giveyoumylife.yoo7.com/t1100-topic
178.33.115.32301 Moved Permanently 0 B URL HTTP/1.1 giveyoumylife.yoo7.com/t1100-topic
IP 178.33.115.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /t1100-topic HTTP/1.1
Host: giveyoumylife.yoo7.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 04 Dec 2022 21:01:02 GMT
Content-Length: 0
Location: https://giveyoumylife.yoo7.com/t1100-topic
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14233
Expires: Mon, 05 Dec 2022 00:58:16 GMT
Date: Sun, 04 Dec 2022 21:01:03 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fb2c0697c6d9a96a5411dd2952947458
79e57f831ec396bbdaa5bfe9472a05e6c9fb31f4
3fd7edcc349ab4402f62e54a142be6b4cecf0e7ee3f431d3168bdf0643ba4d92
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2940
Cache-Control: max-age=137954
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 21:01:03 GMT
Etag: "638c76f5-1d7"
Expires: Tue, 06 Dec 2022 11:20:17 GMT
Last-Modified: Sun, 04 Dec 2022 10:31:17 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10191
Expires: Sun, 04 Dec 2022 23:50:54 GMT
Date: Sun, 04 Dec 2022 21:01:03 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: cvNQ8vMoD55gRhQ1zDpPxG72u2OOh7zzWeZGashETfw1CHTtHvHEigDDdq3AuJ967+My1VKGlxE=
x-amz-request-id: MXD5889CX0C83W2A
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 04 Dec 2022 20:47:42 GMT
age: 801
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 04 Dec 2022 20:20:09 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2454
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 096273dd298be12257cc0fef23b48abb
84c297c68a3a4cd08c867dab8255d24edcf319f8
3ecb5a3eea269517e575366989b21b2715719bfac37c216ccc2ebe164269139b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3ECB5A3EEA269517E575366989B21B2715719BFAC37C216CCC2EBE164269139B"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14032
Expires: Mon, 05 Dec 2022 00:54:55 GMT
Date: Sun, 04 Dec 2022 21:01:03 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 21:01:03 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 122124f83967c12700f5a6f5546b0f1f
d7acd2db61ad811c388a44b7bd407fa5f4aea8ee
b6b9e0b6c241b4eeb5161b1c297dec2aa6188032017074ee7f8e5533fab87a4d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 21:01:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3c4319f54a5675ee9acda96c58f97ac6
210ea86db1836d430b321d59b4bd1b016c914f22
cb20ad3ec895ed3a2ae9b1a90dda6b7cc174d8851f3a15ba054a435746cbdc65
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 21:01:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3fd55ba1010364a283f9c432c6470647
eb4e6d82fde6efc9d200b766fe4de2993e2d68dd
79dcee92d3e1294461db25d44af59ce83cfd03d4a63569d54152af7e1fd2e415
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5302
Cache-Control: max-age=122658
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 21:01:03 GMT
Etag: "638c31fb-117"
Expires: Tue, 06 Dec 2022 07:05:21 GMT
Last-Modified: Sun, 04 Dec 2022 05:36:59 GMT
Server: ECS (amb/6B87)
X-Cache: HIT
Content-Length: 279
ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
142.250.74.74200 OK 34 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
IP 142.250.74.74:0
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Hash d989f35706c62ce4a5c561586c55566e
d32e7958e5765609bf08dcdefd0b2c2a8714ce34
375dfe942a03ee024b5cc827b3efda5550d13df7530281f50862ce3b33fcb716
GET /ajax/libs/jquery/1.7.2/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://giveyoumylife.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33845
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 18:40:06 GMT
expires: Wed, 29 Nov 2023 18:40:06 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 440457
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash acbbda771733a0530d8384099cbc99db
c6191c527c78e46abb63163cc60c2f710eb5b961
dddf7f258a4c7fabda74fa8ac771d5043afc20fb7bee458d1f0aaabd1462cc35
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6168
Cache-Control: max-age=96541
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 21:01:03 GMT
Etag: "638bc895-118"
Expires: Mon, 05 Dec 2022 23:50:04 GMT
Last-Modified: Sat, 03 Dec 2022 22:07:17 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3fd55ba1010364a283f9c432c6470647
eb4e6d82fde6efc9d200b766fe4de2993e2d68dd
79dcee92d3e1294461db25d44af59ce83cfd03d4a63569d54152af7e1fd2e415
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4632
Cache-Control: max-age=121988
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 21:01:03 GMT
Etag: "638c31fb-117"
Expires: Tue, 06 Dec 2022 06:54:11 GMT
Last-Modified: Sun, 04 Dec 2022 05:36:59 GMT
Server: ECS (amb/6BC2)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3fd55ba1010364a283f9c432c6470647
eb4e6d82fde6efc9d200b766fe4de2993e2d68dd
79dcee92d3e1294461db25d44af59ce83cfd03d4a63569d54152af7e1fd2e415
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4654
Cache-Control: max-age=122010
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 21:01:03 GMT
Etag: "638c31fb-117"
Expires: Tue, 06 Dec 2022 06:54:33 GMT
Last-Modified: Sun, 04 Dec 2022 05:36:59 GMT
Server: ECS (amb/6B73)
X-Cache: HIT
Content-Length: 279
giveyoumylife.yoo7.com/users/2814/76/05/20/smiles/124328.gif
178.33.43.150200 OK 6.1 kB URL HTTP/2 giveyoumylife.yoo7.com/users/2814/76/05/20/smiles/124328.gif
IP 178.33.43.150:0
File type GIF image data, version 89a, 29 x 21\012- data
Hash 780f10c7e6a0d16bf3a535194132f0bf
c1cabc43137a90f128bf4ce500e74b054d591f0d
f9df6a2d2f8ce0fe9ee8017a3a207c150d93200e85c4e4e612f0d79957d568e4
GET /users/2814/76/05/20/smiles/124328.gif HTTP/1.1
Host: giveyoumylife.yoo7.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://giveyoumylife.yoo7.com/t1100-topic
Cookie: exadd=167020
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 21:01:03 GMT
content-type: image/gif
content-length: 6115
last-modified: Mon, 01 Jan 2001 00:00:00 GMT
etag: "3a4fc880-17e3"
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash acbbda771733a0530d8384099cbc99db
c6191c527c78e46abb63163cc60c2f710eb5b961
dddf7f258a4c7fabda74fa8ac771d5043afc20fb7bee458d1f0aaabd1462cc35
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6168
Cache-Control: max-age=96541
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 21:01:03 GMT
Etag: "638bc895-118"
Expires: Mon, 05 Dec 2022 23:50:04 GMT
Last-Modified: Sat, 03 Dec 2022 22:07:17 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 280
www.googletagmanager.com/gtag/js?id=UA-144347007-1
142.250.74.40200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-144347007-1
IP 142.250.74.40:0
File type ASCII text, with very long lines (1921)
Hash 7394f5efc2066edb47c804c2c4761abe
b4cb6023843f40023aa6362ba284c20fe755a2cb
83ecc8534e141da3c4d489b95c5cf128c6258780520fbfb5c5482ab53adcdbb6
GET /gtag/js?id=UA-144347007-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://giveyoumylife.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 04 Dec 2022 21:01:03 GMT
expires: Sun, 04 Dec 2022 21:01:03 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43635
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=
142.250.74.40200 OK 38 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=
IP 142.250.74.40:0
File type ASCII text, with very long lines (1921)
Hash d3d3aa9d53c56500f3f71ee1fc760d3e
589e33bfc7e3830e157ac7d0b6f833791ec99d27
6983c6a54a38f26542bfc849eb7fd7f05d1437eebbee4c4fadabd99e71014425
GET /gtag/js?id= HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://giveyoumylife.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 04 Dec 2022 21:01:03 GMT
expires: Sun, 04 Dec 2022 21:01:03 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 37489
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
giveyoumylife.yoo7.com/0-rtl.css
178.33.43.150200 OK 62 kB URL HTTP/2 giveyoumylife.yoo7.com/0-rtl.css
IP 178.33.43.150:0
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash 0b02545ccf92cb5be4e167495a87c505
1445b86e8d2116b8fba11bb554d975ed8bc3de34
929123bc935f959e1b4cbdc0f5441d439d2b931581cc690fce47d4a2afb8e3b7
GET /0-rtl.css HTTP/1.1
Host: giveyoumylife.yoo7.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://giveyoumylife.yoo7.com/t1100-topic
Cookie: exadd=167020
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 21:01:03 GMT
content-type: text/css
content-length: 61630
last-modified: Sun, 04 Dec 2022 00:00:00 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: gzip
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-cache-ma: HIT
X-Firefox-Spdy: h2
2img.net/s/t/13/19/71/i_icon_mini_portal.gif
104.21.235.175200 OK 4.5 kB URL HTTP/2 2img.net/s/t/13/19/71/i_icon_mini_portal.gif
IP 104.21.235.175:0
File type GIF image data, version 87a, 77 x 200\012- data
Hash 20f699f0c12330d1e1fc57de37f17b3b
30c2a1f64b51fb68c8f7d14c4ba98017098d1723
7ae18b22c1ea33d49e55b3c4341a6d879d651645677e669d0a41802ad58fee3b
GET /s/t/13/19/71/i_icon_mini_portal.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://giveyoumylife.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 21:01:03 GMT
content-type: image/gif
content-length: 4531
last-modified: Wed, 27 Oct 2010 17:02:05 GMT
etag: "4cc85b0d-11b3"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8XwZROCL3eViVm6zPZnS%2FOJPjGRwLiPqqPuLq6adiPuNMye%2B9LYh35d1zJiij87P6VFbNfGNkkwNYdJsyFa0AsCpBGkqXsK%2FVMWwocE%2FJoJS%2Byr8KN6A8xj7ig%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774779a269fc74a5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/s/t/13/19/71/i_tabs_less.gif
104.21.235.175200 OK 158 B URL HTTP/2 2img.net/s/t/13/19/71/i_tabs_less.gif
IP 104.21.235.175:0
File type GIF image data, version 89a, 15 x 15\012- data
Hash a8db997b71cacbe36df162a3b6579693
67b07698f165c7e7da1f51b1f0177915ffb0d40e
6fbc8c76887978f45441cff3d055b3f89badfad2da6c07dfa37e3de98a359813
GET /s/t/13/19/71/i_tabs_less.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://giveyoumylife.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 21:01:03 GMT
content-type: image/gif
content-length: 158
last-modified: Sat, 27 Dec 2008 15:55:20 GMT
etag: "49564fe8-9e"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HmFgpdr68p7xttTre8TtxMYfiz7FROc5juysMnrimfssrl%2F%2BZ0hSE8XEnmG1LdQgnR5u%2BQ%2Bos8dp9jWe0iTw00SK1XGaSks900mtGP8D%2F0l3stc1NcfSkI2i2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774779a27a1374a5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 81b4d5cf042f5a919ebe8d75b97c3a25
cc17f00660238f9033eb3b715562999f5b8b58d3
b2c58906fca9fec5cf5ae5ee89db3d14e53e99514b361835c99353d3d902bd2a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6323
Cache-Control: max-age=165805
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 21:01:03 GMT
Etag: "638cd689-2d7"
Expires: Tue, 06 Dec 2022 19:04:28 GMT
Last-Modified: Sun, 04 Dec 2022 17:19:05 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 727
2img.net/s/t/13/19/71/i_icon_www.gif
104.21.235.175200 OK 1.1 kB URL HTTP/2 2img.net/s/t/13/19/71/i_icon_www.gif
IP 104.21.235.175:0
File type GIF image data, version 89a, 16 x 16\012- data
Hash e8b7fcdd305bfce177d0dde82423b295
1bc6209858aebb082a4d2950715693e60cdc8247
b84680d0dbe0fda29134d106d367390f766a58b9d85aaaff452d7b2be39c9f4b
GET /s/t/13/19/71/i_icon_www.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://giveyoumylife.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 21:01:03 GMT
content-type: image/gif
content-length: 1063
last-modified: Sat, 27 Dec 2008 15:55:12 GMT
etag: "49564fe0-427"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dAXEE0sPARsneku0UOYRLNLyoP8FHjh8NtFGYJDABzPgpep%2FcL9UEZHIJPHLNDRTpgvNKL7jQv35dbyeBBn%2FaW6UFu262H8XE7lk63hk1NqcTFJWaHMAyUQtUg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774779a269ff74a5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/s/t/13/19/71/i_icon_mini_index.gif
104.21.235.175200 OK 4.5 kB URL HTTP/2 2img.net/s/t/13/19/71/i_icon_mini_index.gif
IP 104.21.235.175:0
File type GIF image data, version 87a, 77 x 200\012- data
Hash 922051fab6cb99cc7ea84ce205bfff5d
b4ff279415337dc6942bfda7f8ab25f72cc3e3b9
a6580733f147d8d94aa4bed7efaa7d52a166b0057376ac884ebc333ba72169f7
GET /s/t/13/19/71/i_icon_mini_index.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://giveyoumylife.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 21:01:03 GMT
content-type: image/gif
content-length: 4458
last-modified: Wed, 27 Oct 2010 17:02:06 GMT
etag: "4cc85b0e-116a"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yhIJyAZKKWyrwclSSe41w013eZoxTt%2B0%2BmDJncL%2Bv7KnwHYb2RJuqRUEdr78qbdi75pPVrUd7uhjaeknnlRxJ6Aphyj0GZ7rgzCoDb3HrL00Iab3Y1tkKd7s9w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774779a28a2d74a5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/s/t/13/19/71/i_icon_mini_gallery.gif
104.21.235.175200 OK 4.5 kB URL HTTP/2 2img.net/s/t/13/19/71/i_icon_mini_gallery.gif
IP 104.21.235.175:0
File type GIF image data, version 87a, 77 x 200\012- data
Hash d202c2396bc139ca86df6d0c28c05322
3d88ba92b5e23c170090ca0b355cdc1bd9133fce
598be5878a55beaf4b0410f49ed4a3ce9c2fc51bc8fbbc21ae2c60e55a49b3a1
GET /s/t/13/19/71/i_icon_mini_gallery.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://giveyoumylife.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 21:01:03 GMT
content-type: image/gif
content-length: 4495
last-modified: Wed, 27 Oct 2010 17:02:06 GMT
etag: "4cc85b0e-118f"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N1UDacgUYK50AHLFQ5OEZrLqzn23pi54J%2FApJDB2BaIGl5wvua0VyweBo4GXR0%2FUouC%2Fe20m2Oitre0TpVer64VR%2BVKbMPPz8n1HTnN%2BBftwvzj5lT1ZGDwTDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774779a26a0174a5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash 1c5a280d130588f4098f759d4606e5b7
6ee703f50768d46afbe70cc014963ff56b8a04a3
0e44cc312aad8320de54cb8c8438ea503090c3b61b7240d2b466b8ef9ac704a3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2802
Cache-Control: max-age=91736
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 21:01:03 GMT
Etag: "638bc2f5-138"
Expires: Mon, 05 Dec 2022 22:29:59 GMT
Last-Modified: Sat, 03 Dec 2022 21:43:17 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 312
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 31b129c94a90b1e695b21395cb54e378
a3cae46b48d469cc61ab0581303bcd5f5b654db9
fac3f681be358a20f78958dff10c89b7a91365c5114c81246c1bc34c1362ba1e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2930
Cache-Control: max-age=132878
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 21:01:03 GMT
Etag: "638c632b-1d7"
Expires: Tue, 06 Dec 2022 09:55:41 GMT
Last-Modified: Sun, 04 Dec 2022 09:06:51 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
2img.net/s/t/13/19/71/i_icon_minipost.gif
104.21.235.175200 OK 1.0 kB URL HTTP/2 2img.net/s/t/13/19/71/i_icon_minipost.gif
IP 104.21.235.175:0
File type GIF image data, version 89a, 16 x 16\012- data
Hash ae06a3a4f592a914ea64a6da70f68433
c04d5146d0302ab0861b20629830752e3de1a6eb
ea379a859c86e9a54c2f3e2c4872626cdac664f34cb3cf536d0b03986cba3cea
GET /s/t/13/19/71/i_icon_minipost.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://giveyoumylife.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 21:01:03 GMT
content-type: image/gif
content-length: 1032
last-modified: Sat, 27 Dec 2008 15:55:21 GMT
etag: "49564fe9-408"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K7t6zxiIFctI7qFDhb4q%2FRXjiJQ3h2UP4VedSXstFPD%2BnqYkwqDIhysqZutyYr81ie2AeLOWY8nFei3hwouwHsmI8ttCQBZGsY6sGGMj1TFrZKIm0a6tVPUe%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774779a269fe74a5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 122124f83967c12700f5a6f5546b0f1f
d7acd2db61ad811c388a44b7bd407fa5f4aea8ee
b6b9e0b6c241b4eeb5161b1c297dec2aa6188032017074ee7f8e5533fab87a4d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 21:01:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
2img.net/s/t/13/19/71/i_tabs_more.gif
104.21.235.175200 OK 150 B URL HTTP/2 2img.net/s/t/13/19/71/i_tabs_more.gif
IP 104.21.235.175:0
File type GIF image data, version 87a, 15 x 15\012- data
Hash 12e05cc4df638a8cdeba8ec0b3251919
8d0d9aae2a0bbf55de8334a5e883dc15cc90fd2b
6a5e1f146d03da3ba3a019264755c3f62a1279ac742c7630981213addf742792
GET /s/t/13/19/71/i_tabs_more.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://giveyoumylife.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 21:01:03 GMT
content-type: image/gif
content-length: 150
last-modified: Wed, 27 Oct 2010 17:02:03 GMT
etag: "4cc85b0b-96"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ay6RoNBlUROwLkSD8tXYT3tj7XtpB069%2BvPlpw3GsT9kDM3TtWXr%2B9MjI%2Fd87xMsR5g8nv%2F3a5eyaYvUi%2FeMFajD%2BgjXYnBpb8Qu8YYE9f7h%2FMA%2BsCHGVIwP4A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774779a27a1274a5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/s/t/13/19/71/i_icon_mini_login.gif
104.21.235.175200 OK 4.5 kB URL HTTP/2 2img.net/s/t/13/19/71/i_icon_mini_login.gif
IP 104.21.235.175:0
File type GIF image data, version 87a, 77 x 200\012- data
Hash 527111f39ce27120f6ac350a7283f87d
8a942631d22c15073b97e5bb45e37b3c6bf24be2
eef3cf5266c17db8acd7d10c9019a196d3f752e0ad4e17f557de29b613844c02
GET /s/t/13/19/71/i_icon_mini_login.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://giveyoumylife.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 21:01:03 GMT
content-type: image/gif
content-length: 4512
last-modified: Wed, 27 Oct 2010 17:02:04 GMT
etag: "4cc85b0c-11a0"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I2b6FQjGq1%2B33H5QehxCzZn%2FVUMHbAgRJwIf4RX%2F75DPPPlxhGEh7QX%2Fj8zUDwNYssmPZuCZvN6NO1w2V2pYDfmM5z7%2F67ZDmkWZ4cm%2Buh2rfyyuZy5KScC23w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774779a28a2c74a5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 04 Dec 2022 20:08:58 GMT
cache-control: public,max-age=3600
age: 3125
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3fd55ba1010364a283f9c432c6470647
eb4e6d82fde6efc9d200b766fe4de2993e2d68dd
79dcee92d3e1294461db25d44af59ce83cfd03d4a63569d54152af7e1fd2e415
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5302
Cache-Control: max-age=122658
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 21:01:03 GMT
Etag: "638c31fb-117"
Expires: Tue, 06 Dec 2022 07:05:21 GMT
Last-Modified: Sun, 04 Dec 2022 05:36:59 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash acbbda771733a0530d8384099cbc99db
c6191c527c78e46abb63163cc60c2f710eb5b961
dddf7f258a4c7fabda74fa8ac771d5043afc20fb7bee458d1f0aaabd1462cc35
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4491
Cache-Control: max-age=94865
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 21:01:03 GMT
Etag: "638bc895-118"
Expires: Mon, 05 Dec 2022 23:22:08 GMT
Last-Modified: Sat, 03 Dec 2022 22:07:17 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3c4319f54a5675ee9acda96c58f97ac6
210ea86db1836d430b321d59b4bd1b016c914f22
cb20ad3ec895ed3a2ae9b1a90dda6b7cc174d8851f3a15ba054a435746cbdc65
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 21:01:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
35.86.38.2101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.86.38.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: FBY01d3DcNJPfCY6abOUMA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: DyRwL3HEZhaMC1q8Rm+vFXzAEis=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d3e8f4315487d14d256974b0de698bd6
b95e16294a0ce9bceab933b34b21d8878a1449bf
6953f31da4312fdb9b7b30b7add9e86d1b9f331c48b187f915e9cde8b1668859
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6953F31DA4312FDB9B7B30B7ADD9E86D1B9F331C48B187F915E9CDE8B1668859"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6531
Expires: Sun, 04 Dec 2022 22:49:55 GMT
Date: Sun, 04 Dec 2022 21:01:04 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash e180a705ac6cd96961bcbd3a76ce367a
374c761ecbeda2a4d7595ce0509ecd00f1e89440
2794408c3a1d6019fea14a45053bf7fb4bce808e10b0e5e97ad7e19b59a25c06
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2325
Cache-Control: max-age=121859
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 21:01:04 GMT
Etag: "638c3a7e-118"
Expires: Tue, 06 Dec 2022 06:52:03 GMT
Last-Modified: Sun, 04 Dec 2022 06:13:18 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 8b839bec32f7b79c6fea79eef3c39eaf
e78ff3339301c487eb72d61eeafa61fc02ce5012
f4630ec53ba02868a55d568264fa0c2715ce825558bb74d070dcac5ee49bb31c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2872
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 21:01:04 GMT
Last-Modified: Sun, 04 Dec 2022 20:13:12 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 313
i.servimg.com/u/f60/13/10/29/54/untitl11.jpg
172.67.178.62200 OK 37 kB URL HTTP/2 i.servimg.com/u/f60/13/10/29/54/untitl11.jpg
IP 172.67.178.62:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 774x365, components 3\012- data
Hash 6315246f8aa7e7ea4d9b32bb2b6497bd
61a3941a839a5aa6a6b6f1b760c3fbecbc53bdfa
