whiteservice.rigala.net/t2-topic
94.23.159.185301 Moved Permanently 0 B URL HTTP/1.1 whiteservice.rigala.net/t2-topic
IP 94.23.159.185:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /t2-topic HTTP/1.1
Host: whiteservice.rigala.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 20 Oct 2022 10:43:24 GMT
Content-Length: 0
Location: https://whiteservice.rigala.net/t2-topic
firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bdb8b66c705a7b996496d780f50c00b5
403ae92039fcc933870f51f913f78ccaf9652256
c923ed2539f4ce9f4d43743c402fbb2060a52a4cbedbf14c5f5742ab718073d6
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 20 Oct 2022 09:54:50 GMT
Expires: Thu, 20 Oct 2022 10:50:45 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Vb4cGcaT-KkUmc-8tEXxzzTWLXmo7W3RzqlbCDs3PncE6kPjAyCkpA==
Age: 2914
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 24a97183f836954e0f05c4dc794ff4d1
52778bbe39b9f736c16b5798575d1d96607ce9d0
01f6721f2674f54662fff590fdf7247cc8c58a3f84906cae75527fb7b6dd2436
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "01F6721F2674F54662FFF590FDF7247CC8C58A3F84906CAE75527FB7B6DD2436"
Last-Modified: Wed, 19 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3509
Expires: Thu, 20 Oct 2022 11:41:53 GMT
Date: Thu, 20 Oct 2022 10:43:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e41c85816a32bf30e54a8993fcd0406f
35013fb83966783145f1439eb7e949beefae4cf8
22dfbec34834914ffd13a3bee717dbf695450c05a44949bb691e39d254e39665
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22DFBEC34834914FFD13A3BEE717DBF695450C05A44949BB691E39D254E39665"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11275
Expires: Thu, 20 Oct 2022 13:51:19 GMT
Date: Thu, 20 Oct 2022 10:43:24 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: y+hN/0VE804knSTth0MugXtyQ+/A+/OcMNTYIpAM6MX8nP2akb8s4++ohcUNwQAYBdPTUd8vN3nVCOtoGzFX4w==
x-amz-request-id: HMCPW8YTAERTCFFD
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 20 Oct 2022 10:04:39 GMT
age: 2325
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c32c7bfae35a8bbc09fdb08ab9501d00
6008411a047cfefb0c561da2599590bb81405921
03b1101afd82182410426bf39af9cd390507482feba6e3a5ae87fa20b2936392
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "03B1101AFD82182410426BF39AF9CD390507482FEBA6E3A5AE87FA20B2936392"
Last-Modified: Wed, 19 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11181
Expires: Thu, 20 Oct 2022 13:49:45 GMT
Date: Thu, 20 Oct 2022 10:43:24 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 20 Oct 2022 10:43:24 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 05f3d2d5655aed831b74bb58c8e2c440
3fdaba593f9d6e6a15beaf0e3b90b045e10f974d
5cdcf014303c1303f3498805294f1a700488a556ee1ee0d39e4b908ebbdff460
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5367
Cache-Control: max-age=110465
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 10:43:24 GMT
Etag: "63501dd6-117"
Expires: Fri, 21 Oct 2022 17:24:29 GMT
Last-Modified: Wed, 19 Oct 2022 15:55:02 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 7d3049667c1a65b13995652bad0748a5
3e74f4761dfedb4511db7aa1b35ffa17fcb5535c
e19690b3e0e53e52ec5374d01b2d89fa0f234c242d089574d61f3f1c737eb5a8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 10:43:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 05025e12c744a753bae14903a181bc6f
309a7f4e7837c166679406f9504d85430f06a4ba
bd1969739779b443a44c3cc6ec601115d14a19374c9a3f1becc197fa70daaa16
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 10:43:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e64f362e092ae2d2c2280f39c1ca8bfa
71390562d74298b483ec19aadad9d83ebcaf86b5
2a37c77b767b941daad6fbfdcefcd7f43f4c8ba7f465cfe86319dec19028dcf5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5928
Cache-Control: max-age=159629
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 10:43:24 GMT
Etag: "6350dbb1-1d7"
Expires: Sat, 22 Oct 2022 07:03:53 GMT
Last-Modified: Thu, 20 Oct 2022 05:25:05 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
whiteservice.rigala.net/t2-topic
188.165.2.137200 OK 34 kB URL HTTP/2 whiteservice.rigala.net/t2-topic
IP 188.165.2.137:0
Hash 62e0715b380bdccaf2dd231ebf8e20e6
cc7f173306a82c1dab095f606019971f20baaed5
83f2c090b6c09d947f85d16aa6d7b8651ab368f03aedeb87109799e380cf327b
GET /t2-topic HTTP/1.1
Host: whiteservice.rigala.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Thu, 20 Oct 2022 10:43:24 GMT
content-type: text/html; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache
pragma: no-cache
expires: Thu, 20 Oct 2022 00:00:00 GMT
last-modified: Thu, 20 Oct 2022 10:43:24 GMT
vary: User-Agent
set-cookie: exadd=166627; expires=Thu, 20-Oct-2022 14:43:24 GMT; Max-Age=14400
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
216.58.207.202200 OK 34 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
IP 216.58.207.202:0
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Hash d989f35706c62ce4a5c561586c55566e
d32e7958e5765609bf08dcdefd0b2c2a8714ce34
375dfe942a03ee024b5cc827b3efda5550d13df7530281f50862ce3b33fcb716
GET /ajax/libs/jquery/1.7.2/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://whiteservice.rigala.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33845
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 14 Oct 2022 22:41:25 GMT
expires: Sat, 14 Oct 2023 22:41:25 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 475319
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 05025e12c744a753bae14903a181bc6f
309a7f4e7837c166679406f9504d85430f06a4ba
bd1969739779b443a44c3cc6ec601115d14a19374c9a3f1becc197fa70daaa16
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 10:43:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 4e800c1392410f4cb29e6408dbd8876c
15e113af2ecac01f52b69a8908997697e3d81b0e
65adb735aae9eb6676a9a5082423ba5ef70884d90de55107d00c7ebadcc163cb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2357
Cache-Control: max-age=111763
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 10:43:24 GMT
Etag: "63502eaa-139"
Expires: Fri, 21 Oct 2022 17:46:07 GMT
Last-Modified: Wed, 19 Oct 2022 17:06:50 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 313
whiteservice.rigala.net/0-rtl.css
188.165.2.137200 OK 60 kB URL HTTP/2 whiteservice.rigala.net/0-rtl.css
IP 188.165.2.137:0
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash 797b805c7d1db6459c1820c01aff41d5
84d8aed0e568f58255a10ad061f6cd255126f1c0
be22780e63d9c0f8bd725e8a797bcd8de6714f76b22cfacca91c6e7c286e6015
GET /0-rtl.css HTTP/1.1
Host: whiteservice.rigala.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://whiteservice.rigala.net/t2-topic
Cookie: exadd=166627
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 20 Oct 2022 10:43:24 GMT
content-type: text/css
content-length: 60188
last-modified: Thu, 20 Oct 2022 00:00:00 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: gzip
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-cache-ma: HIT
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-144347007-1
142.250.74.168200 OK 43 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-144347007-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1850)
Hash 56ba1c4e37ac1892cd40b35702242d11
09ea53dce8c2bb8528ea55da1ce80836f73ea404
319c639c4c4ff08abe58c2fd2fc18509ed3dcf53031f185124bc077c8c24e4a1
GET /gtag/js?id=UA-144347007-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://whiteservice.rigala.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 20 Oct 2022 10:43:24 GMT
expires: Thu, 20 Oct 2022 10:43:24 GMT
cache-control: private, max-age=900
last-modified: Thu, 20 Oct 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43047
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=
142.250.74.168200 OK 37 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=
IP 142.250.74.168:0
File type ASCII text, with very long lines (2071)
Hash 82ec7ef901320edc2536c57f0ff06d4e
51b93c4100227393537324759407ac8002b85191
6f7b9f0b3502d63c6e336f5f2929aafe79954cf9af87c5ddc4e580e0cdecd23d
GET /gtag/js?id= HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://whiteservice.rigala.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 20 Oct 2022 10:43:24 GMT
expires: Thu, 20 Oct 2022 10:43:24 GMT
cache-control: private, max-age=900
last-modified: Thu, 20 Oct 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 36828
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 7d3049667c1a65b13995652bad0748a5
3e74f4761dfedb4511db7aa1b35ffa17fcb5535c
e19690b3e0e53e52ec5374d01b2d89fa0f234c242d089574d61f3f1c737eb5a8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 10:43:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Thu, 20 Oct 2022 09:43:40 GMT
Expires: Thu, 20 Oct 2022 10:28:17 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: iSmR1T1Xu-nBFK0mx1i5VhUzAxj5FiXNfJwQIlmFAi5Jf0LI5K77wQ==
Age: 3585
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a5dd4f71f4ddd5be9201466ed7a6c423
1d0832fb6e227d42137d319f728c8bc1414c816f
1edffa6a320210fccbd0e5fa6dbdaa45561678a75a66639985f02791c8283b40
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5559
Cache-Control: max-age=168960
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 10:43:25 GMT
Etag: "63510196-1d7"
Expires: Sat, 22 Oct 2022 09:39:25 GMT
Last-Modified: Thu, 20 Oct 2022 08:06:46 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
choices.consentframework.com/js/pa/24697/c/IxWav/cmp
51.158.28.82200 OK 139 kB URL HTTP/1.1 choices.consentframework.com/js/pa/24697/c/IxWav/cmp
IP 51.158.28.82:0
File type Unicode text, UTF-8 text, with very long lines (65512), with no line terminators
Size 139 kB (139429 bytes)
Hash 3e94efd64e5356fada991fe97a5758cc
da7d5d60292716d32d4a9753a59d7a6d6e15bc3f
dd6f7d49a310bef274fcff4a01bfe4cbd15eed2cf53eebe43e3a5c21e0066089
GET /js/pa/24697/c/IxWav/cmp HTTP/1.1
Host: choices.consentframework.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://whiteservice.rigala.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Thu, 20 Oct 2022 10:43:24 GMT
Content-Type: text/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, max-age=3600
Set-Cookie: euconsent-v2=NO_CONSENT; Path=/; Domain=consentframework.com; Expires=Thu, 20 Oct 2022 10:48:24 GMT; Secure; SameSite=None
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 05025e12c744a753bae14903a181bc6f
309a7f4e7837c166679406f9504d85430f06a4ba
bd1969739779b443a44c3cc6ec601115d14a19374c9a3f1becc197fa70daaa16
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 10:43:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
2img.net/i/fa/prosilver/bg_button.gif
104.21.235.176200 OK 174 B URL HTTP/2 2img.net/i/fa/prosilver/bg_button.gif
IP 104.21.235.176:0
File type GIF image data, version 87a, 4 x 24\012- data
Hash 1f4cb2a1974e0f3cc6b739707fc5713c
f313497e6aba95854a44462b5e35a024404b8989
4e8a79a702c74305fd3a2a0e10d8fadc1752d72ea159b0a4b25825acf3ef42ad
GET /i/fa/prosilver/bg_button.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://whiteservice.rigala.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 20 Oct 2022 10:43:25 GMT
content-type: image/gif
content-length: 174
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
etag: "41d5e800-ae"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 1135298
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IBrioXXVsdlNiH0Ep9pVrd25QfhzQzsCUfeQD5VA%2F8P9FJEzgLXDUOHnsyvmHZFQCcB9arP9Eg%2B1J3jYhigET6KJBzPwXB8eg5luYjYwLrcjQQ70tEy4CMncfw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75d12702aeacdccf-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/i/fa/sprite_icons.png
