alokab.alafdal.net/t1058-topic
94.23.159.185301 Moved Permanently 0 B URL HTTP/1.1 alokab.alafdal.net/t1058-topic
IP 94.23.159.185:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /t1058-topic HTTP/1.1
Host: alokab.alafdal.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Wed, 09 Nov 2022 10:47:54 GMT
Content-Length: 0
Location: https://alokab.alafdal.net/t1058-topic
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aabe410b4bbe4d8beb0e4561d3aa158e
e1788632902ddea62cdd9e7ad6009a75ffb69788
ad535e27b201e92670770b2b868c58f7c05633ec66490a41ef4592f062834c1f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AD535E27B201E92670770B2B868C58F7C05633EC66490A41EF4592F062834C1F"
Last-Modified: Wed, 09 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5812
Expires: Wed, 09 Nov 2022 12:24:46 GMT
Date: Wed, 09 Nov 2022 10:47:54 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7908acd0c083145e2b454aaeb063c236
0696647bb0a4118327f637a50ebcc21bac39d592
ffc30b68df0b33d67f31e37bbf5ae5cf4c23e1c8b8197bf76a95ee06bec4cd36
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5854
Cache-Control: max-age=91251
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 10:47:54 GMT
Etag: "636a2fef-1d7"
Expires: Thu, 10 Nov 2022 12:08:45 GMT
Last-Modified: Tue, 08 Nov 2022 10:31:11 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7908acd0c083145e2b454aaeb063c236
0696647bb0a4118327f637a50ebcc21bac39d592
ffc30b68df0b33d67f31e37bbf5ae5cf4c23e1c8b8197bf76a95ee06bec4cd36
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6253
Cache-Control: max-age=91650
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 10:47:54 GMT
Etag: "636a2fef-1d7"
Expires: Thu, 10 Nov 2022 12:15:24 GMT
Last-Modified: Tue, 08 Nov 2022 10:31:11 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dc90abd8b3ea8e75a68c144d74d75788
1ce29dca1ee9ca8931397de31ffb6cf7833baaf8
807000997bcf1b7a1fa35e43908cbfa54cd1704a5a0f53c09e1ae154638f10e0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "807000997BCF1B7A1FA35E43908CBFA54CD1704A5A0F53C09E1AE154638F10E0"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6187
Expires: Wed, 09 Nov 2022 12:31:01 GMT
Date: Wed, 09 Nov 2022 10:47:54 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: zaQ7Ch8gx9bPl/6GTtBYNfTdP1nqjODclqz9gjA72mi9rq6tRqe12SR4WfaMWeTgVJZSpSzX490=
x-amz-request-id: CPVHES23SRA4HBZX
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 09 Nov 2022 09:48:56 GMT
age: 3538
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 10:47:54 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0368fbf32759ab567be630a2e0fb1375
c3c2844d7236d95cd81afedcb03a07f08a6eec86
d55b3198a81173c2c5178e08c28de018ffcbde0bfced2aeaa1ffed30f2f07c4d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D55B3198A81173C2C5178E08C28DE018FFCBDE0BFCED2AEAA1FFED30F2F07C4D"
Last-Modified: Wed, 09 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9763
Expires: Wed, 09 Nov 2022 13:30:38 GMT
Date: Wed, 09 Nov 2022 10:47:55 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash c536f1469b10d79be0ad510ba98fb1bb
82dfbe67b9d3be07a5d91be9b93d014a17a9f0bd
9cad25935d437aabe9aa41313caed44615172619edfbd01e6ecfbd51cbc8e034
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4120
Cache-Control: max-age=158259
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 10:47:55 GMT
Etag: "636b3c76-117"
Expires: Fri, 11 Nov 2022 06:45:34 GMT
Last-Modified: Wed, 09 Nov 2022 05:36:54 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash c536f1469b10d79be0ad510ba98fb1bb
82dfbe67b9d3be07a5d91be9b93d014a17a9f0bd
9cad25935d437aabe9aa41313caed44615172619edfbd01e6ecfbd51cbc8e034
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4884
Cache-Control: max-age=159023
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 10:47:55 GMT
Etag: "636b3c76-117"
Expires: Fri, 11 Nov 2022 06:58:18 GMT
Last-Modified: Wed, 09 Nov 2022 05:36:54 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash c536f1469b10d79be0ad510ba98fb1bb
82dfbe67b9d3be07a5d91be9b93d014a17a9f0bd
9cad25935d437aabe9aa41313caed44615172619edfbd01e6ecfbd51cbc8e034
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4120
Cache-Control: max-age=158259
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 10:47:55 GMT
Etag: "636b3c76-117"
Expires: Fri, 11 Nov 2022 06:45:34 GMT
Last-Modified: Wed, 09 Nov 2022 05:36:54 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash c536f1469b10d79be0ad510ba98fb1bb
82dfbe67b9d3be07a5d91be9b93d014a17a9f0bd
9cad25935d437aabe9aa41313caed44615172619edfbd01e6ecfbd51cbc8e034
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4884
Cache-Control: max-age=159023
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 10:47:55 GMT
Etag: "636b3c76-117"
Expires: Fri, 11 Nov 2022 06:58:18 GMT
Last-Modified: Wed, 09 Nov 2022 05:36:54 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2a47d129a3af5f02c654faf925c60273
9ad27ed9f4500c939260a677c12e702599b00fa9
0e031af077bf7009ffefada782407a247bbd31bddc96994c68de7bfe902bf992
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6282
Cache-Control: max-age=86613
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 10:47:55 GMT
Etag: "636a1c26-1d7"
Expires: Thu, 10 Nov 2022 10:51:28 GMT
Last-Modified: Tue, 08 Nov 2022 09:06:46 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 4e48180712e2e140b9748591e3228a70
49d4292426ddfbc6e98cff6d468e3bdf1be41ff7
16ebf61312b22e0032171995a665bad4ea8c7fd80636fc04eb6456d0f60397ec
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 10:47:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 69293b8c8a45196bb68c2fb4a573ee67
fbd418617bfbf280af580abf1d2698db8228d84b
bda77decf1a738ce7c86b23325d36faeff1878c643547c54dd62f182fc7ad5ed
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4661
Cache-Control: max-age=101890
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 10:47:55 GMT
Etag: "636a5e28-1d7"
Expires: Thu, 10 Nov 2022 15:06:05 GMT
Last-Modified: Tue, 08 Nov 2022 13:48:24 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 3b26e900b9be930a07101e0d5f5de579
fc84082e3eef2e000f255f1cbd4cf45b694a2118
1dff9aae4984871070d193b60d41548a8a816f0ba20839d41d6e73a08e548afe
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 10:47:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 3b26e900b9be930a07101e0d5f5de579
fc84082e3eef2e000f255f1cbd4cf45b694a2118
1dff9aae4984871070d193b60d41548a8a816f0ba20839d41d6e73a08e548afe
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 10:47:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash c536f1469b10d79be0ad510ba98fb1bb
82dfbe67b9d3be07a5d91be9b93d014a17a9f0bd
9cad25935d437aabe9aa41313caed44615172619edfbd01e6ecfbd51cbc8e034
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4120
Cache-Control: max-age=158259
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 10:47:55 GMT
Etag: "636b3c76-117"
Expires: Fri, 11 Nov 2022 06:45:34 GMT
Last-Modified: Wed, 09 Nov 2022 05:36:54 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 12c41b3c843ec49dabbfbddcf7dff346
343070f4f43f719bd2a221e9cef0704d71e2c24a
3468542d385d3392a70af8b6b8a428589ef3c9087100db1281f5ab61bb53a07b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2584
Cache-Control: max-age=112450
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 10:47:55 GMT
Etag: "636a8f85-2d7"
Expires: Thu, 10 Nov 2022 18:02:05 GMT
Last-Modified: Tue, 08 Nov 2022 17:19:01 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 727
connect.facebook.net/ar_AR/all.js
31.13.72.12200 OK 1.7 kB URL HTTP/2 connect.facebook.net/ar_AR/all.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (1961)
Hash 51c021f95c1e96871bfc9205adb99bd1
a31d42a41c480710521b8783ee654d49b93a687c
cd7ecb33a4271a77c778b27f3a46b2c789748c12ef57191b508d7ecff9eb8093
GET /ar_AR/all.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alokab.alafdal.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: d7b55dd31dc760b6a1b7f4ddf4fd5449
etag: "1ac9cde6f262b2382f0a34236d9b85a7"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Wed, 09 Nov 2022 10:57:09 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: UcAh+Vwelocb/JIFrbmb0Q==
x-fb-debug: aI6NEDaZ1HAmM04aLebhjkrX8CGHfMY72uCYa+5voBH/bzRZorkKucNtxYABb0Mz3Piq+k9uhNqNL+8kGEWZLw==
content-length: 1686
x-fb-trip-id: 2050670934
date: Wed, 09 Nov 2022 10:47:55 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/h/help.ahlamontada.com/users/68/54/94/smiles/103798.gif
104.21.235.176301 Moved Permanently 178 B URL HTTP/2 2img.net/h/help.ahlamontada.com/users/68/54/94/smiles/103798.gif
IP 104.21.235.176:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /h/help.ahlamontada.com/users/68/54/94/smiles/103798.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alokab.alafdal.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Wed, 09 Nov 2022 10:47:55 GMT
content-length: 178
location: https://2img.net/i/default.png
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 2860896
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IvxcRyCKesVdK1iquumVr9Iln5k2RQpI9Aqrv2z2VQh4udzRIml2p6ul8pSo1VFzAO1IQGTu%2BD4E7638RIEaF3mOZhmZErHLj%2BZAL%2FMeIfX5IDsP3rV8%2Beqm0A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7675f91d0db3d174-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 9f3a1005f1c0bcfdfc1f64f87b965e6b
bfe050567ea050ee19a665e038c61ac46dafbf33
2419a9600bec0027ffda44802b20c8426a5b228a8bf58b7444524ead61d17fd3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3593
Cache-Control: max-age=129314
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 10:47:55 GMT
Etag: "636acd74-139"
Expires: Thu, 10 Nov 2022 22:43:09 GMT
Last-Modified: Tue, 08 Nov 2022 21:43:16 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 313
ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
142.250.74.138200 OK 34 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
IP 142.250.74.138:0
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Hash d989f35706c62ce4a5c561586c55566e
d32e7958e5765609bf08dcdefd0b2c2a8714ce34
375dfe942a03ee024b5cc827b3efda5550d13df7530281f50862ce3b33fcb716
GET /ajax/libs/jquery/1.7.2/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alokab.alafdal.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33845
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 04 Nov 2022 22:41:25 GMT
expires: Sat, 04 Nov 2023 22:41:25 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 389190
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-144347007-1
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-144347007-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash c6a8784835c297a64ddedf8654c7ea8a
eb620dedfabf3bcefa6f3033c6152ad55d55c877
e55f26f7f099cb7ef6ed026d0a047b5da4de836cee999106eaa385abebfe51db
GET /gtag/js?id=UA-144347007-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alokab.alafdal.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 09 Nov 2022 10:47:55 GMT
expires: Wed, 09 Nov 2022 10:47:55 GMT
cache-control: private, max-age=900
last-modified: Wed, 09 Nov 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43636
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
2img.net/i/fa/zen_garden/tabs_more.gif
104.21.235.176200 OK 302 B URL HTTP/2 2img.net/i/fa/zen_garden/tabs_more.gif
IP 104.21.235.176:0
File type GIF image data, version 89a, 9 x 9\012- data
Hash 2bf16e22e45f471734c41456ad161c8a
1e9a3d52ed48190b998e86ae91cd0b0ffac1f4a6
2dec25a53d950244c78e0632e2f4b9fe871fc1f542117b0ac20f9e2a0a3a219f
GET /i/fa/zen_garden/tabs_more.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alokab.alafdal.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 10:47:55 GMT
content-type: image/gif
content-length: 302
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
etag: "41d5e800-12e"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 2419515
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=axSX6VUMmPS4i3dumAiLwF0dWsSUoEYCC7CfsKhYZTzgUxj2XV%2FeIjVFK7z1rReA9I22WycM5HNjs0GsEBnUBKfyKa6%2FBSsuztPZHR%2BC9pUFGzhPtTvVf8WCLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7675f91d0db7d174-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/h/help.ahlamontada.com/users/68/54/94/smiles/613623.gif
104.21.235.176301 Moved Permanently 178 B URL HTTP/2 2img.net/h/help.ahlamontada.com/users/68/54/94/smiles/613623.gif
IP 104.21.235.176:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /h/help.ahlamontada.com/users/68/54/94/smiles/613623.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alokab.alafdal.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Wed, 09 Nov 2022 10:47:55 GMT
content-length: 178
location: https://2img.net/i/default.png
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 2860896
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B2DDvM%2FaNvlMeFh%2FNcaodEL8qUbEUzwzwvQuHoXvTVzZTG5CYpXurFBQwg70MG8%2BoSfb%2FjTmuqJ%2F4oUe3xBYrFObjvwxoCzCWVJSQk01wLKMfIa45pD2ID8g7w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7675f91d0dc0d174-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/i/empty.gif
104.21.235.176200 OK 43 B IP 104.21.235.176:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6d22e4f2d2057c6e8d6fab098e76e80f
b80b11203d97fe01c5597ca3be70406ea48f5709
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
GET /i/empty.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alokab.alafdal.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 10:47:55 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 09 May 2016 08:45:50 GMT
etag: "57304e3e-2b"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 2863743
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zSBkCimMi3oKswapbvqgV4ln8kSGtWxWEuyTtlwRR6De4XsDpe0rMBWoNaAiglhXF4vH0lJMCMf%2Fr%2FjKYaVJ3bZXQihARQQnya6qcxELAiMlcj%2F%2Fc%2FhZ3auFNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7675f91d2e10d174-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/i/fa/zen_garden/tabs_less.gif
104.21.235.176200 OK 301 B URL HTTP/2 2img.net/i/fa/zen_garden/tabs_less.gif
IP 104.21.235.176:0
File type GIF image data, version 89a, 9 x 9\012- data
Hash 9e856fcdcc3a4ec58503bd70960dcd1f
5486a5fdfd116c6a0eae36278c4b811423e10e4c
1fea84651d7adccd44ae1632caa56752f6eb7d670e7fd42c6156bf8d5097fd5c
GET /i/fa/zen_garden/tabs_less.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alokab.alafdal.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 10:47:55 GMT
content-type: image/gif
content-length: 301
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
etag: "41d5e800-12d"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 2862567
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qhy9vrAJEx8XhhfT%2B9cbqeWvMSbi8pmFRt0fHWlZ4TxLGFLXfSx8p05seanjNyxPXo3Br6KEZLbikORdw6tBW%2BX3fSL4ti55OsK%2FAlOebuELqJswU0To1YACKw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7675f91d2e12d174-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-11398279-1
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-11398279-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash b00aeea13ab7f7cf2a4b1eb4c47ebd0b
945f28a91570d7763adfca361e6a51771f4a7954
f250011fa0a6644208ee9bfb9387579b7d7cda64477d29394d082e62bf5f4026
GET /gtag/js?id=UA-11398279-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alokab.alafdal.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 09 Nov 2022 10:47:55 GMT
expires: Wed, 09 Nov 2022 10:47:55 GMT
cache-control: private, max-age=900
last-modified: Wed, 09 Nov 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43589
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
2img.net/i/default.png
104.21.235.176200 OK 977 B IP 104.21.235.176:0
File type PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash 68740394c6718e3d6587d038d20d51a9
149fff376f6ed06d10c19b41ac3ce8dd97256d48
d28f3347aa8d5ef1cff4e57c589a8ce825b4350e1667d9808a29fa8c89d8e96b
GET /i/default.png HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alokab.alafdal.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 10:47:55 GMT
content-type: image/png
content-length: 977
last-modified: Sun, 10 Jun 2018 21:44:20 GMT
etag: "5b1d9bb4-3d1"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 2863735
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=43%2FdzKxAdOSgv0GD1VGCJ2TUvngw%2Fj8bfHNKlfKETfIgaSOqegCgrXM9a50eHAWtfoiflSQGZuWPbrTc7QBQA9VarNZ6TTuOiRD3bxoU9UCBB1M1kWO2zu0I1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7675f91d4e53d174-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/s/t/10/20/65/i_icon_mini_login.jpg
104.21.235.176200 OK 1.6 kB URL HTTP/2 2img.net/s/t/10/20/65/i_icon_mini_login.jpg
IP 104.21.235.176:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 87x40, components 3\012- data
Hash 551a13a1fecfcc82da3996b79e56361a
0a653d54b52f1714065796cc391386eeaeaf199f
da3faf927904f5e64ed07f5b5539cb3886cd0fae1bd83e32006d58950116aea7
GET /s/t/10/20/65/i_icon_mini_login.jpg HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alokab.alafdal.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 10:47:55 GMT
content-type: image/jpeg
content-length: 1628
last-modified: Wed, 27 Oct 2010 13:48:42 GMT
etag: "4cc82dba-65c"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FC3mucyulzxRG%2FcXjfQmtBXM4tZBxweG4u9OUlkCc7HzVj00XI6fXNiUVwRMzZibEFP%2BXu%2BP%2FFoUpac4SPyESK%2F6v5eJ9fyekqUS3z%2B2Lq9XmY9QtemvLaw4Kw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7675f91d0dbfd174-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/s/t/10/20/65/i_icon_mini_register.jpg
104.21.235.176200 OK 1.7 kB URL HTTP/2 2img.net/s/t/10/20/65/i_icon_mini_register.jpg
IP 104.21.235.176:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 87x40, components 3\012- data
Hash a2cde541e71701685dc1950c10db94c6
001d63e58a4271527a626fca14b14e97f997aec4
ffcc7d5f647d178e3cfe3ffb1b96d6505b9d63be92e3bbf08984f125a6d6784a
GET /s/t/10/20/65/i_icon_mini_register.jpg HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alokab.alafdal.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 10:47:55 GMT
content-type: image/jpeg
content-length: 1655
last-modified: Wed, 27 Oct 2010 13:48:42 GMT
etag: "4cc82dba-677"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B0g12nDWZrrkdWT%2FbcYVc%2BEZwqwtTMT4MOiQ%2FTnUH6pBb10PDVJ9acwZhr3f8thhRIreJ67MYjjETlySJ2VPPc0gH6nM0SgkxUHlJQsJoC6fXzSywSGspK%2FEWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7675f91d0dbcd174-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/s/t/10/20/65/i_icon_mini_portal.jpg
104.21.235.176200 OK 1.7 kB URL HTTP/2 2img.net/s/t/10/20/65/i_icon_mini_portal.jpg
IP 104.21.235.176:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 87x40, components 3\012- data
Hash c8bc23299e6870b44c62463c88ebeb6c
debadbdd869a68e1b85891c864e92caffca5dd25
d4c05915f403d639a41b951a83c41efb19aae07c172d2db89a4c783665c5fa85
GET /s/t/10/20/65/i_icon_mini_portal.jpg HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alokab.alafdal.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 10:47:55 GMT
content-type: image/jpeg
content-length: 1653
last-modified: Wed, 27 Oct 2010 13:48:42 GMT
etag: "4cc82dba-675"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DpCZiPMV3tfz92O4z3dM1%2BY5red%2F0KGpUAx%2FG8uHdSStfKnOuDDLgjbGSiXPyhw6o1PH43e10fft5yOGgExEnHo1Ce7DzYAbyjZ0kk3OGZnJUsFRZECqJXHxjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7675f91d0dbbd174-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 69293b8c8a45196bb68c2fb4a573ee67
fbd418617bfbf280af580abf1d2698db8228d84b
bda77decf1a738ce7c86b23325d36faeff1878c643547c54dd62f182fc7ad5ed
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4661
Cache-Control: max-age=101890
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 10:47:55 GMT
Etag: "636a5e28-1d7"
Expires: Thu, 10 Nov 2022 15:06:05 GMT
Last-Modified: Tue, 08 Nov 2022 13:48:24 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 4e48180712e2e140b9748591e3228a70
49d4292426ddfbc6e98cff6d468e3bdf1be41ff7
16ebf61312b22e0032171995a665bad4ea8c7fd80636fc04eb6456d0f60397ec
