hankalis.hooxs.com/t22-topic
94.23.76.111301 Moved Permanently 0 B URL HTTP/1.1 hankalis.hooxs.com/t22-topic
IP 94.23.76.111:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /t22-topic HTTP/1.1
Host: hankalis.hooxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 13 Sep 2022 13:19:25 GMT
Content-Length: 0
Location: https://hankalis.hooxs.com/t22-topic
firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 13 Sep 2022 13:08:45 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Uk6hVeSkmaWFN1DU4sOiXOKGkTZn8G3I-tLZ8m1b_zVkz7xdjtULmw==
Age: 640
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash be88d3e043e3b95b52e41812e50fb634
0318ba1ce487817ea7cba61dd9413bed29213800
b5f178d23e633283f226cca7a9ae79b01e6cab2299ff7065c980d3a9953212fd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B5F178D23E633283F226CCA7A9AE79B01E6CAB2299FF7065C980D3A9953212FD"
Last-Modified: Tue, 13 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13240
Expires: Tue, 13 Sep 2022 17:00:05 GMT
Date: Tue, 13 Sep 2022 13:19:25 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.25200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.25:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 13 Sep 2022 07:17:13 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 1BLoAhNLRL6VjFE8Rvf6nZhrTXDLCCf5hHBXjdhTIcuvPfWcxpVn9w==
age: 31451
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 13:19:25 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash eaaccd29c16cd6b78c0c27fa2f910a94
3a2c03588e08cd531198a225287596eab685db64
e2aed130cd6e74d467fc1bc5db99b4562eabda0bce821b9e044625376fb9980f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E2AED130CD6E74D467FC1BC5DB99B4562EABDA0BCE821B9E044625376FB9980F"
Last-Modified: Sun, 11 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 13 Sep 2022 19:19:25 GMT
Date: Tue, 13 Sep 2022 13:19:25 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 13 Sep 2022 13:03:22 GMT
Cache-Control: max-age=3600
Expires: Tue, 13 Sep 2022 13:12:05 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: jP4Hj9lQ13CvC5AmlnunDunbiZKIEpxBj69Vb34ZrMqGJ_8TYFXS4g==
Age: 963
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e96dbe1b54932c8f447bbbfc9d31cfb0
b15d4a54fbdf95b0af8bd34b6f8ef03055eef0cd
427326963ac1ef6ddeeaf52ab07807c694b82effa6111671ada8270b1faecdae
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1957
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 13:19:25 GMT
Last-Modified: Tue, 13 Sep 2022 12:46:48 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6526c70eb74c821b7a95487ad9a4e13d
0b8c610a7755437ab815b845f52cbb27e6c95008
059d15ca6ac7cb1830286ae635731e03b56c01d7d050291dabe2b3f3db866c9a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 13:19:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ec7a5bb8e310f5c9c992cf85832d5445
e32b8e200a79da9008985e8e6c272f35b02581c5
6391e4c68631e272509ade559b8f568b03dd88be1956906332ae584f9faee00a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 13:19:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
illiweb.com/rs3/63/frm/lang/ar.js
172.67.150.97200 OK 19 kB URL HTTP/2 illiweb.com/rs3/63/frm/lang/ar.js
IP 172.67.150.97:0
File type Unicode text, UTF-8 text, with very long lines (64093), with no line terminators
Hash aab872533e87c4b3aee7860deb371a69
6a96ee89ba44d4523bbf45e857647309e0b46883
d760d271808525b567e9e78ad1bbcaaae5896d79819a6366fd16b861b632cb43
GET /rs3/63/frm/lang/ar.js HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hankalis.hooxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 13:19:25 GMT
content-type: application/x-javascript
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=74879
access-control-allow-origin: *
expires: Fri, 08 Sep 2023 08:07:52 GMT
last-modified: Thu, 08 Sep 2022 07:38:48 GMT
x-cache-ne: EXPIRED
x-cache-pr: EXPIRED
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 450693