104.21.235.176200 OK 1.5 kB URL HTTP/2 2img.net/i/fa/sprite_icons.png
IP 104.21.235.176:0
File type PNG image data, 1395 x 12, 8-bit colormap, non-interlaced\012- data
Hash 6c31830c94fd2987aab8ed4af1e6b756
9bb52d402fd3cd4a0515c54b5061b655fdabfd96
b621467f74054e2999a7e213edf26895f9639e255f7c11b2047509fd0879f6c8
GET /i/fa/sprite_icons.png HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://whiteservice.rigala.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 20 Oct 2022 10:43:25 GMT
content-type: image/png
content-length: 1459
last-modified: Mon, 16 May 2016 11:01:49 GMT
etag: "5739a89d-5b3"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 1135469
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D0bLIPfhlPFjmQNHyoQ3XOyoHt3FgLqV8fEcSCWWAYy9uo7Zt0oqKvkvyYM1KUrIzHsDZ9eYFHeGLschaErou7D7SVrL18H3Ge1xHCtrKtpF2TM5cCafi%2BNB3g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75d12702aea9dccf-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/i/fa/empty.gif
104.21.235.176200 OK 42 B IP 104.21.235.176:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /i/fa/empty.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://whiteservice.rigala.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 20 Oct 2022 10:43:25 GMT
content-type: image/gif
content-length: 42
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
etag: "41d5e800-2a"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 1135469
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jv2wuoYehChlA9fnEHDjkkhLfScjtgmb%2FpPzMtyciEQzN%2B2Eti%2F2VtqSCUCEWpHX7idc2VB0kF2fmNHKqI9sToN%2BSds22CXaDq%2F8fGUmvJC9FS5xFrmtjJOSIw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75d127029e8fdccf-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/i/empty.gif
104.21.235.176200 OK 43 B IP 104.21.235.176:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6d22e4f2d2057c6e8d6fab098e76e80f
b80b11203d97fe01c5597ca3be70406ea48f5709
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
GET /i/empty.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://whiteservice.rigala.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 20 Oct 2022 10:43:25 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 09 May 2016 08:45:50 GMT
etag: "57304e3e-2b"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 1135469
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JukWJ9iwiwDYerPVG%2BU7NmdVTz5MAJlr8CxMFw%2FAQ2cEeUN8R7j2Mr5nwrlCJXFyd%2FnWUACgI0lgRgt5PE9ATV9ttMok%2BAGZyex1iAiCXtbFswui9RDZDyTu%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75d127029e84dccf-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6c105529aa34b8cb90061a458e937dfb
179e2894d6216da8a1219b88788b1ca96266ad02
6e1e5c33dc3279a2ab7c7f1956be9df7ff8d51efe3c152fa22b6aeea55396cd1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6E1E5C33DC3279A2AB7C7F1956BE9DF7FF8D51EFE3C152FA22B6AEEA55396CD1"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6229
Expires: Thu, 20 Oct 2022 12:27:14 GMT
Date: Thu, 20 Oct 2022 10:43:25 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 1d259dec14a40850e68b74a2ebcb4355
84938c3f783451288d160d1c4cd301e832785abe
ae8a500edeafd9d0ca10d6cda8adb5f432b2ea1df9f4e8b57dbfd930f130a204
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=139291
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 10:43:25 GMT
Etag: "6350a368-117"
Expires: Sat, 22 Oct 2022 01:24:56 GMT
Last-Modified: Thu, 20 Oct 2022 01:24:56 GMT
Server: nginx
Content-Length: 279
2img.net/s/t/13/09/15/i_icon_mini_login.gif
104.21.235.176200 OK 1.5 kB URL HTTP/2 2img.net/s/t/13/09/15/i_icon_mini_login.gif
IP 104.21.235.176:0
File type GIF image data, version 89a, 89 x 22\012- data
Hash 7f3d4e4a69316c541f1ce031fc81145d
63e9002c351592e647beb802d5bb02096cd013bf
f2d3b10d5438ae0e9a10743cb614e8db44bb417f29aeadbdfc557f395d9a0c53
GET /s/t/13/09/15/i_icon_mini_login.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://whiteservice.rigala.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 20 Oct 2022 10:43:25 GMT
content-type: image/gif
content-length: 1505
last-modified: Tue, 09 Dec 2008 09:44:59 GMT
etag: "493e3e1b-5e1"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kjkXJhiimuWxruWNBUl%2BNHcw34t8OLmmfjW9QytbicselgT6Lze%2BDJchBaNrowb91fUIu2HDfcontTkPTNtC34I%2Fsx%2BXH7xOwFoggwjHcduTvYmMyfSCYUaB0w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75d127029e95dccf-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/s/t/13/09/15/i_icon_mini_portal.gif
104.21.235.176200 OK 941 B URL HTTP/2 2img.net/s/t/13/09/15/i_icon_mini_portal.gif
IP 104.21.235.176:0
File type GIF image data, version 89a, 89 x 22\012- data
Hash 5a1d8eaf779a7343d8c772996c9cd644
dcb8c63d8a95fcf81cdd4f4373c24b3ec19e23c0
75512142af696b7aecdcb968b8ceb978ebe693004d4a2edf13ed4fa7330452ae
GET /s/t/13/09/15/i_icon_mini_portal.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://whiteservice.rigala.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 20 Oct 2022 10:43:25 GMT
content-type: image/gif
content-length: 941
last-modified: Tue, 09 Dec 2008 09:44:59 GMT
etag: "493e3e1b-3ad"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k17H6B5i%2FKWBy%2FY58nJmxUUFhWGotYO6KuOKqoUy1B%2BygtsKpvbWUfq%2BicqluU49bSNyl2f8WMGhnAEJxPWnYYEe%2Ffiz24RZLWVIGN6Tu8EbiAgBODz1DtOAFg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75d127028e70dccf-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/s/t/13/09/15/i_icon_mini_index.gif
104.21.235.176200 OK 1.1 kB URL HTTP/2 2img.net/s/t/13/09/15/i_icon_mini_index.gif
IP 104.21.235.176:0
File type GIF image data, version 89a, 89 x 22\012- data
Hash faf2d67e6ff55c698991e3e8b727b7e6
0cc42ab81ffd266acaa52b8da0a7fcf827c18d75
abe6786258deda670ceea7a817892c73382e88aba495d39aa722326e1ca1add5
GET /s/t/13/09/15/i_icon_mini_index.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://whiteservice.rigala.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 20 Oct 2022 10:43:25 GMT
content-type: image/gif
content-length: 1076
last-modified: Tue, 09 Dec 2008 09:44:59 GMT
etag: "493e3e1b-434"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FWmCXnPv7htQpjdxjU9UoZD1y0Pu%2F1d07ZThjSj2nCZFRI7ZeBVNjTPWX4ie8c3RmN4qsqyo0lBc%2F%2BG7FBEO7bqt5THxxMMsqBUt2I2NnnjKk%2FaUo242Hc3uHg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75d127029e93dccf-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/s/t/13/09/15/i_icon_mini_register.gif
104.21.235.176200 OK 901 B URL HTTP/2 2img.net/s/t/13/09/15/i_icon_mini_register.gif
IP 104.21.235.176:0
File type GIF image data, version 89a, 89 x 22\012- data
Hash ac935e6b5ae942152ec9ae445eeee603
29d31d37c2900b77f519863fe08f54cb34f4f0a2
00394fe78830f8afb09bd4bcd9a4680f0a42c8b20ad4f10a3337b47a9e570986
GET /s/t/13/09/15/i_icon_mini_register.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://whiteservice.rigala.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 20 Oct 2022 10:43:25 GMT
content-type: image/gif
content-length: 901
last-modified: Tue, 09 Dec 2008 09:44:59 GMT
etag: "493e3e1b-385"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mDHQFg%2B8dR7H%2Bzx5qGzcby%2Bu0h1rrPJ0RarGN80TTagtyUccPEGp8MsZFXEyB0fYAB9zK99NbxKnXR3Eptbo2ZOU8qZ5eB%2B4mSzv5VCCri0MwvBFZux7BamcSA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75d127028e79dccf-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.40.161.235101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.40.161.235:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 0U683qVlRq57wYUr2CnoTQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: m3YoCI7MGhqUcsV3ZnUDFKh9Gko=
2img.net/s/t/13/09/15/i_background.gif
104.21.235.176200 OK 1.8 kB URL HTTP/2 2img.net/s/t/13/09/15/i_background.gif
IP 104.21.235.176:0
File type GIF image data, version 87a, 250 x 121\012- data
Hash 2c95e4834a240f482a75d64e69236d3f
2ff45121e96f6d68ac7db438ca91b8ee3e539ec9
59a550440f36a67246604461a9d03813a83bd5727ad94b7db28b73ecc9325a35
GET /s/t/13/09/15/i_background.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://whiteservice.rigala.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 20 Oct 2022 10:43:25 GMT
content-type: image/gif
content-length: 1772
last-modified: Wed, 27 Oct 2010 16:51:06 GMT
etag: "4cc8587a-6ec"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fkJj9WJe1qMJ56XMASTWEEI%2B7ZaAHYJ4wtnUQ9vFDviLvs0I44BlpWK5aI%2BTLgB0Ft2nqQCavGUqNF%2F3JbjNNH2M1Ti9D4LF9Y8qAcHMkHjPtuOBJ3NqtuqoEA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75d127029e8edccf-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
choices.consentframework.com/api/v1/public/profile/check?origin=https://whiteservice.rigala.net
51.158.28.82200 OK 17 B URL HTTP/1.1 choices.consentframework.com/api/v1/public/profile/check?origin=https://whiteservice.rigala.net
IP 51.158.28.82:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 0bd75264337702d501fe87ce0b52dc08
97cc20d9be99aab0ec65848e65d7e3b241788d73
ab140244cd2fd2892fec183c503c0f9522f9935f5e6c5ace01e92924a7e2e90e
GET /api/v1/public/profile/check?origin=https://whiteservice.rigala.net HTTP/1.1
Host: choices.consentframework.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://whiteservice.rigala.net/
Origin: https://whiteservice.rigala.net
Connection: keep-alive
Cookie: euconsent-v2=NO_CONSENT
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Thu, 20 Oct 2022 10:43:25 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 17
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Referer,Origin
Access-Control-Allow-Methods: GET,OPTIONS
Access-Control-Allow-Origin: https://whiteservice.rigala.net
Cache-Control: private, max-age=86400
X-Xss-Protection: 0
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 1d259dec14a40850e68b74a2ebcb4355
84938c3f783451288d160d1c4cd301e832785abe
ae8a500edeafd9d0ca10d6cda8adb5f432b2ea1df9f4e8b57dbfd930f130a204
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=139291
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 10:43:25 GMT
Etag: "6350a368-117"
Expires: Sat, 22 Oct 2022 01:24:56 GMT
Last-Modified: Thu, 20 Oct 2022 01:24:56 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 279
connect.topicit.net/scripts/connect.js
104.21.90.171200 OK 2.1 kB URL HTTP/2 connect.topicit.net/scripts/connect.js
IP 104.21.90.171:0
File type ASCII text, with very long lines (615)
Hash ddb8a5e9f75154b587760a687403c55a
422866b47cf5a056c2153d4f1d49696208b61d96
18196d100539cfcd839ce538b01a472b054d6ee22676a53bcc6fc63f75a3d8e2
GET /scripts/connect.js HTTP/1.1
Host: connect.topicit.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://whiteservice.rigala.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 20 Oct 2022 10:43:25 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=5437
access-control-allow-origin: *
etag: W/"5d653880-153d"
last-modified: Tue, 27 Aug 2019 14:04:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=86400
cf-cache-status: HIT
age: 4147
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9p%2BmwA%2FvqZ4sTKWTIGy1JrGs1Zm6p5AnXjzcv7RxgR1qWQbEqyzyKkVFS5br3FbRJrshFHxP4nLULy1JsQ%2BUZ1HGFSv%2FPjSlQ2cyY4eOeyu%2Bzu12GDkf765p3HYTgG8DqcpsJspP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75d12703785cb4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
choices.consentframework.com/api/v1/public/v2/tcstring
51.158.28.82200 OK 25 B URL HTTP/1.1 choices.consentframework.com/api/v1/public/v2/tcstring
IP 51.158.28.82:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 1c7be6c2029fd0db7b831a9e8359395f
48818c4617f2dac593cc84c8f39244f24be3760e
6d24890b5608b6d182f02198897f50f220a40b66a08751a443ac714bf6f86602
