496c3df1ec993082c321024f5113
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1545
Cache-Control: max-age=162185
Date: Mon, 19 Sep 2022 21:29:10 GMT
Etag: "6328afa6-116"
Expires: Wed, 21 Sep 2022 18:32:15 GMT
Last-Modified: Mon, 19 Sep 2022 18:06:30 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 278

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5246
Cache-Control: 'max-age=158059'
Date: Mon, 19 Sep 2022 21:29:10 GMT
Last-Modified: Mon, 19 Sep 2022 20:01:44 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 313

                                        
                                            GET /aax2/apstag.js HTTP/1.1 
Host: c.amazon-adsystem.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.210
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Mon, 19 Sep 2022 21:27:30 GMT
last-modified: Thu, 15 Sep 2022 20:15:37 GMT
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600
server: AmazonS3
content-encoding: gzip
via: 1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront), 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
etag: W/"0b4d277527066dd35dd7c0288cb596b4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA60-P1, OSL50-P1
x-amz-cf-id: 0rPUmdfG-xSk19CabsSUP93ifKMduPN9Tb9ILy0aep1CkTmxkjkFRA==
age: 100
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   64006
Md5:    b687f24e636d33a52b69e43370199ae3
Sha1:   d5e4ff44f4a63ab9e69bf367412e945ec5fea59f
Sha256: 31322a31bbf6a6e4b433450129f773092fe4af9015ee69e166bd931ccfc69024
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 19 Sep 2022 21:29:10 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 17 Sep 2022 13:55:53 GMT
Expires: Sat, 24 Sep 2022 13:55:52 GMT
Etag: "05887d14acc84f5be553260dd81282be67d349e8"
Cache-Control: max-age=404201,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74d56a4ecdb00b45-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4377
Cache-Control: 'max-age=158059'
Date: Mon, 19 Sep 2022 21:29:10 GMT
Last-Modified: Mon, 19 Sep 2022 20:16:14 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST /rmp/212927/0/mvo?z=1r&hbv=6.2,2.1 HTTP/1.1 
Host: tag.1rx.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 605
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         213.19.147.42
HTTP/2 204 No Content
                                        
date: Mon, 19 Sep 2022 21:29:10 GMT
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
pragma: no-cache
cache-control: private, max-age=0, no-cache, no-store
X-Firefox-Spdy: h2

                                        
                                            GET /cdn/prod/config?src=600&u=https%3A%2F%2Fouo.press&pubid=4cd01fd0-0780-4b33-a4da-c39467660185 HTTP/1.1 
Host: c.amazon-adsystem.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.230.111.210
HTTP/2 204 No Content
                                        
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
cache-control: max-age=21550, s-maxage=21600
date: Mon, 19 Sep 2022 15:33:52 GMT
server: Server
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: GCwmCaCZB7kBhi32ESIs7ujQ99gfZAlhPEm8f_CpYT7Oyc9xfYnS-A==
age: 21318
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F2F4B9CB192ABA52569B22FA34A39420113C1AE958B17B6B59652182FFA10EED"
Last-Modified: Sun, 18 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7922
Expires: Mon, 19 Sep 2022 23:41:12 GMT
Date: Mon, 19 Sep 2022 21:29:10 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0CD0936E834D92EDB6DB346780436D67874AEFCDA193A96445CEEC481ADFAC1F"
Last-Modified: Mon, 19 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5446
Expires: Mon, 19 Sep 2022 22:59:56 GMT
Date: Mon, 19 Sep 2022 21:29:10 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7331BE4AC7BC26C3164C2744811B08B2522A559A4CAE8F9A7910382DB370C6ED"
Last-Modified: Sun, 18 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7603
Expires: Mon, 19 Sep 2022 23:35:53 GMT
Date: Mon, 19 Sep 2022 21:29:10 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1032
Cache-Control: 'max-age=158059'
Date: Mon, 19 Sep 2022 21:29:10 GMT
Last-Modified: Mon, 19 Sep 2022 21:11:58 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 313