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nrfS0U1fuH0MQBNFPyQhrMbIs9MyUPpSGBjCMeQej5a2fvdsno19Rzo7rDMvy9X3RUw3yLZlXB8mD4MAzT%2Bv8F3TW%2FPt%2BOdwTgVQ63cOd%2FLSAYK4E57KEpZlUPArWw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a12caa8af6b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
142.250.74.106200 OK 34 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
IP 142.250.74.106:0
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Hash d989f35706c62ce4a5c561586c55566e
d32e7958e5765609bf08dcdefd0b2c2a8714ce34
375dfe942a03ee024b5cc827b3efda5550d13df7530281f50862ce3b33fcb716
GET /ajax/libs/jquery/1.7.2/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hankalis.hooxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33845
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Sep 2022 22:41:24 GMT
expires: Sat, 09 Sep 2023 22:41:24 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 311881
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
illiweb.com/rs3/63/frm/jquery/cookie/jquery.cookie.js
172.67.150.97200 OK 785 B URL HTTP/2 illiweb.com/rs3/63/frm/jquery/cookie/jquery.cookie.js
IP 172.67.150.97:0
File type ASCII text, with very long lines (1011), with no line terminators
Hash 0bafde8746aabb06e3dee0d04c9e2102
21a0cd95cadd18b924f1c19231306fdaec903ada
b2bf42a081d47ad70ae504529c455a9ad5fec349af0282b229edf05bf4ebfe82
GET /rs3/63/frm/jquery/cookie/jquery.cookie.js HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hankalis.hooxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 13:19:25 GMT
content-type: application/x-javascript
cache-control: max-age=31536000
cf-bgj: minify
access-control-allow-origin: *
expires: Fri, 08 Sep 2023 08:06:37 GMT
last-modified: Wed, 09 Sep 2020 09:40:28 GMT
x-cache-ne: HIT
x-cache-pr: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 450768
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=esf6v4%2BFFeP353FryD8fh1MLcnvU%2BhogQZWYHFqAbNrr60lPut2ouo9InH%2BSn%2FK%2BSJSs9OEPsCH4hyM0MkeUHYK7ggr6DQKVaD%2B8%2BXsOMbGfFtCMv7PEEngDt1XLTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a12caa9b10b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1e96423bd3abaff8f978b0c23126906d
0e26a99587cf82b666f041d780f55586d2ab9333
9f436a34a121a1a6b6bc60231950d860688948e2d5720967e0adb1e7905c759f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3702
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 13:19:25 GMT
Last-Modified: Tue, 13 Sep 2022 12:17:43 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
illiweb.com/rs3/63/frm/jquery/marquee/jquery.marquee.min.js
172.67.150.97200 OK 2.2 kB URL HTTP/2 illiweb.com/rs3/63/frm/jquery/marquee/jquery.marquee.min.js
IP 172.67.150.97:0
File type HTML document, ASCII text, with very long lines (4467), with no line terminators
Hash 1294ba1ff3f436498507c11f22757b6e
80ac9d4fd0c88920542f1726989fad191ab47fb2
42d6e0f4447a661ac50e34fa26dcd8c3bfb0eca2c2e66448d000aec30b6db9d8
GET /rs3/63/frm/jquery/marquee/jquery.marquee.min.js HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hankalis.hooxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 13:19:25 GMT
content-type: application/x-javascript
last-modified: Tue, 27 Aug 2019 14:00:14 GMT
expires: Fri, 08 Sep 2023 08:06:37 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
x-cache-ne: EXPIRED
x-cache-pr: EXPIRED
cf-cache-status: HIT
age: 450768
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7ISrQaNAk0yxtqSIPVjZ9whW4hQTs8IIqyPYBVGAGG%2FsBFo5liOhJWVSOMktuVls%2BGsG5HHfcWCvXog1RdizBEkb9KeAOtZ%2BavfxhnvkqV%2FQ83Gs%2FQPhml8huQG7pQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a12caa8b02b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ec7a5bb8e310f5c9c992cf85832d5445
e32b8e200a79da9008985e8e6c272f35b02581c5
6391e4c68631e272509ade559b8f568b03dd88be1956906332ae584f9faee00a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 13:19:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
2img.net/i/fa/empty.gif