GET /api/v1/public/v2/tcstring HTTP/1.1
Host: choices.consentframework.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://whiteservice.rigala.net/
Origin: https://whiteservice.rigala.net
Connection: keep-alive
Cookie: euconsent-v2=NO_CONSENT
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Thu, 20 Oct 2022 10:43:25 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 25
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Referer,Origin
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: https://whiteservice.rigala.net
X-Xss-Protection: 0
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
2img.net/s/t/13/09/15/i_logo.jpg
104.21.235.176200 OK 157 kB URL HTTP/2 2img.net/s/t/13/09/15/i_logo.jpg
IP 104.21.235.176:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 764x250, components 3\012- data
Size 157 kB (156663 bytes)
Hash be5e1fc3c87bf1fde571ef54b442fdd7
357b4e9c5ac6c0a8a0c0f994449740dc91868e90
5b08b9b200f4f8586536ab0a2997731c92a8da22ce4cdebaf7cc7e862dd35418
GET /s/t/13/09/15/i_logo.jpg HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://whiteservice.rigala.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 20 Oct 2022 10:43:25 GMT
content-type: image/jpeg
content-length: 156663
last-modified: Wed, 27 Oct 2010 15:19:03 GMT
etag: "4cc842e7-263f7"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KmmWQuNIapmK46xoOD4%2BjODSWeXAZz%2FGzkgu1VS%2FpUNg4kZrUaNFNNM4desjXzMB8OEul86Lt2Jkbf%2BkOJYQgKuVOpOt7vrNIUwDSGI%2B1l1xGUwKDjBsAdjIpw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75d127030f45dccf-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://whiteservice.rigala.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Thu, 20 Oct 2022 10:41:09 GMT
expires: Thu, 20 Oct 2022 12:41:09 GMT
cache-control: public, max-age=7200
age: 136
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/forumotion-ar/loader.js
151.101.85.44200 OK 25 kB URL HTTP/2 cdn.taboola.com/libtrc/forumotion-ar/loader.js
IP 151.101.85.44:0
File type Unicode text, UTF-8 text, with very long lines (65498)
Hash e31e5e3b6bbd83d2b3c7faf0e69ee6b0
d8c3d64d2531d86b19a099231f1150a3a184bcd2
96c9c4dfb707d99ad783a88198bc505597045468a6fe3ae3570cb42875f52bf0
GET /libtrc/forumotion-ar/loader.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://whiteservice.rigala.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: VPWZrOYCFcgj1bD6gs276MRQJYOnnoCNSb+rNadwASSfqsbQQOj9zIR0MUTWBAaQAeQJKdgj1GQ=
x-amz-request-id: MX5V88CSD0VRY031
last-modified: Wed, 19 Oct 2022 09:19:22 GMT
etag: "bd97e05b5a45fee29abd881de7bab7c1"
x-amz-version-id: NWygR1QBfJTqfL4EcxuzvSvQvfoyV.oJ
content-type: application/javascript; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Thu, 20 Oct 2022 10:43:25 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1640-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1666262606.535546,VS0,VE102
cache-control: private,max-age=14401
vary: Accept-Encoding
abp: 49
content-length: 25126
X-Firefox-Spdy: h2
stootsou.net/custom
139.45.197.250200 OK 0 B IP 139.45.197.250:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://whiteservice.rigala.net/
Origin: https://whiteservice.rigala.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 20 Oct 2022 10:43:25 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://whiteservice.rigala.net
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
choices.consentframework.com/api/v1/public/consent-string
51.158.28.82200 OK 0 B URL HTTP/1.1 choices.consentframework.com/api/v1/public/consent-string
IP 51.158.28.82:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/v1/public/consent-string HTTP/1.1
Host: choices.consentframework.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://whiteservice.rigala.net/
Origin: https://whiteservice.rigala.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Thu, 20 Oct 2022 10:43:25 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
ocsp.comodoca4.com/
104.18.32.68200 OK 283 B IP 104.18.32.68:0
Hash bc07b69e21ecb26366e4f68969edc67c
49d9472dfce96820aca813f875d59a3205ef401c
28c03da3ce9049e7185faf32dd3071204467543942cd6699accab38efbf73261
POST / HTTP/1.1
Host: ocsp.comodoca4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 20 Oct 2022 10:43:25 GMT
Content-Type: application/ocsp-response
Content-Length: 283
Connection: keep-alive
Last-Modified: Tue, 18 Oct 2022 12:47:12 GMT
Expires: Tue, 25 Oct 2022 12:47:11 GMT
Etag: "49d9472dfce96820aca813f875d59a3205ef401c"
Cache-Control: max-age=438825,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75d1270489ed0b3d-OSL
stootsou.net/custom
139.45.197.250200 OK 0 B IP 139.45.197.250:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://whiteservice.rigala.net/
Origin: https://whiteservice.rigala.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 20 Oct 2022 10:43:25 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://whiteservice.rigala.net
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
cdn.viglink.com/api/vglnk.js
104.16.161.13200 OK 29 kB URL HTTP/2 cdn.viglink.com/api/vglnk.js
IP 104.16.161.13:0
File type ASCII text, with very long lines (693)
Hash 072eaf64a771815874455704fca9301b
6c6226d00f14bb800cd4390b3cd42df941be43b1
bb35c8c300bd1acfe7ed86eb988f74ff2e8d86a4fb0409c5d78a890f9fd14b8e
GET /api/vglnk.js HTTP/1.1
Host: cdn.viglink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://whiteservice.rigala.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 20 Oct 2022 10:43:25 GMT
content-type: text/javascript
content-length: 28567
x-amz-id-2: kFPAC60DOwNQb4CdhqHG+tKjRF2TQjxpEdeKJyhLPdvjoiSwXPmNvXMEMMBRIwIu/QGXu5HJg1c=
x-amz-request-id: NTCW971RKN3GM3ZQ
last-modified: Wed, 02 Dec 2020 18:57:12 GMT
etag: "072eaf64a771815874455704fca9301b"
cache-control: public, max-age=604800
content-encoding: gzip
cf-cache-status: HIT
age: 2378261
expires: Thu, 27 Oct 2022 10:43:25 GMT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 75d12705daffb51d-OSL
X-Firefox-Spdy: h2
stootsou.net/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://whiteservice.rigala.net/
Content-Type: application/json
Origin: https://whiteservice.rigala.net
Content-Length: 391
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 20 Oct 2022 10:43:25 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: aa6f05e70f2f4e4c2bad2ea406a9d26d
access-control-allow-origin: https://whiteservice.rigala.net
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
choices.consentframework.com/api/v1/public/user-action
51.158.28.82200 OK 0 B URL HTTP/1.1 choices.consentframework.com/api/v1/public/user-action
IP 51.158.28.82:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/v1/public/user-action HTTP/1.1
Host: choices.consentframework.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://whiteservice.rigala.net/
Origin: https://whiteservice.rigala.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Thu, 20 Oct 2022 10:43:25 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
choices.consentframework.com/api/v1/public/consent-string
51.158.28.82200 OK 245 B URL HTTP/1.1 choices.consentframework.com/api/v1/public/consent-string
IP 51.158.28.82:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 0dfe9259c67c44e68e4242e34a7ad534
fa96fdc66b3e178ac85a82118b943152db260da2
8807a2e6e73ab5afce9ea6944cbad08e7930454f91da021f5daad91a9b404e5f
POST /api/v1/public/consent-string HTTP/1.1
Host: choices.consentframework.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://whiteservice.rigala.net/
Content-Type: application/json
Origin: https://whiteservice.rigala.net
Content-Length: 319
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Thu, 20 Oct 2022 10:43:25 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 245
Connection: keep-alive
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
stootsou.net/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://whiteservice.rigala.net/
Content-Type: application/json
Origin: https://whiteservice.rigala.net
Content-Length: 473
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 20 Oct 2022 10:43:25 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 6bcebfbb754758207d0156c0d86e2e47
access-control-allow-origin: https://whiteservice.rigala.net
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
choices.consentframework.com/api/v1/public/user-action
51.158.28.82200 OK 0 B URL HTTP/1.1 choices.consentframework.com/api/v1/public/user-action
IP 51.158.28.82:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/v1/public/user-action HTTP/1.1
Host: choices.consentframework.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://whiteservice.rigala.net/
Content-Type: application/json
Origin: https://whiteservice.rigala.net
Content-Length: 159
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Thu, 20 Oct 2022 10:43:25 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 83238abbdaa750cadf8a54fce30fc8f3
90cd735de673f1948c1095eff1a1c367c7b64f31
6421d2d92cd48d71529b0017a284442b52d6e2da13711d94e208a09b59c128af
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4792
Cache-Control: max-age=126418
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 10:43:25 GMT
Etag: "63505e67-1d7"
Expires: Fri, 21 Oct 2022 21:50:23 GMT
Last-Modified: Wed, 19 Oct 2022 20:30:31 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9785d58fe6fe5582c2fa4259a1724e68
50677809a0d967f3229ee8ab03fb6aba96816ffb
bac55d0750ef880e35c6c2b8da26172c28a6ab7e340889f0186d7c39c1d7560e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BAC55D0750EF880E35C6C2B8DA26172C28A6AB7E340889F0186D7C39C1D7560E"
Last-Modified: Wed, 19 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12005
Expires: Thu, 20 Oct 2022 14:03:30 GMT
Date: Thu, 20 Oct 2022 10:43:25 GMT
Connection: keep-alive
js.cookieless-data.com/GS.d?pa=24697&uf_bday=&uf_gender=&cmp=0&u=https%3A%2F%2Fwhiteservice.rigala.net%2Ft2-topic&r=&rand=1666262616103&gdpr=1&gdpr_consent=CPhJZsAPhJZsABcAIBENClCgAAAAAH_AABpwIyQAARkgaAALAAeABUAC4AGQAOQAfACAAEkAMQAygBoAGoAPAAfQBEAEUAJgATwAxABmADmAH4AQgAjgBMAClAFvAMoAywB3AD9AIGAQgAi0BHAEdAKWAVcAuoBgQDRAGvANoAdUA_4CPQExAKaAWoAvMBggDDQGPgMkAcWA5QB2AAA&globalscope=false&cookieless_optout=0&tbp=true
51.158.29.13200 OK 0 B URL HTTP/1.1 js.cookieless-data.com/GS.d?pa=24697&uf_bday=&uf_gender=&cmp=0&u=https%3A%2F%2Fwhiteservice.rigala.net%2Ft2-topic&r=&rand=1666262616103&gdpr=1&gdpr_consent=CPhJZsAPhJZsABcAIBENClCgAAAAAH_AABpwIyQAARkgaAALAAeABUAC4AGQAOQAfACAAEkAMQAygBoAGoAPAAfQBEAEUAJgATwAxABmADmAH4AQgAjgBMAClAFvAMoAywB3AD9AIGAQgAi0BHAEdAKWAVcAuoBgQDRAGvANoAdUA_4CPQExAKaAWoAvMBggDDQGPgMkAcWA5QB2AAA&globalscope=false&cookieless_optout=0&tbp=true
IP 51.158.29.13:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /GS.d?pa=24697&uf_bday=&uf_gender=&cmp=0&u=https%3A%2F%2Fwhiteservice.rigala.net%2Ft2-topic&r=&rand=1666262616103&gdpr=1&gdpr_consent=CPhJZsAPhJZsABcAIBENClCgAAAAAH_AABpwIyQAARkgaAALAAeABUAC4AGQAOQAfACAAEkAMQAygBoAGoAPAAfQBEAEUAJgATwAxABmADmAH4AQgAjgBMAClAFvAMoAywB3AD9AIGAQgAi0BHAEdAKWAVcAuoBgQDRAGvANoAdUA_4CPQExAKaAWoAvMBggDDQGPgMkAcWA5QB2AAA&globalscope=false&cookieless_optout=0&tbp=true HTTP/1.1
Host: js.cookieless-data.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://whiteservice.rigala.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Thu, 20 Oct 2022 10:43:25 GMT
Content-Length: 0
Connection: keep-alive
Expires: Tue, 01 Jan 2000 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
X-Xss-Protection: 0
Access-Control-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