                                        
                                            GET /sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&bundle=NSTLvF9xYmlDanlTa3l1NmFLeUpYTmc4YjdIUHZhdyUyRkVBd05qaXlsT0clMkJPOUZOMXp3V2FrNFpkNDY1MzJDa3B2d285OGlnSndZVzAzSEJ5a1REdnQwMkhJb20wUXN6cEcyOG5hWlJIZFh2Y1JyUVhZOWpUJTJGS2EyODhkamhFaVgzUUE4Ng&cw=1&lsw=1 HTTP/1.1 
Host: gum.criteo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         178.250.2.146
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Mon, 19 Sep 2022 21:29:09 GMT
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://ouo.press
server-processing-duration-in-ticks: 1056775
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2

                                        
                                            OPTIONS /sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&bundle=NSTLvF9xYmlDanlTa3l1NmFLeUpYTmc4YjdIUHZhdyUyRkVBd05qaXlsT0clMkJPOUZOMXp3V2FrNFpkNDY1MzJDa3B2d285OGlnSndZVzAzSEJ5a1REdnQwMkhJb20wUXN6cEcyOG5hWlJIZFh2Y1JyUVhZOWpUJTJGS2EyODhkamhFaVgzUUE4Ng&cw=1&lsw=1 HTTP/1.1 
Host: gum.criteo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://ouo.press/
Origin: https://ouo.press
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         178.250.2.146
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Mon, 19 Sep 2022 21:29:09 GMT
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://ouo.press
server-processing-duration-in-ticks: 260188
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (13465)
Size:   5095
Md5:    262b12b920c15ad97b4ea6482ef6103f
Sha1:   09b71866f97e02cbe4e7eab5ab2b07171df91534
Sha256: 1e1cae4c5b6bc205c93b62b358771eafaf9693248481d4864fcd30e7712b8c76
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6169
Cache-Control: 'max-age=158059'
Date: Mon, 19 Sep 2022 21:29:10 GMT
Last-Modified: Mon, 19 Sep 2022 19:46:21 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 313

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6194
Cache-Control: 'max-age=158059'
Date: Mon, 19 Sep 2022 21:29:10 GMT
Last-Modified: Mon, 19 Sep 2022 19:45:56 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 313

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "8A5EA7A45DCCD559DB00536E38F7221D46ED80BEDA1DA608E4949257BF718D23"
Last-Modified: Sun, 18 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4190
Expires: Mon, 19 Sep 2022 22:39:00 GMT
Date: Mon, 19 Sep 2022 21:29:10 GMT
Connection: keep-alive

                                        
                                            GET /pxf.gif?uuid=df126ca4-6f42-4183-8b66-95566ff645aa&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=ed36014633829dc70a42dccaefdf3f11&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=21 HTTP/1.1 
Host: unseenreport.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.59.20
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.17.9
Date: Mon, 19 Sep 2022 21:29:10 GMT
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: efa62204a7615a2d3b99a08c8d5456a4
Strict-Transport-Security: max-age=0; includeSubdomains


--- Additional Info ---
Magic:  very short file (no magic)
Size:   1
Md5:    93b885adfe0da089cdf634904fd59f71
Sha1:   5ba93c9db0cff93f52b521d7420e43f6eda2784f
Sha256: 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST /g/v2/231.json HTTP/1.1 
Host: id5-sync.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 304
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         162.19.138.118
HTTP/1.1 200
content-type: application/json;charset=UTF-8
                                        
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
transfer-encoding: chunked
date: Mon, 19 Sep 2022 21:29:10 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   216
Md5:    9870cbc7d559ada3c46a372883f595e0
Sha1:   bbba14afab00a2d2b3a1a8c71cde6038c33f589f
Sha256: a0428f090015c8c5a71bb21f6c356492ab498ab446aebcab5c3888769a5b42a3
                                        