104.21.235.175200 OK 42 B IP 104.21.235.175:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /i/fa/empty.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hankalis.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 13:19:26 GMT
content-type: image/gif
content-length: 42
access-control-allow-origin: *
cache-control: max-age=315360000
cf-bgj: imgq:100,h2pri
cf-polished: status=not_needed
etag: "41d5e800-2a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 22999540
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C729YdNuwJwPLf2LBCliKA3X9XX%2BiRyr3VWVM8tvj%2BrBPCveHjGEKkBTMOctP%2B4gIZiv2OGpiOxLo2eLRZ2NCrsRHT7Xrm5%2BgcF9%2FkcJYk%2F8rjOs8A%2ByF2RAng%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a12cabe8e0f41f-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/i/fa/social_bookmarking/facebook.gif
104.21.235.175200 OK 646 B URL HTTP/2 2img.net/i/fa/social_bookmarking/facebook.gif
IP 104.21.235.175:0
File type GIF image data, version 89a, 20 x 20\012- data
Hash 4bfe409ecaaad3cb02b70487d0ea4ca2
de6791b9910220fe46ca2222b5a863593e93c0a2
5206296d25769debb150836abafd9a12316ccd64492e1ea77c583c2e83a8bf62
GET /i/fa/social_bookmarking/facebook.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hankalis.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 13:19:26 GMT
content-type: image/gif
content-length: 646
last-modified: Wed, 04 Jan 2017 15:17:32 GMT
etag: "586d120c-286"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 461704
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vVKeB5%2FFRTwzpC%2FY9uuWGe3S8C1CQuQqQbltgmWbejsPKtdiG3tZ6QWrM2Bo6vNyoDnCF56EVNlfZ6tjmZqQ9atbE7AK28MoWzo2kzC4pQ7BjbFXhlbmp%2FJgIA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a12cabe8e3f41f-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/i/empty.gif
104.21.235.175200 OK 43 B IP 104.21.235.175:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6d22e4f2d2057c6e8d6fab098e76e80f
b80b11203d97fe01c5597ca3be70406ea48f5709
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
GET /i/empty.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hankalis.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 13:19:26 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 09 May 2016 08:45:50 GMT
etag: "57304e3e-2b"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 18212540
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7UnFKpr76XpqloCKC06Cd%2Fa6bElD%2FcHPZN%2FxUjW0cAH4vHGOJdKLeNkcDL1qe9yYccAG3cp1gOCytz3BV7x%2BUx2UMTP%2FNQgiKckZQeXTO9dbxKJMuWdEYF7AbA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a12cabe8e5f41f-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/i/fa/social_bookmarking/twitter.gif
104.21.235.175200 OK 320 B URL HTTP/2 2img.net/i/fa/social_bookmarking/twitter.gif
IP 104.21.235.175:0
File type GIF image data, version 87a, 20 x 20\012- data
Hash 457c962ece1f695babb2396467a867b8
ec1f8dffe0d7ba0b3d2a2e28197671210e3e3805
ae4c58f2b81dd297cc04fd383ba07204d85a06617757a3bb3284a58831e64d81
GET /i/fa/social_bookmarking/twitter.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hankalis.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 13:19:26 GMT
content-type: image/gif
content-length: 320
access-control-allow-origin: *
cache-control: max-age=315360000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=328
etag: "586d11c6-148"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Wed, 04 Jan 2017 15:16:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 22999157
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q4oHu%2BIrVpOLeERl%2FblP9DO50BzIElvKzbb0CatbSHxUwFDYZD8F7EMdDlzGdzUt6gaWGv5JhqCI0YUUnbW4QSvN1Q0iGKIoUQ7MP3jRIMqY4w0FMPYXErRb9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a12cabe8e4f41f-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/i/fa/social_bookmarking/google.gif
104.21.235.175200 OK 648 B URL HTTP/2 2img.net/i/fa/social_bookmarking/google.gif
IP 104.21.235.175:0
File type GIF image data, version 89a, 20 x 20\012- data
Hash c34d675ecaa8dce2eaf17c9d253afef0