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 10:47:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
2img.net/s/t/10/20/65/i_icon_mini_index.jpg
104.21.235.176200 OK 1.7 kB URL HTTP/2 2img.net/s/t/10/20/65/i_icon_mini_index.jpg
IP 104.21.235.176:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 81x40, components 3\012- data
Hash 5abe8b9f4ad735b630d7c336ea9d4379
64f41be6cfb6f48c2d7a6265802dfdfd55e09f05
08b95b539ac5c9027594f9a974ae6c21df80c6c8d854f74d7553325b64ad33a5
GET /s/t/10/20/65/i_icon_mini_index.jpg HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alokab.alafdal.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 10:47:55 GMT
content-type: image/jpeg
content-length: 1681
last-modified: Wed, 27 Oct 2010 13:48:42 GMT
etag: "4cc82dba-691"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wn5xT8ATOK1nJZxGsUIqIgqUZBKVL9iEg2JcPbo06LDZ14Wl%2BNKTBzTeiUuPxeqq8rwfdCurK4Pwxjt2D9W6HkTq7jwGJiXTpF8E%2BYfg8V2E%2B26KuHHcl3TpuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7675f91d0db6d174-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 3b26e900b9be930a07101e0d5f5de579
fc84082e3eef2e000f255f1cbd4cf45b694a2118
1dff9aae4984871070d193b60d41548a8a816f0ba20839d41d6e73a08e548afe
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 10:47:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
alokab.alafdal.net/0-rtl.css
94.23.73.212200 OK 60 kB URL HTTP/2 alokab.alafdal.net/0-rtl.css
IP 94.23.73.212:0
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash f2ca6d095d8c41a28721f633abc53555
87e5da8082d7ca1969687eb79d324da1033b3d68
66393bf5ca7a40fbd7f817a811203f60e9ff79e29b8b3cd69e629a7b028a16e6
GET /0-rtl.css HTTP/1.1
Host: alokab.alafdal.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alokab.alafdal.net/t1058-topic
Cookie: exadd=166800
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 10:47:55 GMT
content-type: text/css
content-length: 60427
last-modified: Wed, 09 Nov 2022 00:00:00 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: gzip
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-cache-ma: MISS
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 7822d88a4ddee51439aba4963cb25ae7
e240c03794e6a1b4ebb56618af91d5633f9b139b
6cf9bf0a58ebcfa7019e66eb175c7cd86b143da9325e56b890a2deb3727ec8f7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3766
Cache-Control: max-age=160087
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 10:47:55 GMT
Etag: "636b44fc-117"
Expires: Fri, 11 Nov 2022 07:16:02 GMT
Last-Modified: Wed, 09 Nov 2022 06:13:16 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 7822d88a4ddee51439aba4963cb25ae7
e240c03794e6a1b4ebb56618af91d5633f9b139b
6cf9bf0a58ebcfa7019e66eb175c7cd86b143da9325e56b890a2deb3727ec8f7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2269
Cache-Control: max-age=158590
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 10:47:55 GMT
Etag: "636b44fc-117"
Expires: Fri, 11 Nov 2022 06:51:05 GMT
Last-Modified: Wed, 09 Nov 2022 06:13:16 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 7822d88a4ddee51439aba4963cb25ae7
e240c03794e6a1b4ebb56618af91d5633f9b139b
6cf9bf0a58ebcfa7019e66eb175c7cd86b143da9325e56b890a2deb3727ec8f7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1948
Cache-Control: max-age=158269
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 10:47:55 GMT
Etag: "636b44fc-117"
Expires: Fri, 11 Nov 2022 06:45:44 GMT
Last-Modified: Wed, 09 Nov 2022 06:13:16 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 279
i.servimg.com/u/f40/11/70/87/14/icon3610.gif
172.67.178.62200 OK 745 B URL HTTP/2 i.servimg.com/u/f40/11/70/87/14/icon3610.gif
IP 172.67.178.62:0
File type GIF image data, version 89a, 28 x 15\012- data
Hash 1832b4f5ae9072559a1f9a6da64a3d9e
35014e7fc1f325b559923fff733a0550076276dc
19dac6cd8ef293537f60802245a8a5989dfdf9d47b7ee92d874f815fd1ea5c65
GET /u/f40/11/70/87/14/icon3610.gif HTTP/1.1
Host: i.servimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alokab.alafdal.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 09 Nov 2022 10:47:55 GMT
content-type: image/gif
content-length: 745
last-modified: Tue, 22 Apr 2008 23:54:14 GMT
etag: "480e7aa6-2e9"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 02 Nov 2023 18:19:01 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 110787
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rxiHfRCYD1rohZFXE%2Fol8Ry%2F4w9KQOUsf%2FeVGAIN55c99%2Fr%2BZnGtQCtJ1mZCpi3gAlJtxIPfc018jrVDbQSLHVN7SdB2Nmg%2F%2B5ppS8lSCvjSZ7W6j9nyqXHCvKkGcZvV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7675f91e5b8db4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 7822d88a4ddee51439aba4963cb25ae7
e240c03794e6a1b4ebb56618af91d5633f9b139b
6cf9bf0a58ebcfa7019e66eb175c7cd86b143da9325e56b890a2deb3727ec8f7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3766
Cache-Control: max-age=160087
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 10:47:55 GMT
Etag: "636b44fc-117"
Expires: Fri, 11 Nov 2022 07:16:02 GMT
Last-Modified: Wed, 09 Nov 2022 06:13:16 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 279
push.services.mozilla.com/
34.215.94.42101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.215.94.42:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 97sRVNo789EYK0xeVrMHaA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: P+25qQB610MGIN8AeO0qhul+Vgk=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 85b9cf3234f7ad8606144d5325bfc692
0c10e679676bace4cbd537157b054930ebc45eb1
44f3ef513f3774b0f6a33d9590a638021f328b4177ae5c76b2a511ed255b9e1c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "44F3EF513F3774B0F6A33D9590A638021F328B4177AE5C76B2A511ED255B9E1C"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11866
Expires: Wed, 09 Nov 2022 14:05:42 GMT
Date: Wed, 09 Nov 2022 10:47:56 GMT
Connection: keep-alive
i.servimg.com/u/f48/11/78/78/43/3dflag11.gif
172.67.178.62200 OK 21 kB URL HTTP/2 i.servimg.com/u/f48/11/78/78/43/3dflag11.gif
IP 172.67.178.62:0
File type GIF image data, version 89a, 84 x 57\012- data
Hash 426e8fe714f3e073836467ff2b318b5f
a8ac04b3968f539dbf3f37761c7fc0366ae60669
e8b0acc8f9a56ba4c89217172d077be7a48f1263c9dfdc4762f0f2752f7a5eec
GET /u/f48/11/78/78/43/3dflag11.gif HTTP/1.1
Host: i.servimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alokab.alafdal.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 09 Nov 2022 10:47:56 GMT
content-type: image/gif
content-length: 21300
last-modified: Sat, 29 Mar 2008 21:11:33 GMT
etag: "47eeb085-5334"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Tue, 25 Apr 2023 08:24:30 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YThLZe0pxrpNLPOr7LW8TtBschmfNA2Vc5SYuxNdQ6YUlnAiw76EnSapVc0VQFnp11Qng%2BupGYjpOOXT2Cv4C7%2BcWH5%2BQyulEjcRc2AA879Q6VXLh%2BmfGXfpq3Y3vPyr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7675f91e5b91b4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.servimg.com/u/f40/11/70/87/14/imppvt10.gif
172.67.178.62200 OK 849 B URL HTTP/2 i.servimg.com/u/f40/11/70/87/14/imppvt10.gif
IP 172.67.178.62:0
File type GIF image data, version 89a, 28 x 15\012- data
Hash fd49eda824ae67ccc338e4ef840bfebd
39c387188618166b777e45c3bd73de7f7da8ed77
e3f7a03d4ac89385f193a89691983157680874fe36aeec133877b28515cbef9e
GET /u/f40/11/70/87/14/imppvt10.gif HTTP/1.1
Host: i.servimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alokab.alafdal.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 09 Nov 2022 10:47:56 GMT
content-type: image/gif
content-length: 849
last-modified: Tue, 22 Apr 2008 23:53:10 GMT
etag: "480e7a66-351"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Sat, 07 Oct 2023 07:02:00 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B6dazdSK%2B6h7B9gfL0QF9NGFE7k0A%2FIWl3dXbX%2B5iX9lU1stzCtnZmaqyh7WQELj8ktZ5M2os%2B8LJVJHz%2FNY5m3ljhUYDQHfLJ%2FJaMSNZBGJ%2B6KBSRKRI5c7EokPylRR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7675f91e5b95b4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 57db9d5d44894a8c5298971ecfe704f8
048d94952b8b9cfa901524cb3429ee7dd22b433a
79071063632470783ce5b2d606fe8674fc799e00b6ee582722b5f883e047f156
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1646
Cache-Control: max-age=89175
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 10:47:56 GMT
Etag: "636a3845-139"
Expires: Thu, 10 Nov 2022 11:34:11 GMT
Last-Modified: Tue, 08 Nov 2022 11:06:45 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 313
stootsou.net/zone?pub=0&zone_id=2308013&is_mobile=false&domain=alokab.alafdal.net&var=&ymid=&var_3=
139.45.197.250200 OK 758 B URL HTTP/2 stootsou.net/zone?pub=0&zone_id=2308013&is_mobile=false&domain=alokab.alafdal.net&var=&ymid=&var_3=
IP 139.45.197.250:0
File type JSON data\012- , ASCII text, with very long lines (757)
Hash 3f7a073cd1c805a2e88d1faa7ef7968b
723866153a871bd6652440de776fabdb5a03962a
2d47a507f455c5f24a77209fc9c29837d1ac93a5ebc05bfa60ef90d62dc04a57
Analyzer Verdict Alert quad9 Sinkholed
GET /zone?pub=0&zone_id=2308013&is_mobile=false&domain=alokab.alafdal.net&var=&ymid=&var_3= HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alokab.alafdal.net/
Origin: https://alokab.alafdal.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 10:47:56 GMT
content-type: application/json; charset=utf-8
content-length: 758
x-trace-id: 86ee2bfec6c8d4bd7f22cc5fd3b692da
access-control-allow-origin: https://alokab.alafdal.net
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash 786ea8f7c7198328660a367224fc5daf
44077e309f7deefd7b49587e79c2eaabf346e8a1
9c6a73bb7fdbede2ac066d23c3e3d977a0d8a242921f439bcdba783fea4fd0bf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1872
Cache-Control: max-age=113198
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 10:47:56 GMT
Etag: "636a953a-138"
Expires: Thu, 10 Nov 2022 18:14:34 GMT
Last-Modified: Tue, 08 Nov 2022 17:43:22 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 312
static.criteo.net/js/ld/publishertag.js
178.250.0.130200 OK 87 kB URL HTTP/2 static.criteo.net/js/ld/publishertag.js
IP 178.250.0.130:0
Hash 7bf521c15c3cfa10eaf285be0c03fa06
9d65b1206cdeae775745cd02416d804d717da509
706e54e5435868e2ddcdcc8828c15167fb2a79b74923084e231f4681ac4cadb0
GET /js/ld/publishertag.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alokab.alafdal.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 10:47:55 GMT
content-type: text/javascript
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
etag: W/"6356752f-1e444"
expires: Thu, 10 Nov 2022 10:47:55 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.2.146200 OK 0 B IP 178.250.2.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 09 Nov 2022 10:47:56 GMT
server: Kestrel
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=AbZjsF80M0RITmhlJTJCZkMwOUJGQlhaMUN2czVmaGVablRqaXBsRkp5ZklWN29nZEtSdzZxVGdyMEpWJTJCYVFWbXNiUGNCbQ; expires=Mon, 04 Dec 2023 10:47:56 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 359702
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/forumotion-ar/loader.js
151.101.85.44200 OK 26 kB URL HTTP/2 cdn.taboola.com/libtrc/forumotion-ar/loader.js
IP 151.101.85.44:0
File type Unicode text, UTF-8 text, with very long lines (65466)
Hash 0bf766ebc943db4730fad6e4590490af
245b380355614ff4687fa0c253d039e284b3af6a
c4609279357b355249a3932c9ee0cce5710c36bc6f50a042ecad0c6a1a3bbb93
GET /libtrc/forumotion-ar/loader.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alokab.alafdal.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
content-encoding: gzip
etag: "e1593f41d4118dac4b34efc1dacab32547732289"
last-modified: Tue, 08 Nov 2022 13:58:14 UTC
x-amz-id-2: Wwc4gOtBVmx5BUcinUjCa/J5NggyCcwMW/RGm9z2GeZEesZvHPQK0/TowUj/7Yx9vu+4vsib31g=
x-amz-request-id: JW31TCT2CXW0N6TZ
x-amz-version-id: labbkxJiEylABo4NGKa85C2YP6VuXlC.
x-from-cache: 1
x-envoy-upstream-service-time: 6
accept-ranges: bytes
date: Wed, 09 Nov 2022 10:47:56 GMT
via: 1.1 varnish
age: 4742
x-served-by: cache-bma1627-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1667990876.493532,VS0,VE3
cache-control: private,max-age=14400
vary: Accept-Encoding, Accept-Encoding
abp: 28
content-length: 25483
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash f7b63432846496d191636e02cad16e38
ad25fb9244c196a1709fa9f4242f1f5c4df85979
98422001c6fde1ab8ba63e56da442e6fcb8b6cf43049e387324a47f3729d2065
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3398
Cache-Control: max-age=86981
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 10:47:56 GMT
Etag: "636a28db-139"
Expires: Thu, 10 Nov 2022 10:57:37 GMT
Last-Modified: Tue, 08 Nov 2022 10:00:59 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 313
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alokab.alafdal.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Wed, 09 Nov 2022 10:41:09 GMT
expires: Wed, 09 Nov 2022 12:41:09 GMT
cache-control: public, max-age=7200
age: 407
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash f7b63432846496d191636e02cad16e38
ad25fb9244c196a1709fa9f4242f1f5c4df85979
98422001c6fde1ab8ba63e56da442e6fcb8b6cf43049e387324a47f3729d2065
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3396
Cache-Control: max-age=86979
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 10:47:56 GMT
Etag: "636a28db-139"
Expires: Thu, 10 Nov 2022 10:57:35 GMT
Last-Modified: Tue, 08 Nov 2022 10:00:59 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 313
ocsp.comodoca4.com/
172.64.155.188200 OK 282 B IP 172.64.155.188:0
Hash b61510178beb4dbd56e6fdc999ba0eda
2e416363f80d3aef7db861e472e56a5ba21a5ae1
1022f2bab86ad78973379d6255e28bd7df032b3fd01425f981d4140c0ff889c0
POST / HTTP/1.1
Host: ocsp.comodoca4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 10:47:56 GMT
Content-Type: application/ocsp-response
Content-Length: 282
Connection: keep-alive
Last-Modified: Tue, 08 Nov 2022 12:47:11 GMT
Expires: Tue, 15 Nov 2022 12:47:10 GMT
Etag: "2e416363f80d3aef7db861e472e56a5ba21a5ae1"
Cache-Control: max-age=524953,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7675f92219fbb517-OSL
cdn.viglink.com/api/vglnk.js
104.16.163.13200 OK 29 kB URL HTTP/2 cdn.viglink.com/api/vglnk.js
IP 104.16.163.13:0
File type ASCII text, with very long lines (693)
Hash 072eaf64a771815874455704fca9301b
6c6226d00f14bb800cd4390b3cd42df941be43b1
bb35c8c300bd1acfe7ed86eb988f74ff2e8d86a4fb0409c5d78a890f9fd14b8e
GET /api/vglnk.js HTTP/1.1
Host: cdn.viglink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alokab.alafdal.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 09 Nov 2022 10:47:56 GMT
content-type: text/javascript
content-length: 28567
x-amz-id-2: kFPAC60DOwNQb4CdhqHG+tKjRF2TQjxpEdeKJyhLPdvjoiSwXPmNvXMEMMBRIwIu/QGXu5HJg1c=
x-amz-request-id: NTCW971RKN3GM3ZQ
last-modified: Wed, 02 Dec 2020 18:57:12 GMT
etag: "072eaf64a771815874455704fca9301b"
cache-control: public, max-age=604800
content-encoding: gzip
cf-cache-status: HIT
age: 1687329
expires: Wed, 16 Nov 2022 10:47:56 GMT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7675f9227886b4e8-OSL
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/impl.20221108-4-RELEASE.js
151.101.85.44200 OK 146 kB URL HTTP/2 cdn.taboola.com/libtrc/impl.20221108-4-RELEASE.js
IP 151.101.85.44:0
File type ASCII text, with very long lines (65509)
Size 146 kB (146001 bytes)
Hash 88c487ac892a30204e98821760358d3a
a15fe00062e424617d405b27c3376831d502cb90
caed01e353e989f88d91dbea2b18991c111c4acdece297d0ff65eb50ffd5fd8b
GET /libtrc/impl.20221108-4-RELEASE.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alokab.alafdal.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: 7NIfjc5DF1L2B/kzlgqwEMQz6AeXPHeJ8bdJplySczuZ/p+wuSvwQmO0NIljPmdKYCKWw7PfupA=
x-amz-request-id: EGG6QY2K8WHEN44M
last-modified: Tue, 08 Nov 2022 09:41:14 GMT
etag: "88c487ac892a30204e98821760358d3a"
content-encoding: br
x-amz-version-id: Hr3XNjpCCkEC_aHpskXb5vO2HjdO2stg
content-type: application/javascript
accept-ranges: bytes
date: Wed, 09 Nov 2022 10:47:56 GMT
via: 1.1 varnish
age: 4002
x-served-by: cache-bma1627-BMA
x-cache: HIT
x-cache-hits: 2274
x-timer: S1667990877.569371,VS0,VE0
cache-control: private,max-age=31536000
vary: Accept-Encoding
abp: 80
server: AmazonS3-br
content-length: 146001
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
178.250.6.110200 OK 47 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP 178.250.6.110:0
Hash a7732141b458822f4404639c203d2583
082f0d129df794eb0ac7d212aca392cf4a7fb24c
e7e613a7149051b554accba31a5bde13760668c0bdc9673c25fb6c576e65a54e
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Wed, 09 Nov 2022 10:47:56 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 87915
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
bidder.criteo.com/cdb?ptv=132&profileId=206&cb=70184396840
178.250.0.165200 OK 160 B URL HTTP/2 bidder.criteo.com/cdb?ptv=132&profileId=206&cb=70184396840
IP 178.250.0.165:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 7fd4b69da17bc1678244236b81780748
130d139ac0c5fcfcf01313cf9267565e3c8d70d2
6f2b1c0acdfb0c47e182217728335fdda39cfc68c9c2f8a632b4276520688f24
POST /cdb?ptv=132&profileId=206&cb=70184396840 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 568
Origin: https://alokab.alafdal.net
Connection: keep-alive
Referer: https://alokab.alafdal.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 09 Nov 2022 10:47:55 GMT
vary: Origin
server: Finatra
content-type: application/json; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: https://alokab.alafdal.net
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-encoding: gzip
content-length: 160
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
www.facebook.com/x/oauth/status?client_id=145078495548445&input_token&origin=1&redirect_uri=https%3A%2F%2Falokab.alafdal.net%2Ft1058-topic&sdk=joey&wants_cookie_data=true
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/x/oauth/status?client_id=145078495548445&input_token&origin=1&redirect_uri=https%3A%2F%2Falokab.alafdal.net%2Ft1058-topic&sdk=joey&wants_cookie_data=true
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /x/oauth/status?client_id=145078495548445&input_token&origin=1&redirect_uri=https%3A%2F%2Falokab.alafdal.net%2Ft1058-topic&sdk=joey&wants_cookie_data=true HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alokab.alafdal.net/
Origin: https://alokab.alafdal.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain; charset=UTF-8
access-control-expose-headers: fb-s
access-control-allow-credentials: true
access-control-allow-origin: https://alokab.alafdal.net
fb-s: unknown
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-fb-rlafr: 0
document-policy: force-load-at-top
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security: max-age=15552000; preload
x-fb-debug: LVs4+dGGBX98jrGUxXwjCbVmP9Ll6PlGy45LsgIexRyXvGOLkSSA2y/yZif+O89zlv4M8tEaLFFtytKB0jXQQQ==
content-length: 0
date: Wed, 09 Nov 2022 10:47:56 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 2.8 kB URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 7942823c5b0d1dd8345c8170ce39f7fe
631ad1d70ae7b18faa6244f3a302fe6fbef21e54
a4496daca5730f43b39979205fd190bdfe96f57abbb47fb23849f00b16e66d23
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=168976
Date: Wed, 09 Nov 2022 10:47:56 GMT
Etag: "636b5cc6-1d7"
Expires: Fri, 11 Nov 2022 09:44:12 GMT
Last-Modified: Wed, 09 Nov 2022 07:54:46 GMT
Server: ECS (nyb/1D32)
X-Cache: Miss from cloudfront
Via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: YfRWe4LiboeQz3gjcySYt6OztzZZJzvSa_wXkcAPuv8813P6M6IoLw==
Age: 6567
alokab.alafdal.net/images/icons-180.png
94.23.73.212200 OK 12 kB URL HTTP/2 alokab.alafdal.net/images/icons-180.png
IP 94.23.73.212:0
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash 7522eba21dc22c81bb1f05ae91d050ff
69d26c8fad224f29179c06ceb35b912958aeaf47
1c4d914a4f8e9cc7cdd37feafb8380e465f7c7c9a7a19475d2df9e75863f5a95
GET /images/icons-180.png HTTP/1.1
Host: alokab.alafdal.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alokab.alafdal.net/t1058-topic