P3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash f1ef95e0ad02f94ed0147b51c9e442dc
1750d89b6fed8060f9ff9a7e25fcd9f115f4fdf1
79d6140b93ef0db57d081ec7eed95cb31f0fa430d73f8b7f751302a3987c71a8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5621
Cache-Control: max-age=147817
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 10:43:25 GMT
Etag: "6350aec1-139"
Expires: Sat, 22 Oct 2022 03:47:02 GMT
Last-Modified: Thu, 20 Oct 2022 02:13:21 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 313
cdn.taboola.com/libtrc/impl.20221019-5-RELEASE.js
151.101.85.44200 OK 146 kB URL HTTP/2 cdn.taboola.com/libtrc/impl.20221019-5-RELEASE.js
IP 151.101.85.44:0
File type ASCII text, with very long lines (65509)
Size 146 kB (145787 bytes)
Hash 8a1ebdbd22851cd1587e9fcc3652b9e8
11f4f15c737d1e9e86406b4df7eecdf08474fd61
44e4b60a3d7b69a06744d88c5663802bfa0104d74f1ccbed0c253f99ca0fd9fb
GET /libtrc/impl.20221019-5-RELEASE.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://whiteservice.rigala.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: a6cCl+eFlHwG0Y2ZRr1wSxhKZWmvRtmocNXZddxACPDJrLkyuPRApHY74x9Uxr4bjA0B2ZQ32R8=
x-amz-request-id: 0Y2RY6BGP4D3Z73Z
last-modified: Wed, 19 Oct 2022 09:10:55 GMT
etag: "8a1ebdbd22851cd1587e9fcc3652b9e8"
content-encoding: br
x-amz-version-id: bvojkP2iQud.gcHBGrkZ0q_FT1_brxdn
content-type: application/javascript
accept-ranges: bytes
date: Thu, 20 Oct 2022 10:43:25 GMT
via: 1.1 varnish
age: 5551
x-served-by: cache-bma1640-BMA
x-cache: HIT
x-cache-hits: 3430
x-timer: S1666262606.909235,VS0,VE0
cache-control: private,max-age=31536000
vary: Accept-Encoding
abp: 90
server: AmazonS3-br
content-length: 145787
X-Firefox-Spdy: h2
stootsou.net/pfe/current/tag.min.js?z=2308013
139.45.197.250200 OK 6.2 kB URL HTTP/2 stootsou.net/pfe/current/tag.min.js?z=2308013
IP 139.45.197.250:0
File type C source, ASCII text, with very long lines (14955), with no line terminators
Hash fb3e468a617b401f609167a8d0684483
aebcd85d30320f88cfa850b9f07017fe3eb55537
bd079b4498611802da3a0b20765ec8daebe115fabb3d0a19e1e516937828e681
GET /pfe/current/tag.min.js?z=2308013 HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://whiteservice.rigala.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 20 Oct 2022 10:43:25 GMT
content-type: application/javascript
last-modified: Tue, 18 Oct 2022 10:49:49 GMT
etag: W/"634e84cd-39be"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
stootsou.net/pfe/current/universal.min.js?v=3.1.399
139.45.197.250200 OK 49 kB URL HTTP/2 stootsou.net/pfe/current/universal.min.js?v=3.1.399
IP 139.45.197.250:0
Hash 9d6d7c3deb8ea078a86af1c5b98e4efb
f443348c417a37eaa6f7d06b2d01ecf7f835f4f9
fde18baa81e5b076570f6afa3e87fa2156e99e31f385491d83fe93379b471835
GET /pfe/current/universal.min.js?v=3.1.399 HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://whiteservice.rigala.net/
Origin: https://whiteservice.rigala.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 20 Oct 2022 10:43:25 GMT
content-type: application/javascript
last-modified: Tue, 18 Oct 2022 10:49:49 GMT
etag: W/"634e84cd-17dc6"
access-control-allow-origin: https://whiteservice.rigala.net
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash be868809917278573c32ab6c90bbe73e
e955f21a65f5d06493900f9a4dc2595b2d95eae1
a5be625f164576bd8a6246e476c646cb6fb30a26f3cfa65d0400d574d85a8a74
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2216
Cache-Control: max-age=162744
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 10:43:25 GMT
Etag: "6350f65d-116"
Expires: Sat, 22 Oct 2022 07:55:49 GMT
Last-Modified: Thu, 20 Oct 2022 07:18:53 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash be868809917278573c32ab6c90bbe73e
e955f21a65f5d06493900f9a4dc2595b2d95eae1
a5be625f164576bd8a6246e476c646cb6fb30a26f3cfa65d0400d574d85a8a74
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2217
Cache-Control: max-age=162744
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 10:43:26 GMT
Etag: "6350f65d-116"
Expires: Sat, 22 Oct 2022 07:55:50 GMT
Last-Modified: Thu, 20 Oct 2022 07:18:53 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 278
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 82571dc3b59726a8e88def1043dd5dc2
ee071d908b0d2e32f05c1f82ccf7c620dc4e8015
5f0d328ff3c1a099fc8a405c0ef33168dbdb6fdec93d0db8ea9c0b7795ad7e34
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 20 Oct 2022 10:43:26 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 17 Oct 2022 06:25:19 GMT
Expires: Mon, 24 Oct 2022 06:25:18 GMT
Etag: "ee071d908b0d2e32f05c1f82ccf7c620dc4e8015"
Cache-Control: max-age=329511,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75d12707b9c6b4ed-OSL
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash ed26fbeeef32dba9ae63e90d4b8550ef
4ce30ff2a93be9783773d8fcd2cfbe68e7bb708f
3eba4c4e73aafc1224dd9e36d5bef9050d4aa09b8cd94c511a7c9fe6462a7037
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=163310
Date: Thu, 20 Oct 2022 10:43:26 GMT
Etag: "6350f0b8-1d7"
Expires: Sat, 22 Oct 2022 08:05:16 GMT
Last-Modified: Thu, 20 Oct 2022 06:54:48 GMT
Server: ECS (nyb/1D1C)
X-Cache: Miss from cloudfront
Via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: lwrAwhAuCshLteHR43SIdAiF3Yb4Qu5RqQfIrQmd940ukTD9zILCxw==
Age: 4228
my.rtmark.net/gid.js?userId=c6efbfbc2f1643adb153007c28818e97
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=c6efbfbc2f1643adb153007c28818e97
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 688647b51d5545d1899b5b74a4212a45
3ec871374bb94f640838350cdb300d674e0334c2
84baa11ada9963386f0b9f7876017fba81773560754e49de57534d48dcf530b8
GET /gid.js?userId=c6efbfbc2f1643adb153007c28818e97 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://whiteservice.rigala.net
Connection: keep-alive
Referer: https://whiteservice.rigala.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 20 Oct 2022 10:43:26 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://whiteservice.rigala.net
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=c6efbfbc2f1643adb153007c28818e97; expires=Fri, 20 Oct 2023 10:43:26 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
api.viglink.com/api/ping
52.214.137.185200 OK 260 B IP 52.214.137.185:0
File type ASCII text, with no line terminators
Hash 3a258ec080b5ea20c32097e9e4f69497
a4b58c3808eae11a6647d3275f37a0eed2cd668d
98c101a157e0e0a0f9d6f72bdf4d9559d17c301a3b06e6f86dabc25de05be0a3
POST /api/ping HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 140
Origin: https://whiteservice.rigala.net
Connection: keep-alive
Referer: https://whiteservice.rigala.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://whiteservice.rigala.net
Cache-Control: no-cache, no-store
Content-Type: text/javascript;charset=UTF-8
Date: Thu, 20 Oct 2022 10:43:25 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 260
Connection: keep-alive
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash e24515736d6f70f88a55b14e43011c9d
b9ebc5c7c1e0111268d2e79a66504563a6f69203
910fa081d5562ca069676bb21e5b465d04c87c8b9978111294b77ddd56948a67
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 20 Oct 2022 10:43:26 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 18 Oct 2022 01:33:16 GMT
Expires: Tue, 25 Oct 2022 01:33:15 GMT
Etag: "b9ebc5c7c1e0111268d2e79a66504563a6f69203"
Cache-Control: max-age=398388,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75d127085a77b4ed-OSL
datatechonert.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
37.48.68.71200 OK 12 B URL HTTP/1.1 datatechonert.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP 37.48.68.71:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JSON data\012- , ASCII text, with no line terminators
Hash adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
Analyzer Verdict Alert quad9 Sinkholed
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: datatechonert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 890
Origin: https://whiteservice.rigala.net
Connection: keep-alive
Referer: https://whiteservice.rigala.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Thu, 20 Oct 2022 10:43:26 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://whiteservice.rigala.net
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
api.viglink.com/api/sync.js?key=74bad24252620514d1244cfba01f2ee2
52.214.137.185200 OK 43 B URL HTTP/1.1 api.viglink.com/api/sync.js?key=74bad24252620514d1244cfba01f2ee2
IP 52.214.137.185:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /api/sync.js?key=74bad24252620514d1244cfba01f2ee2 HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://whiteservice.rigala.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Content-Type: image/gif;charset=UTF-8
Date: Thu, 20 Oct 2022 10:43:25 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 43
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b4ded5812e05504cc00fe8fbe84f15f4
0dc42fa74a67e7d0a56cb443fe8eab00a9d74ab5
270f810160a5e4309084e76c3657d97f4f4bd490b35fb9f1bda2f9c856f4f27b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 10:43:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-144347007-1&cid=533678771.1666262616&jid=111749935&gjid=1978709839&_gid=571207203.1666262616&_u=YEBAAUAAAAAAACAAI~&z=1197978334
173.194.73.155200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-144347007-1&cid=533678771.1666262616&jid=111749935&gjid=1978709839&_gid=571207203.1666262616&_u=YEBAAUAAAAAAACAAI~&z=1197978334
IP 173.194.73.155:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-144347007-1&cid=533678771.1666262616&jid=111749935&gjid=1978709839&_gid=571207203.1666262616&_u=YEBAAUAAAAAAACAAI~&z=1197978334 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://whiteservice.rigala.net
Connection: keep-alive
Referer: https://whiteservice.rigala.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://whiteservice.rigala.net
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 20 Oct 2022 10:43:26 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
trc-events.taboola.com/forumotion-ar/log/2/debug?tim=10%3A43%3A36.543&type=usage&msg=rtus&llvl=2&id=7107&cv=20221019-5-RELEASE<=deflated&file=rtus.js&method=injectRtus&position=gdprV2notTriggerRtus&extraData=%7B%7D
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/forumotion-ar/log/2/debug?tim=10%3A43%3A36.543&type=usage&msg=rtus&llvl=2&id=7107&cv=20221019-5-RELEASE<=deflated&file=rtus.js&method=injectRtus&position=gdprV2notTriggerRtus&extraData=%7B%7D
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /forumotion-ar/log/2/debug?tim=10%3A43%3A36.543&type=usage&msg=rtus&llvl=2&id=7107&cv=20221019-5-RELEASE<=deflated&file=rtus.js&method=injectRtus&position=gdprV2notTriggerRtus&extraData=%7B%7D HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://whiteservice.rigala.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Thu, 20 Oct 2022 10:43:26 GMT
x-fastly-to-nlb-rtt: 22155
access-control-allow-credentials: true
X-Firefox-Spdy: h2
api.viglink.com/api/domains
52.214.137.185200 OK 41 B URL HTTP/1.1 api.viglink.com/api/domains
IP 52.214.137.185:0
File type ASCII text, with no line terminators
Hash 1605ddca3469c7f450b5dec32af8ad7e
52d74fec3412016f0d9722cc17944d3b718cb3db
7e11ed3ee1a6e414aa161cd6f8cab47071e31e01a932ed061b89c30dfe380a8e
POST /api/domains HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 261
Origin: https://whiteservice.rigala.net
Connection: keep-alive
Referer: https://whiteservice.rigala.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://whiteservice.rigala.net
Cache-Control: no-cache, no-store
Content-Type: text/javascript;charset=UTF-8