84b3322bd0357a66f92ffa06cc74de7bde493542
a552ed3ef01e39ad4e519b609c8c0d9edb73ab99d4118999d29e0aceb1b36d04
GET /i/fa/social_bookmarking/google.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hankalis.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 13:19:26 GMT
content-type: image/gif
content-length: 648
access-control-allow-origin: *
cache-control: max-age=315360000
cf-bgj: imgq:100,h2pri
cf-polished: status=not_needed
etag: "586d11ee-288"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Wed, 04 Jan 2017 15:17:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 22999157
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b4H29ps%2Be4IFmOTzM0EiUd53ekzLc3M6CzdtWlJsO28CpRilxmq%2FfkHuByhBmZ1QrjXVxmGAnHVofS%2B%2F0nRnz8kI9ELJDjjWcnuPqtjDTchvX7OwvbroB%2BfDwA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a12cabe8e2f41f-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/s/t/14/17/31/i_icon_mini_register.gif
104.21.235.175200 OK 5.8 kB URL HTTP/2 2img.net/s/t/14/17/31/i_icon_mini_register.gif
IP 104.21.235.175:0
File type GIF image data, version 89a, 120 x 46\012- data
Hash 06f7236d67a2b97681a44c19af0fb0bd
a9cea4462ef2904f7f65668a819589cec4713090
d2df08b7259b65611b5052dea2c6564efef4c38d0a8b2697d53f8932e2e35303
GET /s/t/14/17/31/i_icon_mini_register.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hankalis.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 13:19:26 GMT
content-type: image/gif
content-length: 5767
last-modified: Sun, 02 Aug 2009 11:04:10 GMT
etag: "4a7572aa-1687"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 78002
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m3FlgNr1vPef5pwjjcHCVWCc3u9QCS4gd%2BzNgdH1hUjAjMiRAAticmDooID9S3Q3Q5moKs0naIF2vqXgWZ2V6EPTtXjyCj%2B%2Be2M5z%2FjUNF0rXuznXJ1fUBYlxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a12cabe8eff41f-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/s/t/14/17/31/i_icon_mini_login.gif
104.21.235.175200 OK 4.1 kB URL HTTP/2 2img.net/s/t/14/17/31/i_icon_mini_login.gif
IP 104.21.235.175:0
File type GIF image data, version 89a, 120 x 46\012- data
Hash 790f3e0aaaa9726bfb70188e6b217df4
a2db5276540319da238c20963de4ec0305f67300
1ae562d173884aea0f951748d5fbd4a02708f5f8809d9256f20a65e9809ed45c
GET /s/t/14/17/31/i_icon_mini_login.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hankalis.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 13:19:26 GMT
content-type: image/gif
content-length: 4057
last-modified: Sun, 02 Aug 2009 11:04:12 GMT
etag: "4a7572ac-fd9"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 78002
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vGBVRm%2BhX%2BjUn2I4VhxmIxjFKekMKXWi6z0RAQIfRdmcKNGWOYMRpZgC%2BETQ7%2BO6G42Q0IdRRnlx8CD%2BpVYVUbE2bBvPeGWFiVu%2BZuUs%2BUYAAR399INSg%2BsAOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a12cabe8eaf41f-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/s/t/14/17/31/i_icon_mini_index.gif
104.21.235.175200 OK 4.1 kB URL HTTP/2 2img.net/s/t/14/17/31/i_icon_mini_index.gif
IP 104.21.235.175:0
File type GIF image data, version 89a, 120 x 46\012- data
Hash e429e6bf5df8df263426a860b077cd96
dd133ef38700d05565059bc3edcc43bebfed2c26
b2812b5990815f569a3356ac7f310a34fde780d5a020fc4e2621df16ee979d5b
GET /s/t/14/17/31/i_icon_mini_index.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hankalis.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 13:19:26 GMT
content-type: image/gif
content-length: 4071
last-modified: Sun, 02 Aug 2009 11:04:13 GMT
etag: "4a7572ad-fe7"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 78002
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2D%2B8I%2B6y6NK%2ByaV0%2BCITx1bfPQvU%2FJbHrH7zIiiv6G4mzNGmF0JcjKBru8tjl1XNj6BoEbM1%2FL2Y4wRYJow%2B5fsqHgHbyHRpRDJQrtrNqS4Ff%2Bvp006dcB6yRw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a12cabe8f3f41f-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/i/fa/icon_mini_search.gif