                                            GET /e/dtb/bid?src=600&u=https%3A%2F%2Fouo.press%2F0uJJTL&pid=Oe1PUGleWML7A&cb=0&ws=728x90&v=22.9.81452&t=2000&slots=%5B%7B%22sd%22%3A%2293863%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%5D&schain=1.0%2C1!firstimpression.io%2C7419%2C1%2C%2C%2C&pubid=4cd01fd0-0780-4b33-a4da-c39467660185&gdprl=%7B%22status%22%3A%22no-cmp%22%7D HTTP/1.1 
Host: aax-dtb-cf.amazon-adsystem.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.241.131
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
                                        
content-length: 154
server: Server
date: Mon, 19 Sep 2022 21:29:10 GMT
x-amz-rid: F1RYV9T7FWSGDSF6B4XK
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
timing-allow-origin: *
strict-transport-security: max-age=47474747; includeSubDomains; preload
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: sjhwFPDV73Uw9gqggAJwb5K4f0aEfx69hRM5bkXAidngUU1czykDBA==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   154
Md5:    bb7b4ee21d41485b3c8d171a7bf8b853
Sha1:   04fdbd451ad2cf3aceb697a99ea093fa4c7b4522
Sha256: 5b74ca7f2f7320a7821eedeecfc6bc9cf4c5b0364ae656e62b66657c227aae7e
                                        
                                            GET /static/js/prebidamp.js HTTP/1.1 
Host: ecdn.firstimpression.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.230.111.77
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx/1.20.0
last-modified: Tue, 14 Dec 2021 15:30:51 GMT
access-control-allow-origin: *
content-encoding: gzip
date: Mon, 19 Sep 2022 20:44:07 GMT
expires: Mon, 19 Sep 2022 21:44:05 GMT
cache-control: max-age=3600
etag: W/"61b8b8ab-4e128"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 40Ekm-gb2gofEThkP3eBA9-lDoSfGtRO3qcfdykM2u180VD7t6qd8Q==
age: 2704
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (50117)
Size:   139312
Md5:    4dfb5cc569509a1e278d5c75abf86baa
Sha1:   4a1181fc8ab2d085e6e1b49f0d6d0f6045359d9d
Sha256: 17b92d48d5b4ec32d9c16672603b31a5f1314a11b26862e69dd98bbb2238f122
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1934
Cache-Control: 'max-age=158059'
Date: Mon, 19 Sep 2022 21:29:11 GMT
Last-Modified: Mon, 19 Sep 2022 20:56:57 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 280