Cookie: exadd=166800; _fa-screen=%7B%22w%22%3A1280%2C%22h%22%3A939%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 10:47:56 GMT
content-type: image/png
content-length: 11452
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Wed, 09 Nov 2022 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
x-cache-ic: MISS
X-Firefox-Spdy: h2
api.viglink.com/api/ping
34.248.173.75200 OK 259 B IP 34.248.173.75:0
File type ASCII text, with no line terminators
Hash 0a15a452a948c028e8e635d087459867
7509f271fa9fd474fc9f0bcb9cd847dcfe8bdc0c
e314f65e3b984d75233e37d38d09c8da9556eddc442bc014805441e4ccc9d1d5
POST /api/ping HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 138
Origin: https://alokab.alafdal.net
Connection: keep-alive
Referer: https://alokab.alafdal.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://alokab.alafdal.net
Cache-Control: no-cache, no-store
Content-Type: text/javascript;charset=UTF-8
Date: Wed, 09 Nov 2022 10:47:56 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 259
Connection: keep-alive
trc-events.taboola.com/forumotion-ar/log/3/bulk-metrics?lti=deflated&bulkSize=1
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/forumotion-ar/log/3/bulk-metrics?lti=deflated&bulkSize=1
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /forumotion-ar/log/3/bulk-metrics?lti=deflated&bulkSize=1 HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 487
Origin: https://alokab.alafdal.net
Connection: keep-alive
Referer: https://alokab.alafdal.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Wed, 09 Nov 2022 10:47:56 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://alokab.alafdal.net
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
trc-events.taboola.com/forumotion-ar/log/2/debug?tim=10%3A47%3A53.402&type=usage&msg=rtus&llvl=2&id=2798&cv=20221108-4-RELEASE<=deflated&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/forumotion-ar/log/2/debug?tim=10%3A47%3A53.402&type=usage&msg=rtus&llvl=2&id=2798&cv=20221108-4-RELEASE<=deflated&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /forumotion-ar/log/2/debug?tim=10%3A47%3A53.402&type=usage&msg=rtus&llvl=2&id=2798&cv=20221108-4-RELEASE<=deflated&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alokab.alafdal.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Wed, 09 Nov 2022 10:47:56 GMT
x-fastly-to-nlb-rtt: 22162
access-control-allow-credentials: true
X-Firefox-Spdy: h2
api.viglink.com/api/sync.js?key=74bad24252620514d1244cfba01f2ee2
34.248.173.75200 OK 43 B URL HTTP/1.1 api.viglink.com/api/sync.js?key=74bad24252620514d1244cfba01f2ee2
IP 34.248.173.75:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /api/sync.js?key=74bad24252620514d1244cfba01f2ee2 HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alokab.alafdal.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Content-Type: image/gif;charset=UTF-8
Date: Wed, 09 Nov 2022 10:47:56 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 43
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash d044f3e2fc14a96cc5752446b440b143
d0d278c9eee46eb43a3f91e8fa55db206a78c93a
a0aa7ecc56cdd27079c14e17f3f790b3c01584379a519e8f7760eb81a781a02a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 10:47:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
api.viglink.com/api/sync.gif?key=74bad24252620514d1244cfba01f2ee2
34.248.173.75200 OK 43 B URL HTTP/1.1 api.viglink.com/api/sync.gif?key=74bad24252620514d1244cfba01f2ee2
IP 34.248.173.75:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /api/sync.gif?key=74bad24252620514d1244cfba01f2ee2 HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alokab.alafdal.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Content-Type: image/gif;charset=UTF-8
Date: Wed, 09 Nov 2022 10:47:56 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 43
Connection: keep-alive
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-144347007-1&cid=64146230.1667990873&jid=1295117981&gjid=449205095&_gid=1762610747.1667990873&_u=YEBAAUAAAAAAACAAI~&z=321544769
64.233.165.154200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-144347007-1&cid=64146230.1667990873&jid=1295117981&gjid=449205095&_gid=1762610747.1667990873&_u=YEBAAUAAAAAAACAAI~&z=321544769
IP 64.233.165.154:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-144347007-1&cid=64146230.1667990873&jid=1295117981&gjid=449205095&_gid=1762610747.1667990873&_u=YEBAAUAAAAAAACAAI~&z=321544769 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://alokab.alafdal.net
Connection: keep-alive
Referer: https://alokab.alafdal.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://alokab.alafdal.net
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 09 Nov 2022 10:47:57 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
api.viglink.com/api/domains
34.248.173.75200 OK 41 B URL HTTP/1.1 api.viglink.com/api/domains
IP 34.248.173.75:0
File type ASCII text, with no line terminators
Hash 083e7ed0254ca5e58abe8ea2bfe28d98
61d1f6388e10f326f244f03c283d5d02eaf52271
1722b0efc41a23922aec0c105f4085dfc3eaad46fb7eaa664ed76e74de1fe2e3
POST /api/domains HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 236
Origin: https://alokab.alafdal.net
Connection: keep-alive
Referer: https://alokab.alafdal.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://alokab.alafdal.net
Cache-Control: no-cache, no-store
Content-Type: text/javascript;charset=UTF-8
Date: Wed, 09 Nov 2022 10:47:56 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 41
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8053
Expires: Wed, 09 Nov 2022 13:02:10 GMT
Date: Wed, 09 Nov 2022 10:47:57 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash d044f3e2fc14a96cc5752446b440b143
d0d278c9eee46eb43a3f91e8fa55db206a78c93a
a0aa7ecc56cdd27079c14e17f3f790b3c01584379a519e8f7760eb81a781a02a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 10:47:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
dnacdn.net/dna
178.250.2.146200 OK 629 B IP 178.250.2.146:0
Hash dc0a1bf3a59211958699c6f3c5751680
3e4ae34d25cb0dd12b613be7d037811c794af1c4
69c65e71a4a97453d8d2caf3af927263fad3f7ec0dc4aaf740e1d417ac105de8
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=AbZjsF80M0RITmhlJTJCZkMwOUJGQlhaMUN2czVmaGVablRqaXBsRkp5ZklWN29nZEtSdzZxVGdyMEpWJTJCYVFWbXNiUGNCbQ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 10:47:56 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=J781ll80M0RITmhlJTJCZkMwOUJGQlhaMUN2czVmaGVablRqaXBsRkp5ZklWN29nZEo3Tlc4RVNEMUIxcHl4QWRxam9hTU0; expires=Mon, 04 Dec 2023 10:47:57 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 395742
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 162c8799354615249312cdf438db280c
9153676ca16b40d8856e3b930bce38fae203ca20
cba44d2148d80bbcee3a3c21779851a42b61d6717e53a4095fbd2cc8824ac689
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CBA44D2148D80BBCEE3A3C21779851A42B61D6717E53A4095FBD2CC8824AC689"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9549
Expires: Wed, 09 Nov 2022 13:27:06 GMT
Date: Wed, 09 Nov 2022 10:47:57 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcc585a69-ebe7-4753-b2fd-ad259cd42072.jpeg
34.120.237.76200 OK 2.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcc585a69-ebe7-4753-b2fd-ad259cd42072.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 547f07effeda1f7041b06fa3f10f90bf
d453f8017ebbbb8362f745a15c95acbddf55ac26
c4c4063cae55e4e2192ab2ac98543f4495a81879b8001fd2efb7989ca6eddba9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcc585a69-ebe7-4753-b2fd-ad259cd42072.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2808
x-amzn-requestid: 47475ac7-05a1-484f-ab46-c44c804b152d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bTSsUHrdIAMFwNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636acb1b-10cd67f67a61ddba16769db9;Sampled=0
x-amzn-remapped-date: Tue, 08 Nov 2022 21:33:15 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: UwYDSFfv9pZsgYa2vnFmsQSqaMWZI1XmeVog35jJMrpxM67nMFI6QQ==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 22:02:27 GMT
etag: "d453f8017ebbbb8362f745a15c95acbddf55ac26"
content-type: image/jpeg
age: 45930
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
stootsou.net/custom
139.45.197.250200 OK 0 B IP 139.45.197.250:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://alokab.alafdal.net/
Origin: https://alokab.alafdal.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 10:47:57 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://alokab.alafdal.net
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff61972b3-81fe-4685-88de-21199403755b.jpeg
34.120.237.76200 OK 5.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff61972b3-81fe-4685-88de-21199403755b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4cc233d853dae1e8f6127bc8f7ddd3ae
a99cfd0dc7b73fab94fbecc9c8bdf5945a3387a7
169e6f462cf903a188a13cb95791731fb20f2fdb04c236065e90f834606bb0a8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff61972b3-81fe-4685-88de-21199403755b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5282
x-amzn-requestid: e50bfdbf-6301-4451-9ae9-80127861f8fc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bTTnaHR8IAMFSfw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636acc95-4ee3045e3af315160dc7e933;Sampled=0
x-amzn-remapped-date: Tue, 08 Nov 2022 21:39:33 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: sPVnehGtMgbgGW_D41Q4vGyLdl8cSGpXEf1H0Td5Cy32w7carwcjTg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 21:44:22 GMT
age: 47015
etag: "a99cfd0dc7b73fab94fbecc9c8bdf5945a3387a7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
stootsou.net/custom
139.45.197.250200 OK 0 B IP 139.45.197.250:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://alokab.alafdal.net/
Origin: https://alokab.alafdal.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 10:47:57 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://alokab.alafdal.net
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff66bafec-6420-4aea-8b22-96b8fe0d292b.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff66bafec-6420-4aea-8b22-96b8fe0d292b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c69b19d2273c3ade32fd0797921c0459
8cafda5659f5b36c855a2bbcaeb03aa715ddeebd
d78b92e1175207b1179c85f9490f937e1647aeae3fe95cf8b3dc336db232945e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff66bafec-6420-4aea-8b22-96b8fe0d292b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8154
x-amzn-requestid: 1d9d6e13-69a4-473d-af4b-ef3d4382f3ca
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bTTU2EyZoAMF94w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636acc1e-0dec203434f42df01d9a1182;Sampled=0
x-amzn-remapped-date: Tue, 08 Nov 2022 21:37:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 5sq7XRYInS334VVDEtCJNlf_O9FTHn2G4u-WAIygFZ-SALN0flMwew==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 22:02:14 GMT
age: 45943
etag: "8cafda5659f5b36c855a2bbcaeb03aa715ddeebd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=publishertag&domain=alafdal.net&sn=FirefoxSyncframe&so=0&topUrl=alokab.alafdal.net&info=J781ll80M0RITmhlJTJCZkMwOUJGQlhaMUN2czVmaGVablRqaXBsRkp5ZklWN29nZEo3Tlc4RVNEMUIxcHl4QWRxam9hTU0&idsd=-231654676,-583984675&cw=1&lsw=1
178.250.2.146200 OK 319 B URL HTTP/2 gum.criteo.com/sid/json?origin=publishertag&domain=alafdal.net&sn=FirefoxSyncframe&so=0&topUrl=alokab.alafdal.net&info=J781ll80M0RITmhlJTJCZkMwOUJGQlhaMUN2czVmaGVablRqaXBsRkp5ZklWN29nZEo3Tlc4RVNEMUIxcHl4QWRxam9hTU0&idsd=-231654676,-583984675&cw=1&lsw=1
IP 178.250.2.146:0
File type JSON data\012- , ASCII text, with very long lines (393), with no line terminators
Hash 6a0cbd9d0220216f97a934ae93723ece
e56be83167e835280ea99066ca61478b0966c187
d58532bb9cb6e5fc55750dd6dbcc55e53187a4a803d33eafdd3abcad76df587e
GET /sid/json?origin=publishertag&domain=alafdal.net&sn=FirefoxSyncframe&so=0&topUrl=alokab.alafdal.net&info=J781ll80M0RITmhlJTJCZkMwOUJGQlhaMUN2czVmaGVablRqaXBsRkp5ZklWN29nZEo3Tlc4RVNEMUIxcHl4QWRxam9hTU0&idsd=-231654676,-583984675&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=alokab.alafdal.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 10:47:56 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 1252018
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b197dc2-1415-4c19-8d36-1fa334168ba5.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b197dc2-1415-4c19-8d36-1fa334168ba5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 29429581f8dc762c69c5916009f70080
9265cae98aa663a5498925b70079abdd8e7031fd
c3deee74c80905a1e92b84868b9987cb30ad7a210dca066b97c325cc2c83872e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b197dc2-1415-4c19-8d36-1fa334168ba5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9313
x-amzn-requestid: be3f6b0f-cf61-4bec-ad1a-87abdbc45d73
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bTTTwF5AoAMFZAw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636acc17-5ca45b5b1065a4ea492f2ac6;Sampled=0
x-amzn-remapped-date: Tue, 08 Nov 2022 21:37:27 GMT
x-amz-cf-pop: SEA19-C3, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 9lVY7YgQQ0FAP3ItgCSWePY0Msd4RIyBz4eNPc-K51BtnWUjOObv6g==
via: 1.1 31dfa94142c6eaf975b0e5454c00340a.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 21:43:31 GMT
etag: "9265cae98aa663a5498925b70079abdd8e7031fd"
content-type: image/jpeg
age: 47066
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b1448b9-c14a-494a-b2b3-d4d430f83cd7.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b1448b9-c14a-494a-b2b3-d4d430f83cd7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash da90dc6a5f2fc0c07e1e3d7ac0f1a67c
131acddbc0fefa19de876f5254d21370691b4653
60a17b9d4f66a571b54b17bcdd5ae19942bd8540569663611a3a64c07734417c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b1448b9-c14a-494a-b2b3-d4d430f83cd7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7108
x-amzn-requestid: bf8302ba-8138-4b4a-8821-fe1c1d1864fc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bMYDHEoFoAMFqVA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636806e0-7b5856224000122233ad81ea;Sampled=0
x-amzn-remapped-date: Sun, 06 Nov 2022 19:11:28 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 4BaZ-LMJyYy_6UTMKjwjUulT4nAc0pxyJvmTmsy-M_WGXw9doIO0Vg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 22:03:36 GMT
age: 45861
etag: "131acddbc0fefa19de876f5254d21370691b4653"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e2853cc6ec6223160471401e6871f4b
f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c
bf4b9145ea043d87a30fd3aeeae21a1a0aa27004cd2467e7aa843bc894ae1f60
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10462
x-amzn-requestid: 43480a38-fd89-4c47-b8c4-e6ba90b1321c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aMF6oEz_oAMF8Hg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634e5043-6617fd2e59cab00135301cdd;Sampled=0
x-amzn-remapped-date: Tue, 18 Oct 2022 07:05:39 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: C7GYpM3mXSf0hVyGO9Zzlxa3IHXHdyPlXsvr3i0GoQnaPZF6lO-OwA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 06:24:20 GMT
age: 15817
etag: "f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
stootsou.net/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Analyzer Verdict Alert quad9 Sinkholed
POST /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alokab.alafdal.net/
Content-Type: application/json
Origin: https://alokab.alafdal.net
Content-Length: 384
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 10:47:57 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: c91314c5a36f5a5e901dc1d6b761ed00
access-control-allow-origin: https://alokab.alafdal.net
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
stootsou.net/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Analyzer Verdict Alert quad9 Sinkholed
POST /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alokab.alafdal.net/
Content-Type: application/json
Origin: https://alokab.alafdal.net
Content-Length: 748
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 10:47:57 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 6e528e0862e7b0b7ea7eb61c479d3e69
access-control-allow-origin: https://alokab.alafdal.net
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
stootsou.net/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Analyzer Verdict Alert quad9 Sinkholed
POST /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alokab.alafdal.net/
Content-Type: application/json
Origin: https://alokab.alafdal.net
Content-Length: 461
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 10:47:57 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: a4e5d9fc8609cd5af3d58167b12a7717
access-control-allow-origin: https://alokab.alafdal.net
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/userx.20221108-4-RELEASE.es6.js
151.101.85.44200 OK 5.4 kB URL HTTP/2 cdn.taboola.com/libtrc/userx.20221108-4-RELEASE.es6.js
IP 151.101.85.44:0
File type ASCII text, with very long lines (17842)
Hash 963d77ca83c1ef5c8c622f69fcaa7cd6
88c3b40efed3822d2dbea0e42bd0756c37628814
d89ac78823b96fe54d5b90628e7879f235e9090e0160d0f37ccab22d1ef69c69
GET /libtrc/userx.20221108-4-RELEASE.es6.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alokab.alafdal.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: GDnYjBbCiwHp61EcLghxyjr3oq5xzh2Eac7lyvlx+wORECinvMlUAQDcfbvFLT89+7IHtSoOyLI=
x-amz-request-id: 0JCWFZ09W7Y8GE4S
x-amz-replication-status: PENDING
last-modified: Tue, 08 Nov 2022 19:34:09 GMT
etag: "8be6f968f7c696b0b12bbfa029abd2bd"
x-amz-version-id: Ps6T8wFCySZBAs8KjVLJqdGfJsa23oNM
content-type: application/javascript; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Wed, 09 Nov 2022 10:47:57 GMT
via: 1.1 varnish
age: 23
x-served-by: cache-bma1627-BMA
x-cache: HIT
x-cache-hits: 6
x-timer: S1667990877.333378,VS0,VE0
cache-control: private,max-age=14400
vary: Accept-Encoding
abp: 80
content-length: 5397
X-Firefox-Spdy: h2
vidstat.taboola.com/lite-unit/3.9.5/UnitWidgetItemDesktop.min.js
151.101.85.44200 OK 30 kB URL HTTP/2 vidstat.taboola.com/lite-unit/3.9.5/UnitWidgetItemDesktop.min.js
IP 151.101.85.44:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash a7b72a082fc5e3bc4aabbb79f73fb604
31cc6cd9b3dfbd31d24cd47dd2fcb29f5522822f
bf20590ab0b6486faa1a22e447f2ae149aa76742fd65fa43993646031d90a1e1
GET /lite-unit/3.9.5/UnitWidgetItemDesktop.min.js HTTP/1.1
Host: vidstat.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alokab.alafdal.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 13 Sep 2022 09:04:05 GMT
etag: "8b1ffbd4f9c44c447f9a11e92fbb9112"
server: AmazonS3
via: 1.1 828a61ebc3af4e0465a5577a4c08af7a.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: AfyrLxGlKNoXsjSvShOJ1QFm2rrv76iJaqEsgbMoQU-1oTsr3wJz-Q==
cache-control: public, max-age=2592000
content-encoding: gzip
accept-ranges: bytes
date: Wed, 09 Nov 2022 10:47:57 GMT
age: 3805558
x-served-by: cache-bma1627-BMA
x-cache: Hit from cloudfront, HIT
x-cache-hits: 9177
x-timer: S1667990877.334406,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
content-length: 29884
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8c254a3f746b9a167255514ad407edb9.jpg
151.101.85.44200 OK 9.1 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8c254a3f746b9a167255514ad407edb9.jpg
IP 151.101.85.44:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 7c70e9f164682724dc721994daa8c94e
6a6390fc3b0b0a8b457931ceb377e2a9f2c7aa92
76c9d9930e9da8dbae2a52349f8eb85e04c1f8c05565491d8480d3e6ccbc9b80
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8c254a3f746b9a167255514ad407edb9.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alokab.alafdal.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 299834524348259262013752246077044927375,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 299834524348259262013752246077044927375,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