ea975aee7beced702add2f47a990ea2faba75eb1bc94b11aec3d20917419707d
GET /u/f60/13/10/29/54/untitl11.jpg HTTP/1.1
Host: i.servimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://giveyoumylife.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 21:01:04 GMT
content-type: image/jpeg
content-length: 36638
last-modified: Mon, 09 Feb 2009 10:00:25 GMT
etag: "498ffeb9-8f1e"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Sat, 02 Dec 2023 20:45:02 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kX%2FYht1UGG4cXS%2FZ%2BcvfDXgiUY%2BLesCsqt1YalGeZg0XaXhMuNjDlffvc4tTZIwHhTPItiAMkFsZcRzOkeP1piaL0twEAdBbKJit2CFSNZtw3V1wvhLWJRlBDAvz5TBP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 774779a6eb6bb517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash e180a705ac6cd96961bcbd3a76ce367a
374c761ecbeda2a4d7595ce0509ecd00f1e89440
2794408c3a1d6019fea14a45053bf7fb4bce808e10b0e5e97ad7e19b59a25c06
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2325
Cache-Control: max-age=121859
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 21:01:04 GMT
Etag: "638c3a7e-118"
Expires: Tue, 06 Dec 2022 06:52:03 GMT
Last-Modified: Sun, 04 Dec 2022 06:13:18 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash a9f82178f4a7dccd4bf4fb84170e3fa7
54ad9cb2fd1e5c31a13ac377b445de55ec7df58a
3b826b406a9db81555b54fad48ebecaf45414ef3119e0be8635c54a02615ec88
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2782
Cache-Control: max-age=163719
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 21:01:04 GMT
Etag: "638cdc39-139"
Expires: Tue, 06 Dec 2022 18:29:43 GMT
Last-Modified: Sun, 04 Dec 2022 17:43:21 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 313
dnacdn.net/dna
178.250.2.146200 OK 0 B IP 178.250.2.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 21:01:04 GMT
server: Kestrel
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=fILqF180M0RITmhlJTJCZkMwOUJGQlhaMUN2cyUyQmxKN1BaVkp1U1lkQWdlZGtYYWl3dVJJSFUycyUyQlZvZmtkM1klMkJ4Q3p3Smg; expires=Fri, 29 Dec 2023 21:01:04 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 407116
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
cdn.viglink.com/api/vglnk.js
54.230.111.39200 OK 29 kB URL HTTP/2 cdn.viglink.com/api/vglnk.js
IP 54.230.111.39:0
File type ASCII text, with very long lines (693)
Hash 072eaf64a771815874455704fca9301b
6c6226d00f14bb800cd4390b3cd42df941be43b1
bb35c8c300bd1acfe7ed86eb988f74ff2e8d86a4fb0409c5d78a890f9fd14b8e
GET /api/vglnk.js HTTP/1.1
Host: cdn.viglink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://giveyoumylife.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript
content-length: 28567
last-modified: Wed, 02 Dec 2020 18:57:12 GMT
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
date: Wed, 30 Nov 2022 16:53:51 GMT
cache-control: public, max-age=604800
etag: "072eaf64a771815874455704fca9301b"
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: WqKJhDCvmX2YjHNeuHP75wvvw1avWXXa37Hv7RtoqNGKysiXJ88Mrg==
age: 360433
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash ee00ac7a24f2be13f49a39c476f9f707
98a87636f9dbd123b21b0c4adf164c68603da8ba
6edf8fd4b338be0cfa4ce5fd22a6adc145f0f47576447a03c277bea70a43a5eb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2807
Cache-Control: max-age=136019
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 21:01:04 GMT
Etag: "638c6fec-139"
Expires: Tue, 06 Dec 2022 10:48:03 GMT
Last-Modified: Sun, 04 Dec 2022 10:01:16 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash ee00ac7a24f2be13f49a39c476f9f707
98a87636f9dbd123b21b0c4adf164c68603da8ba
6edf8fd4b338be0cfa4ce5fd22a6adc145f0f47576447a03c277bea70a43a5eb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2897
Cache-Control: max-age=136109
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 21:01:04 GMT
Etag: "638c6fec-139"
Expires: Tue, 06 Dec 2022 10:49:33 GMT
Last-Modified: Sun, 04 Dec 2022 10:01:16 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 313
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://giveyoumylife.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sun, 04 Dec 2022 20:41:08 GMT
expires: Sun, 04 Dec 2022 22:41:08 GMT
cache-control: public, max-age=7200
age: 1196
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/forumotion-ar/loader.js
151.101.129.44200 OK 25 kB URL HTTP/2 cdn.taboola.com/libtrc/forumotion-ar/loader.js
IP 151.101.129.44:0
File type Unicode text, UTF-8 text, with very long lines (65498)
Hash 89d32c791c97d8cc6581d18ba08c37fd
ebb36de9cf125714cb2173ecd255671d1ed3c24b
f0ac1545dc3d63aba60185c29f1b5f57e90172fc75d02f8028d866b70ce1b1ac
GET /libtrc/forumotion-ar/loader.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://giveyoumylife.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: DLluyGnC1xDYt2a+kJQyFKK9H2xkcfp/qZ84RLUZoYLCPZ+1POiLYMLhG1OFjtzcWLJ2CSJCMwU=
x-amz-request-id: XZE36HPYXP5NVRCS
last-modified: Sun, 04 Dec 2022 11:07:05 GMT
etag: "4ce1aa58b1acafb9b4f2ae3522152e9b"
x-amz-version-id: HGeyL_.MBNtV9nwEV7JtR0Xc2rmgdTYa
content-type: application/javascript; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Sun, 04 Dec 2022 21:01:04 GMT
via: 1.1 varnish
age: 146
x-served-by: cache-bma1673-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1670187665.734455,VS0,VE1
cache-control: private,max-age=14401
vary: Accept-Encoding
abp: 84
content-length: 25343
X-Firefox-Spdy: h2
stootsou.net/zone?pub=0&zone_id=2308013&is_mobile=false&domain=giveyoumylife.yoo7.com&var=&ymid=&var_3=
139.45.197.250200 OK 758 B URL HTTP/2 stootsou.net/zone?pub=0&zone_id=2308013&is_mobile=false&domain=giveyoumylife.yoo7.com&var=&ymid=&var_3=
IP 139.45.197.250:0
File type JSON data\012- , ASCII text, with very long lines (757)
Hash 529397798be10222888873303787a3d7
df32953951c919eb631a6c56ca4bbb1948f461aa
78ad424a9f8d3d11ee2a80f850038a69201b2ff43ef62fa41e38799e129a1f0c
Analyzer Verdict Alert quad9 Sinkholed
GET /zone?pub=0&zone_id=2308013&is_mobile=false&domain=giveyoumylife.yoo7.com&var=&ymid=&var_3= HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://giveyoumylife.yoo7.com/
Origin: https://giveyoumylife.yoo7.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 21:01:04 GMT
content-type: application/json; charset=utf-8
content-length: 758
x-trace-id: 1b9324d2a83b67b321d3c39783b3c2f0
access-control-allow-origin: https://giveyoumylife.yoo7.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/impl.20221204-5-RELEASE.js
151.101.129.44200 OK 147 kB URL HTTP/2 cdn.taboola.com/libtrc/impl.20221204-5-RELEASE.js
IP 151.101.129.44:0
File type ASCII text, with very long lines (65509)
Size 147 kB (146692 bytes)
Hash 44011b5dd14e2f62cd293736e61bfd5d
de3c2fe115b850c1e3e98fe3f7535b25cb1d3c60
b3afb4ddb950f8d47f69dc4d767ab42575b6ac181266b74bf47f62db718d1b78
GET /libtrc/impl.20221204-5-RELEASE.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://giveyoumylife.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: CjI7dNb7Sm2ieogl+FR+2lgv4og9KWqPbaVSss7gfMGqV7gCClnQ5mltb5VDFGjCpsQ2jYBvHZE=
x-amz-request-id: 4J772X8ZNY05ZTSH
last-modified: Sun, 04 Dec 2022 10:58:02 GMT
etag: "44011b5dd14e2f62cd293736e61bfd5d"
content-encoding: br
x-amz-version-id: FCB4xk7W.ZTqnSlYrGqFWfqH44s.QC5m
content-type: application/javascript
accept-ranges: bytes
date: Sun, 04 Dec 2022 21:01:04 GMT
via: 1.1 varnish
age: 7373
x-served-by: cache-bma1673-BMA
x-cache: HIT
x-cache-hits: 7157
x-timer: S1670187665.843649,VS0,VE0
cache-control: private,max-age=31536000
vary: Accept-Encoding
abp: 15
server: AmazonS3-br
content-length: 146692
X-Firefox-Spdy: h2
stootsou.net/custom
139.45.197.250200 OK 0 B IP 139.45.197.250:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://giveyoumylife.yoo7.com/
Origin: https://giveyoumylife.yoo7.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 21:01:05 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://giveyoumylife.yoo7.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
stootsou.net/custom
139.45.197.250200 OK 0 B IP 139.45.197.250:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://giveyoumylife.yoo7.com/
Origin: https://giveyoumylife.yoo7.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 21:01:05 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://giveyoumylife.yoo7.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash ab507b3688f9409491da9715db2cb8f7
1f851e21b05f8fca6685220fdb1c1b3856d97791
ada01d1daa6559da33b5b7f076f5987e36394b6a617b09d33805c6cf875e80a4
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=130367
Date: Sun, 04 Dec 2022 21:01:05 GMT
Etag: "638c5246-1d7"
Expires: Tue, 06 Dec 2022 09:13:52 GMT
Last-Modified: Sun, 04 Dec 2022 07:54:46 GMT
Server: ECS (bsa/EB13)
X-Cache: Miss from cloudfront
Via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: MuMj-xqiYlf5uUTCupSq-FDMEvA39X97Hquz_5GWOVEDIcHf5j1qVg==
Age: 4746
stootsou.net/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Analyzer Verdict Alert quad9 Sinkholed
POST /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://giveyoumylife.yoo7.com/
Content-Type: application/json
Origin: https://giveyoumylife.yoo7.com
Content-Length: 392
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 21:01:05 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: e49c78a08327a3cc2a3bd94ff42bb5f7
access-control-allow-origin: https://giveyoumylife.yoo7.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
stootsou.net/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Analyzer Verdict Alert quad9 Sinkholed
POST /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://giveyoumylife.yoo7.com/
Content-Type: application/json
Origin: https://giveyoumylife.yoo7.com
Content-Length: 473
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 21:01:05 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 15aa9d93fcc4e999d2bf26a7d8a46942
access-control-allow-origin: https://giveyoumylife.yoo7.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 596a7cafffcfb533bec2a149a8bec520
af0656fdf2558932ae330c250392674ec1e471f1
6c8a0470f40a113cccb1fb71bded08a1e817dec190a11bc6340b64edb00199d4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6C8A0470F40A113CCCB1FB71BDED08A1E817DEC190A11BC6340B64EDB00199D4"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=662
Expires: Sun, 04 Dec 2022 21:12:07 GMT
Date: Sun, 04 Dec 2022 21:01:05 GMT
Connection: keep-alive
giveyoumylife.yoo7.com/?utm_source=pwa
178.33.43.150200 OK 20 kB URL HTTP/2 giveyoumylife.yoo7.com/?utm_source=pwa
IP 178.33.43.150:0
Hash b7b94b2a0f015fea751a5a49ed1fd8f2
6bcd9b0b33f195e064d4b58fd12f9626d7c597b9
8ddb3098dddf2ecfb71e86614f8422908e362eb26650212bc75658fbb9ab9738
GET /?utm_source=pwa HTTP/1.1
Host: giveyoumylife.yoo7.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://giveyoumylife.yoo7.com/serviceworker.js
Connection: keep-alive
Cookie: exadd=167020; _fa-screen=%7B%22w%22%3A1280%2C%22h%22%3A939%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 21:01:04 GMT
content-type: text/html; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache, no-store
pragma: no-cache
expires: Sun, 04 Dec 2022 00:00:00 GMT
last-modified: Sun, 04 Dec 2022 21:01:04 GMT
vary: User-Agent
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
giveyoumylife.yoo7.com/images/icons-180.png
178.33.43.150200 OK 28 kB URL HTTP/2 giveyoumylife.yoo7.com/images/icons-180.png
IP 178.33.43.150:0
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash 0ec27e19f063fadceea2023015bcf3bd
6f21d7be7c0cbea0f2ce139d28f47661b569d2ed
61290dc8170d2b76b25abdc1982c420a435c85ab3e23caccf33d218554d3acaf
GET /images/icons-180.png HTTP/1.1
Host: giveyoumylife.yoo7.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://giveyoumylife.yoo7.com/t1100-topic
Cookie: exadd=167020; _fa-screen=%7B%22w%22%3A1280%2C%22h%22%3A939%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 21:01:05 GMT
content-type: image/png
content-length: 27835
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Sun, 04 Dec 2022 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
x-cache-ic: MISS
X-Firefox-Spdy: h2
api.viglink.com/api/sync.js?key=74bad24252620514d1244cfba01f2ee2
34.246.116.79200 OK 43 B URL HTTP/1.1 api.viglink.com/api/sync.js?key=74bad24252620514d1244cfba01f2ee2
IP 34.246.116.79:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /api/sync.js?key=74bad24252620514d1244cfba01f2ee2 HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://giveyoumylife.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Content-Type: image/gif;charset=UTF-8
Date: Sun, 04 Dec 2022 21:01:05 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 43
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2dabd839729e9b0fb2558253d850126b
64f617aa0afb52168ef3519a4cf9829ac61ee007
1a47e4d0efdac6fbec990e3e168bfdfe615ff8953158773e8b1940d4d91eee18
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 21:01:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
gum.criteo.com/sid/json?origin=publishertag&domain=yoo7.com&sn=FirefoxSyncframe&so=0&topUrl=giveyoumylife.yoo7.com&info=lIXRU180M0RITmhlJTJCZkMwOUJGQlhaMUN2cyUyQmxKN1BaVkp1U1lkQWdlZGtYYWl3dWxQb3hZU3gyVWdOV3pjelJFZHFtTw&idsd=768526071,-399430866&cw=1&lsw=1
178.250.2.146200 OK 575 B URL HTTP/2 gum.criteo.com/sid/json?origin=publishertag&domain=yoo7.com&sn=FirefoxSyncframe&so=0&topUrl=giveyoumylife.yoo7.com&info=lIXRU180M0RITmhlJTJCZkMwOUJGQlhaMUN2cyUyQmxKN1BaVkp1U1lkQWdlZGtYYWl3dWxQb3hZU3gyVWdOV3pjelJFZHFtTw&idsd=768526071,-399430866&cw=1&lsw=1
IP 178.250.2.146:0
Hash 0324b14bde35df138c487e8f10da4385
b3f7732e028f12a939ab855c3e581075f10e5f67
5cd68c9d25fa3d0c98512e01e5a8bd7a3884ef9d91f2289164f72025599dbcd0
GET /sid/json?origin=publishertag&domain=yoo7.com&sn=FirefoxSyncframe&so=0&topUrl=giveyoumylife.yoo7.com&info=lIXRU180M0RITmhlJTJCZkMwOUJGQlhaMUN2cyUyQmxKN1BaVkp1U1lkQWdlZGtYYWl3dWxQb3hZU3gyVWdOV3pjelJFZHFtTw&idsd=768526071,-399430866&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=giveyoumylife.yoo7.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 21:01:04 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 943262
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
trc-events.taboola.com/forumotion-ar/log/3/bulk-metrics?lti=deflated&bulkSize=1
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/forumotion-ar/log/3/bulk-metrics?lti=deflated&bulkSize=1
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /forumotion-ar/log/3/bulk-metrics?lti=deflated&bulkSize=1 HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 487
Origin: https://giveyoumylife.yoo7.com
Connection: keep-alive
Referer: https://giveyoumylife.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Sun, 04 Dec 2022 21:01:05 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://giveyoumylife.yoo7.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
api.viglink.com/api/sync.gif?key=74bad24252620514d1244cfba01f2ee2
34.246.116.79200 OK 43 B URL HTTP/1.1 api.viglink.com/api/sync.gif?key=74bad24252620514d1244cfba01f2ee2
IP 34.246.116.79:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /api/sync.gif?key=74bad24252620514d1244cfba01f2ee2 HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://giveyoumylife.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Content-Type: image/gif;charset=UTF-8
Date: Sun, 04 Dec 2022 21:01:05 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 43
Connection: keep-alive
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-144347007-1&cid=26780084.1670187662&jid=2122017398&gjid=804884801&_gid=1025674957.1670187662&_u=YEBAAUAAAAAAACAAI~&z=1984951628
64.233.165.156200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-144347007-1&cid=26780084.1670187662&jid=2122017398&gjid=804884801&_gid=1025674957.1670187662&_u=YEBAAUAAAAAAACAAI~&z=1984951628
IP 64.233.165.156:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-144347007-1&cid=26780084.1670187662&jid=2122017398&gjid=804884801&_gid=1025674957.1670187662&_u=YEBAAUAAAAAAACAAI~&z=1984951628 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://giveyoumylife.yoo7.com
Connection: keep-alive
Referer: https://giveyoumylife.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://giveyoumylife.yoo7.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 04 Dec 2022 21:01:05 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
giveyoumylife.yoo7.com/sw.js
178.33.43.150200 OK 2.1 kB URL HTTP/2 giveyoumylife.yoo7.com/sw.js
IP 178.33.43.150:0
File type ASCII text, with very long lines (5459)
Hash 19fb572e4442ad975dced9d82a9500c3
7d77c7b861599f16d6a9fede8158aad89a72d596
643f5af8b9bc291bf7af78c540d4255ccf06d6dc23ff1b17ff9365e6364bed9d
GET /sw.js HTTP/1.1
Host: giveyoumylife.yoo7.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://giveyoumylife.yoo7.com/t1100-topic
Connection: keep-alive
Cookie: exadd=167020; _fa-screen=%7B%22w%22%3A1280%2C%22h%22%3A939%7D; _ga=GA1.2.26780084.1670187662; _gid=GA1.2.1025674957.1670187662; _gat_gtag_UA_144347007_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 21:01:05 GMT
content-type: application/javascript
last-modified: Tue, 27 Aug 2019 13:54:01 GMT
etag: W/"5d6535f9-1554"
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 3b37e9e4dc5c39c8fb6aba1ddd4ddc4e
2a3653d905b34824efded08cbb4c400f80d73526
c2855a99d6c1522d57a8224193527da72bf97c139541d1e010a51762fb1ab73e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6520
Cache-Control: max-age=133590
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 21:01:05 GMT
Etag: "638c57ef-116"
Expires: Tue, 06 Dec 2022 10:07:35 GMT
Last-Modified: Sun, 04 Dec 2022 08:18:55 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 278
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2dabd839729e9b0fb2558253d850126b
64f617aa0afb52168ef3519a4cf9829ac61ee007
1a47e4d0efdac6fbec990e3e168bfdfe615ff8953158773e8b1940d4d91eee18
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 21:01:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stootsou.net/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Analyzer Verdict Alert quad9 Sinkholed
POST /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://giveyoumylife.yoo7.com/
Content-Type: application/json
Origin: https://giveyoumylife.yoo7.com
Content-Length: 756
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 21:01:05 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 11596a587c8e95935ff95d6a97a15091
access-control-allow-origin: https://giveyoumylife.yoo7.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d5f25c4c99bce7de9166e989e0e94df3
977a8feb8420b10fc4b27440203b08ecae7516f8
5e444685fc55211330424827c83a0b4a885ff07f4c97fa667eead72cdc3c3eaf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5E444685FC55211330424827C83A0B4A885FF07F4C97FA667EEAD72CDC3C3EAF"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17113
Expires: Mon, 05 Dec 2022 01:46:18 GMT
Date: Sun, 04 Dec 2022 21:01:05 GMT
Connection: keep-alive
my.rtmark.net/gid.js?userId=5061a7221ac942d68944de6313293083
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=5061a7221ac942d68944de6313293083
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 930a7ced1d50a1dfa7ed499351b74fe7
2a50e2527b7638f541663e6a12648d7ee34af16d
afa4f6863762760de1e8adfa6d8ab3e78052cfda2600c9dee9a847bfc6c2ad9c
GET /gid.js?userId=5061a7221ac942d68944de6313293083 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://giveyoumylife.yoo7.com
Connection: keep-alive
Referer: https://giveyoumylife.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 21:01:05 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://giveyoumylife.yoo7.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=5061a7221ac942d68944de6313293083; expires=Mon, 04 Dec 2023 21:01:05 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
bidder.criteo.com/csm/events
178.250.0.165204 No Content 0 B URL HTTP/2 bidder.criteo.com/csm/events
IP 178.250.0.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csm/events HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 370
Origin: https://giveyoumylife.yoo7.com
Connection: keep-alive
Referer: https://giveyoumylife.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 04 Dec 2022 21:01:04 GMT
vary: Origin
server: Finatra
timing-allow-origin: *
access-control-allow-origin: https://giveyoumylife.yoo7.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
178.250.2.146200 OK 0 B URL HTTP/2 gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
IP 178.250.2.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /sync?c=72&r=2&j=TRC.getRTUS HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-crto-bundle
Referer: https://giveyoumylife.yoo7.com/
Origin: https://giveyoumylife.yoo7.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 21:01:05 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=3600
expires: 60
access-control-allow-credentials: true
access-control-allow-headers: X-CRTO-SID, X-CRTO-IDCPY, X-CRTO-OPTOUT, X-CRTO-BUNDLE