Date: Thu, 20 Oct 2022 10:43:26 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 41
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b4ded5812e05504cc00fe8fbe84f15f4
0dc42fa74a67e7d0a56cb443fe8eab00a9d74ab5
270f810160a5e4309084e76c3657d97f4f4bd490b35fb9f1bda2f9c856f4f27b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 10:43:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
api.viglink.com/api/sync.gif?key=74bad24252620514d1244cfba01f2ee2
52.214.137.185200 OK 43 B URL HTTP/1.1 api.viglink.com/api/sync.gif?key=74bad24252620514d1244cfba01f2ee2
IP 52.214.137.185:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /api/sync.gif?key=74bad24252620514d1244cfba01f2ee2 HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://whiteservice.rigala.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Content-Type: image/gif;charset=UTF-8
Date: Thu, 20 Oct 2022 10:43:25 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 43
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash d3bd8bc0b77639c72e6566716b7fc31e
967b1da7fbb4a5272d68401fb8772e0b1f893e2d
f25481873c253ccfb163d8b193c150906b37b3f680fd904545d112acbf14edd1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 10:43:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 038718f2af2127c43a536906536901d6
7443f6c69b456b9b6d91f274ee2d395d30851dac
78909b697ea6987336df513055387483bbaf4b78bfe9be1ebee8e009aa1704ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 10:43:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-144347007-1&cid=533678771.1666262616&jid=111749935&_u=YEBAAUAAAAAAACAAI~&z=2049471910
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-144347007-1&cid=533678771.1666262616&jid=111749935&_u=YEBAAUAAAAAAACAAI~&z=2049471910
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-144347007-1&cid=533678771.1666262616&jid=111749935&_u=YEBAAUAAAAAAACAAI~&z=2049471910 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://whiteservice.rigala.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 20 Oct 2022 10:43:26 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-144347007-1&cid=533678771.1666262616&jid=111749935&_u=YEBAAUAAAAAAACAAI~&z=2049471910
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-144347007-1&cid=533678771.1666262616&jid=111749935&_u=YEBAAUAAAAAAACAAI~&z=2049471910
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-144347007-1&cid=533678771.1666262616&jid=111749935&_u=YEBAAUAAAAAAACAAI~&z=2049471910 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://whiteservice.rigala.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 20 Oct 2022 10:43:26 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stootsou.net/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://whiteservice.rigala.net/
Content-Type: application/json
Origin: https://whiteservice.rigala.net
Content-Length: 735
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 20 Oct 2022 10:43:26 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: d20983d79e13abb0381cc02fa5849893
access-control-allow-origin: https://whiteservice.rigala.net
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 038718f2af2127c43a536906536901d6
7443f6c69b456b9b6d91f274ee2d395d30851dac
78909b697ea6987336df513055387483bbaf4b78bfe9be1ebee8e009aa1704ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 10:43:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 9913b2fe72036775e678417cac56a8df
27c2b0d99c3827f12c343763d8ba33c6e2d73188
32c6987be8e8c289fbb1f31350783dbc22003be71e80aa3d4acb293b434d805e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 10:43:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bidder.criteo.com/csm/events
178.250.0.165204 No Content 0 B URL HTTP/2 bidder.criteo.com/csm/events
IP 178.250.0.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csm/events HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 372
Origin: https://whiteservice.rigala.net
Connection: keep-alive
Referer: https://whiteservice.rigala.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Thu, 20 Oct 2022 10:43:25 GMT
vary: Origin
server: Finatra
timing-allow-origin: *
access-control-allow-origin: https://whiteservice.rigala.net
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 56aa4d33e288d7ec3acf3ac1a61ef7f9
ac2e2f3609cc604dde554e37471567c042bf8191
544823f794ac3e837c81449d896a9dcbe94f4d59a13e293d84b5af44531141d0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "544823F794AC3E837C81449D896A9DCBE94F4D59A13E293D84B5AF44531141D0"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3439
Expires: Thu, 20 Oct 2022 11:40:45 GMT
Date: Thu, 20 Oct 2022 10:43:26 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 56aa4d33e288d7ec3acf3ac1a61ef7f9
ac2e2f3609cc604dde554e37471567c042bf8191
544823f794ac3e837c81449d896a9dcbe94f4d59a13e293d84b5af44531141d0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "544823F794AC3E837C81449D896A9DCBE94F4D59A13E293D84B5AF44531141D0"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3439
Expires: Thu, 20 Oct 2022 11:40:45 GMT
Date: Thu, 20 Oct 2022 10:43:26 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 56aa4d33e288d7ec3acf3ac1a61ef7f9
ac2e2f3609cc604dde554e37471567c042bf8191
544823f794ac3e837c81449d896a9dcbe94f4d59a13e293d84b5af44531141d0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "544823F794AC3E837C81449D896A9DCBE94F4D59A13E293D84B5AF44531141D0"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3439
Expires: Thu, 20 Oct 2022 11:40:45 GMT
Date: Thu, 20 Oct 2022 10:43:26 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 56aa4d33e288d7ec3acf3ac1a61ef7f9
ac2e2f3609cc604dde554e37471567c042bf8191
544823f794ac3e837c81449d896a9dcbe94f4d59a13e293d84b5af44531141d0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "544823F794AC3E837C81449D896A9DCBE94F4D59A13E293D84B5AF44531141D0"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3439
Expires: Thu, 20 Oct 2022 11:40:45 GMT
Date: Thu, 20 Oct 2022 10:43:26 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab5d17f5-6084-45a5-9677-8ae8646d6ee1.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab5d17f5-6084-45a5-9677-8ae8646d6ee1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 81216ad70664e969888ae7b13871fda0
6b15c7d7abb9ff1cc040853401ad5a39f81c19a4
7294e93d890b4c8eeb8383a67aac0be8b88cac5e0882865c9f38ade713157799
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab5d17f5-6084-45a5-9677-8ae8646d6ee1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9607
x-amzn-requestid: 590b20a6-039c-4c25-a61a-5f579c5b31f2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aRZj6HZ7oAMFsSQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63506fb2-04b740c442ae735347b4e2c3;Sampled=0
x-amzn-remapped-date: Wed, 19 Oct 2022 21:44:18 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: bL5fVog2SuW8ZNt9a0ECc8jwcAELUBVo63LXPovdnIRxCRnsMWVvvQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 19 Oct 2022 21:49:50 GMT
age: 46416
etag: "6b15c7d7abb9ff1cc040853401ad5a39f81c19a4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn.betgorebysson.club/?rb=UToDVqGXIjrau8XpNlMys6juIglnf71BD-EivSTmGgSAkx9O7LlmvYh0BFpaiDBqfoFMUzSeBP8v13dQJmT3cFAheoCGcbEqTYxBPZkLIE09HXx_Cbte5gQ10dH5TXC8Y_mtidYC5Xt_i-UrUndj_-eju8nwpgnXJOyuDdBZ7jk7K1bYu1a-5nbjpw7dUebIYTRtKbYQX-b9TnaqffJebQtuUC6RprBXakja2Q%3D%3D&request_ab2=0&zoneid=3765907&js_build=iclick-v1.437.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=939&wiw=1280&wfc=1&pl=https%3A%2F%2Fwhiteservice.rigala.net%2Ft2-topic&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.437.0&bs=f1c6e96e-9597-4dee-84ed-d6010e65e8a9&userId=c6efbfbc2f1643adb153007c28818e97&m=link
139.45.195.8200 OK 8.9 kB URL HTTP/2 cdn.betgorebysson.club/?rb=UToDVqGXIjrau8XpNlMys6juIglnf71BD-EivSTmGgSAkx9O7LlmvYh0BFpaiDBqfoFMUzSeBP8v13dQJmT3cFAheoCGcbEqTYxBPZkLIE09HXx_Cbte5gQ10dH5TXC8Y_mtidYC5Xt_i-UrUndj_-eju8nwpgnXJOyuDdBZ7jk7K1bYu1a-5nbjpw7dUebIYTRtKbYQX-b9TnaqffJebQtuUC6RprBXakja2Q%3D%3D&request_ab2=0&zoneid=3765907&js_build=iclick-v1.437.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=939&wiw=1280&wfc=1&pl=https%3A%2F%2Fwhiteservice.rigala.net%2Ft2-topic&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.437.0&bs=f1c6e96e-9597-4dee-84ed-d6010e65e8a9&userId=c6efbfbc2f1643adb153007c28818e97&m=link
IP 139.45.195.8:0
Hash 3d251fea17d3672ec105f7f700f54eec
affcc292ec6b7cdf9bd4c541cf46da779ea8a1d1
e0420cbd591b594b9d21ea78dd0911b6fb0bb67c8b3e9ded46483712f14880b8
GET /?rb=UToDVqGXIjrau8XpNlMys6juIglnf71BD-EivSTmGgSAkx9O7LlmvYh0BFpaiDBqfoFMUzSeBP8v13dQJmT3cFAheoCGcbEqTYxBPZkLIE09HXx_Cbte5gQ10dH5TXC8Y_mtidYC5Xt_i-UrUndj_-eju8nwpgnXJOyuDdBZ7jk7K1bYu1a-5nbjpw7dUebIYTRtKbYQX-b9TnaqffJebQtuUC6RprBXakja2Q%3D%3D&request_ab2=0&zoneid=3765907&js_build=iclick-v1.437.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=939&wiw=1280&wfc=1&pl=https%3A%2F%2Fwhiteservice.rigala.net%2Ft2-topic&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.437.0&bs=f1c6e96e-9597-4dee-84ed-d6010e65e8a9&userId=c6efbfbc2f1643adb153007c28818e97&m=link HTTP/1.1
Host: cdn.betgorebysson.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://whiteservice.rigala.net/
Origin: https://whiteservice.rigala.net
Connection: keep-alive
Cookie: OAID=c6efbfbc2f1643adb153007c28818e97; oaidts=1666262605
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 20 Oct 2022 10:43:26 GMT
content-type: application/json
x-trace-id: d09bcecd869439d2b083f3e549b90267
access-control-allow-origin: https://whiteservice.rigala.net
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=c6efbfbc2f1643adb153007c28818e97; expires=Fri, 20 Oct 2023 10:43:26 GMT; path=/; secure; SameSite=None
oaidts=1666262606; expires=Fri, 20 Oct 2023 10:43:26 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Thu, 27 Oct 2022 10:43:26 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbc809406-f843-4494-9a76-eab77bec4daa.jpeg
34.120.237.76200 OK 35 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbc809406-f843-4494-9a76-eab77bec4daa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b683fafb36238c7da6be76247f60600b
e975f7a307a970ab45b03f861fd7d875ec66028d
b65fa7f3e7e0d999ebdfc1a4beb74e21221e4ceabd9e57ed0af6ab4560e12fdd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbc809406-f843-4494-9a76-eab77bec4daa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 35276
x-amzn-requestid: 6e8a79ad-d0f3-4290-a1ed-ef9b1239f193
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aOFApGzbIAMFRGg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634f1b9d-65cf1b926ab122b1716a2983;Sampled=0
x-amzn-remapped-date: Tue, 18 Oct 2022 21:33:17 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: JACNduziuYQlr-L2qhJ__GTgdddaGAGhBkTgJbwDt5zDnzTAC2i8sg==
via: 1.1 0a2ce08fa1ec3c33302a7547d3305978.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Wed, 19 Oct 2022 23:10:57 GMT
age: 41549
etag: "e975f7a307a970ab45b03f861fd7d875ec66028d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62f5f540-31b5-4aa6-b4cc-525320d668bb.jpeg
34.120.237.76200 OK 5.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62f5f540-31b5-4aa6-b4cc-525320d668bb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4ab69334daf0ae01ea1464a1bf94f59c
37f9e5e45a2f1a772be738c1b26fa33beb0b7841
407ad50be96152f0123551811bc70e796f4d143650e6c36e7fe9f5baf5b29b76
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62f5f540-31b5-4aa6-b4cc-525320d668bb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5271
x-amzn-requestid: bc46c571-22e9-44dd-87cd-70e205b0b60e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aRX9KFQVIAMFqqg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63506d20-4cd2c717604ae52a6cde9b99;Sampled=0