104.21.235.175200 OK 238 B URL HTTP/2 2img.net/i/fa/icon_mini_search.gif
IP 104.21.235.175:0
File type GIF image data, version 89a, 12 x 13\012- data
Hash 69ac99a266d5032986805506ed750bdd
a800b0f6f44e80d71f75808bd4324f866e6c54b1
605183a8594eb65a3db95a7735ad7adac28b7b9814a70334837fe630bdd8d5f4
GET /i/fa/icon_mini_search.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hankalis.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 13:19:26 GMT
content-type: image/gif
content-length: 238
access-control-allow-origin: *
cache-control: max-age=315360000
cf-bgj: imgq:100,h2pri
cf-polished: status=not_needed
etag: "41d5e800-ee"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 22999529
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HuZ9FCbez7VS3T92Mb%2Bu1LvN6DzNc9kGumJQtvnNvsmIQXB8eM6HwNIy9NYWlf3Ly9ZDaLcYzVRA4BaK5iVirRoMrQW9%2FsJRn8Zu%2FQuz2oOuSrppUGVoiwTqgw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a12cabf902f41f-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2img.net/i/fa/social_bookmarking/reddit.gif
104.21.235.175200 OK 709 B URL HTTP/2 2img.net/i/fa/social_bookmarking/reddit.gif
IP 104.21.235.175:0
File type GIF image data, version 87a, 20 x 20\012- data
Hash c1b9848ea0cc84864af10018faf6a90f
cebfae20396d702980a5f84e087111b1648eba96
757147a3a5ed4153cbf8a82d1e985772c7948a85992ba4266f5cb91112e704e2
GET /i/fa/social_bookmarking/reddit.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hankalis.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 13:19:26 GMT
content-type: image/gif
content-length: 709
access-control-allow-origin: *
cache-control: max-age=315360000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=717
etag: "586d12d4-2cd"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Wed, 04 Jan 2017 15:20:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 22999157
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z3pwirl1Wrs3OiHezu4GuXPVdhnVtFRiXo%2F9S%2FQxt6zKSR65PSKwAVb%2FaXI8P1%2FSnRscMXWxP%2BbFaKAuuh1nsXm%2FRG04rvKxcd4B%2FedqWsH%2BFoG%2FFIId1EL5QQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a12cabe8f1f41f-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
hankalis.hooxs.com/0-rtl.css
178.33.43.178200 OK 55 kB URL HTTP/2 hankalis.hooxs.com/0-rtl.css
IP 178.33.43.178:0
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash 313c0d3f5c3c17fc4e18cff079be85cd
c6b15cd8175d00ac7fca38d8b986f6bd24703a2e
7798b30191c79275b6ad024f165110e16cd7a8be792d1b295bdca33fdb3761b0
GET /0-rtl.css HTTP/1.1
Host: hankalis.hooxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hankalis.hooxs.com/t22-topic
Cookie: exadd=166308
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 13:19:26 GMT
content-type: text/css
content-length: 54697
last-modified: Tue, 13 Sep 2022 00:00:00 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: gzip
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-cache-ma: MISS
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=
142.250.74.72200 OK 36 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=
IP 142.250.74.72:0
File type ASCII text, with very long lines (1615)
Hash 1f6cddec8ee3e23dc8567266f84a27e5
6ea626e8922b83a75d85c9104f6034dc2485ba8e
befe75e7bf8ee2b08a289cfca0e990b819a4ecd12c13240d6cc5802483e83537
GET /gtag/js?id= HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hankalis.hooxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 13 Sep 2022 13:19:26 GMT
expires: Tue, 13 Sep 2022 13:19:26 GMT
cache-control: private, max-age=900
last-modified: Tue, 13 Sep 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 35741
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.35.74.102101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.35.74.102:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: QQJkZauB9ATyy7U4Om1PQA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: XC7nP4S5vGcUlbGpOZ8hDCyoOtA=
i.servimg.com/u/f88/11/88/59/12/2iscw010.png
172.67.178.62200 OK 3.6 kB URL HTTP/2 i.servimg.com/u/f88/11/88/59/12/2iscw010.png