access-control-allow-origin: https://giveyoumylife.yoo7.com
server-processing-duration-in-ticks: 382127
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.2.146200 OK 129 B IP 178.250.2.146:0
File type JSON data\012- , ASCII text, with no line terminators
Hash b64c93194c6eb82d8abc8d1d4521b0cf
61da2f134fa2ace6d4efb0152d49d26697df218c
811c9e69538969b699ef985ad654858e86ad0e01ed87ac36f510029cc31bd0bc
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=lIXRU180M0RITmhlJTJCZkMwOUJGQlhaMUN2cyUyQmxKN1BaVkp1U1lkQWdlZGtYYWl3dWxQb3hZU3gyVWdOV3pjelJFZHFtTw
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 21:01:05 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=5cJLVF80M0RITmhlJTJCZkMwOUJGQlhaMUN2cyUyQmxKN1BaVkp1U1lkQWdlZGtYYWl3c1JsT2VNcURReWFpNjhzM3ZTbXA4ag; expires=Fri, 29 Dec 2023 21:01:05 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 164529
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
api.viglink.com/api/domains
34.246.116.79200 OK 41 B URL HTTP/1.1 api.viglink.com/api/domains
IP 34.246.116.79:0
File type ASCII text, with no line terminators
Hash 45a0fbc11e7aa3edf77d6b621d6c5395
c397fe87ce6dc411b90d5c11dae85a730b3c349e
888ba552322f6aee08110ac4aa433ef852cf78c3d984eb634fc3d3a12667b9f5
POST /api/domains HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 263
Origin: https://giveyoumylife.yoo7.com
Connection: keep-alive
Referer: https://giveyoumylife.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://giveyoumylife.yoo7.com
Cache-Control: no-cache, no-store
Content-Type: text/javascript;charset=UTF-8
Date: Sun, 04 Dec 2022 21:01:04 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 41
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7c9e0bb25e8c28e8b10038806b0a7190
9fa6097aeb8eacde8ba7c9ab80a7a7d2405ae2bc
f4864000960be2f888ed7d2467f74130231fed6f56ad48ff15861f5769e95a58
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 21:01:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 663979bbd831a40bec8611cfac8d77af
aa43c96676a33100f244e6772e37adc2b6f89b76
60c21027da288e857f546b531dd226d81206bfa85a35985b0e1587a68dec4d5b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 21:01:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ag.gbc.criteo.com/newidsd
185.235.84.150200 OK 375 B URL HTTP/2 ag.gbc.criteo.com/newidsd
IP 185.235.84.150:0
Hash 2aef3bf474517210beff606eb9159183
2112dd639306b3ec10e664c7e4b5300876a54149
6a8d3e24045746b72e7d216c7f3d76adf280c52cd176755f272c7b012828e0bd
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 21:01:05 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 116765
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-144347007-1&cid=26780084.1670187662&jid=2122017398&_u=YEBAAUAAAAAAACAAI~&z=655427732
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-144347007-1&cid=26780084.1670187662&jid=2122017398&_u=YEBAAUAAAAAAACAAI~&z=655427732
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-144347007-1&cid=26780084.1670187662&jid=2122017398&_u=YEBAAUAAAAAAACAAI~&z=655427732 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://giveyoumylife.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 04 Dec 2022 21:01:05 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 2a3e9c9270d5d1402700343b567d8e21
4348655937347ff19881acafd04b1277e017f19c
905ee9517e8597ac86e76b99b970f77a4fbb2500de30ef6efea97a4bbcea51d4
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 21:01:05 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 02 Dec 2022 13:33:18 GMT
Expires: Fri, 09 Dec 2022 13:33:17 GMT
Etag: "4348655937347ff19881acafd04b1277e017f19c"
Cache-Control: max-age=404531,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 774779ad4e8a0b65-OSL
datatechonert.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
139.45.195.253200 OK 12 B URL HTTP/1.1 datatechonert.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP 139.45.195.253:0
File type JSON data\012- , ASCII text, with no line terminators
Hash adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
Analyzer Verdict Alert quad9 Sinkholed
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: datatechonert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 905
Origin: https://giveyoumylife.yoo7.com
Connection: keep-alive
Referer: https://giveyoumylife.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Sun, 04 Dec 2022 21:01:05 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://giveyoumylife.yoo7.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 663979bbd831a40bec8611cfac8d77af
aa43c96676a33100f244e6772e37adc2b6f89b76
60c21027da288e857f546b531dd226d81206bfa85a35985b0e1587a68dec4d5b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 21:01:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash f54a71942ab5d7fdc54672cf84aa76db
e03db706ad371c93ddd3cc4a3e4c329777bb5f4b
87453ee6a206085c9b82594123a30bf59f7354733d19f21e388dea70768198c9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 21:01:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
trc.taboola.com/forumotion-ar/trc/3/json?tim=21%3A01%3A02.612<i=deflated&data=%7B%22id%22%3A428%2C%22ii%22%3A%22%2Ft1100-topic%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1670152012754%2C%22vi%22%3A1670187662608%2C%22cv%22%3A%2220221204-5-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fgiveyoumylife.yoo7.com%2Ft1100-topic%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22bu%22%3A%22https%3A%2F%2Fgiveyoumylife.yoo7.com%2Ft1100-topic%22%2C%22vpi%22%3A%22%2Ft1100-topic%22%2C%22bad%22%3A-1%2C%22sw%22%3A1280%2C%22sh%22%3A1002%2C%22bw%22%3A1280%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A939%2C%22dw%22%3A1268%2C%22dh%22%3A2064%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-728x90%3Aabp%3D0%22%2C%22uip%22%3A%22728x90%20Thumbnails%22%2C%22orig_uip%22%3A%22728x90%20Thumbnails%22%2C%22cd%22%3A726.2000122070312%2C%22mw%22%3A0%2C%22amw%22%3A696.5%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A5%2C%22uim%22%3A%22thumbnails-desktop-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22cd%22%3A1982.5999755859375%2C%22mw%22%3A1000%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Ft1100-topic%2C728x90%20Thumbnails%3Dthumbnails-728x90%3Aabp%3D0%2C%2CBelow%20Desktop%20Forum%20Thumbnails%3Dthumbnails-desktop-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
151.101.129.44200 OK 14 kB URL HTTP/2 trc.taboola.com/forumotion-ar/trc/3/json?tim=21%3A01%3A02.612<i=deflated&data=%7B%22id%22%3A428%2C%22ii%22%3A%22%2Ft1100-topic%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1670152012754%2C%22vi%22%3A1670187662608%2C%22cv%22%3A%2220221204-5-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fgiveyoumylife.yoo7.com%2Ft1100-topic%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22bu%22%3A%22https%3A%2F%2Fgiveyoumylife.yoo7.com%2Ft1100-topic%22%2C%22vpi%22%3A%22%2Ft1100-topic%22%2C%22bad%22%3A-1%2C%22sw%22%3A1280%2C%22sh%22%3A1002%2C%22bw%22%3A1280%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A939%2C%22dw%22%3A1268%2C%22dh%22%3A2064%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-728x90%3Aabp%3D0%22%2C%22uip%22%3A%22728x90%20Thumbnails%22%2C%22orig_uip%22%3A%22728x90%20Thumbnails%22%2C%22cd%22%3A726.2000122070312%2C%22mw%22%3A0%2C%22amw%22%3A696.5%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A5%2C%22uim%22%3A%22thumbnails-desktop-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22cd%22%3A1982.5999755859375%2C%22mw%22%3A1000%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Ft1100-topic%2C728x90%20Thumbnails%3Dthumbnails-728x90%3Aabp%3D0%2C%2CBelow%20Desktop%20Forum%20Thumbnails%3Dthumbnails-desktop-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
IP 151.101.129.44:0
Hash 483bff2fb61800427038bfc641bb929a
d9b070f4776fdfeed1c5590aa44fd80ea33e8aa4
a171612bad1b17eddb9f34bd8d5d65c4e8dc8cf8bf5500bfc9e9ce087a788e87
GET /forumotion-ar/trc/3/json?tim=21%3A01%3A02.612<i=deflated&data=%7B%22id%22%3A428%2C%22ii%22%3A%22%2Ft1100-topic%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1670152012754%2C%22vi%22%3A1670187662608%2C%22cv%22%3A%2220221204-5-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fgiveyoumylife.yoo7.com%2Ft1100-topic%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22bu%22%3A%22https%3A%2F%2Fgiveyoumylife.yoo7.com%2Ft1100-topic%22%2C%22vpi%22%3A%22%2Ft1100-topic%22%2C%22bad%22%3A-1%2C%22sw%22%3A1280%2C%22sh%22%3A1002%2C%22bw%22%3A1280%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A939%2C%22dw%22%3A1268%2C%22dh%22%3A2064%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-728x90%3Aabp%3D0%22%2C%22uip%22%3A%22728x90%20Thumbnails%22%2C%22orig_uip%22%3A%22728x90%20Thumbnails%22%2C%22cd%22%3A726.2000122070312%2C%22mw%22%3A0%2C%22amw%22%3A696.5%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A5%2C%22uim%22%3A%22thumbnails-desktop-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22cd%22%3A1982.5999755859375%2C%22mw%22%3A1000%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Ft1100-topic%2C728x90%20Thumbnails%3Dthumbnails-728x90%3Aabp%3D0%2C%2CBelow%20Desktop%20Forum%20Thumbnails%3Dthumbnails-desktop-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2 HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://giveyoumylife.yoo7.com
Connection: keep-alive
Referer: https://giveyoumylife.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://giveyoumylife.yoo7.com
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Sun, 04 Dec 2022 21:01:05 GMT
via: 1.1 varnish
x-served-by: cache-bma1673-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1670187665.219535,VS0,VE375
vary: Accept-Encoding
x-vcl-time-ms: 375
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/cta-component.20221204-5-RELEASE.es6.js
151.101.129.44200 OK 5.1 kB URL HTTP/2 cdn.taboola.com/libtrc/cta-component.20221204-5-RELEASE.es6.js
IP 151.101.129.44:0
File type ASCII text, with very long lines (18924)
Hash 9b7cf542cdd2fc4a076a02d37dff71fc
e20ed06224647b5a57809e1cd8623e1358d0516a
472681407a0b437ec853b421e0c919a98a46838e7fd60c610e81d76dcd200997
GET /libtrc/cta-component.20221204-5-RELEASE.es6.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://giveyoumylife.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: iBdvQgrpqB9hFnXEXocil/IPLxo9kTfrCNauB+inDV3bDvv7T6k1XT5Pz7YGdL0YbXvEa/NcVC0=
x-amz-request-id: BM2J3DBSD3EJF0FS
x-amz-replication-status: PENDING
last-modified: Sun, 04 Dec 2022 12:45:18 GMT
etag: "3d57420ee8058c5dd7c6af7bcddf9500"
x-amz-version-id: GX.y_qek13qzszMknBMEjodlNkqXuW62
content-type: application/javascript; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Sun, 04 Dec 2022 21:01:05 GMT
via: 1.1 varnish
age: 103
x-served-by: cache-bma1673-BMA
x-cache: HIT
x-cache-hits: 58
x-timer: S1670187666.770833,VS0,VE0
cache-control: private,max-age=14400
vary: Accept-Encoding
abp: 15
content-length: 5107
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/userx.20221204-5-RELEASE.es6.js
151.101.129.44200 OK 5.4 kB URL HTTP/2 cdn.taboola.com/libtrc/userx.20221204-5-RELEASE.es6.js
IP 151.101.129.44:0
File type ASCII text, with very long lines (17842)
Hash 1bf1dea253cd98940ce69c484846d6a1
10eb6e66d08a1b9d47b907bdab99ce62df1ac64e
a1400b6b985663284e06ff193ae67a058ac4a941c0e39a0459fbdbae5f2b8bec
GET /libtrc/userx.20221204-5-RELEASE.es6.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://giveyoumylife.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: JqZ/yLM48O7O463Ttm8xU7mzkvETfxvwt7FKlLjm6luzENqOF69dXlL97srYZ1cLMuNLK64Qayk=
x-amz-request-id: F6G6YAPYQQ205QRS
x-amz-replication-status: PENDING
last-modified: Sun, 04 Dec 2022 12:46:15 GMT
etag: "f257084fa5d40369fd5095838cc508c9"
x-amz-version-id: t5qY8CKRUH4Gm3ODbJJbfrati21qr3EK
content-type: application/javascript; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Sun, 04 Dec 2022 21:01:05 GMT
via: 1.1 varnish
age: 44
x-served-by: cache-bma1673-BMA
x-cache: HIT
x-cache-hits: 2
x-timer: S1670187666.771128,VS0,VE0
cache-control: private,max-age=14400
vary: Accept-Encoding
abp: 15
content-length: 5398
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14879
Expires: Mon, 05 Dec 2022 01:09:04 GMT
Date: Sun, 04 Dec 2022 21:01:05 GMT
Connection: keep-alive
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e050a88c8e5ed3fcc3eebb503bfc57aa.jpeg
151.101.129.44200 OK 14 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e050a88c8e5ed3fcc3eebb503bfc57aa.jpeg
IP 151.101.129.44:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 7b9557d2e75fbdfa04387636e65ad3b0
2e7baf3d8139e3be70c800611ceaf50e8f2a2684
ad0712c9a8ac8e824cb0627a793d3808a7e3f7446f2c73c9ce96e7c59dc38da8
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e050a88c8e5ed3fcc3eebb503bfc57aa.jpeg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://giveyoumylife.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 527578145217244863764444018979659677586,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 527578145217244863764444018979659677586,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
etag: "5f4a400a99796e2260d2d5c7f8c02e95"
last-modified: Fri, 04 Nov 2022 09:18:53 GMT
req-referer: https://www.kidspot.com.au/
status: 200 OK
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-request-id: 7e201c0ac43a735932035028cf61b434
x-envoy-upstream-service-time: 819
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sun, 04 Dec 2022 21:01:05 GMT
age: 2554244
x-served-by: cache-iad-kcgs7200112-IAD, cache-iad-kcgs7200179-IAD, cache-bur-kbur8200082-BUR, cache-iad-kiad7000118-IAD, cache-bma1673-BMA
x-cache: MISS, MISS, MISS, HIT, HIT
x-cache-hits: 0, 0, 0, 91, 1
x-timer: S1670187666.780407,VS0,VE1
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e050a88c8e5ed3fcc3eebb503bfc57aa.jpeg
x-vcl-time-ms: 1
content-length: 14464
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f6041f428a3ba0b9249a7fd58a5869fe.jpg
151.101.129.44200 OK 11 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f6041f428a3ba0b9249a7fd58a5869fe.jpg
IP 151.101.129.44:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 372993b971674ec80a26de37e8810143
f9855ce75ca8fffe45d444ae3f793d396c93b1b0
f47541347a852175f1687f32a2a43aa3c129fe0a18f31de8e3a557b47a4c23dc
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f6041f428a3ba0b9249a7fd58a5869fe.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://giveyoumylife.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 361781390314105529016427604591071400423,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 361781390314105529016427604591071400423,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
etag: "5bde2a5cb337d3e5da92c0673b88d4d5"
expiration: expiry-date="Fri, 25 Nov 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
last-modified: Tue, 25 Oct 2022 17:17:52 GMT
req-referer: https://weather.com/
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-envoy-upstream-service-time: 126
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sun, 04 Dec 2022 21:01:05 GMT
age: 1659879
x-served-by: cache-iad-kiad7000097-IAD, cache-iad-kiad7000083-IAD, cache-chi-kigq8000073-CHI, cache-iad-kcgs7200127-IAD, cache-bma1673-BMA
x-cache: MISS, MISS, MISS, HIT, HIT
x-cache-hits: 0, 0, 0, 39, 1
x-timer: S1670187666.780523,VS0,VE2
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f6041f428a3ba0b9249a7fd58a5869fe.jpg
x-vcl-time-ms: 2
content-length: 10680
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//illiweb.com/fa/empty.gif
151.101.129.44200 OK 300 B URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//illiweb.com/fa/empty.gif
IP 151.101.129.44:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 240x200, components 1\012- data
Hash 117612906d848ac5bab362816a837ecb
71afde9bddb00f1d13960b3db299407a39733859
6be9cfd683b1c8e57d7c231f9518ae7325c7df03bcca93c77bf779eb89a5c106
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//illiweb.com/fa/empty.gif HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://giveyoumylife.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 576314129693928467953438700423355769068,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
content-type: image/jpeg
edge-cache-tag: 576314129693928467953438700423355769068,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
etag: "117612906d848ac5bab362816a837ecb"
expiration: expiry-date="Mon, 21 Nov 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
last-modified: Fri, 21 Oct 2022 11:39:18 GMT
server: cloudinary
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-backend-name: CLOUDINARY:3FP7YNX3LMizprTZsG7BSW--F_addr_taboola_res_cloudinary_com
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sun, 04 Dec 2022 21:01:05 GMT
age: 3476870
x-served-by: cache-iad-kjyo7100130-IAD, cache-iad-kjyo7100130-IAD, cache-bma1673-BMA
x-cache: MISS, HIT, HIT
x-cache-hits: 0, 31, 1
x-timer: S1670187666.780624,VS0,VE2
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//illiweb.com/fa/empty.gif
x-vcl-time-ms: 2
content-length: 300
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg
34.120.237.76200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c01fe1cccdb3b672bbade6d98217ffe9
a9a529dc9894827f6243a1bf57f81caa4fe88fc2
c43da6212c79a08e22e78e04e99e8f5422e64b4b0a87f30b7907f1b4bc675c71
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4666
x-amzn-requestid: 850d341f-5ccb-453c-8adf-a8194f8fbdad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clr_-GiboAMFwww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc066-766293f2526e637235067aca;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: z5uqgjB-Bsl0U55a8aFi37cpJ65Vnbjm6bJ2GnMpaO7RXsMZsOCbPQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:44:01 GMT
age: 83824
etag: "a9a529dc9894827f6243a1bf57f81caa4fe88fc2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
178.250.6.123200 OK 542 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP 178.250.6.123:0
Hash ec249f77ef4f6f2d6f7824005cf8f0f7
473f76880e4a58adefd28b2e230fd2d1ddde7186
81cf0dc899730fa680429b23410bd90caadea5f8b770025d428d7f8466c0b5b0
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 21:01:04 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 80010
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14879
Expires: Mon, 05 Dec 2022 01:09:04 GMT
Date: Sun, 04 Dec 2022 21:01:05 GMT
Connection: keep-alive
vidstat.taboola.com/lite-unit/3.9.8/UnitWidgetItemDesktop.min.js
151.101.129.44200 OK 30 kB URL HTTP/2 vidstat.taboola.com/lite-unit/3.9.8/UnitWidgetItemDesktop.min.js
IP 151.101.129.44:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash aac1042207afd54e1cf1befcaf3420cd
00f0597866330a850a1d6222861591f24dd18380
ea77ece8880eb28ffe83e94ef787b4204f8b1b3d09f443011b898b13ed4bb706
GET /lite-unit/3.9.8/UnitWidgetItemDesktop.min.js HTTP/1.1
Host: vidstat.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://giveyoumylife.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 22 Nov 2022 07:02:09 GMT
etag: "1842444d4bb92087143326a4d508875d"
server: AmazonS3
via: 1.1 b34d5d8e5954d0b7b46d5f0eb534c166.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: iVxUQ_yUDgKIDSZaR21P2jFvv94ZUaTAMQdnd9xsEMFJTpsmb2NMlg==
cache-control: public, max-age=2592000
content-encoding: gzip
accept-ranges: bytes
date: Sun, 04 Dec 2022 21:01:05 GMT
age: 1087108
x-served-by: cache-bma1673-BMA
x-cache: Hit from cloudfront, HIT
x-cache-hits: 35894
x-timer: S1670187666.784535,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
content-length: 29909
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3af2e495-85ff-410f-8418-e683c7f84bcd.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3af2e495-85ff-410f-8418-e683c7f84bcd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 027480c06cd67621f373c6765dafee4d
9f80bb7ca6f699d88eaec2248dec508c589fe994
f69a0d6bd6e79d8fa7f2f15df11237c0a8b04d45af3cd5870eeef86d18f553bf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3af2e495-85ff-410f-8418-e683c7f84bcd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7728
x-amzn-requestid: 9f37e7a6-1f00-4a81-9b14-962fd0b6cdf4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAMEJxoAMFchQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc067-4a4cce217327b44525ea1e98;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ztC4S0WeA3ft_9JafrL6fInXo4jwkb0cTWUx4Z8L2uz3EWQS-d6F5A==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 22:08:25 GMT
age: 82360
etag: "9f80bb7ca6f699d88eaec2248dec508c589fe994"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
tzegilo.com/stattag.js
172.67.194.45200 OK 8.3 kB IP 172.67.194.45:0
File type ASCII text, with very long lines (12966), with no line terminators
Hash c163e45e1fa7d7a39b56bc2b52c61caa
9e1469d0e8a52978d0d11914cd8f16dee7a57274
8f4b8cc74ff005f4ce53cd2c60a36bb953addfc617aedabfe7fd378be6b6f3ed