                                        
                                            GET /ren.gif?sid=H4sIAAAAAAAC%2F1SST2skRRjGqzcrKIKg7EVBGUSWFcyk%2F03PjHtYjDESzP5hV3EPglZXdU%2FK1HQ1VV3Tk5yCi5Lj%2BA06zyQboosoenWRycIecsp4kByMH8CTCJ48yMwOjr6X933reQ4%2Fnnq%2F2LPnxIWlZyvX1baQki416m7tyl3Pu1pbF5nt1%2Fqt6OMovFrTvTfbUd19vfZuwjbVku96ruu5Xm1V6CRV%2FaWJCJE%2FaHv1tlsP%2FbrXCNHX%2F9%2BNdWCoA947Jy9A8PHFR84lCDZC1v12JTGbhcrfeKdrJS2URo8ffpBtZqrM0J2PqXaQZoczN5Q5XX0IlR1McaF6%2FxpjMSbO44eIs8MZJOLe%2FpQzlkgyxPxZlL0REjmCoCMwdQ%2BCnxKAcdy4iax7%2F4bSJd16otKJOiYX%2F%2FoTohyTi79eQtb9ZlmKfu2OkrYQKjPopxVEfwTRGSG3xyi2L0CUx2DFZxCcIOtWEPzsNZ56fsRouBilob8Yeq1gsRVH0WK70YiiNI3CBqXTYIQYQaQjyGQAahZgjQMrHNjUgc0ddPlZjXme13Q5o26rzVjAm0kccdejzdSjnhu1YNmEfYAiH4DJAZjeQa53sCkG0PYnmI0KhjswBUGPVygTgtIQlJSgFARlQVD2qgMujW%2Bq%2B1waG3uz7s96UA1V0dmjB6roJBnZy8%2FJ89PAfv%2Foe2wmZ7WEB5HrhVEQtPw2Z02Xhj5njCYpT4PU82BEBWEugBoH2%2BL0uV%2BQi9NnKsT0GEYeg4lXQe3LoOWw6bugG8Ow5WI7O1JW1XOdGAOuKuTFUyi2nD15Tl6cAgR3LyNhJ9c%2Bia%2BP%2Fzj6G0xXyHWFT8Ujgo7cHd5WJdm%2FrUpDvruZF6IrtunkN%2B8UtEgWvnov2SqV5msrZnD0FpsIk%2FHB%2B4kp1mnGRdYx5OtlwXmiV5VmCflxzXyYxLes2Vi2OrP5%2Bq23V9e6U0ChshGoGBPy%2BARMjMnTPxxMD%2FWlz3ch9AjaVujaEzIrCHUMlu%2FA5HN%2Boxag5dwT5w5KWw21H88fpSCQyXyncQXznz2ez3tmFx39Cmhxb3qfPV2hJytQOYCxC8Mi1yfXfg6mhVg6w1hqZz%2BWWn75JFwjzmrNIHBp1G54zSZNmnHot9LI45T6YeRHEQ1QmDG78tvlfwAAAP%2F%2FAQAA%2F%2F%2Fc%2FKrqcwQAAA%3D%3D HTTP/1.1 
Host: forgerylimit.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Cookie: u_pl=15424691; uid_id2=df126ca4-6f42-4183-8b66-95566ff645aa:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleced36014633829dc70a42dccaefdf3f11=[3364902]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.59.20
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.17.9
Date: Mon, 19 Sep 2022 21:29:11 GMT
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6d516febcf4990f4b6d9388af4c6a978
Strict-Transport-Security: max-age=0; includeSubdomains


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   7
Md5:    132d6af1b46048b45cf86cdee7991d31
Sha1:   eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
Sha256: ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 344
ETag: "14F4407C37A327FC0B0249C75C3308A898722B100BDD261BF687E7B97821B2CE"
Last-Modified: Sat, 17 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2572
Expires: Mon, 19 Sep 2022 22:12:03 GMT
Date: Mon, 19 Sep 2022 21:29:11 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 344
ETag: "14F4407C37A327FC0B0249C75C3308A898722B100BDD261BF687E7B97821B2CE"
Last-Modified: Sat, 17 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2572
Expires: Mon, 19 Sep 2022 22:12:03 GMT
Date: Mon, 19 Sep 2022 21:29:11 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 344
ETag: "14F4407C37A327FC0B0249C75C3308A898722B100BDD261BF687E7B97821B2CE"
Last-Modified: Sat, 17 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2572
Expires: Mon, 19 Sep 2022 22:12:03 GMT
Date: Mon, 19 Sep 2022 21:29:11 GMT
Connection: keep-alive

                                        
                                            GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fflip_icon%2F13%2Findex.html&l=1688&fd=82 HTTP/1.1 
Host: forgerylimit.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouo.press/
Cookie: u_pl=15424691; uid_id2=df126ca4-6f42-4183-8b66-95566ff645aa:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleced36014633829dc70a42dccaefdf3f11=[3364902]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.59.20
HTTP/1.1 200 OK
                                        