IP 172.67.178.62:0
File type PNG image data, 39 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 9717307b51b288e56cf2f9c879a8a727
8c2cf2e0c1ec40854f1abe1bdeb640796a20c1ef
8d5562b2c5e650c089557ae91afb70020940728c512d82312326e81a35b36d37
GET /u/f88/11/88/59/12/2iscw010.png HTTP/1.1
Host: i.servimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hankalis.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 13:19:26 GMT
content-type: image/png
content-length: 3617
last-modified: Wed, 14 Oct 2009 06:38:10 GMT
etag: "4ad571d2-e21"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Tue, 25 Apr 2023 08:18:01 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 794110
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=huE6t3xpQUVMYHhRb7Q2h9FqKRTDMScsfXvT29BcAcDq7fufGqj0myk82cP0IqMkss1hdsQEhq6RIW4FkQ%2FxFjkJgF2Pg%2FHecpqxcn1dTGAybdhAKPasDsxGNn8WPnf4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74a12cacce05b51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 98099384611ff7cd747c74be9399161e
c94bc0dead7f9cdfca370ef799fd15bc9058864e
44a2971b1d44f38bb097c6dc3ad8858adc84b90f5c806a291e9fd8b718974bbb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "44A2971B1D44F38BB097C6DC3AD8858ADC84B90F5C806A291E9FD8B718974BBB"
Last-Modified: Mon, 12 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9509
Expires: Tue, 13 Sep 2022 15:57:55 GMT
Date: Tue, 13 Sep 2022 13:19:26 GMT
Connection: keep-alive
hankalis.hooxs.com/serviceworker.js
178.33.43.178200 OK 1.9 kB URL HTTP/2 hankalis.hooxs.com/serviceworker.js
IP 178.33.43.178:0
Hash 572d64c36a5bca0bf65999cafedb6fd9
9096ff2a4759bd91f48eb1716a46de0834754327
3ec39417e7c2c59df7acfbc7aaa7f19f4130581ace5f3541773680547fde7de8
GET /serviceworker.js HTTP/1.1
Host: hankalis.hooxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: exadd=166308; _fa-screen=%7B%22w%22%3A1280%2C%22h%22%3A939%7D
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 13:19:26 GMT
content-type: application/javascript
last-modified: Thu, 25 Feb 2021 14:30:57 GMT
etag: W/"6037b4a1-b0d"
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash 442bd86ca09b465e27b0b763cab6a3b3
c74cd67e22fe3168a9d0bdc3a612e74a2013b61c
de49f0bb7a195c97488fbbdd590c5d29b17a4214cd2049a17f0bbefc3e8f6993
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1726
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 13:19:26 GMT
Last-Modified: Tue, 13 Sep 2022 12:50:40 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 312
stootsou.net/zone?pub=0&zone_id=2308013&is_mobile=false&domain=hankalis.hooxs.com&var=&ymid=&var_3=
139.45.197.250200 OK 758 B URL HTTP/2 stootsou.net/zone?pub=0&zone_id=2308013&is_mobile=false&domain=hankalis.hooxs.com&var=&ymid=&var_3=
IP 139.45.197.250:0
File type JSON data\012- , ASCII text, with very long lines (757)
Hash bffa2e10b7ee309c04a813bf3aae1d6e
3294bad6325de366353a840aaef25b48d02fee1b
8fd53662d73a7e91efacc28614fff4ba682628baffa5ff996887befcff7967e5
GET /zone?pub=0&zone_id=2308013&is_mobile=false&domain=hankalis.hooxs.com&var=&ymid=&var_3= HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hankalis.hooxs.com/
Origin: https://hankalis.hooxs.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 13:19:26 GMT
content-type: application/json; charset=utf-8
content-length: 758
x-trace-id: bead890345625d4ed0596b42c85fdf42
access-control-allow-origin: https://hankalis.hooxs.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash 480c50aabc86302c3247c26abdc7a085
3735851c0bfd28883d78eaebc6bdcd565480692a
bdd10094940857fad33f564258757e14bed2e3b9f79fe554b5524b63d6b30f92
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1454
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 13:19:26 GMT
Last-Modified: Tue, 13 Sep 2022 12:55:12 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 312
dnacdn.net/dna
178.250.0.157200 OK 0 B IP 178.250.0.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 13:19:26 GMT
server: Kestrel