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://giveyoumylife.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 21:01:05 GMT
content-type: application/javascript
last-modified: Wed, 23 Nov 2022 15:07:42 GMT
etag: W/"637e373e-32a6"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 2567
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=che%2FW5FLBTV6doBIlXTY3rID37eTR94xqO5cBRVdw1%2F1YDtpWu5%2BxlpuKLTx7%2FDOhR%2BwBx43A5ZXRYWMe%2FwFIpOt%2B8RYdPM3wP00XIOtZrRiEQefdm4brDlNjlWMtA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774779ac2edab4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 14dcca2a9c4792d835ee709bcd947402
1d702df3a64258628f4124eafd580695f2d350af
da01dcd8fef7c50bdb6f7a8a6a4955694092f479df3dba72f7fa69d7280d07b2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 16143
x-amzn-requestid: dc86fad4-4e53-42c9-9b0a-5e4d2cfcd087
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdGyLGqmoAMFnaA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851a7-0ea324b31e8c6578098b8ab9;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:03 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: KHd4ajJWl-8TDH5HGbkuJXI4NL6I83IwSUBKzfq85cxpyRH_LGl6OA==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 05:55:20 GMT
age: 54345
etag: "1d702df3a64258628f4124eafd580695f2d350af"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1be84be2e3591de568ca74be2f22d69d.jpg
151.101.129.44200 OK 9.6 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1be84be2e3591de568ca74be2f22d69d.jpg
IP 151.101.129.44:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 20830fbb063868a0cd1d248f58740ee6
37292f1c8464d4ba37a566e97c139fe0e0ae2a2c
aa8550eab01a3976b5e3e0481da58d2e600d884c57c1adacb638a0503e717550
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1be84be2e3591de568ca74be2f22d69d.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://giveyoumylife.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 414260058662767000306106132439461487183,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 414260058662767000306106132439461487183,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
etag: "a816d85cdf3830c83cf6b5ff3d723b76"
last-modified: Tue, 29 Nov 2022 09:53:32 GMT
req-referer: https://13tv.co.il/
status: 200 OK
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-request-id: fd98aa46211196179dadac4ddac5b5b8
x-envoy-upstream-service-time: 513
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sun, 04 Dec 2022 21:01:05 GMT
age: 412052
x-served-by: cache-iad-kcgs7200072-IAD, cache-iad-kcgs7200170-IAD, cache-bur-kbur8200048-BUR, cache-iad-kjyo7100132-IAD, cache-bma1673-BMA
x-cache: MISS, MISS, MISS, HIT, HIT
x-cache-hits: 0, 0, 0, 1, 1
x-timer: S1670187666.780265,VS0,VE7
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1be84be2e3591de568ca74be2f22d69d.jpg
x-vcl-time-ms: 7
content-length: 9552
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19c9bb39-be15-49f9-aad9-2cc511601111.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19c9bb39-be15-49f9-aad9-2cc511601111.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a6e7b32ac999cf3c899a234c621fa91a
fc5d4f3163ebb9faf85968cbb1d194e8e68418be
f12db3aed126006fee00649aba0b3eaae900de200b85b9523866a90b5494f18e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19c9bb39-be15-49f9-aad9-2cc511601111.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8989
x-amzn-requestid: abce0b01-f70c-42ad-b242-5a24735fe4c2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltl4Gk2oAMFSWQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc2f2-1cccffff5199dffe70264a95;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:43:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PFl7VUrzRkMFNnTiIw_cbGCyrEFn43eUSlZfT0nUhUmjjyXT7JfjMA==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:50:01 GMT
age: 83464
etag: "fc5d4f3163ebb9faf85968cbb1d194e8e68418be"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14879
Expires: Mon, 05 Dec 2022 01:09:04 GMT
Date: Sun, 04 Dec 2022 21:01:05 GMT
Connection: keep-alive
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f40/15/31/63/96/201910.jpg
151.101.129.44200 OK 5.8 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f40/15/31/63/96/201910.jpg
IP 151.101.129.44:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 3d65770a978e97f8a2e0702660dcc371
44e306f08e5af8e4ca2ceb97ec8361b9e693f322
b78ba46b24021d32bbf4679d64dd112f2164bb3a17a62aae0aedcbaa4f5f437a
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f40/15/31/63/96/201910.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://giveyoumylife.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 544739962377286115750906782440533884243,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 544739962377286115750906782440533884243,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
etag: "2e4f6466dae29a54e4d540a2389ed4c3"
expiration: expiry-date="Sun, 23 Oct 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
last-modified: Thu, 22 Sep 2022 11:56:27 GMT
req-referer: https://pontera.yoo7.com/
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-envoy-upstream-service-time: 758
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sun, 04 Dec 2022 21:01:05 GMT
age: 5023348
x-served-by: cache-iad-kjyo7100097-IAD, cache-iad-kjyo7100042-IAD, cache-chi-klot8100141-CHI, cache-iad-kcgs7200074-IAD, cache-bma1673-BMA
x-cache: HIT, MISS, MISS, HIT, HIT
x-cache-hits: 1, 0, 0, 136, 1
x-timer: S1670187666.784017,VS0,VE20
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f40/15/31/63/96/201910.jpg
x-vcl-time-ms: 20
content-length: 5812
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 43309032a892c486f9985ef520df696e
36f4682ca6a33ff80ee02129c77e6f27e996ede0
24225ff504f30405d9ec3feb2555c738fcca0d6b265f285aa9c73a64c78a496e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5681
x-amzn-requestid: 8f0d66b8-d532-48d9-9a29-74540cd6ab3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltXnEotIAMFqkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc296-27349a376ff819ab63b04a81;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:41:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vNP2rQwmWTntetjJyjonO8N_YOBqvQuZUm42BWX7c1GoX7jASOIpCg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:49:42 GMT
age: 83483
etag: "36f4682ca6a33ff80ee02129c77e6f27e996ede0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash db1701b7b9d161a0c935bb6e10b17893
22a8c4bd58c729c1abcf794466e8f3231dfb034b
b495524a33e5b1d3ba34cfbe867ada0da956c061370b1fcde06b23a6194a9787
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8315
x-amzn-requestid: f1bcc33b-aad9-4d3b-b1f9-49282f2d4fb9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAMGVboAMFfxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc067-13472a097177d4751c8f7a8c;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JuY0xcLDiERwrVhq33d4PP64liDqFfk9bc9xX1H62o0tOwrt1ek7Pg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:42:39 GMT
age: 83906
etag: "22a8c4bd58c729c1abcf794466e8f3231dfb034b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash be53a33785ddf64f3e9ba4e1b4f2dba5
a83e59d265067048a974de8efec288500bb99401
ebf77eacba775df627203b87832c0e26a2bbfb814bb8b0b34f9e85f0e750cdb1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2607
Cache-Control: max-age=126091
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 21:01:05 GMT
Etag: "638c49ed-138"
Expires: Tue, 06 Dec 2022 08:02:36 GMT
Last-Modified: Sun, 04 Dec 2022 07:19:09 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 312
csm.nl.eu.criteo.net/iev?entry=c~Idfs.Rtus.72.Events.StartInit~1&entry=c~Idfs.Rtus.72.Origin.FromBundle~1&entry=c~Idfs.Rtus.72.Headers.Bundle~1&entry=c~Idfs.Rtus.72.Events.InitiateFetch~1&entry=c~Idfs.Rtus.72.Events.SyncframeDropped~1&entry=c~Idfs.Rtus.72.Origin.FromSyncframeBundle~1&entry=c~Idfs.Rtus.72.Headers.Bundle~1&entry=c~Idfs.Rtus.72.Events.InitiateFetch~1
178.250.2.150200 OK 43 B URL HTTP/2 csm.nl.eu.criteo.net/iev?entry=c~Idfs.Rtus.72.Events.StartInit~1&entry=c~Idfs.Rtus.72.Origin.FromBundle~1&entry=c~Idfs.Rtus.72.Headers.Bundle~1&entry=c~Idfs.Rtus.72.Events.InitiateFetch~1&entry=c~Idfs.Rtus.72.Events.SyncframeDropped~1&entry=c~Idfs.Rtus.72.Origin.FromSyncframeBundle~1&entry=c~Idfs.Rtus.72.Headers.Bundle~1&entry=c~Idfs.Rtus.72.Events.InitiateFetch~1
IP 178.250.2.150:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /iev?entry=c~Idfs.Rtus.72.Events.StartInit~1&entry=c~Idfs.Rtus.72.Origin.FromBundle~1&entry=c~Idfs.Rtus.72.Headers.Bundle~1&entry=c~Idfs.Rtus.72.Events.InitiateFetch~1&entry=c~Idfs.Rtus.72.Events.SyncframeDropped~1&entry=c~Idfs.Rtus.72.Origin.FromSyncframeBundle~1&entry=c~Idfs.Rtus.72.Headers.Bundle~1&entry=c~Idfs.Rtus.72.Events.InitiateFetch~1 HTTP/1.1
Host: csm.nl.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://giveyoumylife.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 21:01:05 GMT
pragma: no-cache
server: Finatra
expires: 0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 43
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
api.viglink.com/api/domains
34.246.116.79200 OK 42 B URL HTTP/1.1 api.viglink.com/api/domains
IP 34.246.116.79:0
File type ASCII text, with no line terminators
Hash 66e77f928c6afdad87c983f0b7aa4664
cbf23de2ff0a157ae8ff4969b8a37d46257f2a92
98d5e4f11780a6a90028123b78e2c24ae474f4749099c02eb7d40db6f2b30755
POST /api/domains HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 292
Origin: https://giveyoumylife.yoo7.com
Connection: keep-alive
Referer: https://giveyoumylife.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://giveyoumylife.yoo7.com
Cache-Control: no-cache, no-store
Content-Type: text/javascript;charset=UTF-8
Date: Sun, 04 Dec 2022 21:01:05 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 42
Connection: keep-alive
il-trc-events.taboola.com/forumotion-ar/log/3/bulk-metrics?route=AM%3AIL%3AV<i=deflated&bulkSize=2
185.106.33.48204 No Content 0 B URL HTTP/2 il-trc-events.taboola.com/forumotion-ar/log/3/bulk-metrics?route=AM%3AIL%3AV<i=deflated&bulkSize=2
IP 185.106.33.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /forumotion-ar/log/3/bulk-metrics?route=AM%3AIL%3AV<i=deflated&bulkSize=2 HTTP/1.1
Host: il-trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 1695
Origin: https://giveyoumylife.yoo7.com
Connection: keep-alive
Referer: https://giveyoumylife.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Sun, 04 Dec 2022 21:01:06 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://giveyoumylife.yoo7.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
il-trc-events.taboola.com/forumotion-ar/log/2/debug?tim=21%3A01%3A03.400&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=5300&cv=20221204-5-RELEASE<=deflated&pct=1
185.106.33.48204 No Content 0 B URL HTTP/2 il-trc-events.taboola.com/forumotion-ar/log/2/debug?tim=21%3A01%3A03.400&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=5300&cv=20221204-5-RELEASE<=deflated&pct=1
IP 185.106.33.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /forumotion-ar/log/2/debug?tim=21%3A01%3A03.400&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=5300&cv=20221204-5-RELEASE<=deflated&pct=1 HTTP/1.1
Host: il-trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://giveyoumylife.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Sun, 04 Dec 2022 21:01:06 GMT
x-fastly-to-nlb-rtt: 79132
access-control-allow-credentials: true
X-Firefox-Spdy: h2
am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V7RqYCFgNzScacbddwDARzScacbddwDAUAAAAGBuIHJDNcjTyrzWCtWyyMa9FoNXELB8OFW7Qw7Aaz2Wq4mdmGQDLD1ciz2gzWusXCuBaNVhO3cDBcuEULw24wm62Gm5ltChE3GQ6fg4Go6Hpb7A6n2fMGFTSdDp_rXq9z2l7Ov-vtPDttLrvy7_fNNX63X_RYDAZr0d_w9NgBAAAA4OH___8fAgAAACACAAAAQAIAAACAIqDi30LgAgAAAADj____XwPgk4PgPWe_PwAAAABAAAAAAEgABlYDSgA-zldO_v________9jBugzb2T-____bwx6AB58AB6EAAAALoZYrA3aVUtw_IkKOIsYAQAAAGxpqWgeTeqEyqLq__-_3wrgCgAggNA7_kg7S3dQ4i0MAAAgYGyBHha_3-ywa_xul_3_________m_2f_aMJvY1epwWxjF6r_QICAKz9AgIAsKkbAMBbAFzQEbRiMFidQuyGs8VuNNuMZgcAAABw9____68HQovZbLZbjUy-jXOwnDlntolzN1uOHJbBYLKyzbx3DIvIl-7EqNUXcZPh8DkYiIqut8XucJo996NoyXK33K1Gk8VotFxudsPNaLC_gRisBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBipaslsvlarNZrXajxWywWQ43G6Ro1Wo22gyGq9lkttuthoPhcjRCipYsd8vdajRZjEbL5WY33IwGQ4QJ52o1nG0ca8nGtlyLdpuRW7gbDNey1WTjXJhGq5HJ5Ra9PqaHcbYcLBZbFAzg2IvkaZFOFCOHcTRczFYr52LkG60Ws5FtsXAuRzbLxDIzuSxiieZkkU5kl31pMZvNdquRybdxDpYz58w2ce5my5HDMhhMVraZv-FcrYazjWMt2diWa9FuM3ILd4PhWraabJwL02g1MrncotfH9DDOloPFYt-Y7QaL4W42W-0bs91gMdzNZqt9h87wXX3ORmdwPPGoJNrwULOzOQwKl8Hi_X0u0ma0cTOqtGGLRXUt7lwTq04bOxk7B7NB4RteE8PfT_28drO3g9hgUMQSwUU6kfktr7ff9PTb3QrLRSxRmi7SiV70WAwGa9Hf8PRYxBLB6SKdiF7G00X9R4ZczJWDuWgyV6xGqwQAAAAAAAAAsIQ58yYAAAAAp4GMBpvhap0HMlgOdsvVcgEgnL10f_B458UiC-N3z3l__CGaRb-KGz9uML_l9fabnn67W2G5MsADNTnz5s8EsVarZQ0AACCADQAAEMCtm7cAbCb-____Pw4AAEBGjh4AAEB8HwjqWKEHbvQa!&cmcv=&pix=31589837&cb=1670187663757&uv=3245&tms=1670187663757&abt=mprdctdt6_vA!nrlc_vB!ntvc_vB!smbs!ufm&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1670187660394!ts:1670187663757&mntl=1
141.226.228.48200 OK 0 B URL HTTP/2 am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V7RqYCFgNzScacbddwDARzScacbddwDAUAAAAGBuIHJDNcjTyrzWCtWyyMa9FoNXELB8OFW7Qw7Aaz2Wq4mdmGQDLD1ciz2gzWusXCuBaNVhO3cDBcuEULw24wm62Gm5ltChE3GQ6fg4Go6Hpb7A6n2fMGFTSdDp_rXq9z2l7Ov-vtPDttLrvy7_fNNX63X_RYDAZr0d_w9NgBAAAA4OH___8fAgAAACACAAAAQAIAAACAIqDi30LgAgAAAADj____XwPgk4PgPWe_PwAAAABAAAAAAEgABlYDSgA-zldO_v________9jBugzb2T-____bwx6AB58AB6EAAAALoZYrA3aVUtw_IkKOIsYAQAAAGxpqWgeTeqEyqLq__-_3wrgCgAggNA7_kg7S3dQ4i0MAAAgYGyBHha_3-ywa_xul_3_________m_2f_aMJvY1epwWxjF6r_QICAKz9AgIAsKkbAMBbAFzQEbRiMFidQuyGs8VuNNuMZgcAAABw9____68HQovZbLZbjUy-jXOwnDlntolzN1uOHJbBYLKyzbx3DIvIl-7EqNUXcZPh8DkYiIqut8XucJo996NoyXK33K1Gk8VotFxudsPNaLC_gRisBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBipaslsvlarNZrXajxWywWQ43G6Ro1Wo22gyGq9lkttuthoPhcjRCipYsd8vdajRZjEbL5WY33IwGQ4QJ52o1nG0ca8nGtlyLdpuRW7gbDNey1WTjXJhGq5HJ5Ra9PqaHcbYcLBZbFAzg2IvkaZFOFCOHcTRczFYr52LkG60Ws5FtsXAuRzbLxDIzuSxiieZkkU5kl31pMZvNdquRybdxDpYz58w2ce5my5HDMhhMVraZv-FcrYazjWMt2diWa9FuM3ILd4PhWraabJwL02g1MrncotfH9DDOloPFYt-Y7QaL4W42W-0bs91gMdzNZqt9h87wXX3ORmdwPPGoJNrwULOzOQwKl8Hi_X0u0ma0cTOqtGGLRXUt7lwTq04bOxk7B7NB4RteE8PfT_28drO3g9hgUMQSwUU6kfktr7ff9PTb3QrLRSxRmi7SiV70WAwGa9Hf8PRYxBLB6SKdiF7G00X9R4ZczJWDuWgyV6xGqwQAAAAAAAAAsIQ58yYAAAAAp4GMBpvhap0HMlgOdsvVcgEgnL10f_B458UiC-N3z3l__CGaRb-KGz9uML_l9fabnn67W2G5MsADNTnz5s8EsVarZQ0AACCADQAAEMCtm7cAbCb-____Pw4AAEBGjh4AAEB8HwjqWKEHbvQa!&cmcv=&pix=31589837&cb=1670187663757&uv=3245&tms=1670187663757&abt=mprdctdt6_vA!nrlc_vB!ntvc_vB!smbs!ufm&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1670187660394!ts:1670187663757&mntl=1
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V7RqYCFgNzScacbddwDARzScacbddwDAUAAAAGBuIHJDNcjTyrzWCtWyyMa9FoNXELB8OFW7Qw7Aaz2Wq4mdmGQDLD1ciz2gzWusXCuBaNVhO3cDBcuEULw24wm62Gm5ltChE3GQ6fg4Go6Hpb7A6n2fMGFTSdDp_rXq9z2l7Ov-vtPDttLrvy7_fNNX63X_RYDAZr0d_w9NgBAAAA4OH___8fAgAAACACAAAAQAIAAACAIqDi30LgAgAAAADj____XwPgk4PgPWe_PwAAAABAAAAAAEgABlYDSgA-zldO_v________9jBugzb2T-____bwx6AB58AB6EAAAALoZYrA3aVUtw_IkKOIsYAQAAAGxpqWgeTeqEyqLq__-_3wrgCgAggNA7_kg7S3dQ4i0MAAAgYGyBHha_3-ywa_xul_3_________m_2f_aMJvY1epwWxjF6r_QICAKz9AgIAsKkbAMBbAFzQEbRiMFidQuyGs8VuNNuMZgcAAABw9____68HQovZbLZbjUy-jXOwnDlntolzN1uOHJbBYLKyzbx3DIvIl-7EqNUXcZPh8DkYiIqut8XucJo996NoyXK33K1Gk8VotFxudsPNaLC_gRisBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBipaslsvlarNZrXajxWywWQ43G6Ro1Wo22gyGq9lkttuthoPhcjRCipYsd8vdajRZjEbL5WY33IwGQ4QJ52o1nG0ca8nGtlyLdpuRW7gbDNey1WTjXJhGq5HJ5Ra9PqaHcbYcLBZbFAzg2IvkaZFOFCOHcTRczFYr52LkG60Ws5FtsXAuRzbLxDIzuSxiieZkkU5kl31pMZvNdquRybdxDpYz58w2ce5my5HDMhhMVraZv-FcrYazjWMt2diWa9FuM3ILd4PhWraabJwL02g1MrncotfH9DDOloPFYt-Y7QaL4W42W-0bs91gMdzNZqt9h87wXX3ORmdwPPGoJNrwULOzOQwKl8Hi_X0u0ma0cTOqtGGLRXUt7lwTq04bOxk7B7NB4RteE8PfT_28drO3g9hgUMQSwUU6kfktr7ff9PTb3QrLRSxRmi7SiV70WAwGa9Hf8PRYxBLB6SKdiF7G00X9R4ZczJWDuWgyV6xGqwQAAAAAAAAAsIQ58yYAAAAAp4GMBpvhap0HMlgOdsvVcgEgnL10f_B458UiC-N3z3l__CGaRb-KGz9uML_l9fabnn67W2G5MsADNTnz5s8EsVarZQ0AACCADQAAEMCtm7cAbCb-____Pw4AAEBGjh4AAEB8HwjqWKEHbvQa!&cmcv=&pix=31589837&cb=1670187663757&uv=3245&tms=1670187663757&abt=mprdctdt6_vA!nrlc_vB!ntvc_vB!smbs!ufm&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1670187660394!ts:1670187663757&mntl=1 HTTP/1.1
Host: am-vid-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://giveyoumylife.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 21:01:06 GMT
content-length: 0
X-Firefox-Spdy: h2
vidstat.taboola.com/vpaid/units/32_4_5/infra/cmTagWIDGET_ITEM.js
151.101.129.44200 OK 128 kB URL HTTP/2 vidstat.taboola.com/vpaid/units/32_4_5/infra/cmTagWIDGET_ITEM.js
IP 151.101.129.44:0
File type Unicode text, UTF-8 text, with very long lines (65489), with no line terminators
Size 128 kB (127788 bytes)
Hash 2b361da912acc8f13f4f1b545047025f
af3a70c02bb88e27a151e8edf4a93931ace2aced
7f44e7dee5fbeb1334cdcb6b06d37dbf74a5ce2c65d4494843a2dabd98f2ef1b
GET /vpaid/units/32_4_5/infra/cmTagWIDGET_ITEM.js HTTP/1.1
Host: vidstat.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://giveyoumylife.yoo7.com
Connection: keep-alive
Referer: https://giveyoumylife.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: NxcjemMMJRUsCExBkB2iiVRl9DgwLdtVaii0IcyucefSWzHY1Wd9p4I32adBzeHQ7741KdCnChI=
x-amz-request-id: 89SJXSQ72NB1B3KT
last-modified: Mon, 28 Nov 2022 10:06:56 GMT
etag: "2b361da912acc8f13f4f1b545047025f"
x-amz-meta-ctime: 1669630015
x-amz-meta-mode: 33188
x-amz-meta-gid: 0
x-amz-meta-uid: 0
x-amz-meta-mtime: 1669630014
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
date: Sun, 04 Dec 2022 21:01:06 GMT
via: 1.1 varnish
age: 557507
x-served-by: cache-bma1673-BMA
x-cache: HIT
x-cache-hits: 65674
x-timer: S1670187666.439376,VS0,VE0
vary: Accept-Encoding
server: AmazonS3-br
content-encoding: br
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
content-length: 127788
X-Firefox-Spdy: h2
wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=728&height=409&pubid=169497&tagid=953497&crid=-1&noaop=5&sortOrderType=0&cb=1670187663790&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1488&pt=631374882&tz=0&viewable=true&ddast=V7RqYCFgNzScacbddwDARzScacbddwDAUAAAAGBuIHJDNcjTyrzWCtWyyMa9FoNXELB8OFW7Qw7Aaz2Wq4mdmGQDLD1ciz2gzWusXCuBaNVhO3cDBcuEULw24wm62Gm5ltChE3GQ6fg4Go6Hpb7A6n2fMGFTSdDp_rXq9z2l7Ov-vtPDttLrvy7_fNNX63X_RYDAZr0d_w9NgBAAAA4OH___8fAgAAACACAAAAQAIAAACAIqDi30LgAgAAAADj____XwPgk4PgPWe_PwAAAABAAAAAAEgABlYDSgA-zldO_v________9jBugzb2T-____bwx6AB58AB6EAAAALoZYrA3aVUtw_IkKOIsYAQAAAGxpqWgeTeqEyqLq__-_3wrgCgAggNA7_kg7S3dQ4i0MAAAgYGyBHha_3-ywa_xul_3_________m_2f_aMJvY1epwWxjF6r_QICAKz9AgIAsKkbAMBbAFzQEbRiMFidQuyGs8VuNNuMZgcAAABw9____68HQovZbLZbjUy-jXOwnDlntolzN1uOHJbBYLKyzbx3DIvIl-7EqNUXcZPh8DkYiIqut8XucJo996NoyXK33K1Gk8VotFxudsPNaLC_gRisBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBipaslsvlarNZrXajxWywWQ43G6Ro1Wo22gyGq9lkttuthoPhcjRCipYsd8vdajRZjEbL5WY33IwGQ4QJ52o1nG0ca8nGtlyLdpuRW7gbDNey1WTjXJhGq5HJ5Ra9PqaHcbYcLBZbFAzg2IvkaZFOFCOHcTRczFYr52LkG60Ws5FtsXAuRzbLxDIzuSxiieZkkU5kl31pMZvNdquRybdxDpYz58w2ce5my5HDMhhMVraZv-FcrYazjWMt2diWa9FuM3ILd4PhWraabJwL02g1MrncotfH9DDOloPFYt-Y7QaL4W42W-0bs91gMdzNZqt9h87wXX3ORmdwPPGoJNrwULOzOQwKl8Hi_X0u0ma0cTOqtGGLRXUt7lwTq04bOxk7B7NB4RteE8PfT_28drO3g9hgUMQSwUU6kfktr7ff9PTb3QrLRSxRmi7SiV70WAwGa9Hf8PRYxBLB6SKdiF7G00X9R4ZczJWDuWgyV6xGqwQAAAAAAAAAsIQ58yYAAAAAp4GMBpvhap0HMlgOdsvVcgEgnL10f_B458UiC-N3z3l__CGaRb-KGz9uML_l9fabnn67W2G5MsADNTnz5s8EsVarZQ0AACCADQAAEMCtm7cAbCb-____Pw4AAEBGjh4AAEB8HwjqWKEHbvQa!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=mprdctdt6_vA!nrlc_vB!ntvc_vB!smbs!ufm&mPre=0.025&cirf=https%3A%2F%2Fgiveyoumylife.yoo7.com&en=1
151.101.129.44200 OK 8.8 kB URL HTTP/2 wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=728&height=409&pubid=169497&tagid=953497&crid=-1&noaop=5&sortOrderType=0&cb=1670187663790&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1488&pt=631374882&tz=0&viewable=true&ddast=V7RqYCFgNzScacbddwDARzScacbddwDAUAAAAGBuIHJDNcjTyrzWCtWyyMa9FoNXELB8OFW7Qw7Aaz2Wq4mdmGQDLD1ciz2gzWusXCuBaNVhO3cDBcuEULw24wm62Gm5ltChE3GQ6fg4Go6Hpb7A6n2fMGFTSdDp_rXq9z2l7Ov-vtPDttLrvy7_fNNX63X_RYDAZr0d_w9NgBAAAA4OH___8fAgAAACACAAAAQAIAAACAIqDi30LgAgAAAADj____XwPgk4PgPWe_PwAAAABAAAAAAEgABlYDSgA-zldO_v________9jBugzb2T-____bwx6AB58AB6EAAAALoZYrA3aVUtw_IkKOIsYAQAAAGxpqWgeTeqEyqLq__-_3wrgCgAggNA7_kg7S3dQ4i0MAAAgYGyBHha_3-ywa_xul_3_________m_2f_aMJvY1epwWxjF6r_QICAKz9AgIAsKkbAMBbAFzQEbRiMFidQuyGs8VuNNuMZgcAAABw9____68HQovZbLZbjUy-jXOwnDlntolzN1uOHJbBYLKyzbx3DIvIl-7EqNUXcZPh8DkYiIqut8XucJo996NoyXK33K1Gk8VotFxudsPNaLC_gRisBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBipaslsvlarNZrXajxWywWQ43G6Ro1Wo22gyGq9lkttuthoPhcjRCipYsd8vdajRZjEbL5WY33IwGQ4QJ52o1nG0ca8nGtlyLdpuRW7gbDNey1WTjXJhGq5HJ5Ra9PqaHcbYcLBZbFAzg2IvkaZFOFCOHcTRczFYr52LkG60Ws5FtsXAuRzbLxDIzuSxiieZkkU5kl31pMZvNdquRybdxDpYz58w2ce5my5HDMhhMVraZv-FcrYazjWMt2diWa9FuM3ILd4PhWraabJwL02g1MrncotfH9DDOloPFYt-Y7QaL4W42W-0bs91gMdzNZqt9h87wXX3ORmdwPPGoJNrwULOzOQwKl8Hi_X0u0ma0cTOqtGGLRXUt7lwTq04bOxk7B7NB4RteE8PfT_28drO3g9hgUMQSwUU6kfktr7ff9PTb3QrLRSxRmi7SiV70WAwGa9Hf8PRYxBLB6SKdiF7G00X9R4ZczJWDuWgyV6xGqwQAAAAAAAAAsIQ58yYAAAAAp4GMBpvhap0HMlgOdsvVcgEgnL10f_B458UiC-N3z3l__CGaRb-KGz9uML_l9fabnn67W2G5MsADNTnz5s8EsVarZQ0AACCADQAAEMCtm7cAbCb-____Pw4AAEBGjh4AAEB8HwjqWKEHbvQa!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=mprdctdt6_vA!nrlc_vB!ntvc_vB!smbs!ufm&mPre=0.025&cirf=https%3A%2F%2Fgiveyoumylife.yoo7.com&en=1