Server: nginx/1.17.9
Date: Mon, 19 Sep 2022 21:29:11 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/img/icon.jpg HTTP/1.1 
Host: cdn.sb4you1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.64.200.2
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Mon, 19 Sep 2022 21:29:11 GMT
content-length: 59931
last-modified: Tue, 08 Feb 2022 14:18:00 GMT
etag: "62027b98-ea1b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4101871
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BwdaipYStCIiFGi7e94%2FqAx6x7CMXdD7lxwtYNAT%2FTQJRtq8lgjz0YxNXlyGjUuHQ7fkb9DyImT7IPNJHvNsizeyr0yg0%2FWVDjucb2S42fRJV4a69wb1uU5p9uo7ovOyQGU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d56a559c0406a6-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=821, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1232], progressive, precision 8, 281x290, components 3\012- data
Size:   59931
Md5:    9337eb4f9526f6d16e6d1602d8fee3ae
Sha1:   203c7272c5a60a752db43857b2d337d644f690f5
Sha256: 1e803197ccab280a9285cdae1adbea170504d59ef0bbf02aab3d9785c0871422
                                        
                                            GET /sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/css/style.css HTTP/1.1 
Host: cdn.sb4you1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         172.64.200.2
HTTP/2 200 OK
content-type: text/css
                                        
date: Mon, 19 Sep 2022 21:29:11 GMT
last-modified: Wed, 09 Feb 2022 11:16:21 GMT
etag: W/"6203a285-2751"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4101781
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KT6EdL1KNdUHSGHLamM5fuTAvVvuMDg14usZNn8FPA6%2FPznmUWO9CKQOPD3YQDtVKe2wWJtiIeUmExIyoL714YnOm%2F8AT10PJlc1ongWFxy9OOf0JO0AsTrig0WTCrbAMNk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d56a558bca06a6-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   2803
Md5:    1b95f7dc5bfac7a1b38c0bd86eca8372
Sha1:   c97ea540eb2b7eb6005bd659bebd01eaee81617f
Sha256: ea075b5c88c670f3b2872b3e1162fb45c15bfc67e5254f79dc7f2a85c1f8ef81
                                        
                                            POST /g/v2/806.json HTTP/1.1 
Host: id5-sync.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 193
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         162.19.138.118
HTTP/1.1 200
content-type: application/json;charset=UTF-8
                                        
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
transfer-encoding: chunked
date: Mon, 19 Sep 2022 21:29:10 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   216
Md5:    ec2551708ffd432e3cb38c4522215264
Sha1:   74ebc80beab0fa8aa50aa82efcdcad0816308b3d
Sha256: 57dc9582209b2d95ab0fa49fe4b72bda4652d4cc80ff043df069256073c7696b
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 19 Sep 2022 21:29:11 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 18 Sep 2022 01:42:53 GMT
Expires: Sun, 25 Sep 2022 01:42:52 GMT
Etag: "9caeef6cf092a5afaf4578321a7301651468e3ce"
Cache-Control: max-age=446620,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74d56a562c600b45-OSL

                                        
                                            GET /sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/css/animate.css HTTP/1.1 
Host: cdn.sb4you1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         172.64.200.2
HTTP/2 200 OK
content-type: text/css
                                        
date: Mon, 19 Sep 2022 21:29:11 GMT
last-modified: Mon, 17 Jan 2022 14:25:59 GMT
etag: W/"61e57c77-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 831396
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YIi38RXyPRleZsOY%2F6kXLfQwuIu%2FnDSwMbQZDU3Uh%2BAhyDel0b1izMmIrLXyk58S6x%2By2gN0n%2FQcdEEFBfp0k5xzlr4nOoM4fA5LSO%2F9g3oHhqOgjs88%2B4qKrj3mUIj2Dy4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d56a559bff06a6-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   4815
Md5:    21eb7a65c17a2c22ba104a7ecbf1dc0f
Sha1:   ea8c53be54889c7489aed04e30e3eb83af64dec9
Sha256: 090bd9ceb9a58da038e5ed4a39dfbb63ece49ed4f4f0656ce35f7faa41a3b237
                                        