x-amzn-remapped-date: Wed, 19 Oct 2022 21:33:20 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: v3r_XvpoXUqu2e4l44vAoa-Ktug5wXQIVt9xfvtjqw-Eb4lmxH4yng==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 19 Oct 2022 21:51:14 GMT
age: 46332
etag: "37f9e5e45a2f1a772be738c1b26fa33beb0b7841"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
tzegilo.com/stattag.js
104.21.84.149200 OK 18 kB IP 104.21.84.149:0
File type ASCII text, with very long lines (13017), with no line terminators
Hash 65f4e2826fc1d137f673c5f4401a2d82
4b8bf034e315eb4ca65a3050ed2b21784c563c48
38a52be83a5e82b51f2030f3a691850e74bd4b824c6f40d398e62ce58f75c7d8
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://whiteservice.rigala.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 20 Oct 2022 10:43:25 GMT
content-type: application/javascript
last-modified: Tue, 18 Oct 2022 14:05:58 GMT
etag: W/"634eb2c6-32d9"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 6552
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zzQLnfIeCUS0Zo04AoYWGv01%2FHnZqbRizhVo3b2kQelEEAPq32U2x4rZVaGwk0D3mEh1hRSQdMtMfHO6xr6FQCJ5UiaMYyUAH%2FuA3DhkgKvTIZ0pDS6GcBYAqrPVYw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75d1270769bb0b59-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3592ad50-6772-4932-afb0-d8ac43e37836.jpeg
34.120.237.76200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3592ad50-6772-4932-afb0-d8ac43e37836.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c19173918c875a2f7820a771334a52ee
1a1d58eb4239ab5f9da9e1bede9a720e32d109ec
1033b4bf56149d93b73ddf10b8edec3e2112fd8e20ab8783863ed6764d52d741
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3592ad50-6772-4932-afb0-d8ac43e37836.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7230
x-amzn-requestid: 73b21c18-af84-4c4b-a560-c6eaf72ee9e5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aRYBhF2NIAMFRbg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63506d3c-7664eb1b00765a5e11798929;Sampled=0
x-amzn-remapped-date: Wed, 19 Oct 2022 21:33:48 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: cdcTOS__HQIzy-b2SnRjJhfj9e98s4wSIurrsg7bZHP10ykmKOMtwg==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Wed, 19 Oct 2022 22:03:55 GMT
age: 45571
etag: "1a1d58eb4239ab5f9da9e1bede9a720e32d109ec"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
trc-events.taboola.com/forumotion-ar/log/3/bulk-metrics?lti=deflated&bulkSize=1
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/forumotion-ar/log/3/bulk-metrics?lti=deflated&bulkSize=1
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /forumotion-ar/log/3/bulk-metrics?lti=deflated&bulkSize=1 HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 484
Origin: https://whiteservice.rigala.net
Connection: keep-alive
Referer: https://whiteservice.rigala.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Thu, 20 Oct 2022 10:43:31 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://whiteservice.rigala.net
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
trc.taboola.com/forumotion-ar/trc/3/json?tim=10%3A43%3A41.567<i=deflated&data=%7B%22id%22%3A153%2C%22ii%22%3A%22%2Ft2-topic%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1666171150482%2C%22vi%22%3A1666262621564%2C%22cv%22%3A%2220221019-5-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwhiteservice.rigala.net%2Ft2-topic%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22cmps%22%3A0%2C%22ga%22%3Atrue%2C%22tcs%22%3A%22CPhJZsAPhJZsABcAIBENClCgAAAAAH_AABpwIyQAARkgaAALAAeABUAC4AGQAOQAfACAAEkAMQAygBoAGoAPAAfQBEAEUAJgATwAxABmADmAH4AQgAjgBMAClAFvAMoAywB3AD9AIGAQgAi0BHAEdAKWAVcAuoBgQDRAGvANoAdUA_4CPQExAKaAWoAvMBggDDQGPgMkAcWA5QB2AAA%22%2C%22gwto%22%3Atrue%2C%22btv%22%3A%220%22%2C%22bu%22%3A%22https%3A%2F%2Fwhiteservice.rigala.net%2Ft2-topic%22%2C%22vpi%22%3A%22%2Ft2-topic%22%2C%22bad%22%3A-1%2C%22sw%22%3A1280%2C%22sh%22%3A1002%2C%22bw%22%3A1280%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A939%2C%22dw%22%3A1280%2C%22dh%22%3A5352%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-728x90%3Aabp%3D0%22%2C%22uip%22%3A%22728x90%20Thumbnails%22%2C%22orig_uip%22%3A%22728x90%20Thumbnails%22%2C%22cd%22%3A359%2C%22mw%22%3A0%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A5%2C%22uim%22%3A%22thumbnails-desktop-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22cd%22%3A5265.58349609375%2C%22mw%22%3A1000%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Ft2-topic%2C728x90%20Thumbnails%3Dthumbnails-728x90%3Aabp%3D0%2C%2CBelow%20Desktop%20Forum%20Thumbnails%3Dthumbnails-desktop-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
151.101.85.44200 OK 11 kB URL HTTP/2 trc.taboola.com/forumotion-ar/trc/3/json?tim=10%3A43%3A41.567<i=deflated&data=%7B%22id%22%3A153%2C%22ii%22%3A%22%2Ft2-topic%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1666171150482%2C%22vi%22%3A1666262621564%2C%22cv%22%3A%2220221019-5-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwhiteservice.rigala.net%2Ft2-topic%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22cmps%22%3A0%2C%22ga%22%3Atrue%2C%22tcs%22%3A%22CPhJZsAPhJZsABcAIBENClCgAAAAAH_AABpwIyQAARkgaAALAAeABUAC4AGQAOQAfACAAEkAMQAygBoAGoAPAAfQBEAEUAJgATwAxABmADmAH4AQgAjgBMAClAFvAMoAywB3AD9AIGAQgAi0BHAEdAKWAVcAuoBgQDRAGvANoAdUA_4CPQExAKaAWoAvMBggDDQGPgMkAcWA5QB2AAA%22%2C%22gwto%22%3Atrue%2C%22btv%22%3A%220%22%2C%22bu%22%3A%22https%3A%2F%2Fwhiteservice.rigala.net%2Ft2-topic%22%2C%22vpi%22%3A%22%2Ft2-topic%22%2C%22bad%22%3A-1%2C%22sw%22%3A1280%2C%22sh%22%3A1002%2C%22bw%22%3A1280%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A939%2C%22dw%22%3A1280%2C%22dh%22%3A5352%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-728x90%3Aabp%3D0%22%2C%22uip%22%3A%22728x90%20Thumbnails%22%2C%22orig_uip%22%3A%22728x90%20Thumbnails%22%2C%22cd%22%3A359%2C%22mw%22%3A0%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A5%2C%22uim%22%3A%22thumbnails-desktop-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22cd%22%3A5265.58349609375%2C%22mw%22%3A1000%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Ft2-topic%2C728x90%20Thumbnails%3Dthumbnails-728x90%3Aabp%3D0%2C%2CBelow%20Desktop%20Forum%20Thumbnails%3Dthumbnails-desktop-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
IP 151.101.85.44:0
File type Unicode text, UTF-8 text, with very long lines (17842)
Hash 0d465c642f2ac3c187fde71499987c47
3a53ee5b7cce905186481a76414c36c0cd1562eb
0ef5a871afb68f03628215f28a3d6a4b376454f85196aed0ec2bef680da38166
GET /forumotion-ar/trc/3/json?tim=10%3A43%3A41.567<i=deflated&data=%7B%22id%22%3A153%2C%22ii%22%3A%22%2Ft2-topic%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1666171150482%2C%22vi%22%3A1666262621564%2C%22cv%22%3A%2220221019-5-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwhiteservice.rigala.net%2Ft2-topic%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22cmps%22%3A0%2C%22ga%22%3Atrue%2C%22tcs%22%3A%22CPhJZsAPhJZsABcAIBENClCgAAAAAH_AABpwIyQAARkgaAALAAeABUAC4AGQAOQAfACAAEkAMQAygBoAGoAPAAfQBEAEUAJgATwAxABmADmAH4AQgAjgBMAClAFvAMoAywB3AD9AIGAQgAi0BHAEdAKWAVcAuoBgQDRAGvANoAdUA_4CPQExAKaAWoAvMBggDDQGPgMkAcWA5QB2AAA%22%2C%22gwto%22%3Atrue%2C%22btv%22%3A%220%22%2C%22bu%22%3A%22https%3A%2F%2Fwhiteservice.rigala.net%2Ft2-topic%22%2C%22vpi%22%3A%22%2Ft2-topic%22%2C%22bad%22%3A-1%2C%22sw%22%3A1280%2C%22sh%22%3A1002%2C%22bw%22%3A1280%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A939%2C%22dw%22%3A1280%2C%22dh%22%3A5352%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-728x90%3Aabp%3D0%22%2C%22uip%22%3A%22728x90%20Thumbnails%22%2C%22orig_uip%22%3A%22728x90%20Thumbnails%22%2C%22cd%22%3A359%2C%22mw%22%3A0%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A5%2C%22uim%22%3A%22thumbnails-desktop-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22cd%22%3A5265.58349609375%2C%22mw%22%3A1000%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Ft2-topic%2C728x90%20Thumbnails%3Dthumbnails-728x90%3Aabp%3D0%2C%2CBelow%20Desktop%20Forum%20Thumbnails%3Dthumbnails-desktop-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2 HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://whiteservice.rigala.net
Connection: keep-alive
Referer: https://whiteservice.rigala.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://whiteservice.rigala.net
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Thu, 20 Oct 2022 10:43:31 GMT
via: 1.1 varnish
x-served-by: cache-bma1640-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1666262611.106083,VS0,VE413
vary: Accept-Encoding
x-vcl-time-ms: 413
X-Firefox-Spdy: h2
vidstat.taboola.com/lite-unit/1.4.0/UnitWidgetItemDesktop.min.js
151.101.85.44200 OK 24 kB URL HTTP/2 vidstat.taboola.com/lite-unit/1.4.0/UnitWidgetItemDesktop.min.js
IP 151.101.85.44:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash b06a94b265b5ec3739dab4b38308709c
de2336288983f78217a4cc83755366e583c5920a
066de7eb0d351eda7686b2479b069a600405fed39d38c7b9163a1d3cda84e992
GET /lite-unit/1.4.0/UnitWidgetItemDesktop.min.js HTTP/1.1
Host: vidstat.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://whiteservice.rigala.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 31 Mar 2020 13:14:35 GMT
etag: "b683c290896a82c974838a04b4ea4aff"
server: AmazonS3
via: 1.1 4838101f07e2dfcd1db4abc88031f082.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: EpZuzr7lQIzV08xTZRv1e5wA0qOWVGpJ94XhkewIQ9BC5tfAYBuP9w==
cache-control: public, max-age=2592000
content-encoding: gzip
accept-ranges: bytes
date: Thu, 20 Oct 2022 10:43:31 GMT
age: 189114
x-served-by: cache-bma1640-BMA
x-cache: Hit from cloudfront, HIT
x-cache-hits: 89
x-timer: S1666262612.622346,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
content-length: 23743
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/09c6cef05909d968cab029e28553fa98.jpg
151.101.85.44200 OK 5.5 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/09c6cef05909d968cab029e28553fa98.jpg
IP 151.101.85.44:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 85090c8dab73f3195afe1a9612c57e0a
4c5ab0698a536548c31c40538e9f064601ae34ef
dd9ebf5cd3941ea4eaef652637945732618996fd69bf57e6110a8e1059ae7433
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/09c6cef05909d968cab029e28553fa98.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://whiteservice.rigala.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 438653728931705388656526782056330420895,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 438653728931705388656526782056330420895,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
etag: "262e6492de33a592c4a594dfc041cc33"
last-modified: Thu, 22 Sep 2022 13:19:28 GMT
req-referer: https://www.digital-forum.it/
status: 200 OK
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-request-id: 161a81101e94163886fa117193cae6ec
x-envoy-upstream-service-time: 2101
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Thu, 20 Oct 2022 10:43:31 GMT
age: 2336077
x-served-by: cache-iad-kjyo7100166-IAD, cache-iad-kcgs7200025-IAD, cache-lga21977-LGA, cache-iad-kjyo7100173-IAD, cache-bma1640-BMA
x-cache: MISS, MISS, HIT, HIT, HIT
x-cache-hits: 0, 0, 1, 39, 1
x-timer: S1666262612.672632,VS0,VE1
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/09c6cef05909d968cab029e28553fa98.jpg
x-vcl-time-ms: 1
content-length: 5546
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/11c51a580d0234715f4e381a2ff193d9.jpg
151.101.85.44200 OK 5.9 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/11c51a580d0234715f4e381a2ff193d9.jpg