IP 151.101.129.44:0
Hash baa2494b2479416f1f0548d66d4a0abd
7223dcb146435fb4793c81defb1f36020eb03995
93da03f0f4385602d63672a9e51a893e0950b450b1737c826543b8ff6e38128c
POST /VideoBidRequestHandlerServlet?oid=15&width=728&height=409&pubid=169497&tagid=953497&crid=-1&noaop=5&sortOrderType=0&cb=1670187663790&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1488&pt=631374882&tz=0&viewable=true&ddast=V7RqYCFgNzScacbddwDARzScacbddwDAUAAAAGBuIHJDNcjTyrzWCtWyyMa9FoNXELB8OFW7Qw7Aaz2Wq4mdmGQDLD1ciz2gzWusXCuBaNVhO3cDBcuEULw24wm62Gm5ltChE3GQ6fg4Go6Hpb7A6n2fMGFTSdDp_rXq9z2l7Ov-vtPDttLrvy7_fNNX63X_RYDAZr0d_w9NgBAAAA4OH___8fAgAAACACAAAAQAIAAACAIqDi30LgAgAAAADj____XwPgk4PgPWe_PwAAAABAAAAAAEgABlYDSgA-zldO_v________9jBugzb2T-____bwx6AB58AB6EAAAALoZYrA3aVUtw_IkKOIsYAQAAAGxpqWgeTeqEyqLq__-_3wrgCgAggNA7_kg7S3dQ4i0MAAAgYGyBHha_3-ywa_xul_3_________m_2f_aMJvY1epwWxjF6r_QICAKz9AgIAsKkbAMBbAFzQEbRiMFidQuyGs8VuNNuMZgcAAABw9____68HQovZbLZbjUy-jXOwnDlntolzN1uOHJbBYLKyzbx3DIvIl-7EqNUXcZPh8DkYiIqut8XucJo996NoyXK33K1Gk8VotFxudsPNaLC_gRisBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBipaslsvlarNZrXajxWywWQ43G6Ro1Wo22gyGq9lkttuthoPhcjRCipYsd8vdajRZjEbL5WY33IwGQ4QJ52o1nG0ca8nGtlyLdpuRW7gbDNey1WTjXJhGq5HJ5Ra9PqaHcbYcLBZbFAzg2IvkaZFOFCOHcTRczFYr52LkG60Ws5FtsXAuRzbLxDIzuSxiieZkkU5kl31pMZvNdquRybdxDpYz58w2ce5my5HDMhhMVraZv-FcrYazjWMt2diWa9FuM3ILd4PhWraabJwL02g1MrncotfH9DDOloPFYt-Y7QaL4W42W-0bs91gMdzNZqt9h87wXX3ORmdwPPGoJNrwULOzOQwKl8Hi_X0u0ma0cTOqtGGLRXUt7lwTq04bOxk7B7NB4RteE8PfT_28drO3g9hgUMQSwUU6kfktr7ff9PTb3QrLRSxRmi7SiV70WAwGa9Hf8PRYxBLB6SKdiF7G00X9R4ZczJWDuWgyV6xGqwQAAAAAAAAAsIQ58yYAAAAAp4GMBpvhap0HMlgOdsvVcgEgnL10f_B458UiC-N3z3l__CGaRb-KGz9uML_l9fabnn67W2G5MsADNTnz5s8EsVarZQ0AACCADQAAEMCtm7cAbCb-____Pw4AAEBGjh4AAEB8HwjqWKEHbvQa!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=mprdctdt6_vA!nrlc_vB!ntvc_vB!smbs!ufm&mPre=0.025&cirf=https%3A%2F%2Fgiveyoumylife.yoo7.com&en=1 HTTP/1.1
Host: wf.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Content-Length: 133
Origin: https://giveyoumylife.yoo7.com
Connection: keep-alive
Referer: https://giveyoumylife.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/json;charset=utf-8
machineid: 1448
pragma: no-cache
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: https://giveyoumylife.yoo7.com
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Sun, 04 Dec 2022 21:01:06 GMT
via: 1.1 varnish
x-served-by: cache-bma1673-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1670187666.268358,VS0,VE71
vary: Accept-Encoding
X-Firefox-Spdy: h2
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5de61369c0082229e4b697abe5fed620
76fff06483173541f116a7bf8814544280562b62
ff438b449b60fc11f3388522f8b499aedf7085da643639d3cbeac1d5c6d7d27a
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1248
Cache-Control: max-age=99162
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 21:01:06 GMT
Etag: "638be60c-1d7"
Expires: Tue, 06 Dec 2022 00:33:49 GMT
Last-Modified: Sun, 04 Dec 2022 00:13:00 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7RqYCFgNzScacbddwDARzScacbddwDAUAAAAGBuIHJDNcjTyrzWCtWyyMa9FoNXELB8OFW7Qw7Aaz2Wq4mdmGQDLD1ciz2gzWusXCuBaNVhO3cDBcuEULw24wm62Gm5ltChE3GQ6fg4Go6Hpb7A6n2fMGFTSdDp_rXq9z2l7Ov-vtPDttLrvy7_fNNX63X_RYDAZr0d_w9NgBAAAA4OH___8fAgAAACACAAAAQAIAAACAIqDi30LgAgAAAADj____XwPgk4PgPWe_PwAAAABAAAAAAEgABlYDSgA-zldO_v________9jBugzb2T-____bwx6AB58AB6EAAAALoZYrA3aVUtw_IkKOIsYAQAAAGxpqWgeTeqEyqLq__-_3wrgCgAggNA7_kg7S3dQ4i0MAAAgYGyBHha_3-ywa_xul_3_________m_2f_aMJvY1epwWxjF6r_QICAKz9AgIAsKkbAMBbAFzQEbRiMFidQuyGs8VuNNuMZgcAAABw9____68HQovZbLZbjUy-jXOwnDlntolzN1uOHJbBYLKyzbx3DIvIl-7EqNUXcZPh8DkYiIqut8XucJo996NoyXK33K1Gk8VotFxudsPNaLC_gRisBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBipaslsvlarNZrXajxWywWQ43G6Ro1Wo22gyGq9lkttuthoPhcjRCipYsd8vdajRZjEbL5WY33IwGQ4QJ52o1nG0ca8nGtlyLdpuRW7gbDNey1WTjXJhGq5HJ5Ra9PqaHcbYcLBZbFAzg2IvkaZFOFCOHcTRczFYr52LkG60Ws5FtsXAuRzbLxDIzuSxiieZkkU5kl31pMZvNdquRybdxDpYz58w2ce5my5HDMhhMVraZv-FcrYazjWMt2diWa9FuM3ILd4PhWraabJwL02g1MrncotfH9DDOloPFYt-Y7QaL4W42W-0bs91gMdzNZqt9h87wXX3ORmdwPPGoJNrwULOzOQwKl8Hi_X0u0ma0cTOqtGGLRXUt7lwTq04bOxk7B7NB4RteE8PfT_28drO3g9hgUMQSwUU6kfktr7ff9PTb3QrLRSxRmi7SiV70WAwGa9Hf8PRYxBLB6SKdiF7G00X9R4ZczJWDuWgyV6xGqwQAAAAAAAAAsIQ58yYAAAAAp4GMBpvhap0HMlgOdsvVcgEgnL10f_B458UiC-N3z3l__CGaRb-KGz9uML_l9fabnn67W2G5MsADNTnz5s8EsVarZQ0AACCADQAAEMCtm7cAbCb-____Pw4AAEBGjh4AAEB8HwjqWKEHbvQa!&cmcv=&pix=undefined&cb=1670187663760&uv=3245&tms=1670187663760&abt=mprdctdt6_vA!nrlc_vB!ntvc_vB!smbs!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=385d3530-71a8-445b-808a-4a07066583f6&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
151.101.129.44200 OK 396 B URL HTTP/2 imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7RqYCFgNzScacbddwDARzScacbddwDAUAAAAGBuIHJDNcjTyrzWCtWyyMa9FoNXELB8OFW7Qw7Aaz2Wq4mdmGQDLD1ciz2gzWusXCuBaNVhO3cDBcuEULw24wm62Gm5ltChE3GQ6fg4Go6Hpb7A6n2fMGFTSdDp_rXq9z2l7Ov-vtPDttLrvy7_fNNX63X_RYDAZr0d_w9NgBAAAA4OH___8fAgAAACACAAAAQAIAAACAIqDi30LgAgAAAADj____XwPgk4PgPWe_PwAAAABAAAAAAEgABlYDSgA-zldO_v________9jBugzb2T-____bwx6AB58AB6EAAAALoZYrA3aVUtw_IkKOIsYAQAAAGxpqWgeTeqEyqLq__-_3wrgCgAggNA7_kg7S3dQ4i0MAAAgYGyBHha_3-ywa_xul_3_________m_2f_aMJvY1epwWxjF6r_QICAKz9AgIAsKkbAMBbAFzQEbRiMFidQuyGs8VuNNuMZgcAAABw9____68HQovZbLZbjUy-jXOwnDlntolzN1uOHJbBYLKyzbx3DIvIl-7EqNUXcZPh8DkYiIqut8XucJo996NoyXK33K1Gk8VotFxudsPNaLC_gRisBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBipaslsvlarNZrXajxWywWQ43G6Ro1Wo22gyGq9lkttuthoPhcjRCipYsd8vdajRZjEbL5WY33IwGQ4QJ52o1nG0ca8nGtlyLdpuRW7gbDNey1WTjXJhGq5HJ5Ra9PqaHcbYcLBZbFAzg2IvkaZFOFCOHcTRczFYr52LkG60Ws5FtsXAuRzbLxDIzuSxiieZkkU5kl31pMZvNdquRybdxDpYz58w2ce5my5HDMhhMVraZv-FcrYazjWMt2diWa9FuM3ILd4PhWraabJwL02g1MrncotfH9DDOloPFYt-Y7QaL4W42W-0bs91gMdzNZqt9h87wXX3ORmdwPPGoJNrwULOzOQwKl8Hi_X0u0ma0cTOqtGGLRXUt7lwTq04bOxk7B7NB4RteE8PfT_28drO3g9hgUMQSwUU6kfktr7ff9PTb3QrLRSxRmi7SiV70WAwGa9Hf8PRYxBLB6SKdiF7G00X9R4ZczJWDuWgyV6xGqwQAAAAAAAAAsIQ58yYAAAAAp4GMBpvhap0HMlgOdsvVcgEgnL10f_B458UiC-N3z3l__CGaRb-KGz9uML_l9fabnn67W2G5MsADNTnz5s8EsVarZQ0AACCADQAAEMCtm7cAbCb-____Pw4AAEBGjh4AAEB8HwjqWKEHbvQa!&cmcv=&pix=undefined&cb=1670187663760&uv=3245&tms=1670187663760&abt=mprdctdt6_vA!nrlc_vB!ntvc_vB!smbs!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=385d3530-71a8-445b-808a-4a07066583f6&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
IP 151.101.129.44:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (742), with no line terminators
Hash 34f8e664908d9f895cee397a7ab837e9
453cfabbfd8144dd796710a154a85014a6ef8a8e
af3a81d11face1cb627ff2d19ea26f7103b4bc011ce59decf9883b0dba975438
GET /st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7RqYCFgNzScacbddwDARzScacbddwDAUAAAAGBuIHJDNcjTyrzWCtWyyMa9FoNXELB8OFW7Qw7Aaz2Wq4mdmGQDLD1ciz2gzWusXCuBaNVhO3cDBcuEULw24wm62Gm5ltChE3GQ6fg4Go6Hpb7A6n2fMGFTSdDp_rXq9z2l7Ov-vtPDttLrvy7_fNNX63X_RYDAZr0d_w9NgBAAAA4OH___8fAgAAACACAAAAQAIAAACAIqDi30LgAgAAAADj____XwPgk4PgPWe_PwAAAABAAAAAAEgABlYDSgA-zldO_v________9jBugzb2T-____bwx6AB58AB6EAAAALoZYrA3aVUtw_IkKOIsYAQAAAGxpqWgeTeqEyqLq__-_3wrgCgAggNA7_kg7S3dQ4i0MAAAgYGyBHha_3-ywa_xul_3_________m_2f_aMJvY1epwWxjF6r_QICAKz9AgIAsKkbAMBbAFzQEbRiMFidQuyGs8VuNNuMZgcAAABw9____68HQovZbLZbjUy-jXOwnDlntolzN1uOHJbBYLKyzbx3DIvIl-7EqNUXcZPh8DkYiIqut8XucJo996NoyXK33K1Gk8VotFxudsPNaLC_gRisBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBipaslsvlarNZrXajxWywWQ43G6Ro1Wo22gyGq9lkttuthoPhcjRCipYsd8vdajRZjEbL5WY33IwGQ4QJ52o1nG0ca8nGtlyLdpuRW7gbDNey1WTjXJhGq5HJ5Ra9PqaHcbYcLBZbFAzg2IvkaZFOFCOHcTRczFYr52LkG60Ws5FtsXAuRzbLxDIzuSxiieZkkU5kl31pMZvNdquRybdxDpYz58w2ce5my5HDMhhMVraZv-FcrYazjWMt2diWa9FuM3ILd4PhWraabJwL02g1MrncotfH9DDOloPFYt-Y7QaL4W42W-0bs91gMdzNZqt9h87wXX3ORmdwPPGoJNrwULOzOQwKl8Hi_X0u0ma0cTOqtGGLRXUt7lwTq04bOxk7B7NB4RteE8PfT_28drO3g9hgUMQSwUU6kfktr7ff9PTb3QrLRSxRmi7SiV70WAwGa9Hf8PRYxBLB6SKdiF7G00X9R4ZczJWDuWgyV6xGqwQAAAAAAAAAsIQ58yYAAAAAp4GMBpvhap0HMlgOdsvVcgEgnL10f_B458UiC-N3z3l__CGaRb-KGz9uML_l9fabnn67W2G5MsADNTnz5s8EsVarZQ0AACCADQAAEMCtm7cAbCb-____Pw4AAEBGjh4AAEB8HwjqWKEHbvQa!&cmcv=&pix=undefined&cb=1670187663760&uv=3245&tms=1670187663760&abt=mprdctdt6_vA!nrlc_vB!ntvc_vB!smbs!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=385d3530-71a8-445b-808a-4a07066583f6&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1 HTTP/1.1
Host: imprammp.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://giveyoumylife.yoo7.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: text/html;charset=ISO-8859-1
content-encoding: gzip
accept-ranges: bytes
date: Sun, 04 Dec 2022 21:01:06 GMT
via: 1.1 varnish
x-served-by: cache-bma1673-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1670187666.220459,VS0,VE24
vary: Accept-Encoding
X-Firefox-Spdy: h2
am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7C84CFgNzScacbddwDARzScacbddwDAUAAAAGBuIHJDOauWaLyWyt8c1MbtFsMnErZ76JW2SxWIyL1WS0mQyHQDIri2222JjcspHJ5RatbBu3crGxrUWulWdj3Cxnq8VkCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeooOl0-Fz3ep3T9nL-XW_n2Wlz2ZV_v2-u8bv9osdiMFiL_oanxw4AAAAADwBWb5kQP4AAABEAAAAAEgAAAAAUARX_FgIXAAAAABgABiQXGgCfHATvOfv9AQDQsAUCACCAQQIwsBpQAvBxvnICAAAAAAAAAMDy____HwOwhzUmAzCyv9MD8OAD8EBUoFrECAAAAGBLS0XzaFInVBZVAAAE6VYAVwAAAYTe8Uo-YQAAAAFjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTeht9DotiGX0Wu0XEABg7RcQAIBN3QAA3gLggo6gFYPB6hRiN5wtdqPZZjQ7AAAAgLv___9_PRBazGaz3Wpk8m2cg-XMObNNnLvZcuSwDAaTlW3mvWNYRL50J0atPg9hmf2-g4jl-Zr-hoOMb3m9DaKi622xO5xmz_0oWrLcLXer0WQxGi2Xm91wMxrsbyAGqwFOxGC5nEwWk91qtBpthrvRbLBAgRhMkKIlq-VyudpsVqvdaDEbbJbDzQYpWrWajTaD4Wo2me12q-FguByNkKIly91ytxpNFqPRcrnZDTejwRBhwrlaDWcbx1qysS3Xot1m5BbuBsO1bDXZOBem0WpkcrlFr4_pYZwtB4vFFgUDOPYiuEgnMr_l9fabnn67W2G5iCWak0U6kV32pcVsNtutRibfxjlYzpwz28S5my1HDstgMFnZZv6Gc7UazjaOtWRjW65Fu83ILdwNhmvZarJxLkyj1cjkcoteH9PDOFsOFot9Y7YbLIa72Wy1b8x2g8VwN5ut9h06w3f1ORudwfHEo5Jow0PNzuYwKFwGi_f3uUib0cbNqNKGLRbVtbhzTaw6bexk7BzMBoVveE0Mfz_189rN3g5ig0ERSwSni3QiehlPF7FE8rRIJyrjYuNaWSajick28e1mJstms1zsdhvjyDWcWEYWsURpukgnetFjMRisRX_D02NR_5EhF3PlYC6azBWr0SoBAAAAAAAAACxhzrwJAAAAwGkgo8FmuFouAISzl-4PHu-8WGRh_O45748_RLPoV3Hjxw3mt7zeftPTb3crLFcGeKAmZ97smSDWarWsAQAABLABAAACuHXzFoDNyO0DPVHqhR-5UgA!&cmcv=&pix=31589837&cb=1670187664329&uv=3245&tms=1670187664329&abt=mprdctdt6_vA!nrlc_vB!ntvc_vB!smbs!ufm&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1670187660394!ts:1670187664329&mntl=1
141.226.228.48200 OK 0 B URL HTTP/2 am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7C84CFgNzScacbddwDARzScacbddwDAUAAAAGBuIHJDOauWaLyWyt8c1MbtFsMnErZ76JW2SxWIyL1WS0mQyHQDIri2222JjcspHJ5RatbBu3crGxrUWulWdj3Cxnq8VkCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeooOl0-Fz3ep3T9nL-XW_n2Wlz2ZV_v2-u8bv9osdiMFiL_oanxw4AAAAADwBWb5kQP4AAABEAAAAAEgAAAAAUARX_FgIXAAAAABgABiQXGgCfHATvOfv9AQDQsAUCACCAQQIwsBpQAvBxvnICAAAAAAAAAMDy____HwOwhzUmAzCyv9MD8OAD8EBUoFrECAAAAGBLS0XzaFInVBZVAAAE6VYAVwAAAYTe8Uo-YQAAAAFjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTeht9DotiGX0Wu0XEABg7RcQAIBN3QAA3gLggo6gFYPB6hRiN5wtdqPZZjQ7AAAAgLv___9_PRBazGaz3Wpk8m2cg-XMObNNnLvZcuSwDAaTlW3mvWNYRL50J0atPg9hmf2-g4jl-Zr-hoOMb3m9DaKi622xO5xmz_0oWrLcLXer0WQxGi2Xm91wMxrsbyAGqwFOxGC5nEwWk91qtBpthrvRbLBAgRhMkKIlq-VyudpsVqvdaDEbbJbDzQYpWrWajTaD4Wo2me12q-FguByNkKIly91ytxpNFqPRcrnZDTejwRBhwrlaDWcbx1qysS3Xot1m5BbuBsO1bDXZOBem0WpkcrlFr4_pYZwtB4vFFgUDOPYiuEgnMr_l9fabnn67W2G5iCWak0U6kV32pcVsNtutRibfxjlYzpwz28S5my1HDstgMFnZZv6Gc7UazjaOtWRjW65Fu83ILdwNhmvZarJxLkyj1cjkcoteH9PDOFsOFot9Y7YbLIa72Wy1b8x2g8VwN5ut9h06w3f1ORudwfHEo5Jow0PNzuYwKFwGi_f3uUib0cbNqNKGLRbVtbhzTaw6bexk7BzMBoVveE0Mfz_189rN3g5ig0ERSwSni3QiehlPF7FE8rRIJyrjYuNaWSajick28e1mJstms1zsdhvjyDWcWEYWsURpukgnetFjMRisRX_D02NR_5EhF3PlYC6azBWr0SoBAAAAAAAAACxhzrwJAAAAwGkgo8FmuFouAISzl-4PHu-8WGRh_O45748_RLPoV3Hjxw3mt7zeftPTb3crLFcGeKAmZ97smSDWarWsAQAABLABAAACuHXzFoDNyO0DPVHqhR-5UgA!&cmcv=&pix=31589837&cb=1670187664329&uv=3245&tms=1670187664329&abt=mprdctdt6_vA!nrlc_vB!ntvc_vB!smbs!ufm&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1670187660394!ts:1670187664329&mntl=1
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7C84CFgNzScacbddwDARzScacbddwDAUAAAAGBuIHJDOauWaLyWyt8c1MbtFsMnErZ76JW2SxWIyL1WS0mQyHQDIri2222JjcspHJ5RatbBu3crGxrUWulWdj3Cxnq8VkCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeooOl0-Fz3ep3T9nL-XW_n2Wlz2ZV_v2-u8bv9osdiMFiL_oanxw4AAAAADwBWb5kQP4AAABEAAAAAEgAAAAAUARX_FgIXAAAAABgABiQXGgCfHATvOfv9AQDQsAUCACCAQQIwsBpQAvBxvnICAAAAAAAAAMDy____HwOwhzUmAzCyv9MD8OAD8EBUoFrECAAAAGBLS0XzaFInVBZVAAAE6VYAVwAAAYTe8Uo-YQAAAAFjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTeht9DotiGX0Wu0XEABg7RcQAIBN3QAA3gLggo6gFYPB6hRiN5wtdqPZZjQ7AAAAgLv___9_PRBazGaz3Wpk8m2cg-XMObNNnLvZcuSwDAaTlW3mvWNYRL50J0atPg9hmf2-g4jl-Zr-hoOMb3m9DaKi622xO5xmz_0oWrLcLXer0WQxGi2Xm91wMxrsbyAGqwFOxGC5nEwWk91qtBpthrvRbLBAgRhMkKIlq-VyudpsVqvdaDEbbJbDzQYpWrWajTaD4Wo2me12q-FguByNkKIly91ytxpNFqPRcrnZDTejwRBhwrlaDWcbx1qysS3Xot1m5BbuBsO1bDXZOBem0WpkcrlFr4_pYZwtB4vFFgUDOPYiuEgnMr_l9fabnn67W2G5iCWak0U6kV32pcVsNtutRibfxjlYzpwz28S5my1HDstgMFnZZv6Gc7UazjaOtWRjW65Fu83ILdwNhmvZarJxLkyj1cjkcoteH9PDOFsOFot9Y7YbLIa72Wy1b8x2g8VwN5ut9h06w3f1ORudwfHEo5Jow0PNzuYwKFwGi_f3uUib0cbNqNKGLRbVtbhzTaw6bexk7BzMBoVveE0Mfz_189rN3g5ig0ERSwSni3QiehlPF7FE8rRIJyrjYuNaWSajick28e1mJstms1zsdhvjyDWcWEYWsURpukgnetFjMRisRX_D02NR_5EhF3PlYC6azBWr0SoBAAAAAAAAACxhzrwJAAAAwGkgo8FmuFouAISzl-4PHu-8WGRh_O45748_RLPoV3Hjxw3mt7zeftPTb3crLFcGeKAmZ97smSDWarWsAQAABLABAAACuHXzFoDNyO0DPVHqhR-5UgA!&cmcv=&pix=31589837&cb=1670187664329&uv=3245&tms=1670187664329&abt=mprdctdt6_vA!nrlc_vB!ntvc_vB!smbs!ufm&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1670187660394!ts:1670187664329&mntl=1 HTTP/1.1
Host: am-vid-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://giveyoumylife.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 21:01:06 GMT
content-length: 0
X-Firefox-Spdy: h2
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
185.94.180.126302 Found 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
IP 185.94.180.126:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imprammp.taboola.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Sun, 04 Dec 2022 21:01:06 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=c563d19c-7416-11ed-8754-14e583300106; expires=Sun, 01-Jan-2023 21:01:06 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=c563d1ea-7416-11ed-8754-14e583300106
X-fe: 116
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=c55a192f-7416-11ed-ba48-14bc9e680506
185.94.180.126204 No Content 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=c55a192f-7416-11ed-ba48-14bc9e680506
IP 185.94.180.126:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=c55a192f-7416-11ed-ba48-14bc9e680506 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://am-match.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx
Date: Sun, 04 Dec 2022 21:01:06 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=c563e961-7416-11ed-85e4-1f0541440306; expires=Sun, 01-Jan-2023 21:01:06 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 121
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7C84CFgNzScacbddwDARzScacbddwDAUAAAAGBuIHJDOauWaLyWyt8c1MbtFsMnErZ76JW2SxWIyL1WS0mQyHQDIri2222JjcspHJ5RatbBu3crGxrUWulWdj3Cxnq8VkCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeooOl0-Fz3ep3T9nL-XW_n2Wlz2ZV_v2-u8bv9osdiMFiL_oanxw4AAAAADwBWb5kQP4AAABEAAAAAEgAAAAAUARX_FgIXAAAAABgABiQXGgCfHATvOfv9AQDQsAUCACCAQQIwsBpQAvBxvnICAAAAAAAAAMDy____HwOwhzUmAzCyv9MD8OAD8EBUoFrECAAAAGBLS0XzaFInVBZVAAAE6VYAVwAAAYTe8Uo-YQAAAAFjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTeht9DotiGX0Wu0XEABg7RcQAIBN3QAA3gLggo6gFYPB6hRiN5wtdqPZZjQ7AAAAgLv___9_PRBazGaz3Wpk8m2cg-XMObNNnLvZcuSwDAaTlW3mvWNYRL50J0atPg9hmf2-g4jl-Zr-hoOMb3m9DaKi622xO5xmz_0oWrLcLXer0WQxGi2Xm91wMxrsbyAGqwFOxGC5nEwWk91qtBpthrvRbLBAgRhMkKIlq-VyudpsVqvdaDEbbJbDzQYpWrWajTaD4Wo2me12q-FguByNkKIly91ytxpNFqPRcrnZDTejwRBhwrlaDWcbx1qysS3Xot1m5BbuBsO1bDXZOBem0WpkcrlFr4_pYZwtB4vFFgUDOPYiuEgnMr_l9fabnn67W2G5iCWak0U6kV32pcVsNtutRibfxjlYzpwz28S5my1HDstgMFnZZv6Gc7UazjaOtWRjW65Fu83ILdwNhmvZarJxLkyj1cjkcoteH9PDOFsOFot9Y7YbLIa72Wy1b8x2g8VwN5ut9h06w3f1ORudwfHEo5Jow0PNzuYwKFwGi_f3uUib0cbNqNKGLRbVtbhzTaw6bexk7BzMBoVveE0Mfz_189rN3g5ig0ERSwSni3QiehlPF7FE8rRIJyrjYuNaWSajick28e1mJstms1zsdhvjyDWcWEYWsURpukgnetFjMRisRX_D02NR_5EhF3PlYC6azBWr0SoBAAAAAAAAACxhzrwJAAAAwGkgo8FmuFouAISzl-4PHu-8WGRh_O45748_RLPoV3Hjxw3mt7zeftPTb3crLFcGeKAmZ97smSDWarWsAQAABLABAAACuHXzFoDNyO0DPVHqhR-5UgA!&cmcv=&pix=undefined&cb=1670187664330&uv=3245&tms=1670187664330&abt=mprdctdt6_vA!nrlc_vB!ntvc_vB!smbs!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=34f56126-c7fd-462b-9f7b-dbbb81524328&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
151.101.129.44200 OK 446 B URL HTTP/2 imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7C84CFgNzScacbddwDARzScacbddwDAUAAAAGBuIHJDOauWaLyWyt8c1MbtFsMnErZ76JW2SxWIyL1WS0mQyHQDIri2222JjcspHJ5RatbBu3crGxrUWulWdj3Cxnq8VkCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeooOl0-Fz3ep3T9nL-XW_n2Wlz2ZV_v2-u8bv9osdiMFiL_oanxw4AAAAADwBWb5kQP4AAABEAAAAAEgAAAAAUARX_FgIXAAAAABgABiQXGgCfHATvOfv9AQDQsAUCACCAQQIwsBpQAvBxvnICAAAAAAAAAMDy____HwOwhzUmAzCyv9MD8OAD8EBUoFrECAAAAGBLS0XzaFInVBZVAAAE6VYAVwAAAYTe8Uo-YQAAAAFjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTeht9DotiGX0Wu0XEABg7RcQAIBN3QAA3gLggo6gFYPB6hRiN5wtdqPZZjQ7AAAAgLv___9_PRBazGaz3Wpk8m2cg-XMObNNnLvZcuSwDAaTlW3mvWNYRL50J0atPg9hmf2-g4jl-Zr-hoOMb3m9DaKi622xO5xmz_0oWrLcLXer0WQxGi2Xm91wMxrsbyAGqwFOxGC5nEwWk91qtBpthrvRbLBAgRhMkKIlq-VyudpsVqvdaDEbbJbDzQYpWrWajTaD4Wo2me12q-FguByNkKIly91ytxpNFqPRcrnZDTejwRBhwrlaDWcbx1qysS3Xot1m5BbuBsO1bDXZOBem0WpkcrlFr4_pYZwtB4vFFgUDOPYiuEgnMr_l9fabnn67W2G5iCWak0U6kV32pcVsNtutRibfxjlYzpwz28S5my1HDstgMFnZZv6Gc7UazjaOtWRjW65Fu83ILdwNhmvZarJxLkyj1cjkcoteH9PDOFsOFot9Y7YbLIa72Wy1b8x2g8VwN5ut9h06w3f1ORudwfHEo5Jow0PNzuYwKFwGi_f3uUib0cbNqNKGLRbVtbhzTaw6bexk7BzMBoVveE0Mfz_189rN3g5ig0ERSwSni3QiehlPF7FE8rRIJyrjYuNaWSajick28e1mJstms1zsdhvjyDWcWEYWsURpukgnetFjMRisRX_D02NR_5EhF3PlYC6azBWr0SoBAAAAAAAAACxhzrwJAAAAwGkgo8FmuFouAISzl-4PHu-8WGRh_O45748_RLPoV3Hjxw3mt7zeftPTb3crLFcGeKAmZ97smSDWarWsAQAABLABAAACuHXzFoDNyO0DPVHqhR-5UgA!&cmcv=&pix=undefined&cb=1670187664330&uv=3245&tms=1670187664330&abt=mprdctdt6_vA!nrlc_vB!ntvc_vB!smbs!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=34f56126-c7fd-462b-9f7b-dbbb81524328&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
IP 151.101.129.44:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (928), with no line terminators
Hash aa5c9c208faedf4fad35d0ad58d2e4fb
00193b362fcc5b5b3773d77e0a9f3085a01a6d02
9699cfcc1eb682fc0a9a0e2055940820ec11d0fad46aa9645d0d4da6986223f1
GET /st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7C84CFgNzScacbddwDARzScacbddwDAUAAAAGBuIHJDOauWaLyWyt8c1MbtFsMnErZ76JW2SxWIyL1WS0mQyHQDIri2222JjcspHJ5RatbBu3crGxrUWulWdj3Cxnq8VkCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeooOl0-Fz3ep3T9nL-XW_n2Wlz2ZV_v2-u8bv9osdiMFiL_oanxw4AAAAADwBWb5kQP4AAABEAAAAAEgAAAAAUARX_FgIXAAAAABgABiQXGgCfHATvOfv9AQDQsAUCACCAQQIwsBpQAvBxvnICAAAAAAAAAMDy____HwOwhzUmAzCyv9MD8OAD8EBUoFrECAAAAGBLS0XzaFInVBZVAAAE6VYAVwAAAYTe8Uo-YQAAAAFjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTeht9DotiGX0Wu0XEABg7RcQAIBN3QAA3gLggo6gFYPB6hRiN5wtdqPZZjQ7AAAAgLv___9_PRBazGaz3Wpk8m2cg-XMObNNnLvZcuSwDAaTlW3mvWNYRL50J0atPg9hmf2-g4jl-Zr-hoOMb3m9DaKi622xO5xmz_0oWrLcLXer0WQxGi2Xm91wMxrsbyAGqwFOxGC5nEwWk91qtBpthrvRbLBAgRhMkKIlq-VyudpsVqvdaDEbbJbDzQYpWrWajTaD4Wo2me12q-FguByNkKIly91ytxpNFqPRcrnZDTejwRBhwrlaDWcbx1qysS3Xot1m5BbuBsO1bDXZOBem0WpkcrlFr4_pYZwtB4vFFgUDOPYiuEgnMr_l9fabnn67W2G5iCWak0U6kV32pcVsNtutRibfxjlYzpwz28S5my1HDstgMFnZZv6Gc7UazjaOtWRjW65Fu83ILdwNhmvZarJxLkyj1cjkcoteH9PDOFsOFot9Y7YbLIa72Wy1b8x2g8VwN5ut9h06w3f1ORudwfHEo5Jow0PNzuYwKFwGi_f3uUib0cbNqNKGLRbVtbhzTaw6bexk7BzMBoVveE0Mfz_189rN3g5ig0ERSwSni3QiehlPF7FE8rRIJyrjYuNaWSajick28e1mJstms1zsdhvjyDWcWEYWsURpukgnetFjMRisRX_D02NR_5EhF3PlYC6azBWr0SoBAAAAAAAAACxhzrwJAAAAwGkgo8FmuFouAISzl-4PHu-8WGRh_O45748_RLPoV3Hjxw3mt7zeftPTb3crLFcGeKAmZ97smSDWarWsAQAABLABAAACuHXzFoDNyO0DPVHqhR-5UgA!&cmcv=&pix=undefined&cb=1670187664330&uv=3245&tms=1670187664330&abt=mprdctdt6_vA!nrlc_vB!ntvc_vB!smbs!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=34f56126-c7fd-462b-9f7b-dbbb81524328&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1 HTTP/1.1
Host: imprammp.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://giveyoumylife.yoo7.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: text/html;charset=ISO-8859-1