etag: "be71ca2f7d613358988ebe5648301cde"
expiration: expiry-date="Sun, 23 Oct 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
last-modified: Thu, 22 Sep 2022 14:19:49 GMT
req-referer: https://www.unian.net/
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-envoy-upstream-service-time: 79
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Wed, 09 Nov 2022 10:47:57 GMT
age: 1974323
x-served-by: cache-iad-kjyo7100045-IAD, cache-iad-kcgs7200063-IAD, cache-chi-klot8100117-CHI, cache-iad-kcgs7200088-IAD, cache-bma1627-BMA
x-cache: HIT, MISS, HIT, HIT, HIT
x-cache-hits: 1, 0, 1, 5, 1
x-timer: S1667990877.341648,VS0,VE1
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8c254a3f746b9a167255514ad407edb9.jpg
x-vcl-time-ms: 1
content-length: 9092
X-Firefox-Spdy: h2
cdn.betgorebysson.club/apu.php?zoneid=3765907
139.45.195.8200 OK 30 kB URL HTTP/2 cdn.betgorebysson.club/apu.php?zoneid=3765907
IP 139.45.195.8:0
Hash 3642cdd0a617d5a2bed535f7e4841e7e
eb5e726ce0450489b79f4faee1610a3600f5bba7
44e745425207f804e433cfd11c34b9ef5c5b341e1d8a7072e03919780173c29b
Analyzer Verdict Alert fortinet Malware
GET /apu.php?zoneid=3765907 HTTP/1.1
Host: cdn.betgorebysson.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alokab.alafdal.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 10:47:57 GMT
content-type: application/javascript
x-trace-id: 359f4c96db2acfca9e61ca9bf84f361b
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=c52e1ec93fe844c896f3bf0d1892c8cb; expires=Thu, 09 Nov 2023 10:47:57 GMT; path=/; secure; SameSite=None
oaidts=1667990877; expires=Thu, 09 Nov 2023 10:47:57 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash f0a2b1e32df4a91cc58ef6aeff8fb184
73a2060c99a6633d03d8b00d45c96941f99dcde1
ade5e80916bfb0a1963da196fc60c17de1e1e758293e468b4a9c305f7555d997
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 10:47:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-144347007-1&cid=64146230.1667990873&jid=1295117981&_u=YEBAAUAAAAAAACAAI~&z=621598647
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-144347007-1&cid=64146230.1667990873&jid=1295117981&_u=YEBAAUAAAAAAACAAI~&z=621598647
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-144347007-1&cid=64146230.1667990873&jid=1295117981&_u=YEBAAUAAAAAAACAAI~&z=621598647 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alokab.alafdal.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 09 Nov 2022 10:47:57 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-144347007-1&cid=64146230.1667990873&jid=1295117981&_u=YEBAAUAAAAAAACAAI~&z=621598647
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-144347007-1&cid=64146230.1667990873&jid=1295117981&_u=YEBAAUAAAAAAACAAI~&z=621598647
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-144347007-1&cid=64146230.1667990873&jid=1295117981&_u=YEBAAUAAAAAAACAAI~&z=621598647 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alokab.alafdal.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 09 Nov 2022 10:47:57 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash f0a2b1e32df4a91cc58ef6aeff8fb184
73a2060c99a6633d03d8b00d45c96941f99dcde1
ade5e80916bfb0a1963da196fc60c17de1e1e758293e468b4a9c305f7555d997
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 10:47:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
vidstat.taboola.com/lite-unit/3.9.5/UnitWidgetItemDesktop.min.js
151.101.85.44304 Not Modified 0 B URL HTTP/2 vidstat.taboola.com/lite-unit/3.9.5/UnitWidgetItemDesktop.min.js
IP 151.101.85.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /lite-unit/3.9.5/UnitWidgetItemDesktop.min.js HTTP/1.1
Host: vidstat.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alokab.alafdal.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Tue, 13 Sep 2022 09:04:05 GMT
If-None-Match: "8b1ffbd4f9c44c447f9a11e92fbb9112"
TE: trailers
HTTP/2 304 Not Modified
date: Wed, 09 Nov 2022 10:47:57 GMT
via: 1.1 varnish
cache-control: public, max-age=2592000
etag: "8b1ffbd4f9c44c447f9a11e92fbb9112"
age: 3805558
x-served-by: cache-bma1627-BMA
x-cache: HIT
x-cache-hits: 9178
x-timer: S1667990877.455265,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 5c4c9c21e826ed9dd1520ac96dea393c
106bc7d84ae02a77a4006f2cae1cf7b5093d36c0
1201a34924da1af919077623ac06926d89f890b33b843d30e1e129fee007783f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 10:47:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 03ee7f4a43356c47029e5d540259b1bd
7aedc69cbcfeefb108d4be877fe61b709865c490
849cf469f3485c768a9384eb6304f535ae86853170047043604670cf364e69b7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2598
Cache-Control: max-age=166453
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 10:47:57 GMT
Etag: "636b626c-116"
Expires: Fri, 11 Nov 2022 09:02:10 GMT
Last-Modified: Wed, 09 Nov 2022 08:18:52 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 03ee7f4a43356c47029e5d540259b1bd
7aedc69cbcfeefb108d4be877fe61b709865c490
849cf469f3485c768a9384eb6304f535ae86853170047043604670cf364e69b7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2598
Cache-Control: max-age=166453
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 10:47:57 GMT
Etag: "636b626c-116"
Expires: Fri, 11 Nov 2022 09:02:10 GMT
Last-Modified: Wed, 09 Nov 2022 08:18:52 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 278
bidder.criteo.com/csm/events
178.250.0.165204 No Content 0 B URL HTTP/2 bidder.criteo.com/csm/events
IP 178.250.0.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csm/events HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 373
Origin: https://alokab.alafdal.net
Connection: keep-alive
Referer: https://alokab.alafdal.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Wed, 09 Nov 2022 10:47:57 GMT
vary: Origin
server: Finatra
timing-allow-origin: *
access-control-allow-origin: https://alokab.alafdal.net
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
tzegilo.com/stattag.js
172.67.194.45200 OK 5.7 kB IP 172.67.194.45:0
File type ASCII text, with very long lines (13017), with no line terminators
Hash c8a8428c0f159a6d16b916698c50e3c0
3ed8370711298dd4b56a9e3f4e11637bf84534a8
721daac858294ded1a5d541a1ceb483bd196d061473820cdf5fec25b2c479313
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alokab.alafdal.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 09 Nov 2022 10:47:57 GMT
content-type: application/javascript
last-modified: Tue, 18 Oct 2022 14:05:58 GMT
etag: W/"634eb2c6-32d9"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 5038
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f9qWcVBKsjbV3FMB1d7ZoNMYvs%2BzbM%2FbCJjzZLh0nU4eL4YKVVFr42BsNma%2BImvLAHJH5hDMley%2FgUYnjhlSxtRqPe%2F2CnsINKNxKwRoNDINa4XmWjvVOZqOF0z4tg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7675f928ed541c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?userId=c52e1ec93fe844c896f3bf0d1892c8cb
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=c52e1ec93fe844c896f3bf0d1892c8cb
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 3a2cf886cff971cb16e04585f0a9a22a
0114799421d3bbc2c5b021faa917743a3cf1bb4f
ea245039d499c78ddde361af6640fa2bc9f1a8bc8d4a05ee5148948242b14bf9
GET /gid.js?userId=c52e1ec93fe844c896f3bf0d1892c8cb HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://alokab.alafdal.net
Connection: keep-alive
Referer: https://alokab.alafdal.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 10:47:57 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://alokab.alafdal.net
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=c52e1ec93fe844c896f3bf0d1892c8cb; expires=Thu, 09 Nov 2023 10:47:57 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//s29588.pcdn.co/wp-content/uploads/sites/2/2021/04/aqua-dam-793x526resize.jpg.optimal.jpg
151.101.85.44200 OK 11 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//s29588.pcdn.co/wp-content/uploads/sites/2/2021/04/aqua-dam-793x526resize.jpg.optimal.jpg
IP 151.101.85.44:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash ddbd7051237084a9bf1e163a0cd738bc
ac6d3048dbac459fd9331acef53ed7bd6b5e369f
74fb46162e0f59338c2d0790b3bb1af41a66d100adc5d60ea67a477f7abe8148
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//s29588.pcdn.co/wp-content/uploads/sites/2/2021/04/aqua-dam-793x526resize.jpg.optimal.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alokab.alafdal.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 373234355486729988163224879813363204491,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 373234355486729988163224879813363204491,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
etag: "89dfaaae4a554efb6c903bd5b4eb4d73"
last-modified: Sun, 02 Oct 2022 16:04:50 GMT
req-referer: https://patrioty.org.ua/
status: 200 OK
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-request-id: fd8e5541a2722e3120d7004e23b6c360
x-envoy-upstream-service-time: 453
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Wed, 09 Nov 2022 10:47:57 GMT
age: 1459459
x-served-by: cache-iad-kiad7000127-IAD, cache-iad-kjyo7100165-IAD, cache-lga21948-LGA, cache-iad-kiad7000131-IAD, cache-bma1627-BMA
x-cache: MISS, MISS, MISS, HIT, HIT
x-cache-hits: 0, 0, 0, 1, 1
x-timer: S1667990878.714244,VS0,VE1
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//s29588.pcdn.co/wp-content/uploads/sites/2/2021/04/aqua-dam-793x526resize.jpg.optimal.jpg
x-vcl-time-ms: 1
content-length: 11320
X-Firefox-Spdy: h2
il-trc-events.taboola.com/forumotion-ar/log/3/bulk-metrics?route=AM%3AIL%3AV<i=deflated&bulkSize=2
185.106.33.48204 No Content 0 B URL HTTP/2 il-trc-events.taboola.com/forumotion-ar/log/3/bulk-metrics?route=AM%3AIL%3AV<i=deflated&bulkSize=2
IP 185.106.33.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /forumotion-ar/log/3/bulk-metrics?route=AM%3AIL%3AV<i=deflated&bulkSize=2 HTTP/1.1
Host: il-trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 1693
Origin: https://alokab.alafdal.net
Connection: keep-alive
Referer: https://alokab.alafdal.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Wed, 09 Nov 2022 10:47:57 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://alokab.alafdal.net
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2c3d10f92ca76e0b6922fc819f234d28.jpg
151.101.85.44200 OK 24 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2c3d10f92ca76e0b6922fc819f234d28.jpg
IP 151.101.85.44:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 3cd0124a21db429bfff900ab7bc1f4f5
73ba730388c6d25511a5daf741efda7f827ab973
a9ddc699f815ff41348f4023f4ff9c7e2643cd29d84105ca1b55897a6935674c
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2c3d10f92ca76e0b6922fc819f234d28.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alokab.alafdal.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 562627885598675073582901438440044481241,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 562627885598675073582901438440044481241,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
etag: "e8ce5739010f67868307e43d9841f560"
expiration: expiry-date="Fri, 30 Sep 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
last-modified: Tue, 30 Aug 2022 15:55:34 GMT
req-referer: https://www.espn.com/
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-envoy-upstream-service-time: 91
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Wed, 09 Nov 2022 10:47:57 GMT
age: 3613614
x-served-by: cache-iad-kjyo7100174-IAD, cache-iad-kiad7000060-IAD, cache-lax10636-LGB, cache-iad-kcgs7200125-IAD, cache-bma1627-BMA
x-cache: HIT, HIT, MISS, HIT, HIT
x-cache-hits: 1, 1, 0, 379, 1
x-timer: S1667990878.714633,VS0,VE1
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2c3d10f92ca76e0b6922fc819f234d28.jpg
x-vcl-time-ms: 1
content-length: 23754
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f46/14/56/27/70/22222211.jpg
151.101.85.44200 OK 6.3 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f46/14/56/27/70/22222211.jpg
IP 151.101.85.44:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash e02787c16dcbbf9cca4a2876540f0595
9e3b8fb20fad580160238f9d7b0d5c1344cc37f9
9f1cbc534a9b06bf250ff4498d8aa0ec2e798835c63ea526c9b11e94aea9a1b0
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f46/14/56/27/70/22222211.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alokab.alafdal.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 626842837950884341048868273983370434450,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 626842837950884341048868273983370434450,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
etag: "3663022888f788ff5654d0ade0e3414f"
expiration: expiry-date="Thu, 20 Oct 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
last-modified: Mon, 19 Sep 2022 18:14:37 GMT
req-referer: https://kaldany.ahlamontada.com/
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-envoy-upstream-service-time: 623
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Wed, 09 Nov 2022 10:47:57 GMT
age: 2906605
x-served-by: cache-iad-kcgs7200128-IAD, cache-iad-kjyo7100179-IAD, cache-lga21974-LGA, cache-iad-kjyo7100081-IAD, cache-bma1627-BMA
x-cache: MISS, HIT, HIT, HIT, HIT
x-cache-hits: 0, 1, 1, 78, 1
x-timer: S1667990878.715179,VS0,VE1
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f46/14/56/27/70/22222211.jpg
x-vcl-time-ms: 1
content-length: 6252
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f21/19/73/51/38/vente-10.jpg
151.101.85.44200 OK 12 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f21/19/73/51/38/vente-10.jpg
IP 151.101.85.44:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 7e2823d12a0e69784dd9f2ccaef4af99
aa947ae91377e23dea893475dba70c3be8ef1ede
61d9bf4438034b826c366ab50bfb546989ed5c3cddd19f6569705d6030ec4abf
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f21/19/73/51/38/vente-10.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alokab.alafdal.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 352690306229506137798207407469809578240,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 352690306229506137798207407469809578240,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
etag: "b3c9505a19038b4db67c1b73ca53d270"
last-modified: Tue, 04 Oct 2022 10:35:32 GMT
req-referer: https://espoir.yoo7.com/
status: 200 OK
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-request-id: 2326e4eb2090fbf37472b9c3ee9648d9
x-envoy-upstream-service-time: 1304
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Wed, 09 Nov 2022 10:47:57 GMT
age: 1747647
x-served-by: cache-iad-kcgs7200155-IAD, cache-iad-kcgs7200020-IAD, cache-lax10633-LGB, cache-iad-kcgs7200059-IAD, cache-bma1627-BMA
x-cache: MISS, HIT, HIT, HIT, HIT
x-cache-hits: 0, 1, 1, 46, 1
x-timer: S1667990878.715082,VS0,VE1
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f21/19/73/51/38/vente-10.jpg
x-vcl-time-ms: 1
content-length: 12202
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f57/12/12/19/70/99408211.jpg
151.101.85.44200 OK 2.6 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f57/12/12/19/70/99408211.jpg
IP 151.101.85.44:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash b9bb265e4255d3ddf59ea4812aa11769
f4f355c3b77df95424f0b58ca43d690d6051e53b
48dfbe3c263022d7fcbf4419a754eb2679184639765b7442229134abc726294b
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f57/12/12/19/70/99408211.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alokab.alafdal.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 502481601691090639326748526874311044395,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 502481601691090639326748526874311044395,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
etag: "8fd938bcb82a0ef380dcc5f7e97a9f92"
last-modified: Mon, 07 Nov 2022 09:16:38 GMT
req-referer: https://janat32.ahlamontada.net/
status: 200 OK
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-request-id: be9123055c7c7270eddc1d4ed933df47
x-envoy-upstream-service-time: 947
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Wed, 09 Nov 2022 10:47:57 GMT
age: 176451
x-served-by: cache-iad-kiad7000091-IAD, cache-iad-kjyo7100024-IAD, cache-lax10665-LGB, cache-iad-kjyo7100032-IAD, cache-bma1627-BMA
x-cache: MISS, MISS, MISS, HIT, HIT
x-cache-hits: 0, 0, 0, 10, 1
x-timer: S1667990878.715561,VS0,VE1
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f57/12/12/19/70/99408211.jpg
x-vcl-time-ms: 1
content-length: 2594
X-Firefox-Spdy: h2
il-trc-events.taboola.com/forumotion-ar/log/2/debug?tim=10%3A47%3A54.121&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=6626&cv=20221108-4-RELEASE<=deflated&pct=1
185.106.33.48204 No Content 0 B URL HTTP/2 il-trc-events.taboola.com/forumotion-ar/log/2/debug?tim=10%3A47%3A54.121&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=6626&cv=20221108-4-RELEASE<=deflated&pct=1
IP 185.106.33.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /forumotion-ar/log/2/debug?tim=10%3A47%3A54.121&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=6626&cv=20221108-4-RELEASE<=deflated&pct=1 HTTP/1.1
Host: il-trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alokab.alafdal.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Wed, 09 Nov 2022 10:47:57 GMT
x-fastly-to-nlb-rtt: 77940
access-control-allow-credentials: true
X-Firefox-Spdy: h2
cdn.betgorebysson.club/?rb=8mgpMZSVPAbsDAKsMlzS1B1ZVG4qdlmxiw2ElgmbJd2XUV5sAMxLatOwVvISeKk03azhoduWaDGlMrlSLiU4mT__9Z06q1Lu_vyYXkZBGqeTZieQbM_lh4xsb4g2_FY4TD6DduKCkKWe1RNkhEgAtNEyGwKK8TvUsNVORiCbtV1V2S_0WkrFq_MruuUxV6OMa6x-8KJMEW9VIlyIxZ-Z5I3AcgmGisxVTrnsc3DUG1uPVBi6&request_ab2=0&zoneid=3765907&js_build=iclick-v1.448.1&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=5&pl=https%3A%2F%2Falokab.alafdal.net%2Ft1058-topic&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.448.1&bs=ba80cb7f-4423-42df-9728-a37995d7f32e&userId=c52e1ec93fe844c896f3bf0d1892c8cb&m=link
139.45.195.8200 OK 1.8 kB URL HTTP/2 cdn.betgorebysson.club/?rb=8mgpMZSVPAbsDAKsMlzS1B1ZVG4qdlmxiw2ElgmbJd2XUV5sAMxLatOwVvISeKk03azhoduWaDGlMrlSLiU4mT__9Z06q1Lu_vyYXkZBGqeTZieQbM_lh4xsb4g2_FY4TD6DduKCkKWe1RNkhEgAtNEyGwKK8TvUsNVORiCbtV1V2S_0WkrFq_MruuUxV6OMa6x-8KJMEW9VIlyIxZ-Z5I3AcgmGisxVTrnsc3DUG1uPVBi6&request_ab2=0&zoneid=3765907&js_build=iclick-v1.448.1&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=5&pl=https%3A%2F%2Falokab.alafdal.net%2Ft1058-topic&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.448.1&bs=ba80cb7f-4423-42df-9728-a37995d7f32e&userId=c52e1ec93fe844c896f3bf0d1892c8cb&m=link
IP 139.45.195.8:0
Hash 885e2c8faa3e7de60eee048812599522
4851fedb7a5e711f44f2401c0d9f619bcb1ec37a
91a37de5e4923bf858dc040626be2ad6baaa076ad16497fc5e7e9dec5ef7fbdb
GET /?rb=8mgpMZSVPAbsDAKsMlzS1B1ZVG4qdlmxiw2ElgmbJd2XUV5sAMxLatOwVvISeKk03azhoduWaDGlMrlSLiU4mT__9Z06q1Lu_vyYXkZBGqeTZieQbM_lh4xsb4g2_FY4TD6DduKCkKWe1RNkhEgAtNEyGwKK8TvUsNVORiCbtV1V2S_0WkrFq_MruuUxV6OMa6x-8KJMEW9VIlyIxZ-Z5I3AcgmGisxVTrnsc3DUG1uPVBi6&request_ab2=0&zoneid=3765907&js_build=iclick-v1.448.1&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=5&pl=https%3A%2F%2Falokab.alafdal.net%2Ft1058-topic&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.448.1&bs=ba80cb7f-4423-42df-9728-a37995d7f32e&userId=c52e1ec93fe844c896f3bf0d1892c8cb&m=link HTTP/1.1
Host: cdn.betgorebysson.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alokab.alafdal.net/
Origin: https://alokab.alafdal.net
Connection: keep-alive
Cookie: OAID=c52e1ec93fe844c896f3bf0d1892c8cb; oaidts=1667990877
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 10:47:57 GMT
content-type: application/json
x-trace-id: 55aded9d93e1d29c700d86385c565eee
access-control-allow-origin: https://alokab.alafdal.net
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=c52e1ec93fe844c896f3bf0d1892c8cb; expires=Thu, 09 Nov 2023 10:47:57 GMT; path=/; secure; SameSite=None
oaidts=1667990877; expires=Thu, 09 Nov 2023 10:47:57 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Wed, 16 Nov 2022 10:47:57 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