IP 151.101.85.44:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 3ef4a92c8cb7db4b1e284533b99f50e5
b90e1086f5327f82ccaf0dc463139eed297082f1
2a7eabdbca7fde934dc5a95cb336a81596b80b4108fc281f87099ab67e85f66e
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/11c51a580d0234715f4e381a2ff193d9.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://whiteservice.rigala.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 375394960470726063426544127135759758201,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 375394960470726063426544127135759758201,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
etag: "fe5a4ede882ecf013fb977f77a4d23de"
last-modified: Tue, 02 Aug 2022 10:20:54 GMT
status: 200 OK
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-request-id: 769eea744d494feda65af1e7cfd773d6
x-envoy-upstream-service-time: 59
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Thu, 20 Oct 2022 10:43:31 GMT
age: 5158188
x-served-by: cache-iad-kjyo7100129-IAD, cache-iad-kiad7000168-IAD, cache-lga21941-LGA, cache-iad-kjyo7100123-IAD, cache-bma1640-BMA
x-cache: MISS, HIT, MISS, HIT, HIT
x-cache-hits: 0, 1, 0, 1, 2
x-timer: S1666262612.723222,VS0,VE0
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/11c51a580d0234715f4e381a2ff193d9.jpg
x-vcl-time-ms: 0
content-length: 5902
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f35/18/71/82/84/o10.jpg
151.101.85.44200 OK 7.1 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f35/18/71/82/84/o10.jpg
IP 151.101.85.44:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 2e553d95af9bb5acf7ffabe042ea0248
dd320b3c2e4c8578c5a11042bb4f6b1a9e17bcfb
ac8adbb2e37386733ed713e4ea70af6cd6291ab02e38dac40007c785fc5d1045
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f35/18/71/82/84/o10.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://whiteservice.rigala.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 306466372957551130704574454496854686602,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 306466372957551130704574454496854686602,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
etag: "3ccee5279d4390fe6a2c917a4e09f2f3"
last-modified: Fri, 19 Aug 2022 15:38:39 GMT
status: 200 OK
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-request-id: d783a4283da66f60e3058f0f7ea2b278
x-envoy-upstream-service-time: 121
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Thu, 20 Oct 2022 10:43:31 GMT
age: 4275039
x-served-by: cache-iad-kcgs7200082-IAD, cache-iad-kiad7000161-IAD, cache-chi-klot8100020-CHI, cache-iad-kcgs7200099-IAD, cache-bma1640-BMA
x-cache: HIT, HIT, HIT, HIT, HIT
x-cache-hits: 1, 1, 1, 1, 1
x-timer: S1666262612.730748,VS0,VE1
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f35/18/71/82/84/o10.jpg
x-vcl-time-ms: 1
content-length: 7140
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f40/15/31/63/96/201910.jpg
151.101.85.44200 OK 5.8 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f40/15/31/63/96/201910.jpg
IP 151.101.85.44:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 3d65770a978e97f8a2e0702660dcc371
44e306f08e5af8e4ca2ceb97ec8361b9e693f322
b78ba46b24021d32bbf4679d64dd112f2164bb3a17a62aae0aedcbaa4f5f437a
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f40/15/31/63/96/201910.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://whiteservice.rigala.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 544739962377286115750906782440533884243,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 544739962377286115750906782440533884243,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
etag: "2e4f6466dae29a54e4d540a2389ed4c3"
last-modified: Wed, 13 Jul 2022 15:29:03 GMT
status: 200 OK
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-request-id: 765b7e358644f26f422180ad9087e66f
x-envoy-upstream-service-time: 799
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Thu, 20 Oct 2022 10:43:31 GMT
age: 8010328
x-served-by: cache-iad-kiad7000150-IAD, cache-iad-kiad7000023-IAD, cache-lga21924-LGA, cache-iad-kiad7000175-IAD, cache-bma1640-BMA
x-cache: HIT, HIT, HIT, HIT, HIT
x-cache-hits: 1, 1, 1, 1, 1
x-timer: S1666262612.736362,VS0,VE1
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f40/15/31/63/96/201910.jpg
x-vcl-time-ms: 1
content-length: 5812
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f21/19/73/51/38/vente-10.jpg
151.101.85.44200 OK 12 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f21/19/73/51/38/vente-10.jpg
IP 151.101.85.44:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 7e2823d12a0e69784dd9f2ccaef4af99
aa947ae91377e23dea893475dba70c3be8ef1ede
61d9bf4438034b826c366ab50bfb546989ed5c3cddd19f6569705d6030ec4abf
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f21/19/73/51/38/vente-10.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://whiteservice.rigala.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 352690306229506137798207407469809578240,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 352690306229506137798207407469809578240,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
etag: "b3c9505a19038b4db67c1b73ca53d270"
expiration: expiry-date="Fri, 23 Sep 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
last-modified: Tue, 23 Aug 2022 09:17:42 GMT
req-referer: https://elmostfa.yoo7.com/
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-envoy-upstream-service-time: 37
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Thu, 20 Oct 2022 10:43:31 GMT
age: 2595829
x-served-by: cache-iad-kcgs7200020-IAD, cache-iad-kiad7000022-IAD, cache-sna10724-LGB, cache-iad-kjyo7100129-IAD, cache-bma1640-BMA
x-cache: MISS, HIT, HIT, HIT, HIT
x-cache-hits: 0, 1, 1, 1, 1
x-timer: S1666262612.736330,VS0,VE1
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f21/19/73/51/38/vente-10.jpg
x-vcl-time-ms: 1
content-length: 12202
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f56/13/29/42/17/12364510.jpg
151.101.85.44200 OK 8.9 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f56/13/29/42/17/12364510.jpg
IP 151.101.85.44:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash e6549b7ccaf80edb7cc457855fcf1afd
a5e4fdac94e4412db579d8da24f6406e4c9ee091
37217a42cf02054ae0dcbe4b0a4e347f9249ccead67b3becf768ddec4e27058c
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f56/13/29/42/17/12364510.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://whiteservice.rigala.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 449135505905866693991736054737018067184,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 449135505905866693991736054737018067184,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
etag: "945d6996428f3b4937c4c96ea8c1e540"
expiration: expiry-date="Wed, 05 Oct 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
last-modified: Sun, 04 Sep 2022 09:52:27 GMT
req-referer: https://egyptan.yoo7.com/
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-envoy-upstream-service-time: 139
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Thu, 20 Oct 2022 10:43:31 GMT
age: 2776016
x-served-by: cache-iad-kjyo7100025-IAD, cache-iad-kiad7000098-IAD, cache-lga21940-LGA, cache-iad-kjyo7100034-IAD, cache-bma1640-BMA
x-cache: MISS, HIT, HIT, HIT, HIT
x-cache-hits: 0, 1, 1, 1, 1
x-timer: S1666262612.736317,VS0,VE1
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f56/13/29/42/17/12364510.jpg
x-vcl-time-ms: 1
content-length: 8936
X-Firefox-Spdy: h2
api.viglink.com/api/domains
52.214.137.185200 OK 57 B URL HTTP/1.1 api.viglink.com/api/domains
IP 52.214.137.185:0
File type ASCII text, with no line terminators
Hash 192a6212034a5f668d8b4ba5218fb734
dea11ae205bc38ca820bccf7126143ec782c6de5
8ffee96ed17f5b2fa408fb2a018e3be3327e4d7225d6970f14a3ffb015729762
POST /api/domains HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 285
Origin: https://whiteservice.rigala.net
Connection: keep-alive
Referer: https://whiteservice.rigala.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://whiteservice.rigala.net
Cache-Control: no-cache, no-store
Content-Type: text/javascript;charset=UTF-8
Date: Thu, 20 Oct 2022 10:43:31 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 57
Connection: keep-alive
il-trc-events.taboola.com/forumotion-ar/log/2/debug?tim=10%3A43%3A42.162&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=9320&cv=20221019-5-RELEASE<=deflated&pct=1
185.106.33.48204 No Content 0 B URL HTTP/2 il-trc-events.taboola.com/forumotion-ar/log/2/debug?tim=10%3A43%3A42.162&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=9320&cv=20221019-5-RELEASE<=deflated&pct=1
IP 185.106.33.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /forumotion-ar/log/2/debug?tim=10%3A43%3A42.162&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=9320&cv=20221019-5-RELEASE<=deflated&pct=1 HTTP/1.1
Host: il-trc-events.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://whiteservice.rigala.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Thu, 20 Oct 2022 10:43:31 GMT
x-fastly-to-nlb-rtt: 73134
access-control-allow-credentials: true
X-Firefox-Spdy: h2
il-trc-events.taboola.com/forumotion-ar/log/3/bulk-metrics?route=AM%3AIL%3AV<i=deflated&bulkSize=2
185.106.33.48204 No Content 0 B URL HTTP/2 il-trc-events.taboola.com/forumotion-ar/log/3/bulk-metrics?route=AM%3AIL%3AV<i=deflated&bulkSize=2
IP 185.106.33.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /forumotion-ar/log/3/bulk-metrics?route=AM%3AIL%3AV<i=deflated&bulkSize=2 HTTP/1.1
Host: il-trc-events.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 1689
Origin: https://whiteservice.rigala.net
Connection: keep-alive
Referer: https://whiteservice.rigala.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Thu, 20 Oct 2022 10:43:32 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://whiteservice.rigala.net
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
il-trc-events.taboola.com/forumotion-ar/log/2/debug?tim=10%3A43%3A42.261&type=warn&msg=video%20tag%20loader%20-%20didn%27t%20find%20enough%20sponsored%20items%20for%20integrated%20widget%20replacement&llvl=2&id=5291&cv=20221019-5-RELEASE<=deflated&pct=1
185.106.33.48204 No Content 0 B URL HTTP/2 il-trc-events.taboola.com/forumotion-ar/log/2/debug?tim=10%3A43%3A42.261&type=warn&msg=video%20tag%20loader%20-%20didn%27t%20find%20enough%20sponsored%20items%20for%20integrated%20widget%20replacement&llvl=2&id=5291&cv=20221019-5-RELEASE<=deflated&pct=1
IP 185.106.33.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /forumotion-ar/log/2/debug?tim=10%3A43%3A42.261&type=warn&msg=video%20tag%20loader%20-%20didn%27t%20find%20enough%20sponsored%20items%20for%20integrated%20widget%20replacement&llvl=2&id=5291&cv=20221019-5-RELEASE<=deflated&pct=1 HTTP/1.1
Host: il-trc-events.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://whiteservice.rigala.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Thu, 20 Oct 2022 10:43:32 GMT
x-fastly-to-nlb-rtt: 73054
access-control-allow-credentials: true
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
151.101.85.44200 OK 254 B URL HTTP/2 cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
IP 151.101.85.44:0
File type PNG image data, 12 x 12, 8-bit gray+alpha, non-interlaced\012- data
Hash dfa7b52c86e56bd67fa4002f6ed19854
7df722645482433c2b5c8d8ab4272a9874592f27
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
GET /libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://whiteservice.rigala.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: c3AK0F63Rmz1U+ZkwDZRH6hJiJRTGpZB8kTBPWz0vwbg9siBxtMOH8aEqr1NtVeNHtLhLAVUR9E=