content-encoding: gzip
accept-ranges: bytes
date: Sun, 04 Dec 2022 21:01:06 GMT
via: 1.1 varnish
x-served-by: cache-bma1673-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1670187667.791184,VS0,VE25
vary: Accept-Encoding
X-Firefox-Spdy: h2
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
185.94.180.126302 Found 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
IP 185.94.180.126:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Sun, 04 Dec 2022 21:01:06 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=c56bca06-7416-11ed-a89e-1626150c0106; expires=Sun, 01-Jan-2023 21:01:06 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=c56bca3c-7416-11ed-a89e-1626150c0106
X-fe: 137
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
185.94.180.126302 Found 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
IP 185.94.180.126:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imprammp.taboola.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Sun, 04 Dec 2022 21:01:06 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=c56e9d0d-7416-11ed-881a-1fd522ee0506; expires=Sun, 01-Jan-2023 21:01:06 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=c56e9d6a-7416-11ed-881a-1fd522ee0506
X-fe: 79
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
151.101.129.44200 OK 254 B URL HTTP/2 cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
IP 151.101.129.44:0
File type PNG image data, 12 x 12, 8-bit gray+alpha, non-interlaced\012- data
Hash dfa7b52c86e56bd67fa4002f6ed19854
7df722645482433c2b5c8d8ab4272a9874592f27
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
GET /libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://giveyoumylife.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: c3AK0F63Rmz1U+ZkwDZRH6hJiJRTGpZB8kTBPWz0vwbg9siBxtMOH8aEqr1NtVeNHtLhLAVUR9E=
x-amz-request-id: 4JKSR0YA3KVH073N
x-amz-replication-status: COMPLETED
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
content-type: image/png
server: AmazonS3
accept-ranges: bytes
date: Sun, 04 Dec 2022 21:01:06 GMT
via: 1.1 varnish
age: 19703
x-served-by: cache-bma1673-BMA
x-cache: HIT
x-cache-hits: 1856
x-timer: S1670187667.878796,VS0,VE0
cache-control: private,max-age=31536000
abp: 15
content-length: 254
X-Firefox-Spdy: h2
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=c56bca3c-7416-11ed-a89e-1626150c0106
185.94.180.126204 No Content 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=c56bca3c-7416-11ed-a89e-1626150c0106
IP 185.94.180.126:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=c56bca3c-7416-11ed-a89e-1626150c0106 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://am-match.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx
Date: Sun, 04 Dec 2022 21:01:06 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=c57085bb-7416-11ed-88a6-124172220206; expires=Sun, 01-Jan-2023 21:01:06 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 70
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
trc.taboola.com/forumotion-ar/log/3/bulk?route=AM%3AIL%3AV<i=deflated&bulkSize=2
151.101.129.44204 No Content 0 B URL HTTP/2 trc.taboola.com/forumotion-ar/log/3/bulk?route=AM%3AIL%3AV<i=deflated&bulkSize=2
IP 151.101.129.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /forumotion-ar/log/3/bulk?route=AM%3AIL%3AV<i=deflated&bulkSize=2 HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 4133
Origin: https://giveyoumylife.yoo7.com
Connection: keep-alive
Referer: https://giveyoumylife.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
content-type: image/gif
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://giveyoumylife.yoo7.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
accept-ranges: bytes
date: Sun, 04 Dec 2022 21:01:06 GMT
via: 1.1 varnish
x-served-by: cache-bma1673-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1670187667.814574,VS0,VE91
x-vcl-time-ms: 91
X-Firefox-Spdy: h2
trc.taboola.com/forumotion-ar/log/3/visible?route=AM%3AIL%3AV<i=deflated
151.101.129.44204 No Content 0 B URL HTTP/2 trc.taboola.com/forumotion-ar/log/3/visible?route=AM%3AIL%3AV<i=deflated
IP 151.101.129.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /forumotion-ar/log/3/visible?route=AM%3AIL%3AV<i=deflated HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 2519
Origin: https://giveyoumylife.yoo7.com
Connection: keep-alive
Referer: https://giveyoumylife.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
content-type: image/gif
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://giveyoumylife.yoo7.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
accept-ranges: bytes
date: Sun, 04 Dec 2022 21:01:06 GMT
via: 1.1 varnish
x-served-by: cache-bma1673-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1670187667.813961,VS0,VE93
x-vcl-time-ms: 93
X-Firefox-Spdy: h2
wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=388&height=218&pubid=169497&tagid=953497&crid=5664665&noaop=5&sortOrderType=0&cb=1670187664338&mimes=5,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1488&pt=631374882&tz=0&viewable=true&ddast=V7C84CFgNzScacbddwDARzScacbddwDAUAAAAGBuIHJDOauWaLyWyt8c1MbtFsMnErZ76JW2SxWIyL1WS0mQyHQDIri2222JjcspHJ5RatbBu3crGxrUWulWdj3Cxnq8VkCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeooOl0-Fz3ep3T9nL-XW_n2Wlz2ZV_v2-u8bv9osdiMFiL_oanxw4AAAAADwBWb5kQP4AAABEAAAAAEgAAAAAUARX_FgIXAAAAABgABiQXGgCfHATvOfv9AQDQsAUCACCAQQIwsBpQAvBxvnICAAAAAAAAAMDy____HwOwhzUmAzCyv9MD8OAD8EBUoFrECAAAAGBLS0XzaFInVBZVAAAE6VYAVwAAAYTe8Uo-YQAAAAFjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTeht9DotiGX0Wu0XEABg7RcQAIBN3QAA3gLggo6gFYPB6hRiN5wtdqPZZjQ7AAAAgLv___9_PRBazGaz3Wpk8m2cg-XMObNNnLvZcuSwDAaTlW3mvWNYRL50J0atPg9hmf2-g4jl-Zr-hoOMb3m9DaKi622xO5xmz_0oWrLcLXer0WQxGi2Xm91wMxrsbyAGqwFOxGC5nEwWk91qtBpthrvRbLBAgRhMkKIlq-VyudpsVqvdaDEbbJbDzQYpWrWajTaD4Wo2me12q-FguByNkKIly91ytxpNFqPRcrnZDTejwRBhwrlaDWcbx1qysS3Xot1m5BbuBsO1bDXZOBem0WpkcrlFr4_pYZwtB4vFFgUDOPYiuEgnMr_l9fabnn67W2G5iCWak0U6kV32pcVsNtutRibfxjlYzpwz28S5my1HDstgMFnZZv6Gc7UazjaOtWRjW65Fu83ILdwNhmvZarJxLkyj1cjkcoteH9PDOFsOFot9Y7YbLIa72Wy1b8x2g8VwN5ut9h06w3f1ORudwfHEo5Jow0PNzuYwKFwGi_f3uUib0cbNqNKGLRbVtbhzTaw6bexk7BzMBoVveE0Mfz_189rN3g5ig0ERSwSni3QiehlPF7FE8rRIJyrjYuNaWSajick28e1mJstms1zsdhvjyDWcWEYWsURpukgnetFjMRisRX_D02NR_5EhF3PlYC6azBWr0SoBAAAAAAAAACxhzrwJAAAAwGkgo8FmuFouAISzl-4PHu-8WGRh_O45748_RLPoV3Hjxw3mt7zeftPTb3crLFcGeKAmZ97smSDWarWsAQAABLABAAACuHXzFoDNyO0DPVHqhR-5UgA!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=mprdctdt6_vA!nrlc_vB!ntvc_vB!smbs!ufm&mPre=0.025&cirf=https%3A%2F%2Fgiveyoumylife.yoo7.com&en=1
151.101.129.44200 OK 1.9 kB URL HTTP/2 wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=388&height=218&pubid=169497&tagid=953497&crid=5664665&noaop=5&sortOrderType=0&cb=1670187664338&mimes=5,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1488&pt=631374882&tz=0&viewable=true&ddast=V7C84CFgNzScacbddwDARzScacbddwDAUAAAAGBuIHJDOauWaLyWyt8c1MbtFsMnErZ76JW2SxWIyL1WS0mQyHQDIri2222JjcspHJ5RatbBu3crGxrUWulWdj3Cxnq8VkCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeooOl0-Fz3ep3T9nL-XW_n2Wlz2ZV_v2-u8bv9osdiMFiL_oanxw4AAAAADwBWb5kQP4AAABEAAAAAEgAAAAAUARX_FgIXAAAAABgABiQXGgCfHATvOfv9AQDQsAUCACCAQQIwsBpQAvBxvnICAAAAAAAAAMDy____HwOwhzUmAzCyv9MD8OAD8EBUoFrECAAAAGBLS0XzaFInVBZVAAAE6VYAVwAAAYTe8Uo-YQAAAAFjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTeht9DotiGX0Wu0XEABg7RcQAIBN3QAA3gLggo6gFYPB6hRiN5wtdqPZZjQ7AAAAgLv___9_PRBazGaz3Wpk8m2cg-XMObNNnLvZcuSwDAaTlW3mvWNYRL50J0atPg9hmf2-g4jl-Zr-hoOMb3m9DaKi622xO5xmz_0oWrLcLXer0WQxGi2Xm91wMxrsbyAGqwFOxGC5nEwWk91qtBpthrvRbLBAgRhMkKIlq-VyudpsVqvdaDEbbJbDzQYpWrWajTaD4Wo2me12q-FguByNkKIly91ytxpNFqPRcrnZDTejwRBhwrlaDWcbx1qysS3Xot1m5BbuBsO1bDXZOBem0WpkcrlFr4_pYZwtB4vFFgUDOPYiuEgnMr_l9fabnn67W2G5iCWak0U6kV32pcVsNtutRibfxjlYzpwz28S5my1HDstgMFnZZv6Gc7UazjaOtWRjW65Fu83ILdwNhmvZarJxLkyj1cjkcoteH9PDOFsOFot9Y7YbLIa72Wy1b8x2g8VwN5ut9h06w3f1ORudwfHEo5Jow0PNzuYwKFwGi_f3uUib0cbNqNKGLRbVtbhzTaw6bexk7BzMBoVveE0Mfz_189rN3g5ig0ERSwSni3QiehlPF7FE8rRIJyrjYuNaWSajick28e1mJstms1zsdhvjyDWcWEYWsURpukgnetFjMRisRX_D02NR_5EhF3PlYC6azBWr0SoBAAAAAAAAACxhzrwJAAAAwGkgo8FmuFouAISzl-4PHu-8WGRh_O45748_RLPoV3Hjxw3mt7zeftPTb3crLFcGeKAmZ97smSDWarWsAQAABLABAAACuHXzFoDNyO0DPVHqhR-5UgA!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=mprdctdt6_vA!nrlc_vB!ntvc_vB!smbs!ufm&mPre=0.025&cirf=https%3A%2F%2Fgiveyoumylife.yoo7.com&en=1
IP 151.101.129.44:0
Hash c321a1025d84356a48d3717ddf833a0c
8545e9ee54190741aaf04eb8cd8848ef781f8e14
9388eb4ecc8863d804c1c88fa7c97160c50e7876510c3f6ed68ea5fd8ffd8815
POST /VideoBidRequestHandlerServlet?oid=15&width=388&height=218&pubid=169497&tagid=953497&crid=5664665&noaop=5&sortOrderType=0&cb=1670187664338&mimes=5,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1488&pt=631374882&tz=0&viewable=true&ddast=V7C84CFgNzScacbddwDARzScacbddwDAUAAAAGBuIHJDOauWaLyWyt8c1MbtFsMnErZ76JW2SxWIyL1WS0mQyHQDIri2222JjcspHJ5RatbBu3crGxrUWulWdj3Cxnq8VkCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeooOl0-Fz3ep3T9nL-XW_n2Wlz2ZV_v2-u8bv9osdiMFiL_oanxw4AAAAADwBWb5kQP4AAABEAAAAAEgAAAAAUARX_FgIXAAAAABgABiQXGgCfHATvOfv9AQDQsAUCACCAQQIwsBpQAvBxvnICAAAAAAAAAMDy____HwOwhzUmAzCyv9MD8OAD8EBUoFrECAAAAGBLS0XzaFInVBZVAAAE6VYAVwAAAYTe8Uo-YQAAAAFjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTeht9DotiGX0Wu0XEABg7RcQAIBN3QAA3gLggo6gFYPB6hRiN5wtdqPZZjQ7AAAAgLv___9_PRBazGaz3Wpk8m2cg-XMObNNnLvZcuSwDAaTlW3mvWNYRL50J0atPg9hmf2-g4jl-Zr-hoOMb3m9DaKi622xO5xmz_0oWrLcLXer0WQxGi2Xm91wMxrsbyAGqwFOxGC5nEwWk91qtBpthrvRbLBAgRhMkKIlq-VyudpsVqvdaDEbbJbDzQYpWrWajTaD4Wo2me12q-FguByNkKIly91ytxpNFqPRcrnZDTejwRBhwrlaDWcbx1qysS3Xot1m5BbuBsO1bDXZOBem0WpkcrlFr4_pYZwtB4vFFgUDOPYiuEgnMr_l9fabnn67W2G5iCWak0U6kV32pcVsNtutRibfxjlYzpwz28S5my1HDstgMFnZZv6Gc7UazjaOtWRjW65Fu83ILdwNhmvZarJxLkyj1cjkcoteH9PDOFsOFot9Y7YbLIa72Wy1b8x2g8VwN5ut9h06w3f1ORudwfHEo5Jow0PNzuYwKFwGi_f3uUib0cbNqNKGLRbVtbhzTaw6bexk7BzMBoVveE0Mfz_189rN3g5ig0ERSwSni3QiehlPF7FE8rRIJyrjYuNaWSajick28e1mJstms1zsdhvjyDWcWEYWsURpukgnetFjMRisRX_D02NR_5EhF3PlYC6azBWr0SoBAAAAAAAAACxhzrwJAAAAwGkgo8FmuFouAISzl-4PHu-8WGRh_O45748_RLPoV3Hjxw3mt7zeftPTb3crLFcGeKAmZ97smSDWarWsAQAABLABAAACuHXzFoDNyO0DPVHqhR-5UgA!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=mprdctdt6_vA!nrlc_vB!ntvc_vB!smbs!ufm&mPre=0.025&cirf=https%3A%2F%2Fgiveyoumylife.yoo7.com&en=1 HTTP/1.1
Host: wf.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Content-Length: 133
Origin: https://giveyoumylife.yoo7.com
Connection: keep-alive
Referer: https://giveyoumylife.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/json;charset=utf-8
machineid: 1455
pragma: no-cache
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: https://giveyoumylife.yoo7.com
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Sun, 04 Dec 2022 21:01:06 GMT
via: 1.1 varnish
x-served-by: cache-bma1673-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1670187667.797930,VS0,VE107
vary: Accept-Encoding
X-Firefox-Spdy: h2
match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
15.197.193.217200 OK 70 B URL HTTP/2 match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
IP 15.197.193.217:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 58a7930cd4577fc33c35828c271eab8f
406e57f86dc101e10f3a57be1e2f7b93c4580474
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
GET /track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 21:01:07 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
vidstat.taboola.com/vpaid/vPlayer/player/v14.8.8/OvaMediaPlayer.js
151.101.129.44200 OK 87 kB URL HTTP/2 vidstat.taboola.com/vpaid/vPlayer/player/v14.8.8/OvaMediaPlayer.js
IP 151.101.129.44:0
File type Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Hash dcfe04133edaa84ac4a7356299134bf2
600265d1e188692d5cb0b9dbc828c708181bd3d8
1f50ba3994c74af69746c8db181597b9e74d7bb53c808ce9f7014facf0c59bfd
GET /vpaid/vPlayer/player/v14.8.8/OvaMediaPlayer.js HTTP/1.1
Host: vidstat.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://giveyoumylife.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: DH4gCSpZOjdiQ2RHNdcZaQ1gWcI8EDnhtXKaFZT4JUmiFDacp53eylqcVHaDpMgh56JBtwAdvTI=
x-amz-request-id: M2DJX9S4FNAQPE8Z
last-modified: Thu, 27 Oct 2022 07:34:53 GMT
etag: "dcfe04133edaa84ac4a7356299134bf2"
x-amz-meta-ctime: 1666856092
x-amz-meta-mode: 33188
x-amz-meta-gid: 0
x-amz-meta-uid: 0
x-amz-meta-mtime: 1666856080
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
date: Sun, 04 Dec 2022 21:01:07 GMT
via: 1.1 varnish
age: 739545
x-served-by: cache-bma1673-BMA
x-cache: HIT
x-cache-hits: 208763
x-timer: S1670187667.126604,VS0,VE0
vary: Accept-Encoding
server: AmazonS3-br
content-encoding: br
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
content-length: 87152
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 838d243942d48827243c3bcee18d11ed
26243d17a8493cbaa1759bde860c0a2a54f36e02
bf818584bae52201d47f2fadf57114acdcadf908a7003b26b846196ccef11ede
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=162095
Date: Sun, 04 Dec 2022 21:01:07 GMT
Etag: "638cd528-1d7"
Expires: Tue, 06 Dec 2022 18:02:42 GMT
Last-Modified: Sun, 04 Dec 2022 17:13:12 GMT
Server: ECS (nyb/1D28)
X-Cache: Miss from cloudfront
Via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: KMfaSliMvTIQ3yH9b7_DIPCnHKKO_oqQnRfhoTOjjo4JYlMTa4FpFg==
Age: 2970
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=c56e9d6a-7416-11ed-881a-1fd522ee0506
185.94.180.126204 No Content 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=c56e9d6a-7416-11ed-881a-1fd522ee0506
IP 185.94.180.126:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=c56e9d6a-7416-11ed-881a-1fd522ee0506 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://imprammp.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx
Date: Sun, 04 Dec 2022 21:01:07 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=c5acea4e-7416-11ed-8447-155da6fd0306; expires=Sun, 01-Jan-2023 21:01:07 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 91
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
185.94.180.126302 Found 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
IP 185.94.180.126:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Sun, 04 Dec 2022 21:01:07 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=c5b5a058-7416-11ed-b58a-1d66682b0206; expires=Sun, 01-Jan-2023 21:01:07 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=c5b5a0aa-7416-11ed-b58a-1d66682b0206
X-fe: 19
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
104.85.187.217301 Moved Permanently 0 B URL HTTP/2 secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
IP 104.85.187.217:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint= HTTP/1.1
Host: secure-assets.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: AkamaiGHost
content-length: 0
location: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
date: Sun, 04 Dec 2022 21:01:07 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
X-Firefox-Spdy: h2
am-match.taboola.com/sync?dast=V7C84CFgNzScacbddwDARzScacbddwDAUAAAAGBuIHJDOauWaLyWyt8c1MbtFsMnErZ76JW2SxWIyL1WS0mQyHQDIri2222JjcspHJ5RatbBu3crGxrUWulWdj3Cxnq8VkCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeooOl0-Fz3ep3T9nL-XW_n2Wlz2ZV_v2-u8bv9osdiMFiL_oanxw4AAAAADwBWb5kQP4AAABEAAAAAEgAAAAAUARX_FgIXAAAAABgABiQXGgCfHATvOfv9AQDQsAUCACCAQQIwsBpQAvBxvnICAAAAAAAAAMDy____HwOwhzUmAzCyv9MD8OAD8EBUoFrECAAAAGBLS0XzaFInVBZVAAAE6VYAVwAAAYTe8Uo-YQAAAAFjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTeht9DotiGX0Wu0XEABg7RcQAIBN3QAA3gLggo6gFYPB6hRiN5wtdqPZZjQ7AAAAgLv___9_PRBazGaz3Wpk8m2cg-XMObNNnLvZcuSwDAaTlW3mvWNYRL50J0atPg9hmf2-g4jl-Zr-hoOMb3m9DaKi622xO5xmz_0oWrLcLXer0WQxGi2Xm91wMxrsbyAGqwFOxGC5nEwWk91qtBpthrvRbLBAgRhMkKIlq-VyudpsVqvdaDEbbJbDzQYpWrWajTaD4Wo2me12q-FguByNkKIly91ytxpNFqPRcrnZDTejwRBhwrlaDWcbx1qysS3Xot1m5BbuBsO1bDXZOBem0WpkcrlFr4_pYZwtB4vFFgUDOPYiuEgnMr_l9fabnn67W2G5iCWak0U6kV32pcVsNtutRibfxjlYzpwz28S5my1HDstgMFnZZv6Gc7UazjaOtWRjW65Fu83ILdwNhmvZarJxLkyj1cjkcoteH9PDOFsOFot9Y7YbLIa72Wy1b8x2g8VwN5ut9h06w3f1ORudwfHEo5Jow0PNzuYwKFwGi_f3uUib0cbNqNKGLRbVtbhzTaw6bexk7BzMBoVveE0Mfz_189rN3g5ig0ERSwSni3QiehlPF7FE8rRIJyrjYuNaWSajick28e1mJstms1zsdhvjyDWcWEYWsURpukgnetFjMRisRX_D02NR_5EhF3PlYC6azBWr0SoBAAAAAAAAACxhzrwJAAAAwGkgo8FmuFouAISzl-4PHu-8WGRh_O45748_RLPoV3Hjxw3mt7zeftPTb3crLFcGeKAmZ97smSDWarWsAQAABLABAAACuHXzFoDNyO0DPVHqhR-5UgA!&excid=22&docw=0&cijs=1&nlb=true
141.226.228.48200 OK 0 B URL HTTP/2 am-match.taboola.com/sync?dast=V7C84CFgNzScacbddwDARzScacbddwDAUAAAAGBuIHJDOauWaLyWyt8c1MbtFsMnErZ76JW2SxWIyL1WS0mQyHQDIri2222JjcspHJ5RatbBu3crGxrUWulWdj3Cxnq8VkCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeooOl0-Fz3ep3T9nL-XW_n2Wlz2ZV_v2-u8bv9osdiMFiL_oanxw4AAAAADwBWb5kQP4AAABEAAAAAEgAAAAAUARX_FgIXAAAAABgABiQXGgCfHATvOfv9AQDQsAUCACCAQQIwsBpQAvBxvnICAAAAAAAAAMDy____HwOwhzUmAzCyv9MD8OAD8EBUoFrECAAAAGBLS0XzaFInVBZVAAAE6VYAVwAAAYTe8Uo-YQAAAAFjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTeht9DotiGX0Wu0XEABg7RcQAIBN3QAA3gLggo6gFYPB6hRiN5wtdqPZZjQ7AAAAgLv___9_PRBazGaz3Wpk8m2cg-XMObNNnLvZcuSwDAaTlW3mvWNYRL50J0atPg9hmf2-g4jl-Zr-hoOMb3m9DaKi622xO5xmz_0oWrLcLXer0WQxGi2Xm91wMxrsbyAGqwFOxGC5nEwWk91qtBpthrvRbLBAgRhMkKIlq-VyudpsVqvdaDEbbJbDzQYpWrWajTaD4Wo2me12q-FguByNkKIly91ytxpNFqPRcrnZDTejwRBhwrlaDWcbx1qysS3Xot1m5BbuBsO1bDXZOBem0WpkcrlFr4_pYZwtB4vFFgUDOPYiuEgnMr_l9fabnn67W2G5iCWak0U6kV32pcVsNtutRibfxjlYzpwz28S5my1HDstgMFnZZv6Gc7UazjaOtWRjW65Fu83ILdwNhmvZarJxLkyj1cjkcoteH9PDOFsOFot9Y7YbLIa72Wy1b8x2g8VwN5ut9h06w3f1ORudwfHEo5Jow0PNzuYwKFwGi_f3uUib0cbNqNKGLRbVtbhzTaw6bexk7BzMBoVveE0Mfz_189rN3g5ig0ERSwSni3QiehlPF7FE8rRIJyrjYuNaWSajick28e1mJstms1zsdhvjyDWcWEYWsURpukgnetFjMRisRX_D02NR_5EhF3PlYC6azBWr0SoBAAAAAAAAACxhzrwJAAAAwGkgo8FmuFouAISzl-4PHu-8WGRh_O45748_RLPoV3Hjxw3mt7zeftPTb3crLFcGeKAmZ97smSDWarWsAQAABLABAAACuHXzFoDNyO0DPVHqhR-5UgA!&excid=22&docw=0&cijs=1&nlb=true
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?dast=V7C84CFgNzScacbddwDARzScacbddwDAUAAAAGBuIHJDOauWaLyWyt8c1MbtFsMnErZ76JW2SxWIyL1WS0mQyHQDIri2222JjcspHJ5RatbBu3crGxrUWulWdj3Cxnq8VkCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeooOl0-Fz3ep3T9nL-XW_n2Wlz2ZV_v2-u8bv9osdiMFiL_oanxw4AAAAADwBWb5kQP4AAABEAAAAAEgAAAAAUARX_FgIXAAAAABgABiQXGgCfHATvOfv9AQDQsAUCACCAQQIwsBpQAvBxvnICAAAAAAAAAMDy____HwOwhzUmAzCyv9MD8OAD8EBUoFrECAAAAGBLS0XzaFInVBZVAAAE6VYAVwAAAYTe8Uo-YQAAAAFjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTeht9DotiGX0Wu0XEABg7RcQAIBN3QAA3gLggo6gFYPB6hRiN5wtdqPZZjQ7AAAAgLv___9_PRBazGaz3Wpk8m2cg-XMObNNnLvZcuSwDAaTlW3mvWNYRL50J0atPg9hmf2-g4jl-Zr-hoOMb3m9DaKi622xO5xmz_0oWrLcLXer0WQxGi2Xm91wMxrsbyAGqwFOxGC5nEwWk91qtBpthrvRbLBAgRhMkKIlq-VyudpsVqvdaDEbbJbDzQYpWrWajTaD4Wo2me12q-FguByNkKIly91ytxpNFqPRcrnZDTejwRBhwrlaDWcbx1qysS3Xot1m5BbuBsO1bDXZOBem0WpkcrlFr4_pYZwtB4vFFgUDOPYiuEgnMr_l9fabnn67W2G5iCWak0U6kV32pcVsNtutRibfxjlYzpwz28S5my1HDstgMFnZZv6Gc7UazjaOtWRjW65Fu83ILdwNhmvZarJxLkyj1cjkcoteH9PDOFsOFot9Y7YbLIa72Wy1b8x2g8VwN5ut9h06w3f1ORudwfHEo5Jow0PNzuYwKFwGi_f3uUib0cbNqNKGLRbVtbhzTaw6bexk7BzMBoVveE0Mfz_189rN3g5ig0ERSwSni3QiehlPF7FE8rRIJyrjYuNaWSajick28e1mJstms1zsdhvjyDWcWEYWsURpukgnetFjMRisRX_D02NR_5EhF3PlYC6azBWr0SoBAAAAAAAAACxhzrwJAAAAwGkgo8FmuFouAISzl-4PHu-8WGRh_O45748_RLPoV3Hjxw3mt7zeftPTb3crLFcGeKAmZ97smSDWarWsAQAABLABAAACuHXzFoDNyO0DPVHqhR-5UgA!&excid=22&docw=0&cijs=1&nlb=true HTTP/1.1
Host: am-match.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://giveyoumylife.yoo7.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 21:01:06 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3406
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e628b15d0ac70efe6a7d72ea00716fa3
cff8653177e58253bae09b9010f889c0b097b221
39d68fe3ffb4a1e277c6aa63b742c5e6e17e6e13e064bf42cd2e45b8f2786f0c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2651
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 21:01:07 GMT
Last-Modified: Sun, 04 Dec 2022 20:16:56 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
2.23.134.137200 OK 233 B URL HTTP/1.1 eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
IP 2.23.134.137:0
ASN #1299 Telia Company AB
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 6220919f0a2b24a12a281ea8b891ecf6
759111c360edc6df73ed10aaaa212cb22c47ce0d
030c6e199782fb1908f6f89d3cd41950fd3ae0830c5020ba9ed617111bacd180
GET /usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint= HTTP/1.1
Host: eus.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://am-match.taboola.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Apache/2.2.15 (CentOS)
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
ETag: "403b9-119-5ec73a0a33d00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 04 Dec 2022 21:01:07 GMT
Connection: keep-alive
Vary: Accept-Encoding
ups.analytics.yahoo.com/ups/58534/occ
3.126.56.137302 Found 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58534/occ