am-match.taboola.com/sync?dast=V7_EcCFgMO3chJZclQwAQO3chJZclQwAUAAAAGBuIHJGVZeSajjXOtGqwGa9Fi5nJLDIvJWmKZuTwzi8u223iGQFKWlWcy2jjXqsFqsBYtZi63xLCYrCWWmcszs7hsu41nChE3GQ6fg4Go6Hpb7A6n2fMGEzSdDp_rXq8w-70Oi11hdthMDrNd7jL9RY_BargW_Q1Pjx0AAAAAHv7___8hAAAAACIAAAAAJAAAAAAoAir-LQQuAAAAADD-____NQA-OQjec_b7AwAAAAAEAAAAgARgYDWgBODjfOXk_________z9mgD7zRub_____xqAH4MEH4EEIAADgYmjlh5A-Dn2DgajAuYgRAAAAwJaWiubRpE6oLKr-___7rQCuAAACCLkA5IOzdAcl3sIAAAACxhboYfH7zQ67xu922f________-_2f_ZP5rQ2-h1WhDL6LXaLyAAwNovIAAAm7oBALwFwAUdQSsGg9UpxG44W-xGs81odgAAAAB3_____3ogsloMVq7VaGXZmGbOiWPiWrhMm41x5DINFxabb3u4eTnK6pqBcH0RNxkOn4OBqOh6W-wOp9lzP4qWLHfL3Wo0WYxGy-VmN9yMBvsbiMFqgBMxWC4nk8VktxqtRpvhbjQbLFAgBhOkaMlquVyuNpvVajdazAab5XCzQYpWrWajzWC4mk1mu91qOBguRyOkaMlyt9ytRpPFaLRcbnbDzWgwRBiZTFy2jWezlmwsI7doYdm4lZPVxi2xLEyTwWg22Uw2a9HrY3rYVoOFyeNFwQCOvUieFulEMdn4Zp6FbTEZuYwT32Y0WEwcNs9g5BgufBuLbyKWaE4W6UR22VdWi8HKtRqtLBvTzDlxTFwLl2mzMY5cpuHCYvPtK5OJy7bxbNaSjWXkFi0sG7dystq4JZaFaTIYzSabyWYten1MD9tqsDB5_I3ZbLdcDoa72b4xm-2Wy8FwN9t36Azf1edsdAbHE4_M2fLcIhqbw6BwGSze3-cibUYbN6NKG7ZYVNfizjWx6rSxk7FzMBsUvuE1Mfz91M9rN3s7iA0GRSwRXKQTmd_yevtNT7_drbBcxBKl6SKd6EWPwWq4Fv0NT49FLBGcLtKJ6GU8XdR_ZMjFXDmYiyZzxWq0SgAAAAAAAAAAS5gzbwIAAABwGshosBmu1nkgg-Vgt1wtFwDC2UsXAAAAAAAAAGD3a3rYkcMCtqy48eMG81teb7_p6be7FZYrAzxQkzNv_kwQa7Va1gAAAALYAAAAAdy6eQvAZuL_____4wAAAGTk6AEAAMT3garAAQAAAAD4CW64XAw!&excid=22&docw=0&cijs=1&nlb=false
141.226.228.48200 OK 742 B URL HTTP/2 am-match.taboola.com/sync?dast=V7_EcCFgMO3chJZclQwAQO3chJZclQwAUAAAAGBuIHJGVZeSajjXOtGqwGa9Fi5nJLDIvJWmKZuTwzi8u223iGQFKWlWcy2jjXqsFqsBYtZi63xLCYrCWWmcszs7hsu41nChE3GQ6fg4Go6Hpb7A6n2fMGEzSdDp_rXq8w-70Oi11hdthMDrNd7jL9RY_BargW_Q1Pjx0AAAAAHv7___8hAAAAACIAAAAAJAAAAAAoAir-LQQuAAAAADD-____NQA-OQjec_b7AwAAAAAEAAAAgARgYDWgBODjfOXk_________z9mgD7zRub_____xqAH4MEH4EEIAADgYmjlh5A-Dn2DgajAuYgRAAAAwJaWiubRpE6oLKr-___7rQCuAAACCLkA5IOzdAcl3sIAAAACxhboYfH7zQ67xu922f________-_2f_ZP5rQ2-h1WhDL6LXaLyAAwNovIAAAm7oBALwFwAUdQSsGg9UpxG44W-xGs81odgAAAAB3_____3ogsloMVq7VaGXZmGbOiWPiWrhMm41x5DINFxabb3u4eTnK6pqBcH0RNxkOn4OBqOh6W-wOp9lzP4qWLHfL3Wo0WYxGy-VmN9yMBvsbiMFqgBMxWC4nk8VktxqtRpvhbjQbLFAgBhOkaMlquVyuNpvVajdazAab5XCzQYpWrWajzWC4mk1mu91qOBguRyOkaMlyt9ytRpPFaLRcbnbDzWgwRBiZTFy2jWezlmwsI7doYdm4lZPVxi2xLEyTwWg22Uw2a9HrY3rYVoOFyeNFwQCOvUieFulEMdn4Zp6FbTEZuYwT32Y0WEwcNs9g5BgufBuLbyKWaE4W6UR22VdWi8HKtRqtLBvTzDlxTFwLl2mzMY5cpuHCYvPtK5OJy7bxbNaSjWXkFi0sG7dystq4JZaFaTIYzSabyWYten1MD9tqsDB5_I3ZbLdcDoa72b4xm-2Wy8FwN9t36Azf1edsdAbHE4_M2fLcIhqbw6BwGSze3-cibUYbN6NKG7ZYVNfizjWx6rSxk7FzMBsUvuE1Mfz91M9rN3s7iA0GRSwRXKQTmd_yevtNT7_drbBcxBKl6SKd6EWPwWq4Fv0NT49FLBGcLtKJ6GU8XdR_ZMjFXDmYiyZzxWq0SgAAAAAAAAAAS5gzbwIAAABwGshosBmu1nkgg-Vgt1wtFwDC2UsXAAAAAAAAAGD3a3rYkcMCtqy48eMG81teb7_p6be7FZYrAzxQkzNv_kwQa7Va1gAAAALYAAAAAdy6eQvAZuL_____4wAAAGTk6AEAAMT3garAAQAAAAD4CW64XAw!&excid=22&docw=0&cijs=1&nlb=false
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (742), with no line terminators
Hash 98a76f3a7fd5e8337ef3301d5d69d0d7
f7c260a4e32ec68e61dc6e25c3b7e4d2b572c6a6
878a2c6c7257a40f4bd4a98b8e865f1307fadd09a359b067f19049d6f096a4c3
GET /sync?dast=V7_EcCFgMO3chJZclQwAQO3chJZclQwAUAAAAGBuIHJGVZeSajjXOtGqwGa9Fi5nJLDIvJWmKZuTwzi8u223iGQFKWlWcy2jjXqsFqsBYtZi63xLCYrCWWmcszs7hsu41nChE3GQ6fg4Go6Hpb7A6n2fMGEzSdDp_rXq8w-70Oi11hdthMDrNd7jL9RY_BargW_Q1Pjx0AAAAAHv7___8hAAAAACIAAAAAJAAAAAAoAir-LQQuAAAAADD-____NQA-OQjec_b7AwAAAAAEAAAAgARgYDWgBODjfOXk_________z9mgD7zRub_____xqAH4MEH4EEIAADgYmjlh5A-Dn2DgajAuYgRAAAAwJaWiubRpE6oLKr-___7rQCuAAACCLkA5IOzdAcl3sIAAAACxhboYfH7zQ67xu922f________-_2f_ZP5rQ2-h1WhDL6LXaLyAAwNovIAAAm7oBALwFwAUdQSsGg9UpxG44W-xGs81odgAAAAB3_____3ogsloMVq7VaGXZmGbOiWPiWrhMm41x5DINFxabb3u4eTnK6pqBcH0RNxkOn4OBqOh6W-wOp9lzP4qWLHfL3Wo0WYxGy-VmN9yMBvsbiMFqgBMxWC4nk8VktxqtRpvhbjQbLFAgBhOkaMlquVyuNpvVajdazAab5XCzQYpWrWajzWC4mk1mu91qOBguRyOkaMlyt9ytRpPFaLRcbnbDzWgwRBiZTFy2jWezlmwsI7doYdm4lZPVxi2xLEyTwWg22Uw2a9HrY3rYVoOFyeNFwQCOvUieFulEMdn4Zp6FbTEZuYwT32Y0WEwcNs9g5BgufBuLbyKWaE4W6UR22VdWi8HKtRqtLBvTzDlxTFwLl2mzMY5cpuHCYvPtK5OJy7bxbNaSjWXkFi0sG7dystq4JZaFaTIYzSabyWYten1MD9tqsDB5_I3ZbLdcDoa72b4xm-2Wy8FwN9t36Azf1edsdAbHE4_M2fLcIhqbw6BwGSze3-cibUYbN6NKG7ZYVNfizjWx6rSxk7FzMBsUvuE1Mfz91M9rN3s7iA0GRSwRXKQTmd_yevtNT7_drbBcxBKl6SKd6EWPwWq4Fv0NT49FLBGcLtKJ6GU8XdR_ZMjFXDmYiyZzxWq0SgAAAAAAAAAAS5gzbwIAAABwGshosBmu1nkgg-Vgt1wtFwDC2UsXAAAAAAAAAGD3a3rYkcMCtqy48eMG81teb7_p6be7FZYrAzxQkzNv_kwQa7Va1gAAAALYAAAAAdy6eQvAZuL_____4wAAAGTk6AEAAMT3garAAQAAAAD4CW64XAw!&excid=22&docw=0&cijs=1&nlb=false HTTP/1.1
Host: am-match.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alokab.alafdal.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 10:47:57 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3406
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=rtus&domain=alafdal.net&sn=FirefoxSyncframe&so=3&topUrl=alokab.alafdal.net&bundle=6U9_rF9JY1hORmwzV0VDUU12aWVEQ2xETGR2dVlPQ2lScGglMkZZbllZQm03dW9kelU1ZGhWTk9DOWlvZEs1U2k1VzhVZGM3TG1LVERjUVZOUzlKTHFoNnBhUWl5eXloVmRzJTJCNzRQamwlMkIxSWFFdW5aT25XekN0MEp6VVZoMnpDJTJGcGVMN2hoYiUyQkUydEZIb1Vyc0pDMyUyQmJjTmxMeUElM0QlM0Q&info=TtQTPl80M0RITmhlJTJCZkMwOUJGQlhaMUN2czVmaGVablRqaXBsRkp5ZklWN29nZEtUYnVqTHhpem51U2luJTJCdzAyZmx6VA&idsd=-231654676,-583984675&cw=1&rtusCallerId=72&lsw=1
178.250.2.146200 OK 332 B URL HTTP/2 gum.criteo.com/sid/json?origin=rtus&domain=alafdal.net&sn=FirefoxSyncframe&so=3&topUrl=alokab.alafdal.net&bundle=6U9_rF9JY1hORmwzV0VDUU12aWVEQ2xETGR2dVlPQ2lScGglMkZZbllZQm03dW9kelU1ZGhWTk9DOWlvZEs1U2k1VzhVZGM3TG1LVERjUVZOUzlKTHFoNnBhUWl5eXloVmRzJTJCNzRQamwlMkIxSWFFdW5aT25XekN0MEp6VVZoMnpDJTJGcGVMN2hoYiUyQkUydEZIb1Vyc0pDMyUyQmJjTmxMeUElM0QlM0Q&info=TtQTPl80M0RITmhlJTJCZkMwOUJGQlhaMUN2czVmaGVablRqaXBsRkp5ZklWN29nZEtUYnVqTHhpem51U2luJTJCdzAyZmx6VA&idsd=-231654676,-583984675&cw=1&rtusCallerId=72&lsw=1
IP 178.250.2.146:0
File type JSON data\012- , ASCII text, with very long lines (401), with no line terminators
Hash 52d9ca123549eb1e4d64c99d958f256b
9ab37faf6666ec95a211f832904b7f6c23c7d4ed
388c38ba8b3091554c66e2174fffa0e7ba9119e3ce6c55ed017d5c7d602f65a8
GET /sid/json?origin=rtus&domain=alafdal.net&sn=FirefoxSyncframe&so=3&topUrl=alokab.alafdal.net&bundle=6U9_rF9JY1hORmwzV0VDUU12aWVEQ2xETGR2dVlPQ2lScGglMkZZbllZQm03dW9kelU1ZGhWTk9DOWlvZEs1U2k1VzhVZGM3TG1LVERjUVZOUzlKTHFoNnBhUWl5eXloVmRzJTJCNzRQamwlMkIxSWFFdW5aT25XekN0MEp6VVZoMnpDJTJGcGVMN2hoYiUyQkUydEZIb1Vyc0pDMyUyQmJjTmxMeUElM0QlM0Q&info=TtQTPl80M0RITmhlJTJCZkMwOUJGQlhaMUN2czVmaGVablRqaXBsRkp5ZklWN29nZEtUYnVqTHhpem51U2luJTJCdzAyZmx6VA&idsd=-231654676,-583984675&cw=1&rtusCallerId=72&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?origin=rtus&topUrl=alokab.alafdal.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 10:47:57 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 7751115
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
178.250.2.146200 OK 0 B URL HTTP/2 gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
IP 178.250.2.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /sync?c=72&r=2&j=TRC.getRTUS HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-crto-bundle
Referer: https://alokab.alafdal.net/
Origin: https://alokab.alafdal.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 10:47:57 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=3600
expires: 60
access-control-allow-credentials: true
access-control-allow-headers: X-CRTO-SID, X-CRTO-IDCPY, X-CRTO-OPTOUT, X-CRTO-BUNDLE
access-control-allow-origin: https://alokab.alafdal.net
server-processing-duration-in-ticks: 563751
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 678de2273bbf1e05b6ab7ccd72f1603b
2cc55f29a75014a38d23a1fc839c8ea56bea4346
02a089d1dae348c29665b5cf650ca9fd5450f63ff93e7986304fb70d95460e36
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 10:47:58 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 08 Nov 2022 01:33:19 GMT
Expires: Tue, 15 Nov 2022 01:33:18 GMT
Etag: "2cc55f29a75014a38d23a1fc839c8ea56bea4346"
Cache-Control: max-age=484519,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7675f92b5b130afa-OSL
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3877e9fd8edbee8c168edb1822364c1e
fbd6e07a4bee75b69c2a25b14e161863c96ea288
c3191796d5668958445a15ffaccae8eaa1313098b42d659ab5bd3e5eb219bc98
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 468
Cache-Control: max-age=135175
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 10:47:58 GMT
Etag: "636af091-1d7"
Expires: Fri, 11 Nov 2022 00:20:53 GMT
Last-Modified: Wed, 09 Nov 2022 00:13:05 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
178.250.2.146200 OK 9.3 kB URL HTTP/2 gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
IP 178.250.2.146:0
Hash effbf86239231104bf5ef2778fc1a395
5339c9d45b565ba9c552a4bd2f1e40fb226701dc
8f6b7dc446cb6e4199f2825433689f59afaaf57a22d9d8a7eb9a02fd0a189f09
GET /sync?c=72&r=2&j=TRC.getRTUS HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alokab.alafdal.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 10:47:55 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
server-processing-duration-in-ticks: 688511
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3877e9fd8edbee8c168edb1822364c1e
fbd6e07a4bee75b69c2a25b14e161863c96ea288
c3191796d5668958445a15ffaccae8eaa1313098b42d659ab5bd3e5eb219bc98
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4365
Cache-Control: max-age=139071
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 10:47:58 GMT
Etag: "636af091-1d7"
Expires: Fri, 11 Nov 2022 01:25:49 GMT
Last-Modified: Wed, 09 Nov 2022 00:13:05 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3877e9fd8edbee8c168edb1822364c1e
fbd6e07a4bee75b69c2a25b14e161863c96ea288
c3191796d5668958445a15ffaccae8eaa1313098b42d659ab5bd3e5eb219bc98
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5872
Cache-Control: max-age=140579
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 10:47:58 GMT
Etag: "636af091-1d7"
Expires: Fri, 11 Nov 2022 01:50:57 GMT
Last-Modified: Wed, 09 Nov 2022 00:13:05 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
vidstat.taboola.com/vpaid/units/32_3_9/assets/css/cmOsUnit.css
151.101.85.44200 OK 8.3 kB URL HTTP/2 vidstat.taboola.com/vpaid/units/32_3_9/assets/css/cmOsUnit.css
IP 151.101.85.44:0
Hash a28320a69408adba1f01f56d6eb80708
8012c7108fab547cf31481cfda7cb49e654a0542
befbb274b7045e7e5791a4badbe46e1a2e367e6570da7cd0ac127acc4b8e8991
GET /vpaid/units/32_3_9/assets/css/cmOsUnit.css HTTP/1.1
Host: vidstat.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alokab.alafdal.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: ljlvvQDhIUCzT4p7ctrpgRVm/AgQtm7fjmkgdPdQEdK+I/6gOStiEPjeOdgbHJbZhoc5ZvcUtsg=
x-amz-request-id: T5MPDEACYQN9GHJF
last-modified: Thu, 27 Oct 2022 07:34:38 GMT
etag: "a28320a69408adba1f01f56d6eb80708"
x-amz-meta-ctime: 1666856077
x-amz-meta-mode: 33188
x-amz-meta-gid: 0
x-amz-meta-uid: 0
x-amz-meta-mtime: 1666856076
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
date: Wed, 09 Nov 2022 10:47:58 GMT
via: 1.1 varnish
age: 1134588
x-served-by: cache-bma1627-BMA
x-cache: HIT
x-cache-hits: 6408
x-timer: S1667990878.218928,VS0,VE0
vary: Accept-Encoding
server: AmazonS3-br
content-encoding: br
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
content-length: 8297
X-Firefox-Spdy: h2
datatechonert.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
139.45.195.253200 OK 12 B URL HTTP/1.1 datatechonert.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP 139.45.195.253:0
File type JSON data\012- , ASCII text, with no line terminators
Hash adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
Analyzer Verdict Alert quad9 Sinkholed
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: datatechonert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 900
Origin: https://alokab.alafdal.net
Connection: keep-alive
Referer: https://alokab.alafdal.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Wed, 09 Nov 2022 10:47:58 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://alokab.alafdal.net
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
185.94.180.125302 Found 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
IP 185.94.180.125:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 09 Nov 2022 10:47:58 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=f958fe0d-601b-11ed-b746-1131174c0106; expires=Wed, 07-Dec-2022 10:47:58 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=f958fe51-601b-11ed-b746-1131174c0106
X-fe: 86
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
vidstat.taboola.com/vpaid/units/32_3_9/infra/cmTagWIDGET_ITEM.js
151.101.85.44200 OK 128 kB URL HTTP/2 vidstat.taboola.com/vpaid/units/32_3_9/infra/cmTagWIDGET_ITEM.js
IP 151.101.85.44:0
File type Unicode text, UTF-8 text, with very long lines (65489), with no line terminators
Size 128 kB (127663 bytes)
Hash ed6a7be4b07d1653940edf3b59561b62
e86457f6d9ef3ef5fec8a050d56af827c9196a13
acf67360b42eaaba607d73f434c457b3200388b5e62e4e91d984d7e9d6d35172
GET /vpaid/units/32_3_9/infra/cmTagWIDGET_ITEM.js HTTP/1.1
Host: vidstat.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://alokab.alafdal.net
Connection: keep-alive
Referer: https://alokab.alafdal.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: 4XCKL71V4KhsoHyueX5jpjHsfDsjxykDhjiYcY77zYUxGJieqBjvCotMWQmIVh7NEI0bxQTkd+w=
x-amz-request-id: S3DTXRQWZQ29XXKX
last-modified: Thu, 27 Oct 2022 07:33:46 GMT
etag: "ed6a7be4b07d1653940edf3b59561b62"
x-amz-meta-ctime: 1666856025
x-amz-meta-mode: 33188
x-amz-meta-gid: 0
x-amz-meta-uid: 0
x-amz-meta-mtime: 1666856024
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
date: Wed, 09 Nov 2022 10:47:58 GMT
via: 1.1 varnish
age: 1134586
x-served-by: cache-bma1627-BMA
x-cache: HIT
x-cache-hits: 3389
x-timer: S1667990878.233462,VS0,VE0
vary: Accept-Encoding
server: AmazonS3-br
content-encoding: br
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
content-length: 127663
X-Firefox-Spdy: h2
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
185.94.180.125302 Found 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
IP 185.94.180.125:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 09 Nov 2022 10:47:58 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=f96042ed-601b-11ed-bc07-17d925990506; expires=Wed, 07-Dec-2022 10:47:58 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=f960432b-601b-11ed-bc07-17d925990506
X-fe: 4
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
185.94.180.125302 Found 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
IP 185.94.180.125:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imprammp.taboola.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 09 Nov 2022 10:47:58 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=f960605c-601b-11ed-946c-107c10e90206; expires=Wed, 07-Dec-2022 10:47:58 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=f96060ad-601b-11ed-946c-107c10e90206
X-fe: 85
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
185.94.180.125302 Found 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
IP 185.94.180.125:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imprammp.taboola.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 09 Nov 2022 10:47:58 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=f9603aa7-601b-11ed-8517-190e06a80406; expires=Wed, 07-Dec-2022 10:47:58 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=f9603af5-601b-11ed-8517-190e06a80406
X-fe: 17
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=f958fe51-601b-11ed-b746-1131174c0106
185.94.180.125204 No Content 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=f958fe51-601b-11ed-b746-1131174c0106
IP 185.94.180.125:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=f958fe51-601b-11ed-b746-1131174c0106 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://am-match.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx
Date: Wed, 09 Nov 2022 10:47:58 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=f960c467-601b-11ed-96a7-182a6e990106; expires=Wed, 07-Dec-2022 10:47:58 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 133
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
csm.nl.eu.criteo.net/iev?entry=c~Idfs.Rtus.72.Events.StartInit~1&entry=c~Idfs.Rtus.72.Events.SyncframeDropped~1&entry=c~Idfs.Rtus.72.Origin.FromSyncframeBundle~1&entry=c~Idfs.Rtus.72.Headers.Bundle~1&entry=c~Idfs.Rtus.72.Events.InitiateFetch~1
178.250.2.150200 OK 43 B URL HTTP/2 csm.nl.eu.criteo.net/iev?entry=c~Idfs.Rtus.72.Events.StartInit~1&entry=c~Idfs.Rtus.72.Events.SyncframeDropped~1&entry=c~Idfs.Rtus.72.Origin.FromSyncframeBundle~1&entry=c~Idfs.Rtus.72.Headers.Bundle~1&entry=c~Idfs.Rtus.72.Events.InitiateFetch~1
IP 178.250.2.150:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /iev?entry=c~Idfs.Rtus.72.Events.StartInit~1&entry=c~Idfs.Rtus.72.Events.SyncframeDropped~1&entry=c~Idfs.Rtus.72.Origin.FromSyncframeBundle~1&entry=c~Idfs.Rtus.72.Headers.Bundle~1&entry=c~Idfs.Rtus.72.Events.InitiateFetch~1 HTTP/1.1
Host: csm.nl.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alokab.alafdal.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 09 Nov 2022 10:47:57 GMT
pragma: no-cache
server: Finatra
expires: 0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 43
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
151.101.85.44200 OK 254 B URL HTTP/2 cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
IP 151.101.85.44:0
File type PNG image data, 12 x 12, 8-bit gray+alpha, non-interlaced\012- data
Hash dfa7b52c86e56bd67fa4002f6ed19854
7df722645482433c2b5c8d8ab4272a9874592f27
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
GET /libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alokab.alafdal.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: c3AK0F63Rmz1U+ZkwDZRH6hJiJRTGpZB8kTBPWz0vwbg9siBxtMOH8aEqr1NtVeNHtLhLAVUR9E=
x-amz-request-id: 4JKSR0YA3KVH073N
x-amz-replication-status: COMPLETED
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
content-type: image/png
server: AmazonS3
accept-ranges: bytes
date: Wed, 09 Nov 2022 10:47:58 GMT
via: 1.1 varnish
age: 11760
x-served-by: cache-bma1627-BMA
x-cache: HIT
x-cache-hits: 1630
x-timer: S1667990878.485150,VS0,VE0
cache-control: private,max-age=31536000
abp: 80
content-length: 254
X-Firefox-Spdy: h2
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=f960432b-601b-11ed-bc07-17d925990506
185.94.180.125204 No Content 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=f960432b-601b-11ed-bc07-17d925990506
IP 185.94.180.125:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=f960432b-601b-11ed-bc07-17d925990506 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://am-match.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx
Date: Wed, 09 Nov 2022 10:47:58 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=f984d93c-601b-11ed-9ff2-19b4ac340206; expires=Wed, 07-Dec-2022 10:47:58 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 89
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=f96060ad-601b-11ed-946c-107c10e90206
185.94.180.125204 No Content 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=f96060ad-601b-11ed-946c-107c10e90206
IP 185.94.180.125:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=f96060ad-601b-11ed-946c-107c10e90206 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://imprammp.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx
Date: Wed, 09 Nov 2022 10:47:58 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=f984fbd1-601b-11ed-8e96-1626150c0306; expires=Wed, 07-Dec-2022 10:47:58 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 137
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=f9603af5-601b-11ed-8517-190e06a80406
185.94.180.125204 No Content 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=f9603af5-601b-11ed-8517-190e06a80406
IP 185.94.180.125:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=f9603af5-601b-11ed-8517-190e06a80406 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://imprammp.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx
Date: Wed, 09 Nov 2022 10:47:58 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=f9859850-601b-11ed-8154-1e588e900506; expires=Wed, 07-Dec-2022 10:47:58 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 118
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
trc.taboola.com/forumotion-ar/log/3/bulk?route=AM%3AIL%3AV<i=deflated&bulkSize=2
151.101.85.44204 No Content 0 B URL HTTP/2 trc.taboola.com/forumotion-ar/log/3/bulk?route=AM%3AIL%3AV<i=deflated&bulkSize=2
IP 151.101.85.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /forumotion-ar/log/3/bulk?route=AM%3AIL%3AV<i=deflated&bulkSize=2 HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 4225
Origin: https://alokab.alafdal.net
Connection: keep-alive
Referer: https://alokab.alafdal.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
content-type: image/gif
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://alokab.alafdal.net
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
accept-ranges: bytes
date: Wed, 09 Nov 2022 10:47:58 GMT
via: 1.1 varnish
x-served-by: cache-bma1627-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1667990878.482234,VS0,VE82
x-vcl-time-ms: 82
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash 4290d694e82da657b2b00e826194f579
40c97e8cf256c6e14589f395cc331dc1034abd0f
a5f609f24e52868bf57393da9a1d434f69b10c60850e656ab35a5bd6099055d4
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 10:47:58 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Sun, 13 Nov 2022 09:05:33 GMT
ETag: "40c97e8cf256c6e14589f395cc331dc1034abd0f"
Last-Modified: Wed, 09 Nov 2022 09:05:34 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3155
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7675f92f1831fac4-OSL
am-match.taboola.com/sync?dast=V7h7cCFgMO3chJZclQwAQO3chJZclQwAUAAAAGBuIHJLZZ2GYml20tmjiHa9FqN1wLN66FW-VbGVc2m2c1Mi2GQEKrhWu3MizcGpPJthYtFqO1crWyuBW7mXGynK1sxo1rCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeYoOl0-Fz3eoXZ73VY7Aqzw2ZymO1yl-kvegxWw7Xob3h67AAAAADwAGD1lgnxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAFgQHKhAfDJQfCes98fAAANWyAAAAIYJAADqwElAB_nKycAAAAAAAAAACz_____MQB7WGMyACP7Oz0ADz4AD0QFq0WMAAAAALa0VDSPJnVCZVEFAECQbgVwBQAQQMgFQE8aBgAAEDC2QA-L32922DV-t8sAAAAAAAAAAMz-z_7RhN5Gr9OCWEav1X4BAQDWfgEBANjUDQDgLQAu6AhaMRisTiF2w9liN5ptRrMDAAAAuPv____XA5HVYrByrUYry8Y0c04cE9fCZdpsjCOXabiw2Hzbw83LUVbXDITr8xCW2e87iFier-lvOMj4ltfbICq63ha7w2n23I-iJcvdcrcaTRaj0XK52Q03o8H-BmKwGuBEDJbLyWQx2a1Gq9FmuBvNBgsUiMEEKVqyWi6Xq81mtdqNFrPBZjncbJCiVavZaDMYrmaT2W63Gg6Gy9EIKVqy3C13q9FkMRotl5vdcDMaDBFGJhOXbePZrCUby8gtWlg2buVktXFLLAvTZDCaTTaTzVr0-pgettVgYfJ4UTCAYy-Ci3Qi81teb7_p6be7FZaLWKI5WaQT2WVfWS0GK9dqtLJsTDPnxDFxLVymzcY4cpmGC4vNt69MJi7bxrNZSzaWkVu0sGzcyslq45ZYFqbJYDSbbCabtej1MT1sq8HC5PE3ZrPdcjkY7mb7xmy2Wy4Hw91s36EzfFefs9EZHE88MmfLc4tobA6DwmWweH-fi7QZbdyMKm3YYlFdizvXxKrTxk7GzsFsUPiG18Tw91M_r93s7SA2GBSxRHC6SCeil_F0EUskT4t0onI4PBPTarSxuSYz58gwHK5sno1tYTOtBquVYTMRS5Smi3SiFz0Gq-Fa9Dc8PRb1HxlyMVcO5qLJXLEarRIAAAAAAAAAwBLmzJsAAAAAnAYyGmyGq-UCQDh76QIAAAAAAAAA7H5NDztyWMCWFTd-3GB-y-vtNz39drfCcmWAB2py5s2eCWKtVssaAABAABsAACCAWzdvAdiM3D5QFTgAAAAAAD_BDZeLAQ!&excid=22&docw=0&cijs=1&nlb=true
141.226.228.48200 OK 1.4 kB URL HTTP/2 am-match.taboola.com/sync?dast=V7h7cCFgMO3chJZclQwAQO3chJZclQwAUAAAAGBuIHJLZZ2GYml20tmjiHa9FqN1wLN66FW-VbGVc2m2c1Mi2GQEKrhWu3MizcGpPJthYtFqO1crWyuBW7mXGynK1sxo1rCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeYoOl0-Fz3eoXZ73VY7Aqzw2ZymO1yl-kvegxWw7Xob3h67AAAAADwAGD1lgnxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAFgQHKhAfDJQfCes98fAAANWyAAAAIYJAADqwElAB_nKycAAAAAAAAAACz_____MQB7WGMyACP7Oz0ADz4AD0QFq0WMAAAAALa0VDSPJnVCZVEFAECQbgVwBQAQQMgFQE8aBgAAEDC2QA-L32922DV-t8sAAAAAAAAAAMz-z_7RhN5Gr9OCWEav1X4BAQDWfgEBANjUDQDgLQAu6AhaMRisTiF2w9liN5ptRrMDAAAAuPv____XA5HVYrByrUYry8Y0c04cE9fCZdpsjCOXabiw2Hzbw83LUVbXDITr8xCW2e87iFier-lvOMj4ltfbICq63ha7w2n23I-iJcvdcrcaTRaj0XK52Q03o8H-BmKwGuBEDJbLyWQx2a1Gq9FmuBvNBgsUiMEEKVqyWi6Xq81mtdqNFrPBZjncbJCiVavZaDMYrmaT2W63Gg6Gy9EIKVqy3C13q9FkMRotl5vdcDMaDBFGJhOXbePZrCUby8gtWlg2buVktXFLLAvTZDCaTTaTzVr0-pgettVgYfJ4UTCAYy-Ci3Qi81teb7_p6be7FZaLWKI5WaQT2WVfWS0GK9dqtLJsTDPnxDFxLVymzcY4cpmGC4vNt69MJi7bxrNZSzaWkVu0sGzcyslq45ZYFqbJYDSbbCabtej1MT1sq8HC5PE3ZrPdcjkY7mb7xmy2Wy4Hw91s36EzfFefs9EZHE88MmfLc4tobA6DwmWweH-fi7QZbdyMKm3YYlFdizvXxKrTxk7GzsFsUPiG18Tw91M_r93s7SA2GBSxRHC6SCeil_F0EUskT4t0onI4PBPTarSxuSYz58gwHK5sno1tYTOtBquVYTMRS5Smi3SiFz0Gq-Fa9Dc8PRb1HxlyMVcO5qLJXLEarRIAAAAAAAAAwBLmzJsAAAAAnAYyGmyGq-UCQDh76QIAAAAAAAAA7H5NDztyWMCWFTd-3GB-y-vtNz39drfCcmWAB2py5s2eCWKtVssaAABAABsAACCAWzdvAdiM3D5QFTgAAAAAAD_BDZeLAQ!&excid=22&docw=0&cijs=1&nlb=true
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash 4d81aadb07a73f209b8766d9e668caea
16d173c9c78a49720a3a827a5363af1fb5e75587
cbb2531a2eb7ebb804ca7229843763063a39e6fa4a544e912755c92de899bc04
GET /sync?dast=V7h7cCFgMO3chJZclQwAQO3chJZclQwAUAAAAGBuIHJLZZ2GYml20tmjiHa9FqN1wLN66FW-VbGVc2m2c1Mi2GQEKrhWu3MizcGpPJthYtFqO1crWyuBW7mXGynK1sxo1rCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeYoOl0-Fz3eoXZ73VY7Aqzw2ZymO1yl-kvegxWw7Xob3h67AAAAADwAGD1lgnxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAFgQHKhAfDJQfCes98fAAANWyAAAAIYJAADqwElAB_nKycAAAAAAAAAACz_____MQB7WGMyACP7Oz0ADz4AD0QFq0WMAAAAALa0VDSPJnVCZVEFAECQbgVwBQAQQMgFQE8aBgAAEDC2QA-L32922DV-t8sAAAAAAAAAAMz-z_7RhN5Gr9OCWEav1X4BAQDWfgEBANjUDQDgLQAu6AhaMRisTiF2w9liN5ptRrMDAAAAuPv____XA5HVYrByrUYry8Y0c04cE9fCZdpsjCOXabiw2Hzbw83LUVbXDITr8xCW2e87iFier-lvOMj4ltfbICq63ha7w2n23I-iJcvdcrcaTRaj0XK52Q03o8H-BmKwGuBEDJbLyWQx2a1Gq9FmuBvNBgsUiMEEKVqyWi6Xq81mtdqNFrPBZjncbJCiVavZaDMYrmaT2W63Gg6Gy9EIKVqy3C13q9FkMRotl5vdcDMaDBFGJhOXbePZrCUby8gtWlg2buVktXFLLAvTZDCaTTaTzVr0-pgettVgYfJ4UTCAYy-Ci3Qi81teb7_p6be7FZaLWKI5WaQT2WVfWS0GK9dqtLJsTDPnxDFxLVymzcY4cpmGC4vNt69MJi7bxrNZSzaWkVu0sGzcyslq45ZYFqbJYDSbbCabtej1MT1sq8HC5PE3ZrPdcjkY7mb7xmy2Wy4Hw91s36EzfFefs9EZHE88MmfLc4tobA6DwmWweH-fi7QZbdyMKm3YYlFdizvXxKrTxk7GzsFsUPiG18Tw91M_r93s7SA2GBSxRHC6SCeil_F0EUskT4t0onI4PBPTarSxuSYz58gwHK5sno1tYTOtBquVYTMRS5Smi3SiFz0Gq-Fa9Dc8PRb1HxlyMVcO5qLJXLEarRIAAAAAAAAAwBLmzJsAAAAAnAYyGmyGq-UCQDh76QIAAAAAAAAA7H5NDztyWMCWFTd-3GB-y-vtNz39drfCcmWAB2py5s2eCWKtVssaAABAABsAACCAWzdvAdiM3D5QFTgAAAAAAD_BDZeLAQ!&excid=22&docw=0&cijs=1&nlb=true HTTP/1.1
Host: am-match.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alokab.alafdal.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 10:47:57 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3402
X-Firefox-Spdy: h2
ups.analytics.yahoo.com/ups/58534/occ
3.126.56.137302 Found 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58534/occ
IP 3.126.56.137:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58534/occ HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 09 Nov 2022 10:47:58 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
location: https://ups.analytics.yahoo.com/ups/58534/occ?verify=true
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBF6Fa2MCEC4CgMODPnmREBv5X4DjaVEFEgEBAQHWbGN1YwAAAAAA_eMAAA&S=AQAAAkBV4jMoRnby-utW3czXicE; Expires=Thu, 9 Nov 2023 16:47:58 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
35.71.131.137200 OK 70 B URL HTTP/2 match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
IP 35.71.131.137:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 58a7930cd4577fc33c35828c271eab8f
406e57f86dc101e10f3a57be1e2f7b93c4580474
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
GET /track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 09 Nov 2022 10:47:58 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
vidstat.taboola.com/vpaid/vPlayer/player/v14.8.8/OvaMediaPlayer.js
151.101.85.44200 OK 87 kB URL HTTP/2 vidstat.taboola.com/vpaid/vPlayer/player/v14.8.8/OvaMediaPlayer.js
IP 151.101.85.44:0
File type Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Hash dcfe04133edaa84ac4a7356299134bf2
600265d1e188692d5cb0b9dbc828c708181bd3d8
1f50ba3994c74af69746c8db181597b9e74d7bb53c808ce9f7014facf0c59bfd
GET /vpaid/vPlayer/player/v14.8.8/OvaMediaPlayer.js HTTP/1.1
Host: vidstat.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alokab.alafdal.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: DH4gCSpZOjdiQ2RHNdcZaQ1gWcI8EDnhtXKaFZT4JUmiFDacp53eylqcVHaDpMgh56JBtwAdvTI=
x-amz-request-id: M2DJX9S4FNAQPE8Z
last-modified: Thu, 27 Oct 2022 07:34:53 GMT
etag: "dcfe04133edaa84ac4a7356299134bf2"
x-amz-meta-ctime: 1666856092
x-amz-meta-mode: 33188
x-amz-meta-gid: 0
x-amz-meta-uid: 0
x-amz-meta-mtime: 1666856080
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
date: Wed, 09 Nov 2022 10:47:58 GMT
via: 1.1 varnish
age: 1134756
x-served-by: cache-bma1627-BMA
x-cache: HIT
x-cache-hits: 251713
x-timer: S1667990879.688231,VS0,VE0
vary: Accept-Encoding
server: AmazonS3-br
content-encoding: br
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
content-length: 87152
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash d7b4fe4e9fe6f96092db122b113a6466
0a16b9f655f51d05ee5688786c1fa82e188842e2
9332ad84792efa6b456a527caefd718a901ce7a490672232665968304c53ad79
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=115587
Date: Wed, 09 Nov 2022 10:47:58 GMT
Etag: "636a8e27-1d7"
Expires: Thu, 10 Nov 2022 18:54:25 GMT
Last-Modified: Tue, 08 Nov 2022 17:13:11 GMT
Server: ECS (bsa/EB1B)
X-Cache: Miss from cloudfront
Via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: H1l35Tze8BQw_FI4ueO7kuMMPiA8RN1zsA83ufLrabSiyDQX_rv5Og==
Age: 6074
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash f2bf220293c15a10a1f4963464dc0089
8d9786276f8b125c54a069a48db1021b0610c98a
e5b9e54958b15d8fc1a4e1852c530e09cd52d0cc66848d1dc251302d30c70eb4
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 10:47:58 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 08 Nov 2022 13:56:48 GMT
Expires: Tue, 15 Nov 2022 13:56:47 GMT
Etag: "8d9786276f8b125c54a069a48db1021b0610c98a"
Cache-Control: max-age=529128,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7675f92f5eba0afa-OSL
x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
3.127.128.151200 OK 43 B URL HTTP/1.1 x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
IP 3.127.128.151:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /sync?gdpr=1&us_privacy=1---&ssp=taboola HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: image/gif
Date: Wed, 09 Nov 2022 10:47:58 GMT
Content-Length: 43
Connection: keep-alive
vidstatb.taboola.com/vid/blackScreen5.mp4
151.101.85.44206 Partial Content 91 kB URL HTTP/2 vidstatb.taboola.com/vid/blackScreen5.mp4
IP 151.101.85.44:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 59753a086b4b929580ec67c96dc7729a
28e9e2f0945bb9b8b6171f4da07b6a92a5a5c824
070f3a8032376b9e5e0e2c830cfde1342036c7446b80617726b3ac24e53720fb
GET /vid/blackScreen5.mp4 HTTP/1.1
Host: vidstatb.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://alokab.alafdal.net/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 206 Partial Content
content-type: video/mp4
last-modified: Sun, 02 Jul 2017 20:40:57 GMT
etag: "b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-mode: 33188
x-amz-meta-gid: 0
x-amz-meta-uid: 0
x-amz-meta-mtime: 1497790207
server: AmazonS3
via: 1.1 9803a30a87f1ec1047cb2b8ad5ecc43e.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: gopM2XYfUoVUFmJXQ0440-QEF6IoAyvdLK0EUOquu3M35zK6ZGLwLg==
cache-control: public, max-age=2592000
accept-ranges: bytes
date: Wed, 09 Nov 2022 10:47:58 GMT
age: 1403643
x-served-by: cache-bma1627-BMA
x-cache: Hit from cloudfront, HIT
x-cache-hits: 249282
x-timer: S1667990879.996798,VS0,VE0
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
content-range: bytes 0-90783/90784
content-length: 90784
X-Firefox-Spdy: h2
ups.analytics.yahoo.com/ups/58534/occ?verify=true
3.126.56.137204 No Content 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58534/occ?verify=true
IP 3.126.56.137:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58534/occ?verify=true HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://am-match.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Wed, 09 Nov 2022 10:47:59 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security: max-age=31536000
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBF-Fa2MCEEnd3AFSEvSQZzhQGTR1vU8FEgEBAQHWbGN1YwAAAAAA_eMAAA&S=AQAAAhNfhhWPMN2Xcr3oY_Wbr7Q; Expires=Thu, 9 Nov 2023 16:47:59 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
185.94.180.125302 Found 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
IP 185.94.180.125:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 09 Nov 2022 10:47:59 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=f9e720b3-601b-11ed-b493-194044dd0506; expires=Wed, 07-Dec-2022 10:47:59 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=f9e720ee-601b-11ed-b493-194044dd0506
X-fe: 88
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
am-match.taboola.com/sync?dast=V7_EcCFgMO3chJZclQwAQO3chJZclQwAUAAAAGBuIHJGVZeSajjXOtGqwGa9Fi5nJLDIvJWmKZuTwzi8u223iGQFKWlWcy2jjXqsFqsBYtZi63xLCYrCWWmcszs7hsu41nChE3GQ6fg4Go6Hpb7A6n2fMGEzSdDp_rXq8w-70Oi11hdthMDrNd7jL9RY_BargW_Q1Pjx0AAAAAHv7___8hAAAAACIAAAAAJAAAAAAoAir-LQQuAAAAADD-____NQA-OQjec_b7AwAAAAAEAAAAgARgYDWgBODjfOXk_________z9mgD7zRub_____xqAH4MEH4EEIAADgYmjlh5A-Dn2DgajAuYgRAAAAwJaWiubRpE6oLKr-___7rQCuAAACCLkA5IOzdAcl3sIAAAACxhboYfH7zQ67xu922f________-_2f_ZP5rQ2-h1WhDL6LXaLyAAwNovIAAAm7oBALwFwAUdQSsGg9UpxG44W-xGs81odgAAAAB3_____3ogsloMVq7VaGXZmGbOiWPiWrhMm41x5DINFxabb3u4eTnK6pqBcH0RNxkOn4OBqOh6W-wOp9lzP4qWLHfL3Wo0WYxGy-VmN9yMBvsbiMFqgBMxWC4nk8VktxqtRpvhbjQbLFAgBhOkaMlquVyuNpvVajdazAab5XCzQYpWrWajzWC4mk1mu91qOBguRyOkaMlyt9ytRpPFaLRcbnbDzWgwRBiZTFy2jWezlmwsI7doYdm4lZPVxi2xLEyTwWg22Uw2a9HrY3rYVoOFyeNFwQCOvUieFulEMdn4Zp6FbTEZuYwT32Y0WEwcNs9g5BgufBuLbyKWaE4W6UR22VdWi8HKtRqtLBvTzDlxTFwLl2mzMY5cpuHCYvPtK5OJy7bxbNaSjWXkFi0sG7dystq4JZaFaTIYzSabyWYten1MD9tqsDB5_I3ZbLdcDoa72b4xm-2Wy8FwN9t36Azf1edsdAbHE4_M2fLcIhqbw6BwGSze3-cibUYbN6NKG7ZYVNfizjWx6rSxk7FzMBsUvuE1Mfz91M9rN3s7iA0GRSwRXKQTmd_yevtNT7_drbBcxBKl6SKd6EWPwWq4Fv0NT49FLBGcLtKJ6GU8XdR_ZMjFXDmYiyZzxWq0SgAAAAAAAAAAS5gzbwIAAABwGshosBmu1nkgg-Vgt1wtFwDC2UsXAAAAAAAAAGD3a3rYkcMCtqy48eMG81teb7_p6be7FZYrAzxQkzNv_kwQa7Va1gAAAALYAAAAAdy6eQvAZuL_____4wAAAGTk6AEAAMT3garAAQAAAAD4CW64XAw!&excid=22&docw=0&cijs=1&nlb=false
141.226.228.48200 OK 742 B URL HTTP/2 am-match.taboola.com/sync?dast=V7_EcCFgMO3chJZclQwAQO3chJZclQwAUAAAAGBuIHJGVZeSajjXOtGqwGa9Fi5nJLDIvJWmKZuTwzi8u223iGQFKWlWcy2jjXqsFqsBYtZi63xLCYrCWWmcszs7hsu41nChE3GQ6fg4Go6Hpb7A6n2fMGEzSdDp_rXq8w-70Oi11hdthMDrNd7jL9RY_BargW_Q1Pjx0AAAAAHv7___8hAAAAACIAAAAAJAAAAAAoAir-LQQuAAAAADD-____NQA-OQjec_b7AwAAAAAEAAAAgARgYDWgBODjfOXk_________z9mgD7zRub_____xqAH4MEH4EEIAADgYmjlh5A-Dn2DgajAuYgRAAAAwJaWiubRpE6oLKr-___7rQCuAAACCLkA5IOzdAcl3sIAAAACxhboYfH7zQ67xu922f________-_2f_ZP5rQ2-h1WhDL6LXaLyAAwNovIAAAm7oBALwFwAUdQSsGg9UpxG44W-xGs81odgAAAAB3_____3ogsloMVq7VaGXZmGbOiWPiWrhMm41x5DINFxabb3u4eTnK6pqBcH0RNxkOn4OBqOh6W-wOp9lzP4qWLHfL3Wo0WYxGy-VmN9yMBvsbiMFqgBMxWC4nk8VktxqtRpvhbjQbLFAgBhOkaMlquVyuNpvVajdazAab5XCzQYpWrWajzWC4mk1mu91qOBguRyOkaMlyt9ytRpPFaLRcbnbDzWgwRBiZTFy2jWezlmwsI7doYdm4lZPVxi2xLEyTwWg22Uw2a9HrY3rYVoOFyeNFwQCOvUieFulEMdn4Zp6FbTEZuYwT32Y0WEwcNs9g5BgufBuLbyKWaE4W6UR22VdWi8HKtRqtLBvTzDlxTFwLl2mzMY5cpuHCYvPtK5OJy7bxbNaSjWXkFi0sG7dystq4JZaFaTIYzSabyWYten1MD9tqsDB5_I3ZbLdcDoa72b4xm-2Wy8FwN9t36Azf1edsdAbHE4_M2fLcIhqbw6BwGSze3-cibUYbN6NKG7ZYVNfizjWx6rSxk7FzMBsUvuE1Mfz91M9rN3s7iA0GRSwRXKQTmd_yevtNT7_drbBcxBKl6SKd6EWPwWq4Fv0NT49FLBGcLtKJ6GU8XdR_ZMjFXDmYiyZzxWq0SgAAAAAAAAAAS5gzbwIAAABwGshosBmu1nkgg-Vgt1wtFwDC2UsXAAAAAAAAAGD3a3rYkcMCtqy48eMG81teb7_p6be7FZYrAzxQkzNv_kwQa7Va1gAAAALYAAAAAdy6eQvAZuL_____4wAAAGTk6AEAAMT3garAAQAAAAD4CW64XAw!&excid=22&docw=0&cijs=1&nlb=false
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (742), with no line terminators
Hash e212b134cabf80f8be66f676e09c0097
c6f5b87bdb324d5acc99af18d97d5d9835c65c7a
f4461fdc5512d2915f67a2b761cfd5ce1166d1f8dd0f07a571bf31eb1c7d0855
GET /sync?dast=V7_EcCFgMO3chJZclQwAQO3chJZclQwAUAAAAGBuIHJGVZeSajjXOtGqwGa9Fi5nJLDIvJWmKZuTwzi8u223iGQFKWlWcy2jjXqsFqsBYtZi63xLCYrCWWmcszs7hsu41nChE3GQ6fg4Go6Hpb7A6n2fMGEzSdDp_rXq8w-70Oi11hdthMDrNd7jL9RY_BargW_Q1Pjx0AAAAAHv7___8hAAAAACIAAAAAJAAAAAAoAir-LQQuAAAAADD-____NQA-OQjec_b7AwAAAAAEAAAAgARgYDWgBODjfOXk_________z9mgD7zRub_____xqAH4MEH4EEIAADgYmjlh5A-Dn2DgajAuYgRAAAAwJaWiubRpE6oLKr-___7rQCuAAACCLkA5IOzdAcl3sIAAAACxhboYfH7zQ67xu922f________-_2f_ZP5rQ2-h1WhDL6LXaLyAAwNovIAAAm7oBALwFwAUdQSsGg9UpxG44W-xGs81odgAAAAB3_____3ogsloMVq7VaGXZmGbOiWPiWrhMm41x5DINFxabb3u4eTnK6pqBcH0RNxkOn4OBqOh6W-wOp9lzP4qWLHfL3Wo0WYxGy-VmN9yMBvsbiMFqgBMxWC4nk8VktxqtRpvhbjQbLFAgBhOkaMlquVyuNpvVajdazAab5XCzQYpWrWajzWC4mk1mu91qOBguRyOkaMlyt9ytRpPFaLRcbnbDzWgwRBiZTFy2jWezlmwsI7doYdm4lZPVxi2xLEyTwWg22Uw2a9HrY3rYVoOFyeNFwQCOvUieFulEMdn4Zp6FbTEZuYwT32Y0WEwcNs9g5BgufBuLbyKWaE4W6UR22VdWi8HKtRqtLBvTzDlxTFwLl2mzMY5cpuHCYvPtK5OJy7bxbNaSjWXkFi0sG7dystq4JZaFaTIYzSabyWYten1MD9tqsDB5_I3ZbLdcDoa72b4xm-2Wy8FwN9t36Azf1edsdAbHE4_M2fLcIhqbw6BwGSze3-cibUYbN6NKG7ZYVNfizjWx6rSxk7FzMBsUvuE1Mfz91M9rN3s7iA0GRSwRXKQTmd_yevtNT7_drbBcxBKl6SKd6EWPwWq4Fv0NT49FLBGcLtKJ6GU8XdR_ZMjFXDmYiyZzxWq0SgAAAAAAAAAAS5gzbwIAAABwGshosBmu1nkgg-Vgt1wtFwDC2UsXAAAAAAAAAGD3a3rYkcMCtqy48eMG81teb7_p6be7FZYrAzxQkzNv_kwQa7Va1gAAAALYAAAAAdy6eQvAZuL_____4wAAAGTk6AEAAMT3garAAQAAAAD4CW64XAw!&excid=22&docw=0&cijs=1&nlb=false HTTP/1.1
Host: am-match.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alokab.alafdal.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 10:47:58 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3408
X-Firefox-Spdy: h2
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=f9e720ee-601b-11ed-b493-194044dd0506
185.94.180.125204 No Content 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=f9e720ee-601b-11ed-b493-194044dd0506
IP 185.94.180.125:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=f9e720ee-601b-11ed-b493-194044dd0506 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://am-match.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx
Date: Wed, 09 Nov 2022 10:47:59 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=f9eb577f-601b-11ed-ae62-1d0a0d900206; expires=Wed, 07-Dec-2022 10:47:59 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 129
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=f9e8318a-601b-11ed-901e-124172220306
185.94.180.125204 No Content 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=f9e8318a-601b-11ed-901e-124172220306
IP 185.94.180.125:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=f9e8318a-601b-11ed-901e-124172220306 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://am-match.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx
Date: Wed, 09 Nov 2022 10:47:59 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=f9ec2f6e-601b-11ed-a383-1ebee0f60206; expires=Wed, 07-Dec-2022 10:47:59 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 92
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
3.127.128.151200 OK 43 B URL HTTP/1.1 x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
IP 3.127.128.151:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /sync?gdpr=1&us_privacy=1---&ssp=taboola HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: image/gif
Date: Wed, 09 Nov 2022 10:47:59 GMT
Content-Length: 43
Connection: keep-alive
imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7h7cCFgMO3chJZclQwAQO3chJZclQwAUAAAAGBuIHJLZZ2GYml20tmjiHa9FqN1wLN66FW-VbGVc2m2c1Mi2GQEKrhWu3MizcGpPJthYtFqO1crWyuBW7mXGynK1sxo1rCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeYoOl0-Fz3eoXZ73VY7Aqzw2ZymO1yl-kvegxWw7Xob3h67AAAAADwAGD1lgnxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAFgQHKhAfDJQfCes98fAAANWyAAAAIYJAADqwElAB_nKycAAAAAAAAAACz_____MQB7WGMyACP7Oz0ADz4AD0QFq0WMAAAAALa0VDSPJnVCZVEFAECQbgVwBQAQQMgFQE8aBgAAEDC2QA-L32922DV-t8sAAAAAAAAAAMz-z_7RhN5Gr9OCWEav1X4BAQDWfgEBANjUDQDgLQAu6AhaMRisTiF2w9liN5ptRrMDAAAAuPv____XA5HVYrByrUYry8Y0c04cE9fCZdpsjCOXabiw2Hzbw83LUVbXDITr8xCW2e87iFier-lvOMj4ltfbICq63ha7w2n23I-iJcvdcrcaTRaj0XK52Q03o8H-BmKwGuBEDJbLyWQx2a1Gq9FmuBvNBgsUiMEEKVqyWi6Xq81mtdqNFrPBZjncbJCiVavZaDMYrmaT2W63Gg6Gy9EIKVqy3C13q9FkMRotl5vdcDMaDBFGJhOXbePZrCUby8gtWlg2buVktXFLLAvTZDCaTTaTzVr0-pgettVgYfJ4UTCAYy-Ci3Qi81teb7_p6be7FZaLWKI5WaQT2WVfWS0GK9dqtLJsTDPnxDFxLVymzcY4cpmGC4vNt69MJi7bxrNZSzaWkVu0sGzcyslq45ZYFqbJYDSbbCabtej1MT1sq8HC5PE3ZrPdcjkY7mb7xmy2Wy4Hw91s36EzfFefs9EZHE88MmfLc4tobA6DwmWweH-fi7QZbdyMKm3YYlFdizvXxKrTxk7GzsFsUPiG18Tw91M_r93s7SA2GBSxRHC6SCeil_F0EUskT4t0onI4PBPTarSxuSYz58gwHK5sno1tYTOtBquVYTMRS5Smi3SiFz0Gq-Fa9Dc8PRb1HxlyMVcO5qLJXLEarRIAAAAAAAAAwBLmzJsAAAAAnAYyGmyGq-UCQDh76QIAAAAAAAAA7H5NDztyWMCWFTd-3GB-y-vtNz39drfCcmWAB2py5s2eCWKtVssaAABAABsAACCAWzdvAdiM3D5QFTgAAAAAAD_BDZeLAQ!&cmcv=&pix=undefined&cb=1667990874598&uv=3239&tms=1667990874598&abt=amplean_vF!dfrc_vA!mprdctdt6_vA!mtbw_vB!smbs!spa2_vA!t45!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=63a6fde6-4b98-4578-8c5a-e7e8eff35d41&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
151.101.85.44200 OK 965 B URL HTTP/2 imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7h7cCFgMO3chJZclQwAQO3chJZclQwAUAAAAGBuIHJLZZ2GYml20tmjiHa9FqN1wLN66FW-VbGVc2m2c1Mi2GQEKrhWu3MizcGpPJthYtFqO1crWyuBW7mXGynK1sxo1rCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeYoOl0-Fz3eoXZ73VY7Aqzw2ZymO1yl-kvegxWw7Xob3h67AAAAADwAGD1lgnxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAFgQHKhAfDJQfCes98fAAANWyAAAAIYJAADqwElAB_nKycAAAAAAAAAACz_____MQB7WGMyACP7Oz0ADz4AD0QFq0WMAAAAALa0VDSPJnVCZVEFAECQbgVwBQAQQMgFQE8aBgAAEDC2QA-L32922DV-t8sAAAAAAAAAAMz-z_7RhN5Gr9OCWEav1X4BAQDWfgEBANjUDQDgLQAu6AhaMRisTiF2w9liN5ptRrMDAAAAuPv____XA5HVYrByrUYry8Y0c04cE9fCZdpsjCOXabiw2Hzbw83LUVbXDITr8xCW2e87iFier-lvOMj4ltfbICq63ha7w2n23I-iJcvdcrcaTRaj0XK52Q03o8H-BmKwGuBEDJbLyWQx2a1Gq9FmuBvNBgsUiMEEKVqyWi6Xq81mtdqNFrPBZjncbJCiVavZaDMYrmaT2W63Gg6Gy9EIKVqy3C13q9FkMRotl5vdcDMaDBFGJhOXbePZrCUby8gtWlg2buVktXFLLAvTZDCaTTaTzVr0-pgettVgYfJ4UTCAYy-Ci3Qi81teb7_p6be7FZaLWKI5WaQT2WVfWS0GK9dqtLJsTDPnxDFxLVymzcY4cpmGC4vNt69MJi7bxrNZSzaWkVu0sGzcyslq45ZYFqbJYDSbbCabtej1MT1sq8HC5PE3ZrPdcjkY7mb7xmy2Wy4Hw91s36EzfFefs9EZHE88MmfLc4tobA6DwmWweH-fi7QZbdyMKm3YYlFdizvXxKrTxk7GzsFsUPiG18Tw91M_r93s7SA2GBSxRHC6SCeil_F0EUskT4t0onI4PBPTarSxuSYz58gwHK5sno1tYTOtBquVYTMRS5Smi3SiFz0Gq-Fa9Dc8PRb1HxlyMVcO5qLJXLEarRIAAAAAAAAAwBLmzJsAAAAAnAYyGmyGq-UCQDh76QIAAAAAAAAA7H5NDztyWMCWFTd-3GB-y-vtNz39drfCcmWAB2py5s2eCWKtVssaAABAABsAACCAWzdvAdiM3D5QFTgAAAAAAD_BDZeLAQ!&cmcv=&pix=undefined&cb=1667990874598&uv=3239&tms=1667990874598&abt=amplean_vF!dfrc_vA!mprdctdt6_vA!mtbw_vB!smbs!spa2_vA!t45!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=63a6fde6-4b98-4578-8c5a-e7e8eff35d41&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
IP 151.101.85.44:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (2344), with no line terminators
Hash 44087fcd0d35aaf429207445b1bff355
76691f538b0e10e6ad0a1e3ff135ce560889c59b
482d7151f3e1ee4d8efca7adf3c0d027d08e046ab61b51d4b6cadc77bcda399d
GET /st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7h7cCFgMO3chJZclQwAQO3chJZclQwAUAAAAGBuIHJLZZ2GYml20tmjiHa9FqN1wLN66FW-VbGVc2m2c1Mi2GQEKrhWu3MizcGpPJthYtFqO1crWyuBW7mXGynK1sxo1rCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeYoOl0-Fz3eoXZ73VY7Aqzw2ZymO1yl-kvegxWw7Xob3h67AAAAADwAGD1lgnxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAFgQHKhAfDJQfCes98fAAANWyAAAAIYJAADqwElAB_nKycAAAAAAAAAACz_____MQB7WGMyACP7Oz0ADz4AD0QFq0WMAAAAALa0VDSPJnVCZVEFAECQbgVwBQAQQMgFQE8aBgAAEDC2QA-L32922DV-t8sAAAAAAAAAAMz-z_7RhN5Gr9OCWEav1X4BAQDWfgEBANjUDQDgLQAu6AhaMRisTiF2w9liN5ptRrMDAAAAuPv____XA5HVYrByrUYry8Y0c04cE9fCZdpsjCOXabiw2Hzbw83LUVbXDITr8xCW2e87iFier-lvOMj4ltfbICq63ha7w2n23I-iJcvdcrcaTRaj0XK52Q03o8H-BmKwGuBEDJbLyWQx2a1Gq9FmuBvNBgsUiMEEKVqyWi6Xq81mtdqNFrPBZjncbJCiVavZaDMYrmaT2W63Gg6Gy9EIKVqy3C13q9FkMRotl5vdcDMaDBFGJhOXbePZrCUby8gtWlg2buVktXFLLAvTZDCaTTaTzVr0-pgettVgYfJ4UTCAYy-Ci3Qi81teb7_p6be7FZaLWKI5WaQT2WVfWS0GK9dqtLJsTDPnxDFxLVymzcY4cpmGC4vNt69MJi7bxrNZSzaWkVu0sGzcyslq45ZYFqbJYDSbbCabtej1MT1sq8HC5PE3ZrPdcjkY7mb7xmy2Wy4Hw91s36EzfFefs9EZHE88MmfLc4tobA6DwmWweH-fi7QZbdyMKm3YYlFdizvXxKrTxk7GzsFsUPiG18Tw91M_r93s7SA2GBSxRHC6SCeil_F0EUskT4t0onI4PBPTarSxuSYz58gwHK5sno1tYTOtBquVYTMRS5Smi3SiFz0Gq-Fa9Dc8PRb1HxlyMVcO5qLJXLEarRIAAAAAAAAAwBLmzJsAAAAAnAYyGmyGq-UCQDh76QIAAAAAAAAA7H5NDztyWMCWFTd-3GB-y-vtNz39drfCcmWAB2py5s2eCWKtVssaAABAABsAACCAWzdvAdiM3D5QFTgAAAAAAD_BDZeLAQ!&cmcv=&pix=undefined&cb=1667990874598&uv=3239&tms=1667990874598&abt=amplean_vF!dfrc_vA!mprdctdt6_vA!mtbw_vB!smbs!spa2_vA!t45!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=63a6fde6-4b98-4578-8c5a-e7e8eff35d41&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1 HTTP/1.1
Host: imprammp.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alokab.alafdal.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: text/html;charset=ISO-8859-1
content-encoding: gzip
accept-ranges: bytes
date: Wed, 09 Nov 2022 10:47:58 GMT
via: 1.1 varnish
x-served-by: cache-bma1627-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1667990878.978254,VS0,VE24
vary: Accept-Encoding
X-Firefox-Spdy: h2
match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
35.71.131.137200 OK 70 B URL HTTP/2 match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
IP 35.71.131.137:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 58a7930cd4577fc33c35828c271eab8f
406e57f86dc101e10f3a57be1e2f7b93c4580474
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
GET /track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 10:47:59 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
ups.analytics.yahoo.com/ups/58534/occ?verify=true
3.126.56.137204 No Content 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58534/occ?verify=true
IP 3.126.56.137:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58534/occ?verify=true HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://am-match.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Wed, 09 Nov 2022 10:47:59 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security: max-age=31536000
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBF-Fa2MCEBPTkqPy_LKCe8zU4Bm5wZoFEgEBAQHWbGN1YwAAAAAA_eMAAA&S=AQAAAqW0TO1YINO5SvUE1dpbL4M; Expires=Thu, 9 Nov 2023 16:47:59 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
cdn.taboola.com/scripts/cds-pips.js
151.101.85.44200 OK 1.3 kB URL HTTP/2 cdn.taboola.com/scripts/cds-pips.js
IP 151.101.85.44:0
File type ASCII text, with very long lines (3545), with no line terminators
Hash 780c5c514014519ce276709f515905a0
04fe86d00b9c9077effe05171d066d243ecab221
015db06150b62ad2ad533883652174ebb6f07e24a7147fdac01a0ccd266e3f30
GET /scripts/cds-pips.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alokab.alafdal.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: 2KBeU0d7OyPXtZDYUoIqlTBmhGhsve90tjYoemCxISjKQrNgcxT28sPXVt5KfJt+6r7dFoJgA8g=
x-amz-request-id: NFWGDQGY1WQ95XHE
x-amz-replication-status: COMPLETED
last-modified: Wed, 12 Oct 2022 13:57:57 GMT
etag: "383fa66d2a0a09f4a6e64a9593ad43bb"
x-amz-version-id: z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-type: application/javascript
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Wed, 09 Nov 2022 10:47:59 GMT
via: 1.1 varnish
age: 2739
x-served-by: cache-bma1627-BMA
x-cache: HIT
x-cache-hits: 3081
x-timer: S1667990879.258433,VS0,VE0
vary: Accept-Encoding
abp: 80
cache-control: private, max-age=3600
content-length: 1340
X-Firefox-Spdy: h2
pips.taboola.com/
151.101.85.44200 OK 4 B IP 151.101.85.44:0
File type ASCII text, with no line terminators
Hash 6c3e226b4d4795d518ab341b0824ec29
eef19c54306daa69eda49c0272623bdb5e2b341f
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
GET / HTTP/1.1
Host: pips.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://alokab.alafdal.net
Connection: keep-alive
Referer: https://alokab.alafdal.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Varnish
retry-after: 0
access-control-allow-methods: GET
access-control-allow-origin: https://alokab.alafdal.net
accept-ranges: bytes
date: Wed, 09 Nov 2022 10:47:59 GMT
via: 1.1 varnish
x-served-by: cache-bma1658-BMA
x-cache: HIT
x-cache-hits: 0
cache-control: no-store
content-length: 4
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?pub=0&userId=c51b31a135f643fd91fe3313f430931f&zoneId=2308013&checkDuplicate=true&ymid=&var=
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=c51b31a135f643fd91fe3313f430931f&zoneId=2308013&checkDuplicate=true&ymid=&var=
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 3a2cf886cff971cb16e04585f0a9a22a
0114799421d3bbc2c5b021faa917743a3cf1bb4f
ea245039d499c78ddde361af6640fa2bc9f1a8bc8d4a05ee5148948242b14bf9
GET /gid.js?pub=0&userId=c51b31a135f643fd91fe3313f430931f&zoneId=2308013&checkDuplicate=true&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alokab.alafdal.net/
Origin: https://alokab.alafdal.net
Connection: keep-alive
Cookie: ID=c52e1ec93fe844c896f3bf0d1892c8cb
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 10:48:03 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://alokab.alafdal.net
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=c52e1ec93fe844c896f3bf0d1892c8cb; expires=Thu, 09 Nov 2023 10:48:03 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
52.7.12.182200 OK 580 B URL HTTP/2 taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
IP 52.7.12.182:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 65c33f05aa8f1ea90edc3051c81f5868
2eccb6980a89cbe58a6e6629f4ddbd2804ca6cdc
fe9f2e5e5becd35d5d16bfe5ad2476f504a530f4401da99e9998ca0157f39ff0
GET /sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo HTTP/1.1
Host: taboola-supply-partners.tremorhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 10:47:59 GMT
content-type: image/gif
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
X-Firefox-Spdy: h2
alokab.alafdal.net/sw.js
94.23.73.212200 OK 0 B IP 94.23.73.212:0
GET /sw.js HTTP/1.1
Host: alokab.alafdal.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alokab.alafdal.net/t1058-topic
Connection: keep-alive
Cookie: exadd=166800; _fa-screen=%7B%22w%22%3A1280%2C%22h%22%3A939%7D; _ga=GA1.2.64146230.1667990873; _gid=GA1.2.1762610747.1667990873; _gat_gtag_UA_144347007_1=1; _gat_gtag_UA_11398279_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 10:47:57 GMT
content-type: application/javascript
last-modified: Tue, 27 Aug 2019 13:54:01 GMT
etag: W/"5d6535f9-1554"
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
ag.gbc.criteo.com/newidsd
178.250.6.69200 OK 0 B URL HTTP/2 ag.gbc.criteo.com/newidsd
IP 178.250.6.69:0
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 10:47:57 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 85468
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
illiweb.com/rs3/64/frm/jquery/ticker/ticker.js
172.67.150.97200 OK 0 B URL HTTP/2 illiweb.com/rs3/64/frm/jquery/ticker/ticker.js
IP 172.67.150.97:0
GET /rs3/64/frm/jquery/ticker/ticker.js HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alokab.alafdal.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 09 Nov 2022 10:47:55 GMT
content-type: application/x-javascript
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=8803
access-control-allow-origin: *
expires: Tue, 07 Nov 2023 08:26:48 GMT
last-modified: Tue, 27 Aug 2019 14:00:13 GMT
x-cache-ne: HIT
x-cache-pr: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 181267
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HqBFVkNy%2B8F0kNdHynfssmPscDY3WHF6XiAph5ceKWMv0WzkBTH7Q3CTm00kfVPMOIV%2BQBwj2wt3kPxRzXKQAvRrPez1p0Bxl8VGBDFBrmL8%2BfROr8GYXQBSBlKS1w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7675f91ca9d5b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
illiweb.com/rs3/64/frm/embed/FA_Embed.js
172.67.150.97200 OK 0 B URL HTTP/2 illiweb.com/rs3/64/frm/embed/FA_Embed.js
IP 172.67.150.97:0
GET /rs3/64/frm/embed/FA_Embed.js HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alokab.alafdal.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 09 Nov 2022 10:47:55 GMT
content-type: application/x-javascript
cache-control: max-age=31536000
cf-bgj: minify
access-control-allow-origin: *
expires: Tue, 07 Nov 2023 08:26:53 GMT
last-modified: Tue, 20 Apr 2021 14:17:00 GMT
x-cache-ne: HIT
x-cache-pr: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 181262
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MMYs2buxzq%2FAk%2BcsqGidBPbFt5w2WcxiM%2BgNkiWq%2BKke%2BC7pZVhs%2BwQHjIXMOdmGlvffOCkECm%2F0ztQvEwx7RXkRFij17%2B%2B0YgECJvdArvvoFpDpD7X3xxFr4%2Fb5AA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7675f91cda27b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
connect.topicit.net/scripts/connect.js
172.67.158.56200 OK 0 B URL HTTP/2 connect.topicit.net/scripts/connect.js
IP 172.67.158.56:0
GET /scripts/connect.js HTTP/1.1
Host: connect.topicit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alokab.alafdal.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 09 Nov 2022 10:47:56 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=5437
access-control-allow-origin: *
etag: W/"5d653880-153d"
last-modified: Tue, 27 Aug 2019 14:04:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=86400
cf-cache-status: HIT
age: 3131
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IA6mNk9ZB1t%2BXEuzOHGN%2BnkkaFtINb2tiq79S88J%2BmgCbQz0tLNGeybZENebqNiR%2BrPn7ULY%2BMZppUTiNq58xeUclriN%2Bl6Hm4y9AtsUi6cwgw9jMp8iI7KrNfkaTc2ZAz2fT3fx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7675f91f9d0ab4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=388&height=218&pubid=169497&tagid=953497&crid=5664665&noaop=5&sortOrderType=0&cb=1667990879935&mimes=5,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1488&pt=1880936444&tz=0&viewable=true&ddast=V7h7cCFgMO3chJZclQwAQO3chJZclQwAUAAAAGBuIHJLZZ2GYml20tmjiHa9FqN1wLN66FW-VbGVc2m2c1Mi2GQEKrhWu3MizcGpPJthYtFqO1crWyuBW7mXGynK1sxo1rCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeYoOl0-Fz3eoXZ73VY7Aqzw2ZymO1yl-kvegxWw7Xob3h67AAAAADwAGD1lgnxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAFgQHKhAfDJQfCes98fAAANWyAAAAIYJAADqwElAB_nKycAAAAAAAAAACz_____MQB7WGMyACP7Oz0ADz4AD0QFq0WMAAAAALa0VDSPJnVCZVEFAECQbgVwBQAQQMgFQE8aBgAAEDC2QA-L32922DV-t8sAAAAAAAAAAMz-z_7RhN5Gr9OCWEav1X4BAQDWfgEBANjUDQDgLQAu6AhaMRisTiF2w9liN5ptRrMDAAAAuPv____XA5HVYrByrUYry8Y0c04cE9fCZdpsjCOXabiw2Hzbw83LUVbXDITr8xCW2e87iFier-lvOMj4ltfbICq63ha7w2n23I-iJcvdcrcaTRaj0XK52Q03o8H-BmKwGuBEDJbLyWQx2a1Gq9FmuBvNBgsUiMEEKVqyWi6Xq81mtdqNFrPBZjncbJCiVavZaDMYrmaT2W63Gg6Gy9EIKVqy3C13q9FkMRotl5vdcDMaDBFGJhOXbePZrCUby8gtWlg2buVktXFLLAvTZDCaTTaTzVr0-pgettVgYfJ4UTCAYy-Ci3Qi81teb7_p6be7FZaLWKI5WaQT2WVfWS0GK9dqtLJsTDPnxDFxLVymzcY4cpmGC4vNt69MJi7bxrNZSzaWkVu0sGzcyslq45ZYFqbJYDSbbCabtej1MT1sq8HC5PE3ZrPdcjkY7mb7xmy2Wy4Hw91s36EzfFefs9EZHE88MmfLc4tobA6DwmWweH-fi7QZbdyMKm3YYlFdizvXxKrTxk7GzsFsUPiG18Tw91M_r93s7SA2GBSxRHC6SCeil_F0EUskT4t0onI4PBPTarSxuSYz58gwHK5sno1tYTOtBquVYTMRS5Smi3SiFz0Gq-Fa9Dc8PRb1HxlyMVcO5qLJXLEarRIAAAAAAAAAwBLmzJsAAAAAnAYyGmyGq-UCQDh76QIAAAAAAAAA7H5NDztyWMCWFTd-3GB-y-vtNz39drfCcmWAB2py5s2eCWKtVssaAABAABsAACCAWzdvAdiM3D5QFTgAAAAAAD_BDZeLAQ!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=amplean_vF!dfrc_vA!mprdctdt6_vA!mtbw_vB!smbs!spa2_vA!t45!ufm_vA&mPre=0.025&cirf=https%3A%2F%2Falokab.alafdal.net&en=1
151.101.85.44200 OK 0 B URL HTTP/2 wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=388&height=218&pubid=169497&tagid=953497&crid=5664665&noaop=5&sortOrderType=0&cb=1667990879935&mimes=5,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1488&pt=1880936444&tz=0&viewable=true&ddast=V7h7cCFgMO3chJZclQwAQO3chJZclQwAUAAAAGBuIHJLZZ2GYml20tmjiHa9FqN1wLN66FW-VbGVc2m2c1Mi2GQEKrhWu3MizcGpPJthYtFqO1crWyuBW7mXGynK1sxo1rCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeYoOl0-Fz3eoXZ73VY7Aqzw2ZymO1yl-kvegxWw7Xob3h67AAAAADwAGD1lgnxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAFgQHKhAfDJQfCes98fAAANWyAAAAIYJAADqwElAB_nKycAAAAAAAAAACz_____MQB7WGMyACP7Oz0ADz4AD0QFq0WMAAAAALa0VDSPJnVCZVEFAECQbgVwBQAQQMgFQE8aBgAAEDC2QA-L32922DV-t8sAAAAAAAAAAMz-z_7RhN5Gr9OCWEav1X4BAQDWfgEBANjUDQDgLQAu6AhaMRisTiF2w9liN5ptRrMDAAAAuPv____XA5HVYrByrUYry8Y0c04cE9fCZdpsjCOXabiw2Hzbw83LUVbXDITr8xCW2e87iFier-lvOMj4ltfbICq63ha7w2n23I-iJcvdcrcaTRaj0XK52Q03o8H-BmKwGuBEDJbLyWQx2a1Gq9FmuBvNBgsUiMEEKVqyWi6Xq81mtdqNFrPBZjncbJCiVavZaDMYrmaT2W63Gg6Gy9EIKVqy3C13q9FkMRotl5vdcDMaDBFGJhOXbePZrCUby8gtWlg2buVktXFLLAvTZDCaTTaTzVr0-pgettVgYfJ4UTCAYy-Ci3Qi81teb7_p6be7FZaLWKI5WaQT2WVfWS0GK9dqtLJsTDPnxDFxLVymzcY4cpmGC4vNt69MJi7bxrNZSzaWkVu0sGzcyslq45ZYFqbJYDSbbCabtej1MT1sq8HC5PE3ZrPdcjkY7mb7xmy2Wy4Hw91s36EzfFefs9EZHE88MmfLc4tobA6DwmWweH-fi7QZbdyMKm3YYlFdizvXxKrTxk7GzsFsUPiG18Tw91M_r93s7SA2GBSxRHC6SCeil_F0EUskT4t0onI4PBPTarSxuSYz58gwHK5sno1tYTOtBquVYTMRS5Smi3SiFz0Gq-Fa9Dc8PRb1HxlyMVcO5qLJXLEarRIAAAAAAAAAwBLmzJsAAAAAnAYyGmyGq-UCQDh76QIAAAAAAAAA7H5NDztyWMCWFTd-3GB-y-vtNz39drfCcmWAB2py5s2eCWKtVssaAABAABsAACCAWzdvAdiM3D5QFTgAAAAAAD_BDZeLAQ!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=amplean_vF!dfrc_vA!mprdctdt6_vA!mtbw_vB!smbs!spa2_vA!t45!ufm_vA&mPre=0.025&cirf=https%3A%2F%2Falokab.alafdal.net&en=1
IP 151.101.85.44:0
POST /VideoBidRequestHandlerServlet?oid=15&width=388&height=218&pubid=169497&tagid=953497&crid=5664665&noaop=5&sortOrderType=0&cb=1667990879935&mimes=5,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1488&pt=1880936444&tz=0&viewable=true&ddast=V7h7cCFgMO3chJZclQwAQO3chJZclQwAUAAAAGBuIHJLZZ2GYml20tmjiHa9FqN1wLN66FW-VbGVc2m2c1Mi2GQEKrhWu3MizcGpPJthYtFqO1crWyuBW7mXGynK1sxo1rCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeYoOl0-Fz3eoXZ73VY7Aqzw2ZymO1yl-kvegxWw7Xob3h67AAAAADwAGD1lgnxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAFgQHKhAfDJQfCes98fAAANWyAAAAIYJAADqwElAB_nKycAAAAAAAAAACz_____MQB7WGMyACP7Oz0ADz4AD0QFq0WMAAAAALa0VDSPJnVCZVEFAECQbgVwBQAQQMgFQE8aBgAAEDC2QA-L32922DV-t8sAAAAAAAAAAMz-z_7RhN5Gr9OCWEav1X4BAQDWfgEBANjUDQDgLQAu6AhaMRisTiF2w9liN5ptRrMDAAAAuPv____XA5HVYrByrUYry8Y0c04cE9fCZdpsjCOXabiw2Hzbw83LUVbXDITr8xCW2e87iFier-lvOMj4ltfbICq63ha7w2n23I-iJcvdcrcaTRaj0XK52Q03o8H-BmKwGuBEDJbLyWQx2a1Gq9FmuBvNBgsUiMEEKVqyWi6Xq81mtdqNFrPBZjncbJCiVavZaDMYrmaT2W63Gg6Gy9EIKVqy3C13q9FkMRotl5vdcDMaDBFGJhOXbePZrCUby8gtWlg2buVktXFLLAvTZDCaTTaTzVr0-pgettVgYfJ4UTCAYy-Ci3Qi81teb7_p6be7FZaLWKI5WaQT2WVfWS0GK9dqtLJsTDPnxDFxLVymzcY4cpmGC4vNt69MJi7bxrNZSzaWkVu0sGzcyslq45ZYFqbJYDSbbCabtej1MT1sq8HC5PE3ZrPdcjkY7mb7xmy2Wy4Hw91s36EzfFefs9EZHE88MmfLc4tobA6DwmWweH-fi7QZbdyMKm3YYlFdizvXxKrTxk7GzsFsUPiG18Tw91M_r93s7SA2GBSxRHC6SCeil_F0EUskT4t0onI4PBPTarSxuSYz58gwHK5sno1tYTOtBquVYTMRS5Smi3SiFz0Gq-Fa9Dc8PRb1HxlyMVcO5qLJXLEarRIAAAAAAAAAwBLmzJsAAAAAnAYyGmyGq-UCQDh76QIAAAAAAAAA7H5NDztyWMCWFTd-3GB-y-vtNz39drfCcmWAB2py5s2eCWKtVssaAABAABsAACCAWzdvAdiM3D5QFTgAAAAAAD_BDZeLAQ!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=amplean_vF!dfrc_vA!mprdctdt6_vA!mtbw_vB!smbs!spa2_vA!t45!ufm_vA&mPre=0.025&cirf=https%3A%2F%2Falokab.alafdal.net&en=1 HTTP/1.1
Host: wf.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Content-Length: 133
Origin: https://alokab.alafdal.net
Connection: keep-alive
Referer: https://alokab.alafdal.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/json;charset=utf-8
machineid: 1408
pragma: no-cache
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: https://alokab.alafdal.net
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Wed, 09 Nov 2022 10:48:03 GMT
via: 1.1 varnish
x-served-by: cache-bma1627-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1667990883.294910,VS0,VE141
vary: Accept-Encoding
X-Firefox-Spdy: h2