x-amz-request-id: 4JKSR0YA3KVH073N
x-amz-replication-status: COMPLETED
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
content-type: image/png
server: AmazonS3
accept-ranges: bytes
date: Thu, 20 Oct 2022 10:43:32 GMT
via: 1.1 varnish
age: 11524
x-served-by: cache-bma1640-BMA
x-cache: HIT
x-cache-hits: 1536
x-timer: S1666262613.688776,VS0,VE0
cache-control: private,max-age=31536000
abp: 90
content-length: 254
X-Firefox-Spdy: h2
trc.taboola.com/forumotion-ar/log/3/bulk?route=AM%3AIL%3AV<i=deflated&bulkSize=2
151.101.85.44204 No Content 0 B URL HTTP/2 trc.taboola.com/forumotion-ar/log/3/bulk?route=AM%3AIL%3AV<i=deflated&bulkSize=2
IP 151.101.85.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /forumotion-ar/log/3/bulk?route=AM%3AIL%3AV<i=deflated&bulkSize=2 HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 3737
Origin: https://whiteservice.rigala.net
Connection: keep-alive
Referer: https://whiteservice.rigala.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
content-type: image/gif
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://whiteservice.rigala.net
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
accept-ranges: bytes
date: Thu, 20 Oct 2022 10:43:32 GMT
via: 1.1 varnish
x-served-by: cache-bma1640-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1666262613.630021,VS0,VE88
x-vcl-time-ms: 88
X-Firefox-Spdy: h2
cache.consentframework.com/js/pa/24697/c/IxWav/stub
172.67.74.105200 OK 0 B URL HTTP/2 cache.consentframework.com/js/pa/24697/c/IxWav/stub
IP 172.67.74.105:0
GET /js/pa/24697/c/IxWav/stub HTTP/1.1
Host: cache.consentframework.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://whiteservice.rigala.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 20 Oct 2022 10:43:24 GMT
content-type: text/javascript; charset=UTF-8
cache-control: max-age=3600
strict-transport-security: max-age=15724800; includeSubDomains; preload
cf-cache-status: HIT
age: 2195
last-modified: Thu, 20 Oct 2022 10:06:49 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fb1ekGxRtj9%2FPtydR75%2BwiEGaCDD4gQq2371DCAWYEB0RUEYZZQNsCRWS3BgT2sjZH0frdvW4vU1ZMX8VPynwpq%2FhVT4bpQJGq7WTOalEbkAdCPFYhTxyvLfaSQGZEGnpsDHBOYd5QXatFMi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75d12700ffcf0b61-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.betgorebysson.club/apu.php?zoneid=3765907
139.45.195.8200 OK 0 B URL HTTP/2 cdn.betgorebysson.club/apu.php?zoneid=3765907
IP 139.45.195.8:0
GET /apu.php?zoneid=3765907 HTTP/1.1
Host: cdn.betgorebysson.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://whiteservice.rigala.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 20 Oct 2022 10:43:25 GMT
content-type: application/javascript
x-trace-id: 6cb5d812ed71373c48c56bad61dbbcb5
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=c6efbfbc2f1643adb153007c28818e97; expires=Fri, 20 Oct 2023 10:43:25 GMT; path=/; secure; SameSite=None
oaidts=1666262605; expires=Fri, 20 Oct 2023 10:43:25 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
15.taboola.com/tb?oid=15&pubnm=forumotion-ar&unitType=226&tbloc=&pageType=text&pstn=Below%20Desktop%20Forum%20Thumbnails&uuip=&cisrf=&cirf=https%3A%2F%2Fwhiteservice.rigala.net%2Ft2-topic&encoded=1&uid=4449952d-7fd8-48e1-a923-f19025833ff2-tucta4aabd3&variant=0|1786174634&callback=TRC.videoTagCallbacks.videoCallback2&cb=1666262622097&tagid=&cntry=NO&platform=1&sesid=910fc45b1fb0512fdbea34fcadf3a156&itemid=/t2-topic&viewid=1666262621564&geolat=&geoing=&deviceifa=&appid=&sd=v2_910fc45b1fb0512fdbea34fcadf3a156_4449952d-7fd8-48e1-a923-f19025833ff2-tucta4aabd3_1666262611_1666262611_CNawjgYQ3pxDGPy696e_MCABKAEwogE434cMQJ6XEEj5qNkDUN6lI1gBYABo_9iV8p6d99_dAXAA&ri=b3b5372a7d6425069805e42e5111cafb&appname=&cdb=CPhJZsAPhJZsABcAIBENClCgAAAAAH_AABpwIyQAARkgaAALAAeABUAC4AGQAOQAfACAAEkAMQAygBoAGoAPAAfQBEAEUAJgATwAxABmADmAH4AQgAjgBMAClAFvAMoAywB3AD9AIGAQgAi0BHAEdAKWAVcAuoBgQDRAGvANoAdUA_4CPQExAKaAWoAvMBggDDQGPgMkAcWA5QB2AAA&gdprApplies=true&rid=&sii=-3128870572604960058&oee=true&tpubid=1101406&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=®ion=03&hasGDPRConsent=false&tcfVersion=2&cmpStatus=0&tnetid=1037540&prcnt=&layer=&normp=7&gvv=
151.101.85.44200 OK 0 B URL HTTP/2 15.taboola.com/tb?oid=15&pubnm=forumotion-ar&unitType=226&tbloc=&pageType=text&pstn=Below%20Desktop%20Forum%20Thumbnails&uuip=&cisrf=&cirf=https%3A%2F%2Fwhiteservice.rigala.net%2Ft2-topic&encoded=1&uid=4449952d-7fd8-48e1-a923-f19025833ff2-tucta4aabd3&variant=0|1786174634&callback=TRC.videoTagCallbacks.videoCallback2&cb=1666262622097&tagid=&cntry=NO&platform=1&sesid=910fc45b1fb0512fdbea34fcadf3a156&itemid=/t2-topic&viewid=1666262621564&geolat=&geoing=&deviceifa=&appid=&sd=v2_910fc45b1fb0512fdbea34fcadf3a156_4449952d-7fd8-48e1-a923-f19025833ff2-tucta4aabd3_1666262611_1666262611_CNawjgYQ3pxDGPy696e_MCABKAEwogE434cMQJ6XEEj5qNkDUN6lI1gBYABo_9iV8p6d99_dAXAA&ri=b3b5372a7d6425069805e42e5111cafb&appname=&cdb=CPhJZsAPhJZsABcAIBENClCgAAAAAH_AABpwIyQAARkgaAALAAeABUAC4AGQAOQAfACAAEkAMQAygBoAGoAPAAfQBEAEUAJgATwAxABmADmAH4AQgAjgBMAClAFvAMoAywB3AD9AIGAQgAi0BHAEdAKWAVcAuoBgQDRAGvANoAdUA_4CPQExAKaAWoAvMBggDDQGPgMkAcWA5QB2AAA&gdprApplies=true&rid=&sii=-3128870572604960058&oee=true&tpubid=1101406&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=®ion=03&hasGDPRConsent=false&tcfVersion=2&cmpStatus=0&tnetid=1037540&prcnt=&layer=&normp=7&gvv=
IP 151.101.85.44:0
GET /tb?oid=15&pubnm=forumotion-ar&unitType=226&tbloc=&pageType=text&pstn=Below%20Desktop%20Forum%20Thumbnails&uuip=&cisrf=&cirf=https%3A%2F%2Fwhiteservice.rigala.net%2Ft2-topic&encoded=1&uid=4449952d-7fd8-48e1-a923-f19025833ff2-tucta4aabd3&variant=0|1786174634&callback=TRC.videoTagCallbacks.videoCallback2&cb=1666262622097&tagid=&cntry=NO&platform=1&sesid=910fc45b1fb0512fdbea34fcadf3a156&itemid=/t2-topic&viewid=1666262621564&geolat=&geoing=&deviceifa=&appid=&sd=v2_910fc45b1fb0512fdbea34fcadf3a156_4449952d-7fd8-48e1-a923-f19025833ff2-tucta4aabd3_1666262611_1666262611_CNawjgYQ3pxDGPy696e_MCABKAEwogE434cMQJ6XEEj5qNkDUN6lI1gBYABo_9iV8p6d99_dAXAA&ri=b3b5372a7d6425069805e42e5111cafb&appname=&cdb=CPhJZsAPhJZsABcAIBENClCgAAAAAH_AABpwIyQAARkgaAALAAeABUAC4AGQAOQAfACAAEkAMQAygBoAGoAPAAfQBEAEUAJgATwAxABmADmAH4AQgAjgBMAClAFvAMoAywB3AD9AIGAQgAi0BHAEdAKWAVcAuoBgQDRAGvANoAdUA_4CPQExAKaAWoAvMBggDDQGPgMkAcWA5QB2AAA&gdprApplies=true&rid=&sii=-3128870572604960058&oee=true&tpubid=1101406&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=®ion=03&hasGDPRConsent=false&tcfVersion=2&cmpStatus=0&tnetid=1037540&prcnt=&layer=&normp=7&gvv= HTTP/1.1
Host: 15.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://whiteservice.rigala.net
Connection: keep-alive
Referer: https://whiteservice.rigala.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: text/html;charset=ISO-8859-1
machineid: 1443
link: <https://am-wf.taboola.com>; rel=preconnect
xvid-debug: mrmr - :
pragma: no-cache
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: https://whiteservice.rigala.net
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Thu, 20 Oct 2022 10:43:31 GMT
via: 1.1 varnish
x-served-by: cache-bma1640-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1666262612.700240,VS0,VE34
vary: Accept-Encoding
X-Firefox-Spdy: h2
whiteservice.rigala.net/?utm_source=pwa
188.165.2.137200 OK 0 B URL HTTP/2 whiteservice.rigala.net/?utm_source=pwa
IP 188.165.2.137:0
GET /?utm_source=pwa HTTP/1.1
Host: whiteservice.rigala.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://whiteservice.rigala.net/serviceworker.js
Connection: keep-alive
Cookie: exadd=166627; _fa-screen=%7B%22w%22%3A1280%2C%22h%22%3A939%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 20 Oct 2022 10:43:25 GMT
content-type: text/html; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 20 Oct 2022 00:00:00 GMT
last-modified: Thu, 20 Oct 2022 10:43:25 GMT
vary: User-Agent
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
whiteservice.rigala.net/sw.js
188.165.2.137200 OK 0 B URL HTTP/2 whiteservice.rigala.net/sw.js
IP 188.165.2.137:0
GET /sw.js HTTP/1.1
Host: whiteservice.rigala.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://whiteservice.rigala.net/t2-topic
Connection: keep-alive
Cookie: exadd=166627; _fa-screen=%7B%22w%22%3A1280%2C%22h%22%3A939%7D; _ga=GA1.2.533678771.1666262616; _gid=GA1.2.571207203.1666262616; _gat_gtag_UA_144347007_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 20 Oct 2022 10:43:25 GMT
content-type: application/javascript
last-modified: Tue, 27 Aug 2019 13:54:01 GMT
etag: W/"5d6535f9-1554"
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
whiteservice.rigala.net/serviceworker.js
188.165.2.137200 OK 0 B URL HTTP/2 whiteservice.rigala.net/serviceworker.js
IP 188.165.2.137:0
GET /serviceworker.js HTTP/1.1
Host: whiteservice.rigala.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: exadd=166627; _fa-screen=%7B%22w%22%3A1280%2C%22h%22%3A939%7D
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 20 Oct 2022 10:43:25 GMT
content-type: application/javascript
last-modified: Thu, 25 Feb 2021 14:30:57 GMT
etag: W/"6037b4a1-b0d"
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
illiweb.com/rs3/63/frm/jquery/cookie/jquery.cookie.js
172.67.150.97200 OK 0 B URL HTTP/2 illiweb.com/rs3/63/frm/jquery/cookie/jquery.cookie.js
IP 172.67.150.97:0
GET /rs3/63/frm/jquery/cookie/jquery.cookie.js HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://whiteservice.rigala.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 20 Oct 2022 10:43:24 GMT
content-type: application/x-javascript
cache-control: max-age=31536000
cf-bgj: minify
access-control-allow-origin: *
expires: Fri, 08 Sep 2023 08:06:37 GMT
last-modified: Wed, 09 Sep 2020 09:40:28 GMT
x-cache-ne: HIT
x-cache-pr: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 3638207
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1LfSmvi0Tw8FiwnYX7dKpJRFhoq5%2BpYkNoeTdZz8E%2Bqn37zeTaIEZLHfbwBWWjB%2FhQ%2FsZp3DG93X0Qgi41tRcpALWw1qlSrLHEPaXS7yeFZvWVg4TC%2FYFIa4RnGX7A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75d1270089dbb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
illiweb.com/rs3/63/frm/embed/FA_Embed.js
172.67.150.97200 OK 0 B URL HTTP/2 illiweb.com/rs3/63/frm/embed/FA_Embed.js
IP 172.67.150.97:0
GET /rs3/63/frm/embed/FA_Embed.js HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://whiteservice.rigala.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 20 Oct 2022 10:43:24 GMT
content-type: application/x-javascript
cache-control: max-age=31536000
cf-bgj: minify
access-control-allow-origin: *
expires: Fri, 08 Sep 2023 08:06:07 GMT
last-modified: Tue, 20 Apr 2021 14:17:00 GMT
x-cache-ne: HIT
x-cache-pr: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 3638236
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CBCNf55T8L5Kt3jKa1Dh%2FTPteiTmDLOsaSR47LLqbG572sfnevMoVN0FViw5lHCoq72tFVPYxG5S0FWHsxSwitXZ5XsOw%2FGPvjrZcBiInojuTBMzEc6gHuqAfAF8AQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75d1270089d6b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.criteo.net/js/ld/publishertag.js
178.250.2.130200 OK 0 B URL HTTP/2 static.criteo.net/js/ld/publishertag.js
IP 178.250.2.130:0
GET /js/ld/publishertag.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://whiteservice.rigala.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 20 Oct 2022 10:43:25 GMT
content-type: text/javascript
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
etag: W/"6326273b-1e2be"
expires: Fri, 21 Oct 2022 10:43:25 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2