IP 3.126.56.137:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58534/occ HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imprammp.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 04 Dec 2022 21:01:07 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
location: https://ups.analytics.yahoo.com/ups/58534/occ?verify=true
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBJMKjWMCEKrTK6NF4WUOx_fTuqRiySIFEgEBAQFcjmOWYwAAAAAA_eMAAA&S=AQAAAn_GrmMBf1VH3ArAFIAH12M; Expires=Tue, 5 Dec 2023 03:01:07 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash dbb66a45515eb4bd61566b8a462222b7
2d18c51e1a9d35c874c96ad0552aa35d88bfc5f9
1929d698afaff5af3fd939389346226a6056b86e4f870b0769755b0cdefd60a6
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 21:01:07 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 03 Dec 2022 01:56:49 GMT
Expires: Sat, 10 Dec 2022 01:56:48 GMT
Etag: "2d18c51e1a9d35c874c96ad0552aa35d88bfc5f9"
Cache-Control: max-age=449140,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 774779b9682d0b65-OSL
x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
3.67.122.202200 OK 43 B URL HTTP/2 x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
IP 3.67.122.202:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /sync?gdpr=1&us_privacy=1---&ssp=taboola HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 21:01:07 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
cdn.taboola.com/scripts/cds-pips.js
151.101.129.44200 OK 1.3 kB URL HTTP/2 cdn.taboola.com/scripts/cds-pips.js
IP 151.101.129.44:0
File type ASCII text, with very long lines (3545), with no line terminators
Hash 780c5c514014519ce276709f515905a0
04fe86d00b9c9077effe05171d066d243ecab221
015db06150b62ad2ad533883652174ebb6f07e24a7147fdac01a0ccd266e3f30
GET /scripts/cds-pips.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://giveyoumylife.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: 2KBeU0d7OyPXtZDYUoIqlTBmhGhsve90tjYoemCxISjKQrNgcxT28sPXVt5KfJt+6r7dFoJgA8g=
x-amz-request-id: NFWGDQGY1WQ95XHE
x-amz-replication-status: COMPLETED
last-modified: Wed, 12 Oct 2022 13:57:57 GMT
etag: "383fa66d2a0a09f4a6e64a9593ad43bb"
x-amz-version-id: z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-type: application/javascript
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Sun, 04 Dec 2022 21:01:07 GMT
via: 1.1 varnish
age: 3397
x-served-by: cache-bma1673-BMA
x-cache: HIT
x-cache-hits: 4759
x-timer: S1670187668.998356,VS0,VE0
vary: Accept-Encoding
abp: 15
cache-control: private, max-age=3600
content-length: 1340
X-Firefox-Spdy: h2
eus.rubiconproject.com/usync.js
2.23.134.137200 OK 10 kB URL HTTP/1.1 eus.rubiconproject.com/usync.js
IP 2.23.134.137:0
ASN #1299 Telia Company AB
File type ASCII text, with very long lines (18728)
Hash de8d25f887a0fa41f6f06f47032cf2ed
730223801e090e4746352343fa2faa352466a1fd
377cfef236901519d68cbcd502144605dfa7b21e62896ef35890a7524dffb64d
GET /usync.js HTTP/1.1
Host: eus.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Sun, 04 Dec 2022 11:34:22 GMT
Content-Encoding: gzip
Content-Length: 10067
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=52392
Expires: Mon, 05 Dec 2022 11:34:20 GMT
Date: Sun, 04 Dec 2022 21:01:08 GMT
Connection: keep-alive
Vary: Accept-Encoding
match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
15.197.193.217200 OK 70 B URL HTTP/2 match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
IP 15.197.193.217:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 58a7930cd4577fc33c35828c271eab8f
406e57f86dc101e10f3a57be1e2f7b93c4580474
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
GET /track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 21:01:08 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
ups.analytics.yahoo.com/ups/58534/occ?verify=true
3.126.56.137204 No Content 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58534/occ?verify=true
IP 3.126.56.137:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58534/occ?verify=true HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://imprammp.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 04 Dec 2022 21:01:08 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security: max-age=31536000
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBJQKjWMCEE5N_Uf2k3NYYuloshkzFh4FEgEBAQFcjmOWYwAAAAAA_eMAAA&S=AQAAAjvky8RDxGxZ9fkavV2Jwwc; Expires=Tue, 5 Dec 2023 03:01:08 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
185.94.180.126302 Found 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
IP 185.94.180.126:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Sun, 04 Dec 2022 21:01:08 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=c6271752-7416-11ed-84e7-1bf9ad920406; expires=Sun, 01-Jan-2023 21:01:08 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=c627178b-7416-11ed-84e7-1bf9ad920406
X-fe: 138
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
pips.taboola.com/
151.101.1.44200 OK 4 B IP 151.101.1.44:0
File type ASCII text, with no line terminators
Hash 6c3e226b4d4795d518ab341b0824ec29
eef19c54306daa69eda49c0272623bdb5e2b341f
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
GET / HTTP/1.1
Host: pips.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://giveyoumylife.yoo7.com
Connection: keep-alive
Referer: https://giveyoumylife.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Varnish
retry-after: 0
access-control-allow-methods: GET
access-control-allow-origin: https://giveyoumylife.yoo7.com
accept-ranges: bytes
date: Sun, 04 Dec 2022 21:01:08 GMT
via: 1.1 varnish
x-served-by: cache-bma1624-BMA
x-cache: HIT
x-cache-hits: 0
cache-control: no-store
content-length: 4
X-Firefox-Spdy: h2
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=c627178b-7416-11ed-84e7-1bf9ad920406
185.94.180.126204 No Content 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=c627178b-7416-11ed-84e7-1bf9ad920406
IP 185.94.180.126:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=c627178b-7416-11ed-84e7-1bf9ad920406 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://am-match.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx
Date: Sun, 04 Dec 2022 21:01:08 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=c62eed6d-7416-11ed-8b9b-1189f5600506; expires=Sun, 01-Jan-2023 21:01:08 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 99
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
3.67.122.202200 OK 43 B URL HTTP/2 x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
IP 3.67.122.202:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /sync?gdpr=1&us_privacy=1---&ssp=taboola HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 21:01:08 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?pub=0&userId=bdb9c24e7b724f71ab426579618eec59&zoneId=2308013&checkDuplicate=true&ymid=&var=
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=bdb9c24e7b724f71ab426579618eec59&zoneId=2308013&checkDuplicate=true&ymid=&var=
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 930a7ced1d50a1dfa7ed499351b74fe7
2a50e2527b7638f541663e6a12648d7ee34af16d
afa4f6863762760de1e8adfa6d8ab3e78052cfda2600c9dee9a847bfc6c2ad9c
GET /gid.js?pub=0&userId=bdb9c24e7b724f71ab426579618eec59&zoneId=2308013&checkDuplicate=true&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://giveyoumylife.yoo7.com/
Origin: https://giveyoumylife.yoo7.com
Connection: keep-alive
Cookie: ID=5061a7221ac942d68944de6313293083
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 21:01:11 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://giveyoumylife.yoo7.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=5061a7221ac942d68944de6313293083; expires=Mon, 04 Dec 2023 21:01:11 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
static.criteo.net/js/ld/publishertag.js
178.250.0.130200 OK 0 B URL HTTP/2 static.criteo.net/js/ld/publishertag.js
IP 178.250.0.130:0
GET /js/ld/publishertag.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://giveyoumylife.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 21:01:03 GMT
content-type: text/javascript
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
etag: W/"6356752f-1e444"
expires: Mon, 05 Dec 2022 21:01:03 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
15.taboola.com/tb?oid=15&pubnm=forumotion-ar&unitType=226&tbloc=&pageType=text&pstn=Below%20Desktop%20Forum%20Thumbnails&uuip=&cisrf=&cirf=https%3A%2F%2Fgiveyoumylife.yoo7.com%2Ft1100-topic&encoded=1&uid=a95586c1-2c69-473d-8708-652c9a445dde-tucta869011&variant=-100|1786174634&callback=TRC.videoTagCallbacks.videoCallback2&cb=1670187663263&tagid=&cntry=NO&platform=1&sesid=4166675dd7c909f9f6b9769da2002e6f&itemid=/t1100-topic&viewid=1670187662608&geolat=&geoing=&deviceifa=&appid=&sd=v2_4166675dd7c909f9f6b9769da2002e6f_a95586c1-2c69-473d-8708-652c9a445dde-tucta869011_1670187665_1670187665_CNawjgYQ3pxDGJD6xPfNMCABKAEwogE434cMQJ6XEEj5qNkDUN6lI1gAYABop5bpoOzs57vmAXAA&ri=e81c5e224bd6b77fd2339177c8d58b2d&appname=&cdb=&gdprApplies=true&rid=&sii=-1748452194890440097&oee=true&tpubid=1101406&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=®ion=03&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1037540&prcnt=&layer=&normp=1&gvv=
151.101.129.44200 OK 0 B URL HTTP/2 15.taboola.com/tb?oid=15&pubnm=forumotion-ar&unitType=226&tbloc=&pageType=text&pstn=Below%20Desktop%20Forum%20Thumbnails&uuip=&cisrf=&cirf=https%3A%2F%2Fgiveyoumylife.yoo7.com%2Ft1100-topic&encoded=1&uid=a95586c1-2c69-473d-8708-652c9a445dde-tucta869011&variant=-100|1786174634&callback=TRC.videoTagCallbacks.videoCallback2&cb=1670187663263&tagid=&cntry=NO&platform=1&sesid=4166675dd7c909f9f6b9769da2002e6f&itemid=/t1100-topic&viewid=1670187662608&geolat=&geoing=&deviceifa=&appid=&sd=v2_4166675dd7c909f9f6b9769da2002e6f_a95586c1-2c69-473d-8708-652c9a445dde-tucta869011_1670187665_1670187665_CNawjgYQ3pxDGJD6xPfNMCABKAEwogE434cMQJ6XEEj5qNkDUN6lI1gAYABop5bpoOzs57vmAXAA&ri=e81c5e224bd6b77fd2339177c8d58b2d&appname=&cdb=&gdprApplies=true&rid=&sii=-1748452194890440097&oee=true&tpubid=1101406&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=®ion=03&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1037540&prcnt=&layer=&normp=1&gvv=
IP 151.101.129.44:0
GET /tb?oid=15&pubnm=forumotion-ar&unitType=226&tbloc=&pageType=text&pstn=Below%20Desktop%20Forum%20Thumbnails&uuip=&cisrf=&cirf=https%3A%2F%2Fgiveyoumylife.yoo7.com%2Ft1100-topic&encoded=1&uid=a95586c1-2c69-473d-8708-652c9a445dde-tucta869011&variant=-100|1786174634&callback=TRC.videoTagCallbacks.videoCallback2&cb=1670187663263&tagid=&cntry=NO&platform=1&sesid=4166675dd7c909f9f6b9769da2002e6f&itemid=/t1100-topic&viewid=1670187662608&geolat=&geoing=&deviceifa=&appid=&sd=v2_4166675dd7c909f9f6b9769da2002e6f_a95586c1-2c69-473d-8708-652c9a445dde-tucta869011_1670187665_1670187665_CNawjgYQ3pxDGJD6xPfNMCABKAEwogE434cMQJ6XEEj5qNkDUN6lI1gAYABop5bpoOzs57vmAXAA&ri=e81c5e224bd6b77fd2339177c8d58b2d&appname=&cdb=&gdprApplies=true&rid=&sii=-1748452194890440097&oee=true&tpubid=1101406&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=®ion=03&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1037540&prcnt=&layer=&normp=1&gvv= HTTP/1.1
Host: 15.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://giveyoumylife.yoo7.com
Connection: keep-alive
Referer: https://giveyoumylife.yoo7.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: text/html;charset=ISO-8859-1
machineid: 1450
link: <https://am-wf.taboola.com>; rel=preconnect
xvid-debug: mrmr - :
pragma: no-cache
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: https://giveyoumylife.yoo7.com
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Sun, 04 Dec 2022 21:01:06 GMT
via: 1.1 varnish
x-served-by: cache-bma1673-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1670187666.967799,VS0,VE41
vary: Accept-Encoding
X-Firefox-Spdy: h2
am-match.taboola.com/sync?dast=V7C84CFgNzScacbddwDARzScacbddwDAUAAAAGBuIHJDOauWaLyWyt8c1MbtFsMnErZ76JW2SxWIyL1WS0mQyHQDIri2222JjcspHJ5RatbBu3crGxrUWulWdj3Cxnq8VkCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeooOl0-Fz3ep3T9nL-XW_n2Wlz2ZV_v2-u8bv9osdiMFiL_oanxw4AAAAADwBWb5kQP4AAABEAAAAAEgAAAAAUARX_FgIXAAAAABgABiQXGgCfHATvOfv9AQDQsAUCACCAQQIwsBpQAvBxvnICAAAAAAAAAMDy____HwOwhzUmAzCyv9MD8OAD8EBUoFrECAAAAGBLS0XzaFInVBZVAAAE6VYAVwAAAYTe8Uo-YQAAAAFjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTeht9DotiGX0Wu0XEABg7RcQAIBN3QAA3gLggo6gFYPB6hRiN5wtdqPZZjQ7AAAAgLv___9_PRBazGaz3Wpk8m2cg-XMObNNnLvZcuSwDAaTlW3mvWNYRL50J0atPg9hmf2-g4jl-Zr-hoOMb3m9DaKi622xO5xmz_0oWrLcLXer0WQxGi2Xm91wMxrsbyAGqwFOxGC5nEwWk91qtBpthrvRbLBAgRhMkKIlq-VyudpsVqvdaDEbbJbDzQYpWrWajTaD4Wo2me12q-FguByNkKIly91ytxpNFqPRcrnZDTejwRBhwrlaDWcbx1qysS3Xot1m5BbuBsO1bDXZOBem0WpkcrlFr4_pYZwtB4vFFgUDOPYiuEgnMr_l9fabnn67W2G5iCWak0U6kV32pcVsNtutRibfxjlYzpwz28S5my1HDstgMFnZZv6Gc7UazjaOtWRjW65Fu83ILdwNhmvZarJxLkyj1cjkcoteH9PDOFsOFot9Y7YbLIa72Wy1b8x2g8VwN5ut9h06w3f1ORudwfHEo5Jow0PNzuYwKFwGi_f3uUib0cbNqNKGLRbVtbhzTaw6bexk7BzMBoVveE0Mfz_189rN3g5ig0ERSwSni3QiehlPF7FE8rRIJyrjYuNaWSajick28e1mJstms1zsdhvjyDWcWEYWsURpukgnetFjMRisRX_D02NR_5EhF3PlYC6azBWr0SoBAAAAAAAAACxhzrwJAAAAwGkgo8FmuFouAISzl-4PHu-8WGRh_O45748_RLPoV3Hjxw3mt7zeftPTb3crLFcGeKAmZ97smSDWarWsAQAABLABAAACuHXzFoDNyO0DPVHqhR-5UgA!&excid=22&docw=0&cijs=1&nlb=true
141.226.228.48200 OK 0 B URL HTTP/2 am-match.taboola.com/sync?dast=V7C84CFgNzScacbddwDARzScacbddwDAUAAAAGBuIHJDOauWaLyWyt8c1MbtFsMnErZ76JW2SxWIyL1WS0mQyHQDIri2222JjcspHJ5RatbBu3crGxrUWulWdj3Cxnq8VkCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeooOl0-Fz3ep3T9nL-XW_n2Wlz2ZV_v2-u8bv9osdiMFiL_oanxw4AAAAADwBWb5kQP4AAABEAAAAAEgAAAAAUARX_FgIXAAAAABgABiQXGgCfHATvOfv9AQDQsAUCACCAQQIwsBpQAvBxvnICAAAAAAAAAMDy____HwOwhzUmAzCyv9MD8OAD8EBUoFrECAAAAGBLS0XzaFInVBZVAAAE6VYAVwAAAYTe8Uo-YQAAAAFjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTeht9DotiGX0Wu0XEABg7RcQAIBN3QAA3gLggo6gFYPB6hRiN5wtdqPZZjQ7AAAAgLv___9_PRBazGaz3Wpk8m2cg-XMObNNnLvZcuSwDAaTlW3mvWNYRL50J0atPg9hmf2-g4jl-Zr-hoOMb3m9DaKi622xO5xmz_0oWrLcLXer0WQxGi2Xm91wMxrsbyAGqwFOxGC5nEwWk91qtBpthrvRbLBAgRhMkKIlq-VyudpsVqvdaDEbbJbDzQYpWrWajTaD4Wo2me12q-FguByNkKIly91ytxpNFqPRcrnZDTejwRBhwrlaDWcbx1qysS3Xot1m5BbuBsO1bDXZOBem0WpkcrlFr4_pYZwtB4vFFgUDOPYiuEgnMr_l9fabnn67W2G5iCWak0U6kV32pcVsNtutRibfxjlYzpwz28S5my1HDstgMFnZZv6Gc7UazjaOtWRjW65Fu83ILdwNhmvZarJxLkyj1cjkcoteH9PDOFsOFot9Y7YbLIa72Wy1b8x2g8VwN5ut9h06w3f1ORudwfHEo5Jow0PNzuYwKFwGi_f3uUib0cbNqNKGLRbVtbhzTaw6bexk7BzMBoVveE0Mfz_189rN3g5ig0ERSwSni3QiehlPF7FE8rRIJyrjYuNaWSajick28e1mJstms1zsdhvjyDWcWEYWsURpukgnetFjMRisRX_D02NR_5EhF3PlYC6azBWr0SoBAAAAAAAAACxhzrwJAAAAwGkgo8FmuFouAISzl-4PHu-8WGRh_O45748_RLPoV3Hjxw3mt7zeftPTb3crLFcGeKAmZ97smSDWarWsAQAABLABAAACuHXzFoDNyO0DPVHqhR-5UgA!&excid=22&docw=0&cijs=1&nlb=true
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
GET /sync?dast=V7C84CFgNzScacbddwDARzScacbddwDAUAAAAGBuIHJDOauWaLyWyt8c1MbtFsMnErZ76JW2SxWIyL1WS0mQyHQDIri2222JjcspHJ5RatbBu3crGxrUWulWdj3Cxnq8VkCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeooOl0-Fz3ep3T9nL-XW_n2Wlz2ZV_v2-u8bv9osdiMFiL_oanxw4AAAAADwBWb5kQP4AAABEAAAAAEgAAAAAUARX_FgIXAAAAABgABiQXGgCfHATvOfv9AQDQsAUCACCAQQIwsBpQAvBxvnICAAAAAAAAAMDy____HwOwhzUmAzCyv9MD8OAD8EBUoFrECAAAAGBLS0XzaFInVBZVAAAE6VYAVwAAAYTe8Uo-YQAAAAFjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTeht9DotiGX0Wu0XEABg7RcQAIBN3QAA3gLggo6gFYPB6hRiN5wtdqPZZjQ7AAAAgLv___9_PRBazGaz3Wpk8m2cg-XMObNNnLvZcuSwDAaTlW3mvWNYRL50J0atPg9hmf2-g4jl-Zr-hoOMb3m9DaKi622xO5xmz_0oWrLcLXer0WQxGi2Xm91wMxrsbyAGqwFOxGC5nEwWk91qtBpthrvRbLBAgRhMkKIlq-VyudpsVqvdaDEbbJbDzQYpWrWajTaD4Wo2me12q-FguByNkKIly91ytxpNFqPRcrnZDTejwRBhwrlaDWcbx1qysS3Xot1m5BbuBsO1bDXZOBem0WpkcrlFr4_pYZwtB4vFFgUDOPYiuEgnMr_l9fabnn67W2G5iCWak0U6kV32pcVsNtutRibfxjlYzpwz28S5my1HDstgMFnZZv6Gc7UazjaOtWRjW65Fu83ILdwNhmvZarJxLkyj1cjkcoteH9PDOFsOFot9Y7YbLIa72Wy1b8x2g8VwN5ut9h06w3f1ORudwfHEo5Jow0PNzuYwKFwGi_f3uUib0cbNqNKGLRbVtbhzTaw6bexk7BzMBoVveE0Mfz_189rN3g5ig0ERSwSni3QiehlPF7FE8rRIJyrjYuNaWSajick28e1mJstms1zsdhvjyDWcWEYWsURpukgnetFjMRisRX_D02NR_5EhF3PlYC6azBWr0SoBAAAAAAAAACxhzrwJAAAAwGkgo8FmuFouAISzl-4PHu-8WGRh_O45748_RLPoV3Hjxw3mt7zeftPTb3crLFcGeKAmZ97smSDWarWsAQAABLABAAACuHXzFoDNyO0DPVHqhR-5UgA!&excid=22&docw=0&cijs=1&nlb=true HTTP/1.1
Host: am-match.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://giveyoumylife.yoo7.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 21:01:07 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3406
X-Firefox-Spdy: h2
illiweb.com/rs3/66/frm/invision.js
172.67.150.97200 OK 0 B URL HTTP/2 illiweb.com/rs3/66/frm/invision.js
IP 172.67.150.97:0
GET /rs3/66/frm/invision.js HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://giveyoumylife.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 21:01:03 GMT
content-type: application/x-javascript
cache-control: max-age=31536000
cf-bgj: minify
access-control-allow-origin: *
expires: Thu, 23 Nov 2023 09:23:50 GMT
last-modified: Wed, 08 Sep 2021 09:55:04 GMT
x-cache-ne: EXPIRED
x-cache-pr: EXPIRED
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 992233
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v5JILaGk6GHmU9C%2BTtOJK%2BQLLC%2B1M0pSPoaTxrWjHnDf9%2FPiSYxw%2FS%2Bh7%2BiWKLdOnZT95%2BDk5mVTAr5cj0VB8bQ%2BO13xxacR8mM%2F0iCYLkDXGaAaQHPMNGIMqcHN0w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774779a23f3fb524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/h/photos.azyya.com/store/up3/090214012555xxck.gif
104.21.235.175404 Not Found 0 B URL HTTP/2 2img.net/h/photos.azyya.com/store/up3/090214012555xxck.gif
IP 104.21.235.175:0
GET /h/photos.azyya.com/store/up3/090214012555xxck.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://giveyoumylife.yoo7.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
date: Sun, 04 Dec 2022 21:01:04 GMT
content-type: text/html
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
cache-control: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zrHTu8LYi%2FcFfUbcrhRgX1dJNixk5WWggPqIydEEV1EgPREEUoYyh4y%2B07Wxl8f0eZZKCwUBw6bZlbYt6qjDnE%2B3I2qSQrCsdo%2B5bWsI5BJrfqCZiOWxm0xy8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 774779a269f874a5-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
connect.topicit.net/scripts/connect.js
104.21.90.171200 OK 0 B URL HTTP/2 connect.topicit.net/scripts/connect.js
IP 104.21.90.171:0
GET /scripts/connect.js HTTP/1.1
Host: connect.topicit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://giveyoumylife.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 21:01:04 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=5437
access-control-allow-origin: *
etag: W/"5d653880-153d"
last-modified: Tue, 27 Aug 2019 14:04:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=86400
cf-cache-status: HIT
age: 6590
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xk4K5ZtoWKBNmP2Nf%2Bu%2F0PSwBJYDxIUmukom2AP1R%2B9DuSufsXGd%2FyuThJe7Rm2d2Z7bkYHOwNsN3WfOm3odNUrGpJ3rNinTu9SJ%2BdehgBtdA8oigwj38wPe1LjlB0jnBhf9ENdm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774779a68a5fb50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
178.250.2.146200 OK 0 B URL HTTP/2 gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
IP 178.250.2.146:0
GET /sync?c=72&r=2&j=TRC.getRTUS HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://giveyoumylife.yoo7.com/
x-crto-bundle: CpLAoV9xZWMyamlZUkJIdnhmSEMyVEZrYXI5aktDSnNLWjJORGUlMkJQUVp4bTEzdnBRYzV0bEx6MHcwMDJ0elBGVyUyRlYzZ1F5RGR2bHlIUDNhUldHTWdhTjVHVUFkTUclMkZPMXdSNkR3TVhlTXFTJTJGVXRXekdRTjQzcWxiSzM5ZGNPWU5Gd2glMkI
Origin: https://giveyoumylife.yoo7.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 21:01:05 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
access-control-allow-credentials: true
access-control-allow-origin: https://giveyoumylife.yoo7.com
server-processing-duration-in-ticks: 3296804
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
illiweb.com/rs3/66/frm/lang/ar.js
172.67.150.97200 OK 0 B URL HTTP/2 illiweb.com/rs3/66/frm/lang/ar.js
IP 172.67.150.97:0
GET /rs3/66/frm/lang/ar.js HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://giveyoumylife.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 21:01:03 GMT
content-type: application/x-javascript
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=74879
access-control-allow-origin: *
expires: Thu, 23 Nov 2023 09:36:20 GMT
last-modified: Thu, 08 Sep 2022 07:38:48 GMT
x-cache-ne: EXPIRED
x-cache-pr: EXPIRED
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 991483
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BqXWSUpO10lNDz8z%2Fi2Bzu0%2FCUbSNqqvmek9XPwZlG1mn0heLW2%2BbE23DHblFDNm%2FZOtnHma3z99mPiG6u456mUOFAcpsgrmrqBgoswDHXAhwcm1%2BjfpOWmXd7pTCw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774779a2c825b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
gum.criteo.com/syncframe?origin=publishertag&topUrl=giveyoumylife.yoo7.com
178.250.2.146200 OK 0 B URL HTTP/2 gum.criteo.com/syncframe?origin=publishertag&topUrl=giveyoumylife.yoo7.com