                                            GET /api/identity/envelope?pid=1258 HTTP/1.1 
Host: api.rlcdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.133.55
HTTP/2 401 Unauthorized
content-type: text/plain; charset=utf-8
                                        
x-content-type-options: nosniff
date: Mon, 19 Sep 2022 21:29:11 GMT
content-length: 19
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   19
Md5:    63dfbd2b39fe4f536a04e7b32ada47b4
Sha1:   207298c4a215ad5d97d888522927910ae772ba48
Sha256: 26e51290d12b4fea0bb98da3ed118837b744555ba723061771ab3df30000b6b7
                                        
                                            POST /gsgccr3dvtlsca2020 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 19 Sep 2022 21:29:11 GMT
Content-Length: 1414
Connection: keep-alive
Expires: Fri, 23 Sep 2022 18:05:00 GMT
ETag: "838de27c5aedef7fc3187a219e6119a24f5746bb"
Last-Modified: Mon, 19 Sep 2022 18:05:01 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2814
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74d56a56dcf9b523-OSL


--- Additional Info ---
Magic:  data
Size:   1414
Md5:    1e7c441eca671ac7be0f24188f59a48d
Sha1:   838de27c5aedef7fc3187a219e6119a24f5746bb
Sha256: be1969f0aa620bee4a70ec9547bde396ba977de04aa66a708d8d80e8bd8d4522
                                        
                                            GET /sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/img/close.svg HTTP/1.1 
Host: cdn.sb4you1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.64.200.2
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Mon, 19 Sep 2022 21:29:11 GMT
last-modified: Mon, 17 Jan 2022 14:26:00 GMT
etag: W/"61e57c78-415"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4101871
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jfmqJk68yPYUCjepXFvT4eyAPPky7WaA2MoW2V7U6OAD4ajInQbqBzqlLm8qSNE1z8rnC2iH7f6xXWa499IWkwYIOs2kgCLEhoDzKIGY4Dle7CEV%2BWoyEWuIOwUiHbV6b9s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d56a559c0206a6-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text
Size:   451
Md5:    5464de65d0d23b2a5919d685ddc3bbb7
Sha1:   6d28a575410713afe8921b160895978294fb43de
Sha256: d41ecec8b8df7980201f8a16f8b1fbcf9907c5b026da29cfd51a6380ff4ef2fd
                                        
                                            POST / HTTP/1.1 
Host: ocsp.godaddy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         192.124.249.24
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Sucuri/Cloudproxy
Date: Mon, 19 Sep 2022 21:29:11 GMT
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sun, 18 Sep 2022 23:30:08 GMT
Expires: Mon, 19 Sep 2022 23:30:08 GMT
ETag: "1dcb48dbc51c99fe7e5e7b7a312270c99c687933"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"


--- Additional Info ---
Magic:  data
Size:   1777
Md5:    f9020e1f76cc6f615242822f80f0d41e
Sha1:   1dcb48dbc51c99fe7e5e7b7a312270c99c687933
Sha256: 09bb64790135fcb0e87af1f1dcae40ebb7e640acc8bb04bdbb65f0df839e9791
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 19 Sep 2022 21:29:11 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 18 Sep 2022 01:42:53 GMT
Expires: Sun, 25 Sep 2022 01:42:52 GMT
Etag: "9caeef6cf092a5afaf4578321a7301651468e3ce"
Cache-Control: max-age=446620,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74d56a56fd000b45-OSL

                                        
                                            GET /track/rid?ttd_pid=pubmatic&fmt=json HTTP/1.1 
Host: match.adsrvr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         52.223.40.198
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Mon, 19 Sep 2022 21:29:11 GMT
content-length: 63
cache-control: private
expires: Wed, 19 Oct 2022 21:29:11 GMT
vary: Origin
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
x-aspnet-version: 4.0.30319
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   63
Md5:    b430f5b3d723f872a672a49b3f5a250c
Sha1:   f5a185d678dc6b0740cd7d94caec13ecb52ae4a7
Sha256: d0d4a1bde57e7252006dbc0537e5d3e29389273110545d9739233a61b9763ca0
                                        
                                            GET /id HTTP/1.1 
Host: id.crwdcntrl.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://ouo.press
Connection: keep-alive
Referer: https://ouo.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site