trc.taboola.com/forumotion-ar/trc/3/json?tim=10%3A47%3A53.407<i=deflated&data=%7B%22id%22%3A410%2C%22ii%22%3A%22%2Ft1058-topic%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1667901069188%2C%22vi%22%3A1667990873405%2C%22cv%22%3A%2220221108-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Falokab.alafdal.net%2Ft1058-topic%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22bu%22%3A%22https%3A%2F%2Falokab.alafdal.net%2Ft1058-topic%22%2C%22vpi%22%3A%22%2Ft1058-topic%22%2C%22bad%22%3A-1%2C%22sw%22%3A1280%2C%22sh%22%3A1002%2C%22bw%22%3A1280%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A939%2C%22dw%22%3A1268%2C%22dh%22%3A5494%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-728x90%3Aabp%3D0%22%2C%22uip%22%3A%22728x90%20Thumbnails%22%2C%22orig_uip%22%3A%22728x90%20Thumbnails%22%2C%22cd%22%3A511.3999938964844%2C%22mw%22%3A0%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A5%2C%22uim%22%3A%22thumbnails-desktop-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22cd%22%3A5412.56689453125%2C%22mw%22%3A1000%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Ft1058-topic%2C728x90%20Thumbnails%3Dthumbnails-728x90%3Aabp%3D0%2C%2CBelow%20Desktop%20Forum%20Thumbnails%3Dthumbnails-desktop-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
151.101.85.44200 OK 0 B URL HTTP/2 trc.taboola.com/forumotion-ar/trc/3/json?tim=10%3A47%3A53.407<i=deflated&data=%7B%22id%22%3A410%2C%22ii%22%3A%22%2Ft1058-topic%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1667901069188%2C%22vi%22%3A1667990873405%2C%22cv%22%3A%2220221108-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Falokab.alafdal.net%2Ft1058-topic%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22bu%22%3A%22https%3A%2F%2Falokab.alafdal.net%2Ft1058-topic%22%2C%22vpi%22%3A%22%2Ft1058-topic%22%2C%22bad%22%3A-1%2C%22sw%22%3A1280%2C%22sh%22%3A1002%2C%22bw%22%3A1280%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A939%2C%22dw%22%3A1268%2C%22dh%22%3A5494%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-728x90%3Aabp%3D0%22%2C%22uip%22%3A%22728x90%20Thumbnails%22%2C%22orig_uip%22%3A%22728x90%20Thumbnails%22%2C%22cd%22%3A511.3999938964844%2C%22mw%22%3A0%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A5%2C%22uim%22%3A%22thumbnails-desktop-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22cd%22%3A5412.56689453125%2C%22mw%22%3A1000%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Ft1058-topic%2C728x90%20Thumbnails%3Dthumbnails-728x90%3Aabp%3D0%2C%2CBelow%20Desktop%20Forum%20Thumbnails%3Dthumbnails-desktop-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
IP 151.101.85.44:0
GET /forumotion-ar/trc/3/json?tim=10%3A47%3A53.407<i=deflated&data=%7B%22id%22%3A410%2C%22ii%22%3A%22%2Ft1058-topic%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1667901069188%2C%22vi%22%3A1667990873405%2C%22cv%22%3A%2220221108-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Falokab.alafdal.net%2Ft1058-topic%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22bu%22%3A%22https%3A%2F%2Falokab.alafdal.net%2Ft1058-topic%22%2C%22vpi%22%3A%22%2Ft1058-topic%22%2C%22bad%22%3A-1%2C%22sw%22%3A1280%2C%22sh%22%3A1002%2C%22bw%22%3A1280%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A939%2C%22dw%22%3A1268%2C%22dh%22%3A5494%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-728x90%3Aabp%3D0%22%2C%22uip%22%3A%22728x90%20Thumbnails%22%2C%22orig_uip%22%3A%22728x90%20Thumbnails%22%2C%22cd%22%3A511.3999938964844%2C%22mw%22%3A0%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A5%2C%22uim%22%3A%22thumbnails-desktop-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22cd%22%3A5412.56689453125%2C%22mw%22%3A1000%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Ft1058-topic%2C728x90%20Thumbnails%3Dthumbnails-728x90%3Aabp%3D0%2C%2CBelow%20Desktop%20Forum%20Thumbnails%3Dthumbnails-desktop-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2 HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://alokab.alafdal.net
Connection: keep-alive
Referer: https://alokab.alafdal.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://alokab.alafdal.net
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Wed, 09 Nov 2022 10:47:57 GMT
via: 1.1 varnish
x-served-by: cache-bma1627-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1667990877.773219,VS0,VE433
vary: Accept-Encoding
x-vcl-time-ms: 433
X-Firefox-Spdy: h2
gum.criteo.com/syncframe?origin=rtus&topUrl=alokab.alafdal.net
178.250.2.146200 OK 0 B URL HTTP/2 gum.criteo.com/syncframe?origin=rtus&topUrl=alokab.alafdal.net
IP 178.250.2.146:0
GET /syncframe?origin=rtus&topUrl=alokab.alafdal.net HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alokab.alafdal.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 10:47:57 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=0fd3d1d8-002a-49ba-84d8-f53c74c26e48; expires=Mon, 04 Dec 2023 10:47:56 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 759880
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
178.250.2.146200 OK 0 B URL HTTP/2 gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
IP 178.250.2.146:0
GET /sync?c=72&r=2&j=TRC.getRTUS HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alokab.alafdal.net/
x-crto-bundle: DJSghF82dmNrQ3JrdyUyQnE2VHJIUzBoa3NzU0VHWEVqdkZFZmsxd0xUTUolMkZraW1GY0UlMkZVa3puaDVaWDdVT3VDMFB4SFNTYVY4UUkwSENYRFpON3lsMzBxaUYxck12OHJzeFBSdHlyZktRYWRCa3dCcG05YjBMWUtNa1BxJTJCRVpJQWRQMjZUNzIza3RVSFAxJTJGbnRuZiUyQkhyVCUyRnRjdyUzRCUzRA
Origin: https://alokab.alafdal.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 10:47:57 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
access-control-allow-credentials: true
access-control-allow-origin: https://alokab.alafdal.net
server-processing-duration-in-ticks: 1845864
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
alokab.alafdal.net/t1058-topic
94.23.73.212200 OK 0 B URL HTTP/2 alokab.alafdal.net/t1058-topic
IP 94.23.73.212:0
GET /t1058-topic HTTP/1.1
Host: alokab.alafdal.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Wed, 09 Nov 2022 10:47:55 GMT
content-type: text/html; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache
pragma: no-cache
expires: Wed, 09 Nov 2022 00:00:00 GMT
last-modified: Wed, 09 Nov 2022 10:47:55 GMT
vary: User-Agent
set-cookie: exadd=166800; expires=Wed, 09-Nov-2022 14:47:55 GMT; Max-Age=14400
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
illiweb.com/rs3/64/frm/jquery/cookie/jquery.cookie.js
172.67.150.97200 OK 0 B URL HTTP/2 illiweb.com/rs3/64/frm/jquery/cookie/jquery.cookie.js
IP 172.67.150.97:0
GET /rs3/64/frm/jquery/cookie/jquery.cookie.js HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alokab.alafdal.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 09 Nov 2022 10:47:55 GMT
content-type: application/x-javascript
cache-control: max-age=31536000
cf-bgj: minify
access-control-allow-origin: *
expires: Tue, 07 Nov 2023 08:26:48 GMT
last-modified: Wed, 09 Sep 2020 09:40:28 GMT
x-cache-ne: HIT
x-cache-pr: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 181267
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JyoQob0HP%2F0oqTFvBIaIUsW4pP8lGVXSj342WN025El3jXzo0YWqHIUJZ%2F8SwsV5DM4AxIZ5g3FLywPaz0GnnczCXZiBdv6nbenBa8QXjHynMzk%2BaiQ9cW0Ql9m5FA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7675f91cc9ffb4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
alokab.alafdal.net/serviceworker.js
94.23.73.212200 OK 0 B URL HTTP/2 alokab.alafdal.net/serviceworker.js
IP 94.23.73.212:0
GET /serviceworker.js HTTP/1.1
Host: alokab.alafdal.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: exadd=166800; _fa-screen=%7B%22w%22%3A1280%2C%22h%22%3A939%7D
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 10:47:56 GMT
content-type: application/javascript
last-modified: Thu, 25 Feb 2021 14:30:57 GMT
etag: W/"6037b4a1-b0d"
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
gum.criteo.com/syncframe?origin=publishertag&topUrl=alokab.alafdal.net
178.250.2.146200 OK 0 B URL HTTP/2 gum.criteo.com/syncframe?origin=publishertag&topUrl=alokab.alafdal.net
IP 178.250.2.146:0
GET /syncframe?origin=publishertag&topUrl=alokab.alafdal.net HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alokab.alafdal.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 09 Nov 2022 10:47:55 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=2edddf33-b789-4e2b-8eae-dade67af7f1b; expires=Mon, 04 Dec 2023 10:47:55 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 571069
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
178.250.6.110200 OK 0 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP 178.250.6.110:0
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 10:47:57 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 69150
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
illiweb.com/rs3/64/frm/lang/ar.js
172.67.150.97200 OK 0 B URL HTTP/2 illiweb.com/rs3/64/frm/lang/ar.js
IP 172.67.150.97:0
GET /rs3/64/frm/lang/ar.js HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alokab.alafdal.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 09 Nov 2022 10:47:55 GMT
content-type: application/x-javascript
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=74879
access-control-allow-origin: *
expires: Tue, 07 Nov 2023 08:39:39 GMT
last-modified: Thu, 08 Sep 2022 07:38:48 GMT
x-cache-ne: EXPIRED
x-cache-pr: EXPIRED
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 180496
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HmsQwvkArBq6x6JEVf1mKgpi1awyVJ7KVyUxBDMZ602SSukyJGWYlng1wstxjni6%2FtyV5ktahBoJr4nL2Rd0a2CfnxpaU52np0ONO16av9bJ8iskO03DFds1zUJZqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7675f91c99acb4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
illiweb.com/rs3/64/frm/ograph/fb_login.js
172.67.150.97200 OK 0 B URL HTTP/2 illiweb.com/rs3/64/frm/ograph/fb_login.js
IP 172.67.150.97:0
GET /rs3/64/frm/ograph/fb_login.js HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alokab.alafdal.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 09 Nov 2022 10:47:55 GMT
content-type: application/x-javascript
cache-control: max-age=31536000
cf-bgj: minify
access-control-allow-origin: *
expires: Tue, 07 Nov 2023 08:33:34 GMT
last-modified: Tue, 27 Aug 2019 14:00:11 GMT
x-cache-ne: EXPIRED
x-cache-pr: EXPIRED
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 180861
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rDqWOUE2%2BX3nE3HHv6Mv%2Bo6dyf8hlSLORLmVU3wnjXA4bU9zUiD95jzxF6JqwXZU9i7cADTujsKcubuDXbWX2O8yEbsFatp7lJdI6MDHs0iBkVvi%2FP51PGzk7B2a7w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7675f91cb9f2b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
stootsou.net/pfe/current/universal.min.js?v=3.1.403
139.45.197.250200 OK 0 B URL HTTP/2 stootsou.net/pfe/current/universal.min.js?v=3.1.403
IP 139.45.197.250:0
Analyzer Verdict Alert quad9 Sinkholed
GET /pfe/current/universal.min.js?v=3.1.403 HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alokab.alafdal.net/
Origin: https://alokab.alafdal.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 10:47:56 GMT
content-type: application/javascript
last-modified: Tue, 08 Nov 2022 14:20:39 GMT
etag: W/"636a65b7-180b9"
access-control-allow-origin: https://alokab.alafdal.net
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
alokab.alafdal.net/?utm_source=pwa
94.23.73.212200 OK 0 B URL HTTP/2 alokab.alafdal.net/?utm_source=pwa
IP 94.23.73.212:0
GET /?utm_source=pwa HTTP/1.1
Host: alokab.alafdal.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alokab.alafdal.net/serviceworker.js
Connection: keep-alive
Cookie: exadd=166800; _fa-screen=%7B%22w%22%3A1280%2C%22h%22%3A939%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 10:47:56 GMT
content-type: text/html; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache, no-store
pragma: no-cache
expires: Wed, 09 Nov 2022 00:00:00 GMT
last-modified: Wed, 09 Nov 2022 10:47:56 GMT
vary: User-Agent
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
ag.gbc.criteo.com/newidsd
178.250.6.69200 OK 0 B URL HTTP/2 ag.gbc.criteo.com/newidsd
IP 178.250.6.69:0
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Wed, 09 Nov 2022 10:47:56 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 101850
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.2.146200 OK 0 B IP 178.250.2.146:0
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=J781ll80M0RITmhlJTJCZkMwOUJGQlhaMUN2czVmaGVablRqaXBsRkp5ZklWN29nZEo3Tlc4RVNEMUIxcHl4QWRxam9hTU0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 10:47:57 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=TtQTPl80M0RITmhlJTJCZkMwOUJGQlhaMUN2czVmaGVablRqaXBsRkp5ZklWN29nZEtUYnVqTHhpem51U2luJTJCdzAyZmx6VA; expires=Mon, 04 Dec 2023 10:47:57 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 357927
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
illiweb.com/rs3/64/frm/jquery/ticker/ticker.css
172.67.150.97200 OK 0 B URL HTTP/2 illiweb.com/rs3/64/frm/jquery/ticker/ticker.css
IP 172.67.150.97:0
GET /rs3/64/frm/jquery/ticker/ticker.css HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alokab.alafdal.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 09 Nov 2022 10:47:55 GMT
content-type: text/css;charset=UTF-8
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=390
access-control-allow-origin: *
expires: Tue, 07 Nov 2023 08:26:48 GMT
last-modified: Tue, 27 Aug 2019 14:00:13 GMT
vary: Accept-Encoding
x-cache-ne: HIT
x-cache-pr: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 181267
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jHk0iAqttDPOX8p8bqbzmHM5I7W7WlU1xCDuXrvQXUEQIbkiqFzgrwu8dyjEWUTuK3y0SL4PaJSo0K5PzX0KO%2Bhmk5roU9k9MUnZ%2FGjbw34%2FpwVC0ljNqPED2%2FuSwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7675f91cb9fab4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=388&height=218&pubid=169497&tagid=953497&crid=5664665&noaop=5&sortOrderType=0&cb=1667990874604&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1488&pt=-701962193&tz=0&viewable=true&ddast=V7h7cCFgMO3chJZclQwAQO3chJZclQwAUAAAAGBuIHJLZZ2GYml20tmjiHa9FqN1wLN66FW-VbGVc2m2c1Mi2GQEKrhWu3MizcGpPJthYtFqO1crWyuBW7mXGynK1sxo1rCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeYoOl0-Fz3eoXZ73VY7Aqzw2ZymO1yl-kvegxWw7Xob3h67AAAAADwAGD1lgnxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAFgQHKhAfDJQfCes98fAAANWyAAAAIYJAADqwElAB_nKycAAAAAAAAAACz_____MQB7WGMyACP7Oz0ADz4AD0QFq0WMAAAAALa0VDSPJnVCZVEFAECQbgVwBQAQQMgFQE8aBgAAEDC2QA-L32922DV-t8sAAAAAAAAAAMz-z_7RhN5Gr9OCWEav1X4BAQDWfgEBANjUDQDgLQAu6AhaMRisTiF2w9liN5ptRrMDAAAAuPv____XA5HVYrByrUYry8Y0c04cE9fCZdpsjCOXabiw2Hzbw83LUVbXDITr8xCW2e87iFier-lvOMj4ltfbICq63ha7w2n23I-iJcvdcrcaTRaj0XK52Q03o8H-BmKwGuBEDJbLyWQx2a1Gq9FmuBvNBgsUiMEEKVqyWi6Xq81mtdqNFrPBZjncbJCiVavZaDMYrmaT2W63Gg6Gy9EIKVqy3C13q9FkMRotl5vdcDMaDBFGJhOXbePZrCUby8gtWlg2buVktXFLLAvTZDCaTTaTzVr0-pgettVgYfJ4UTCAYy-Ci3Qi81teb7_p6be7FZaLWKI5WaQT2WVfWS0GK9dqtLJsTDPnxDFxLVymzcY4cpmGC4vNt69MJi7bxrNZSzaWkVu0sGzcyslq45ZYFqbJYDSbbCabtej1MT1sq8HC5PE3ZrPdcjkY7mb7xmy2Wy4Hw91s36EzfFefs9EZHE88MmfLc4tobA6DwmWweH-fi7QZbdyMKm3YYlFdizvXxKrTxk7GzsFsUPiG18Tw91M_r93s7SA2GBSxRHC6SCeil_F0EUskT4t0onI4PBPTarSxuSYz58gwHK5sno1tYTOtBquVYTMRS5Smi3SiFz0Gq-Fa9Dc8PRb1HxlyMVcO5qLJXLEarRIAAAAAAAAAwBLmzJsAAAAAnAYyGmyGq-UCQDh76QIAAAAAAAAA7H5NDztyWMCWFTd-3GB-y-vtNz39drfCcmWAB2py5s2eCWKtVssaAABAABsAACCAWzdvAdiM3D5QFTgAAAAAAD_BDZeLAQ!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=amplean_vF!dfrc_vA!mprdctdt6_vA!mtbw_vB!smbs!spa2_vA!t45!ufm&mPre=0.025&cirf=https%3A%2F%2Falokab.alafdal.net&en=1
151.101.85.44200 OK 0 B URL HTTP/2 wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=388&height=218&pubid=169497&tagid=953497&crid=5664665&noaop=5&sortOrderType=0&cb=1667990874604&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1488&pt=-701962193&tz=0&viewable=true&ddast=V7h7cCFgMO3chJZclQwAQO3chJZclQwAUAAAAGBuIHJLZZ2GYml20tmjiHa9FqN1wLN66FW-VbGVc2m2c1Mi2GQEKrhWu3MizcGpPJthYtFqO1crWyuBW7mXGynK1sxo1rCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeYoOl0-Fz3eoXZ73VY7Aqzw2ZymO1yl-kvegxWw7Xob3h67AAAAADwAGD1lgnxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAFgQHKhAfDJQfCes98fAAANWyAAAAIYJAADqwElAB_nKycAAAAAAAAAACz_____MQB7WGMyACP7Oz0ADz4AD0QFq0WMAAAAALa0VDSPJnVCZVEFAECQbgVwBQAQQMgFQE8aBgAAEDC2QA-L32922DV-t8sAAAAAAAAAAMz-z_7RhN5Gr9OCWEav1X4BAQDWfgEBANjUDQDgLQAu6AhaMRisTiF2w9liN5ptRrMDAAAAuPv____XA5HVYrByrUYry8Y0c04cE9fCZdpsjCOXabiw2Hzbw83LUVbXDITr8xCW2e87iFier-lvOMj4ltfbICq63ha7w2n23I-iJcvdcrcaTRaj0XK52Q03o8H-BmKwGuBEDJbLyWQx2a1Gq9FmuBvNBgsUiMEEKVqyWi6Xq81mtdqNFrPBZjncbJCiVavZaDMYrmaT2W63Gg6Gy9EIKVqy3C13q9FkMRotl5vdcDMaDBFGJhOXbePZrCUby8gtWlg2buVktXFLLAvTZDCaTTaTzVr0-pgettVgYfJ4UTCAYy-Ci3Qi81teb7_p6be7FZaLWKI5WaQT2WVfWS0GK9dqtLJsTDPnxDFxLVymzcY4cpmGC4vNt69MJi7bxrNZSzaWkVu0sGzcyslq45ZYFqbJYDSbbCabtej1MT1sq8HC5PE3ZrPdcjkY7mb7xmy2Wy4Hw91s36EzfFefs9EZHE88MmfLc4tobA6DwmWweH-fi7QZbdyMKm3YYlFdizvXxKrTxk7GzsFsUPiG18Tw91M_r93s7SA2GBSxRHC6SCeil_F0EUskT4t0onI4PBPTarSxuSYz58gwHK5sno1tYTOtBquVYTMRS5Smi3SiFz0Gq-Fa9Dc8PRb1HxlyMVcO5qLJXLEarRIAAAAAAAAAwBLmzJsAAAAAnAYyGmyGq-UCQDh76QIAAAAAAAAA7H5NDztyWMCWFTd-3GB-y-vtNz39drfCcmWAB2py5s2eCWKtVssaAABAABsAACCAWzdvAdiM3D5QFTgAAAAAAD_BDZeLAQ!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=amplean_vF!dfrc_vA!mprdctdt6_vA!mtbw_vB!smbs!spa2_vA!t45!ufm&mPre=0.025&cirf=https%3A%2F%2Falokab.alafdal.net&en=1
IP 151.101.85.44:0
POST /VideoBidRequestHandlerServlet?oid=15&width=388&height=218&pubid=169497&tagid=953497&crid=5664665&noaop=5&sortOrderType=0&cb=1667990874604&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1488&pt=-701962193&tz=0&viewable=true&ddast=V7h7cCFgMO3chJZclQwAQO3chJZclQwAUAAAAGBuIHJLZZ2GYml20tmjiHa9FqN1wLN66FW-VbGVc2m2c1Mi2GQEKrhWu3MizcGpPJthYtFqO1crWyuBW7mXGynK1sxo1rCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeYoOl0-Fz3eoXZ73VY7Aqzw2ZymO1yl-kvegxWw7Xob3h67AAAAADwAGD1lgnxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAFgQHKhAfDJQfCes98fAAANWyAAAAIYJAADqwElAB_nKycAAAAAAAAAACz_____MQB7WGMyACP7Oz0ADz4AD0QFq0WMAAAAALa0VDSPJnVCZVEFAECQbgVwBQAQQMgFQE8aBgAAEDC2QA-L32922DV-t8sAAAAAAAAAAMz-z_7RhN5Gr9OCWEav1X4BAQDWfgEBANjUDQDgLQAu6AhaMRisTiF2w9liN5ptRrMDAAAAuPv____XA5HVYrByrUYry8Y0c04cE9fCZdpsjCOXabiw2Hzbw83LUVbXDITr8xCW2e87iFier-lvOMj4ltfbICq63ha7w2n23I-iJcvdcrcaTRaj0XK52Q03o8H-BmKwGuBEDJbLyWQx2a1Gq9FmuBvNBgsUiMEEKVqyWi6Xq81mtdqNFrPBZjncbJCiVavZaDMYrmaT2W63Gg6Gy9EIKVqy3C13q9FkMRotl5vdcDMaDBFGJhOXbePZrCUby8gtWlg2buVktXFLLAvTZDCaTTaTzVr0-pgettVgYfJ4UTCAYy-Ci3Qi81teb7_p6be7FZaLWKI5WaQT2WVfWS0GK9dqtLJsTDPnxDFxLVymzcY4cpmGC4vNt69MJi7bxrNZSzaWkVu0sGzcyslq45ZYFqbJYDSbbCabtej1MT1sq8HC5PE3ZrPdcjkY7mb7xmy2Wy4Hw91s36EzfFefs9EZHE88MmfLc4tobA6DwmWweH-fi7QZbdyMKm3YYlFdizvXxKrTxk7GzsFsUPiG18Tw91M_r93s7SA2GBSxRHC6SCeil_F0EUskT4t0onI4PBPTarSxuSYz58gwHK5sno1tYTOtBquVYTMRS5Smi3SiFz0Gq-Fa9Dc8PRb1HxlyMVcO5qLJXLEarRIAAAAAAAAAwBLmzJsAAAAAnAYyGmyGq-UCQDh76QIAAAAAAAAA7H5NDztyWMCWFTd-3GB-y-vtNz39drfCcmWAB2py5s2eCWKtVssaAABAABsAACCAWzdvAdiM3D5QFTgAAAAAAD_BDZeLAQ!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=amplean_vF!dfrc_vA!mprdctdt6_vA!mtbw_vB!smbs!spa2_vA!t45!ufm&mPre=0.025&cirf=https%3A%2F%2Falokab.alafdal.net&en=1 HTTP/1.1
Host: wf.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Content-Length: 133
Origin: https://alokab.alafdal.net
Connection: keep-alive
Referer: https://alokab.alafdal.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/json;charset=utf-8
machineid: 1480
pragma: no-cache
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: https://alokab.alafdal.net
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Wed, 09 Nov 2022 10:47:58 GMT
via: 1.1 varnish
x-served-by: cache-bma1627-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1667990878.087329,VS0,VE99
vary: Accept-Encoding
X-Firefox-Spdy: h2
twemoji.maxcdn.com/twemoji.min.js
23.111.9.57200 OK 0 B URL HTTP/2 twemoji.maxcdn.com/twemoji.min.js
IP 23.111.9.57:0
GET /twemoji.min.js HTTP/1.1
Host: twemoji.maxcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alokab.alafdal.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 09 Nov 2022 10:47:55 GMT
content-type: application/javascript; charset=utf-8
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Thu, 31 Mar 2022 03:24:15 GMT
access-control-allow-origin: *
etag: W/"62451edf-3bc8"
expires: Fri, 09 Dec 2022 10:47:55 GMT
cache-control: max-age=2592000
x-proxy-cache: MISS
x-github-request-id: B5FC:2175:C309F5:C881C1:636AA98C
vary: Accept-Encoding
x-fastly-request-id: 48372c21b0bf5018e69e7ec519f4fa657be68bc8
server: NetDNA-cache/2.2
powered-by: MaxCDN
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2