IP 178.250.2.146:0
GET /syncframe?origin=publishertag&topUrl=giveyoumylife.yoo7.com HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://giveyoumylife.yoo7.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 21:01:03 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=b86c57c0-ab36-46ff-8dd3-f18cd98575ce; expires=Fri, 29 Dec 2023 21:01:03 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 817920
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
illiweb.com/rs3/66/frm/embed/FA_Embed.js
172.67.150.97200 OK 0 B URL HTTP/2 illiweb.com/rs3/66/frm/embed/FA_Embed.js
IP 172.67.150.97:0
GET /rs3/66/frm/embed/FA_Embed.js HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://giveyoumylife.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 21:01:03 GMT
content-type: application/x-javascript
cache-control: max-age=31536000
cf-bgj: minify
access-control-allow-origin: *
expires: Thu, 23 Nov 2023 09:22:27 GMT
last-modified: Tue, 20 Apr 2021 14:17:00 GMT
x-cache-ne: HIT
x-cache-pr: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 992316
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rds8z2kzUW%2F6QW%2BcBML6jUh8wzsfzCpU04%2B1Az1mvQf9wyPCoargFnJI7yIV0jKUU%2B77x51bWKwI%2BlyMXGFZuEI5Y%2BamwAATetYH2oP1HGiNdfLdeNdc3N1cj4lWGw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774779a2c81eb524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
stootsou.net/pfe/current/universal.min.js?v=3.1.409
139.45.197.250200 OK 0 B URL HTTP/2 stootsou.net/pfe/current/universal.min.js?v=3.1.409
IP 139.45.197.250:0
Analyzer Verdict Alert quad9 Sinkholed
GET /pfe/current/universal.min.js?v=3.1.409 HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://giveyoumylife.yoo7.com/
Origin: https://giveyoumylife.yoo7.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 21:01:04 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 15:42:47 GMT
etag: W/"6388cb77-18c6c"
access-control-allow-origin: https://giveyoumylife.yoo7.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
giveyoumylife.yoo7.com/t1100-topic
178.33.43.150200 OK 0 B URL HTTP/2 giveyoumylife.yoo7.com/t1100-topic
IP 178.33.43.150:0
GET /t1100-topic HTTP/1.1
Host: giveyoumylife.yoo7.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sun, 04 Dec 2022 21:01:03 GMT
content-type: text/html; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache
pragma: no-cache
expires: Sun, 04 Dec 2022 00:00:00 GMT
last-modified: Sun, 04 Dec 2022 21:01:03 GMT
vary: User-Agent
set-cookie: exadd=167020; expires=Mon, 05-Dec-2022 01:01:03 GMT; Max-Age=14400
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
twemoji.maxcdn.com/twemoji.min.js
151.139.237.124200 OK 0 B URL HTTP/2 twemoji.maxcdn.com/twemoji.min.js
IP 151.139.237.124:0
GET /twemoji.min.js HTTP/1.1
Host: twemoji.maxcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://giveyoumylife.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 21:01:03 GMT
content-type: application/javascript; charset=utf-8
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Thu, 31 Mar 2022 03:24:15 GMT
access-control-allow-origin: *
etag: W/"62451edf-3bc8"
expires: Tue, 03 Jan 2023 21:01:03 GMT
cache-control: max-age=2592000
x-proxy-cache: MISS
x-github-request-id: 7B1C:D2D3:4824A8:4A013B:638A8635
vary: Accept-Encoding
x-fastly-request-id: 13302c302e4dcbfe7e16260e2cd5983d6eec8ece
server: NetDNA-cache/2.2
powered-by: MaxCDN
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
am-match.taboola.com/sync?dast=V7RqYCFgNzScacbddwDARzScacbddwDAUAAAAGBuIHJDNcjTyrzWCtWyyMa9FoNXELB8OFW7Qw7Aaz2Wq4mdmGQDLD1ciz2gzWusXCuBaNVhO3cDBcuEULw24wm62Gm5ltChE3GQ6fg4Go6Hpb7A6n2fMGFTSdDp_rXq9z2l7Ov-vtPDttLrvy7_fNNX63X_RYDAZr0d_w9NgBAAAA4OH___8fAgAAACACAAAAQAIAAACAIqDi30LgAgAAAADj____XwPgk4PgPWe_PwAAAABAAAAAAEgABlYDSgA-zldO_v________9jBugzb2T-____bwx6AB58AB6EAAAALoZYrA3aVUtw_IkKOIsYAQAAAGxpqWgeTeqEyqLq__-_3wrgCgAggNA7_kg7S3dQ4i0MAAAgYGyBHha_3-ywa_xul_3_________m_2f_aMJvY1epwWxjF6r_QICAKz9AgIAsKkbAMBbAFzQEbRiMFidQuyGs8VuNNuMZgcAAABw9____68HQovZbLZbjUy-jXOwnDlntolzN1uOHJbBYLKyzbx3DIvIl-7EqNUXcZPh8DkYiIqut8XucJo996NoyXK33K1Gk8VotFxudsPNaLC_gRisBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBipaslsvlarNZrXajxWywWQ43G6Ro1Wo22gyGq9lkttuthoPhcjRCipYsd8vdajRZjEbL5WY33IwGQ4QJ52o1nG0ca8nGtlyLdpuRW7gbDNey1WTjXJhGq5HJ5Ra9PqaHcbYcLBZbFAzg2IvkaZFOFCOHcTRczFYr52LkG60Ws5FtsXAuRzbLxDIzuSxiieZkkU5kl31pMZvNdquRybdxDpYz58w2ce5my5HDMhhMVraZv-FcrYazjWMt2diWa9FuM3ILd4PhWraabJwL02g1MrncotfH9DDOloPFYt-Y7QaL4W42W-0bs91gMdzNZqt9h87wXX3ORmdwPPGoJNrwULOzOQwKl8Hi_X0u0ma0cTOqtGGLRXUt7lwTq04bOxk7B7NB4RteE8PfT_28drO3g9hgUMQSwUU6kfktr7ff9PTb3QrLRSxRmi7SiV70WAwGa9Hf8PRYxBLB6SKdiF7G00X9R4ZczJWDuWgyV6xGqwQAAAAAAAAAsIQ58yYAAAAAp4GMBpvhap0HMlgOdsvVcgEgnL10f_B458UiC-N3z3l__CGaRb-KGz9uML_l9fabnn67W2G5MsADNTnz5s8EsVarZQ0AACCADQAAEMCtm7cAbCb-____Pw4AAEBGjh4AAEB8HwjqWKEHbvQa!&excid=22&docw=0&cijs=1&nlb=false
141.226.228.48200 OK 0 B URL HTTP/2 am-match.taboola.com/sync?dast=V7RqYCFgNzScacbddwDARzScacbddwDAUAAAAGBuIHJDNcjTyrzWCtWyyMa9FoNXELB8OFW7Qw7Aaz2Wq4mdmGQDLD1ciz2gzWusXCuBaNVhO3cDBcuEULw24wm62Gm5ltChE3GQ6fg4Go6Hpb7A6n2fMGFTSdDp_rXq9z2l7Ov-vtPDttLrvy7_fNNX63X_RYDAZr0d_w9NgBAAAA4OH___8fAgAAACACAAAAQAIAAACAIqDi30LgAgAAAADj____XwPgk4PgPWe_PwAAAABAAAAAAEgABlYDSgA-zldO_v________9jBugzb2T-____bwx6AB58AB6EAAAALoZYrA3aVUtw_IkKOIsYAQAAAGxpqWgeTeqEyqLq__-_3wrgCgAggNA7_kg7S3dQ4i0MAAAgYGyBHha_3-ywa_xul_3_________m_2f_aMJvY1epwWxjF6r_QICAKz9AgIAsKkbAMBbAFzQEbRiMFidQuyGs8VuNNuMZgcAAABw9____68HQovZbLZbjUy-jXOwnDlntolzN1uOHJbBYLKyzbx3DIvIl-7EqNUXcZPh8DkYiIqut8XucJo996NoyXK33K1Gk8VotFxudsPNaLC_gRisBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBipaslsvlarNZrXajxWywWQ43G6Ro1Wo22gyGq9lkttuthoPhcjRCipYsd8vdajRZjEbL5WY33IwGQ4QJ52o1nG0ca8nGtlyLdpuRW7gbDNey1WTjXJhGq5HJ5Ra9PqaHcbYcLBZbFAzg2IvkaZFOFCOHcTRczFYr52LkG60Ws5FtsXAuRzbLxDIzuSxiieZkkU5kl31pMZvNdquRybdxDpYz58w2ce5my5HDMhhMVraZv-FcrYazjWMt2diWa9FuM3ILd4PhWraabJwL02g1MrncotfH9DDOloPFYt-Y7QaL4W42W-0bs91gMdzNZqt9h87wXX3ORmdwPPGoJNrwULOzOQwKl8Hi_X0u0ma0cTOqtGGLRXUt7lwTq04bOxk7B7NB4RteE8PfT_28drO3g9hgUMQSwUU6kfktr7ff9PTb3QrLRSxRmi7SiV70WAwGa9Hf8PRYxBLB6SKdiF7G00X9R4ZczJWDuWgyV6xGqwQAAAAAAAAAsIQ58yYAAAAAp4GMBpvhap0HMlgOdsvVcgEgnL10f_B458UiC-N3z3l__CGaRb-KGz9uML_l9fabnn67W2G5MsADNTnz5s8EsVarZQ0AACCADQAAEMCtm7cAbCb-____Pw4AAEBGjh4AAEB8HwjqWKEHbvQa!&excid=22&docw=0&cijs=1&nlb=false
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
GET /sync?dast=V7RqYCFgNzScacbddwDARzScacbddwDAUAAAAGBuIHJDNcjTyrzWCtWyyMa9FoNXELB8OFW7Qw7Aaz2Wq4mdmGQDLD1ciz2gzWusXCuBaNVhO3cDBcuEULw24wm62Gm5ltChE3GQ6fg4Go6Hpb7A6n2fMGFTSdDp_rXq9z2l7Ov-vtPDttLrvy7_fNNX63X_RYDAZr0d_w9NgBAAAA4OH___8fAgAAACACAAAAQAIAAACAIqDi30LgAgAAAADj____XwPgk4PgPWe_PwAAAABAAAAAAEgABlYDSgA-zldO_v________9jBugzb2T-____bwx6AB58AB6EAAAALoZYrA3aVUtw_IkKOIsYAQAAAGxpqWgeTeqEyqLq__-_3wrgCgAggNA7_kg7S3dQ4i0MAAAgYGyBHha_3-ywa_xul_3_________m_2f_aMJvY1epwWxjF6r_QICAKz9AgIAsKkbAMBbAFzQEbRiMFidQuyGs8VuNNuMZgcAAABw9____68HQovZbLZbjUy-jXOwnDlntolzN1uOHJbBYLKyzbx3DIvIl-7EqNUXcZPh8DkYiIqut8XucJo996NoyXK33K1Gk8VotFxudsPNaLC_gRisBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBipaslsvlarNZrXajxWywWQ43G6Ro1Wo22gyGq9lkttuthoPhcjRCipYsd8vdajRZjEbL5WY33IwGQ4QJ52o1nG0ca8nGtlyLdpuRW7gbDNey1WTjXJhGq5HJ5Ra9PqaHcbYcLBZbFAzg2IvkaZFOFCOHcTRczFYr52LkG60Ws5FtsXAuRzbLxDIzuSxiieZkkU5kl31pMZvNdquRybdxDpYz58w2ce5my5HDMhhMVraZv-FcrYazjWMt2diWa9FuM3ILd4PhWraabJwL02g1MrncotfH9DDOloPFYt-Y7QaL4W42W-0bs91gMdzNZqt9h87wXX3ORmdwPPGoJNrwULOzOQwKl8Hi_X0u0ma0cTOqtGGLRXUt7lwTq04bOxk7B7NB4RteE8PfT_28drO3g9hgUMQSwUU6kfktr7ff9PTb3QrLRSxRmi7SiV70WAwGa9Hf8PRYxBLB6SKdiF7G00X9R4ZczJWDuWgyV6xGqwQAAAAAAAAAsIQ58yYAAAAAp4GMBpvhap0HMlgOdsvVcgEgnL10f_B458UiC-N3z3l__CGaRb-KGz9uML_l9fabnn67W2G5MsADNTnz5s8EsVarZQ0AACCADQAAEMCtm7cAbCb-____Pw4AAEBGjh4AAEB8HwjqWKEHbvQa!&excid=22&docw=0&cijs=1&nlb=false HTTP/1.1
Host: am-match.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://giveyoumylife.yoo7.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 21:01:06 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3406
X-Firefox-Spdy: h2
cdn.betgorebysson.club/apu.php?zoneid=3765907
139.45.195.8200 OK 0 B URL HTTP/2 cdn.betgorebysson.club/apu.php?zoneid=3765907
IP 139.45.195.8:0
GET /apu.php?zoneid=3765907 HTTP/1.1
Host: cdn.betgorebysson.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://giveyoumylife.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 21:01:05 GMT
content-type: application/javascript
x-trace-id: 009175ba6cd25bc0b10262da6c4cd7da
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=5061a7221ac942d68944de6313293083; expires=Mon, 04 Dec 2023 21:01:05 GMT; path=/; secure; SameSite=None
oaidts=1670187665; expires=Mon, 04 Dec 2023 21:01:05 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.2.146200 OK 0 B IP 178.250.2.146:0
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=fILqF180M0RITmhlJTJCZkMwOUJGQlhaMUN2cyUyQmxKN1BaVkp1U1lkQWdlZGtYYWl3dVJJSFUycyUyQlZvZmtkM1klMkJ4Q3p3Smg
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 21:01:04 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=lIXRU180M0RITmhlJTJCZkMwOUJGQlhaMUN2cyUyQmxKN1BaVkp1U1lkQWdlZGtYYWl3dWxQb3hZU3gyVWdOV3pjelJFZHFtTw; expires=Fri, 29 Dec 2023 21:01:04 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 354672
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
178.250.6.123200 OK 0 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP 178.250.6.123:0
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 21:01:04 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 93940
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
ag.gbc.criteo.com/newidsd
185.235.84.150200 OK 0 B URL HTTP/2 ag.gbc.criteo.com/newidsd
IP 185.235.84.150:0
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 21:01:04 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 111526
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
cdn.betgorebysson.club/?rb=7T51XS7v7n_Q8fq53dfNNVHVrBU9SOKe0MOmHF3AWBR42DgON4SVvLIX7l0UcZLvKb8o28UXDMa3FYEwNEU_JVq4SHvvwl4kvsmbI4VBCz0Zzb5uo7S8p7MUbevYk-T3hSBZiXhbmSWquYf2D9KLNT084331-7evJvFD_yBR7FGazDNnN0vQ7BaGwyHgy8DhNM5djKEddTRf_UKsKT_Yqjz4p5bqeWcAzaPIiuDj94LTYDMRfv0AngNu8AU%3D&request_ab2=96001&zoneid=3765907&js_build=iclick-v1.458.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=1&pl=https%3A%2F%2Fgiveyoumylife.yoo7.com%2Ft1100-topic&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.458.0&bs=61a1cfff-3e01-40c9-abd3-be4bc27c1059&userId=5061a7221ac942d68944de6313293083&m=link
139.45.195.8200 OK 0 B URL HTTP/2 cdn.betgorebysson.club/?rb=7T51XS7v7n_Q8fq53dfNNVHVrBU9SOKe0MOmHF3AWBR42DgON4SVvLIX7l0UcZLvKb8o28UXDMa3FYEwNEU_JVq4SHvvwl4kvsmbI4VBCz0Zzb5uo7S8p7MUbevYk-T3hSBZiXhbmSWquYf2D9KLNT084331-7evJvFD_yBR7FGazDNnN0vQ7BaGwyHgy8DhNM5djKEddTRf_UKsKT_Yqjz4p5bqeWcAzaPIiuDj94LTYDMRfv0AngNu8AU%3D&request_ab2=96001&zoneid=3765907&js_build=iclick-v1.458.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=1&pl=https%3A%2F%2Fgiveyoumylife.yoo7.com%2Ft1100-topic&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.458.0&bs=61a1cfff-3e01-40c9-abd3-be4bc27c1059&userId=5061a7221ac942d68944de6313293083&m=link
IP 139.45.195.8:0
GET /?rb=7T51XS7v7n_Q8fq53dfNNVHVrBU9SOKe0MOmHF3AWBR42DgON4SVvLIX7l0UcZLvKb8o28UXDMa3FYEwNEU_JVq4SHvvwl4kvsmbI4VBCz0Zzb5uo7S8p7MUbevYk-T3hSBZiXhbmSWquYf2D9KLNT084331-7evJvFD_yBR7FGazDNnN0vQ7BaGwyHgy8DhNM5djKEddTRf_UKsKT_Yqjz4p5bqeWcAzaPIiuDj94LTYDMRfv0AngNu8AU%3D&request_ab2=96001&zoneid=3765907&js_build=iclick-v1.458.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=1&pl=https%3A%2F%2Fgiveyoumylife.yoo7.com%2Ft1100-topic&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.458.0&bs=61a1cfff-3e01-40c9-abd3-be4bc27c1059&userId=5061a7221ac942d68944de6313293083&m=link HTTP/1.1
Host: cdn.betgorebysson.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://giveyoumylife.yoo7.com/
Origin: https://giveyoumylife.yoo7.com
Connection: keep-alive
Cookie: OAID=5061a7221ac942d68944de6313293083; oaidts=1670187665
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 21:01:05 GMT
content-type: application/json
x-trace-id: ae8fffce17184123c9f28e972f9e1ad8
access-control-allow-origin: https://giveyoumylife.yoo7.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=5061a7221ac942d68944de6313293083; expires=Mon, 04 Dec 2023 21:01:05 GMT; path=/; secure; SameSite=None
oaidts=1670187665; expires=Mon, 04 Dec 2023 21:01:05 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Sun, 11 Dec 2022 21:01:05 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
178.250.2.146200 OK 0 B URL HTTP/2 gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
IP 178.250.2.146:0
GET /sync?c=72&r=2&j=TRC.getRTUS HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://giveyoumylife.yoo7.com/
x-crto-bundle: YE2dT19ieiUyRkNjbjBBTkprWWlUcUdHQyUyRnVmdk1iTXhOTUx6cyUyRjJ5JTJGeUJIMDR3MmxKVXRmOFFDQndscnhLZVd5M1ZaM2pXbENNa3Z3T1Rxc3daJTJCQkdYeUZmcVBmcWxQM1UwQXJ0RkV4NGglMkY0MiUyQmN0MmM0TG9rM1g3NHMwcVdTSFRWcjMx
Origin: https://giveyoumylife.yoo7.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 21:01:05 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
access-control-allow-credentials: true
access-control-allow-origin: https://giveyoumylife.yoo7.com
server-processing-duration-in-ticks: 4021686
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
18.211.109.126200 OK 0 B URL HTTP/2 taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
IP 18.211.109.126:0
GET /sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo HTTP/1.1
Host: taboola-supply-partners.tremorhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 21:01:08 GMT
content-type: image/gif
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
X-Firefox-Spdy: h2
illiweb.com/rs3/66/frm/jquery/cookie/jquery.cookie.js
172.67.150.97200 OK 0 B URL HTTP/2 illiweb.com/rs3/66/frm/jquery/cookie/jquery.cookie.js
IP 172.67.150.97:0
GET /rs3/66/frm/jquery/cookie/jquery.cookie.js HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://giveyoumylife.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 21:01:03 GMT
content-type: application/x-javascript
cache-control: max-age=31536000
cf-bgj: minify
access-control-allow-origin: *
expires: Thu, 23 Nov 2023 09:22:23 GMT
last-modified: Wed, 09 Sep 2020 09:40:28 GMT
x-cache-ne: HIT
x-cache-pr: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 992320
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fx4pWyWq4axaVIzHVG2d0JzTRHB4%2BSbB9OBWf4RmUdIShWncaINVcGXaLF7IHpDfrO%2Fy%2BihqnDrR3wvRRKxvHYMRUwm2rUX4SueR5hHM7j2Gv%2BQPOaHZcYzk4DrptQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774779a23f3db524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
giveyoumylife.yoo7.com/serviceworker.js
178.33.43.150200 OK 0 B URL HTTP/2 giveyoumylife.yoo7.com/serviceworker.js
IP 178.33.43.150:0
GET /serviceworker.js HTTP/1.1
Host: giveyoumylife.yoo7.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: exadd=167020; _fa-screen=%7B%22w%22%3A1280%2C%22h%22%3A939%7D
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 21:01:04 GMT
content-type: application/javascript
last-modified: Thu, 25 Feb 2021 14:30:57 GMT
etag: W/"6037b4a1-b0d"
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
stootsou.net/pfe/current/tag.min.js?z=2308013
139.45.197.250200 OK 0 B URL HTTP/2 stootsou.net/pfe/current/tag.min.js?z=2308013
IP 139.45.197.250:0
Analyzer Verdict Alert quad9 Sinkholed
GET /pfe/current/tag.min.js?z=2308013 HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://giveyoumylife.yoo7.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 21:01:04 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 15:42:47 GMT
etag: W/"6388cb77-390a"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
am-match.taboola.com/sync?dast=V7RqYCFgNzScacbddwDARzScacbddwDAUAAAAGBuIHJDNcjTyrzWCtWyyMa9FoNXELB8OFW7Qw7Aaz2Wq4mdmGQDLD1ciz2gzWusXCuBaNVhO3cDBcuEULw24wm62Gm5ltChE3GQ6fg4Go6Hpb7A6n2fMGFTSdDp_rXq9z2l7Ov-vtPDttLrvy7_fNNX63X_RYDAZr0d_w9NgBAAAA4OH___8fAgAAACACAAAAQAIAAACAIqDi30LgAgAAAADj____XwPgk4PgPWe_PwAAAABAAAAAAEgABlYDSgA-zldO_v________9jBugzb2T-____bwx6AB58AB6EAAAALoZYrA3aVUtw_IkKOIsYAQAAAGxpqWgeTeqEyqLq__-_3wrgCgAggNA7_kg7S3dQ4i0MAAAgYGyBHha_3-ywa_xul_3_________m_2f_aMJvY1epwWxjF6r_QICAKz9AgIAsKkbAMBbAFzQEbRiMFidQuyGs8VuNNuMZgcAAABw9____68HQovZbLZbjUy-jXOwnDlntolzN1uOHJbBYLKyzbx3DIvIl-7EqNUXcZPh8DkYiIqut8XucJo996NoyXK33K1Gk8VotFxudsPNaLC_gRisBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBipaslsvlarNZrXajxWywWQ43G6Ro1Wo22gyGq9lkttuthoPhcjRCipYsd8vdajRZjEbL5WY33IwGQ4QJ52o1nG0ca8nGtlyLdpuRW7gbDNey1WTjXJhGq5HJ5Ra9PqaHcbYcLBZbFAzg2IvkaZFOFCOHcTRczFYr52LkG60Ws5FtsXAuRzbLxDIzuSxiieZkkU5kl31pMZvNdquRybdxDpYz58w2ce5my5HDMhhMVraZv-FcrYazjWMt2diWa9FuM3ILd4PhWraabJwL02g1MrncotfH9DDOloPFYt-Y7QaL4W42W-0bs91gMdzNZqt9h87wXX3ORmdwPPGoJNrwULOzOQwKl8Hi_X0u0ma0cTOqtGGLRXUt7lwTq04bOxk7B7NB4RteE8PfT_28drO3g9hgUMQSwUU6kfktr7ff9PTb3QrLRSxRmi7SiV70WAwGa9Hf8PRYxBLB6SKdiF7G00X9R4ZczJWDuWgyV6xGqwQAAAAAAAAAsIQ58yYAAAAAp4GMBpvhap0HMlgOdsvVcgEgnL10f_B458UiC-N3z3l__CGaRb-KGz9uML_l9fabnn67W2G5MsADNTnz5s8EsVarZQ0AACCADQAAEMCtm7cAbCb-____Pw4AAEBGjh4AAEB8HwjqWKEHbvQa!&excid=22&docw=0&cijs=1&nlb=false
141.226.228.48200 OK 0 B URL HTTP/2 am-match.taboola.com/sync?dast=V7RqYCFgNzScacbddwDARzScacbddwDAUAAAAGBuIHJDNcjTyrzWCtWyyMa9FoNXELB8OFW7Qw7Aaz2Wq4mdmGQDLD1ciz2gzWusXCuBaNVhO3cDBcuEULw24wm62Gm5ltChE3GQ6fg4Go6Hpb7A6n2fMGFTSdDp_rXq9z2l7Ov-vtPDttLrvy7_fNNX63X_RYDAZr0d_w9NgBAAAA4OH___8fAgAAACACAAAAQAIAAACAIqDi30LgAgAAAADj____XwPgk4PgPWe_PwAAAABAAAAAAEgABlYDSgA-zldO_v________9jBugzb2T-____bwx6AB58AB6EAAAALoZYrA3aVUtw_IkKOIsYAQAAAGxpqWgeTeqEyqLq__-_3wrgCgAggNA7_kg7S3dQ4i0MAAAgYGyBHha_3-ywa_xul_3_________m_2f_aMJvY1epwWxjF6r_QICAKz9AgIAsKkbAMBbAFzQEbRiMFidQuyGs8VuNNuMZgcAAABw9____68HQovZbLZbjUy-jXOwnDlntolzN1uOHJbBYLKyzbx3DIvIl-7EqNUXcZPh8DkYiIqut8XucJo996NoyXK33K1Gk8VotFxudsPNaLC_gRisBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBipaslsvlarNZrXajxWywWQ43G6Ro1Wo22gyGq9lkttuthoPhcjRCipYsd8vdajRZjEbL5WY33IwGQ4QJ52o1nG0ca8nGtlyLdpuRW7gbDNey1WTjXJhGq5HJ5Ra9PqaHcbYcLBZbFAzg2IvkaZFOFCOHcTRczFYr52LkG60Ws5FtsXAuRzbLxDIzuSxiieZkkU5kl31pMZvNdquRybdxDpYz58w2ce5my5HDMhhMVraZv-FcrYazjWMt2diWa9FuM3ILd4PhWraabJwL02g1MrncotfH9DDOloPFYt-Y7QaL4W42W-0bs91gMdzNZqt9h87wXX3ORmdwPPGoJNrwULOzOQwKl8Hi_X0u0ma0cTOqtGGLRXUt7lwTq04bOxk7B7NB4RteE8PfT_28drO3g9hgUMQSwUU6kfktr7ff9PTb3QrLRSxRmi7SiV70WAwGa9Hf8PRYxBLB6SKdiF7G00X9R4ZczJWDuWgyV6xGqwQAAAAAAAAAsIQ58yYAAAAAp4GMBpvhap0HMlgOdsvVcgEgnL10f_B458UiC-N3z3l__CGaRb-KGz9uML_l9fabnn67W2G5MsADNTnz5s8EsVarZQ0AACCADQAAEMCtm7cAbCb-____Pw4AAEBGjh4AAEB8HwjqWKEHbvQa!&excid=22&docw=0&cijs=1&nlb=false
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
GET /sync?dast=V7RqYCFgNzScacbddwDARzScacbddwDAUAAAAGBuIHJDNcjTyrzWCtWyyMa9FoNXELB8OFW7Qw7Aaz2Wq4mdmGQDLD1ciz2gzWusXCuBaNVhO3cDBcuEULw24wm62Gm5ltChE3GQ6fg4Go6Hpb7A6n2fMGFTSdDp_rXq9z2l7Ov-vtPDttLrvy7_fNNX63X_RYDAZr0d_w9NgBAAAA4OH___8fAgAAACACAAAAQAIAAACAIqDi30LgAgAAAADj____XwPgk4PgPWe_PwAAAABAAAAAAEgABlYDSgA-zldO_v________9jBugzb2T-____bwx6AB58AB6EAAAALoZYrA3aVUtw_IkKOIsYAQAAAGxpqWgeTeqEyqLq__-_3wrgCgAggNA7_kg7S3dQ4i0MAAAgYGyBHha_3-ywa_xul_3_________m_2f_aMJvY1epwWxjF6r_QICAKz9AgIAsKkbAMBbAFzQEbRiMFidQuyGs8VuNNuMZgcAAABw9____68HQovZbLZbjUy-jXOwnDlntolzN1uOHJbBYLKyzbx3DIvIl-7EqNUXcZPh8DkYiIqut8XucJo996NoyXK33K1Gk8VotFxudsPNaLC_gRisBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBipaslsvlarNZrXajxWywWQ43G6Ro1Wo22gyGq9lkttuthoPhcjRCipYsd8vdajRZjEbL5WY33IwGQ4QJ52o1nG0ca8nGtlyLdpuRW7gbDNey1WTjXJhGq5HJ5Ra9PqaHcbYcLBZbFAzg2IvkaZFOFCOHcTRczFYr52LkG60Ws5FtsXAuRzbLxDIzuSxiieZkkU5kl31pMZvNdquRybdxDpYz58w2ce5my5HDMhhMVraZv-FcrYazjWMt2diWa9FuM3ILd4PhWraabJwL02g1MrncotfH9DDOloPFYt-Y7QaL4W42W-0bs91gMdzNZqt9h87wXX3ORmdwPPGoJNrwULOzOQwKl8Hi_X0u0ma0cTOqtGGLRXUt7lwTq04bOxk7B7NB4RteE8PfT_28drO3g9hgUMQSwUU6kfktr7ff9PTb3QrLRSxRmi7SiV70WAwGa9Hf8PRYxBLB6SKdiF7G00X9R4ZczJWDuWgyV6xGqwQAAAAAAAAAsIQ58yYAAAAAp4GMBpvhap0HMlgOdsvVcgEgnL10f_B458UiC-N3z3l__CGaRb-KGz9uML_l9fabnn67W2G5MsADNTnz5s8EsVarZQ0AACCADQAAEMCtm7cAbCb-____Pw4AAEBGjh4AAEB8HwjqWKEHbvQa!&excid=22&docw=0&cijs=1&nlb=false HTTP/1.1
Host: am-match.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://giveyoumylife.yoo7.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 21:01:07 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3401
X-Firefox-Spdy: h2
gum.criteo.com/syncframe?origin=rtus&topUrl=giveyoumylife.yoo7.com
178.250.2.146200 OK 0 B URL HTTP/2 gum.criteo.com/syncframe?origin=rtus&topUrl=giveyoumylife.yoo7.com
IP 178.250.2.146:0
GET /syncframe?origin=rtus&topUrl=giveyoumylife.yoo7.com HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://giveyoumylife.yoo7.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 21:01:04 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=9abfe2a3-401c-4ab3-8522-11ad741d8d85; expires=Fri, 29 Dec 2023 21:01:04 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 834577
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2