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=6ygWzF80M0RITmhlJTJCZkMwOUJGQlhaMUN2czE2SCUyQjZYTmEzT0dGJTJCV2pEZGhzcDdTbVhPcmJhc3h6cHBjUnFYcGEwc2F3; expires=Sun, 08 Oct 2023 13:19:26 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 244341
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 520d90c206fadd3e1f1af26d8db9ca55
5c33b48f47c50a3ba853040068c7136366cac625
7fc229c20d75999af5b6f2ea6afed76ff29d733b743ef5a3dc5cc28a352d4c57
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6412
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 13:19:26 GMT
Last-Modified: Tue, 13 Sep 2022 11:32:34 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 313
cdn.viglink.com/api/vglnk.js
104.16.163.13200 OK 29 kB URL HTTP/2 cdn.viglink.com/api/vglnk.js
IP 104.16.163.13:0
File type ASCII text, with very long lines (693)
Hash 072eaf64a771815874455704fca9301b
6c6226d00f14bb800cd4390b3cd42df941be43b1
bb35c8c300bd1acfe7ed86eb988f74ff2e8d86a4fb0409c5d78a890f9fd14b8e
GET /api/vglnk.js HTTP/1.1
Host: cdn.viglink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hankalis.hooxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 13:19:26 GMT
content-type: text/javascript
content-length: 28567
x-amz-id-2: OeTetEsBasSxUsBOFuNvzYCJWwDeidt7U9Wf3wCp5zeJCK2HhBObfGX+N/Ko8tx+E9Zgff6jUt0=
x-amz-request-id: S1072JJNTPDX98ZC
last-modified: Wed, 02 Dec 2020 18:57:12 GMT
etag: "072eaf64a771815874455704fca9301b"
cache-control: public, max-age=604800
content-encoding: gzip
cf-cache-status: HIT
age: 1258168
expires: Tue, 20 Sep 2022 13:19:26 GMT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a12caf0c58b512-OSL
X-Firefox-Spdy: h2
stootsou.net/pfe/current/tag.min.js?z=2308013
139.45.197.250200 OK 31 kB URL HTTP/2 stootsou.net/pfe/current/tag.min.js?z=2308013
IP 139.45.197.250:0
File type C source, Unicode text, UTF-8 text, with very long lines (50593)
Hash 374e5da9ed5bcc93367b73ff1706db4b
166d9801c502934a89f96adeabcc46e1a167803d
ceee263b3d08d04d454eb4038ff2b7797300dd54c14e962fd83159beb3574c82
GET /pfe/current/tag.min.js?z=2308013 HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hankalis.hooxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 13:19:26 GMT
content-type: application/javascript
last-modified: Tue, 13 Sep 2022 08:49:51 GMT
etag: W/"6320442f-3a38"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 520d90c206fadd3e1f1af26d8db9ca55
5c33b48f47c50a3ba853040068c7136366cac625
7fc229c20d75999af5b6f2ea6afed76ff29d733b743ef5a3dc5cc28a352d4c57
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6412
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 13:19:26 GMT
Last-Modified: Tue, 13 Sep 2022 11:32:34 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 313
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hankalis.hooxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Tue, 13 Sep 2022 12:41:12 GMT
expires: Tue, 13 Sep 2022 14:41:12 GMT
cache-control: public, max-age=7200
age: 2294
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/impl.20220912-34-RELEASE.js
151.101.85.44200 OK 144 kB URL HTTP/2 cdn.taboola.com/libtrc/impl.20220912-34-RELEASE.js
IP 151.101.85.44:0
File type ASCII text, with very long lines (65508)
Size 144 kB (144475 bytes)
Hash 77190bda3d8952e43fa38db7fd437d77
fbd5e4d455ab96db60eafc9998ec0f0e5f16a058
80b99820241c1e22d1051e3f6a495d2c51a78757ab569dbe6457d3699edc9bcc
GET /libtrc/impl.20220912-34-RELEASE.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hankalis.hooxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: mkvhS5oK/myeqITERsnPqg4yRDloIp4+jbMzHgOiSCwm0vK6a98brYUVCuuH4VIvjVaa6CnD4dk=
x-amz-request-id: WPZXV5MCEJATS1Q8
last-modified: Mon, 12 Sep 2022 15:39:26 GMT
etag: "77190bda3d8952e43fa38db7fd437d77"
content-encoding: br
x-amz-version-id: eEyRu5k_S_UQhJLppRJ6VcQPBuzKpXDZ
content-type: application/javascript
accept-ranges: bytes
date: Tue, 13 Sep 2022 13:19:26 GMT
via: 1.1 varnish
age: 20391
x-served-by: cache-bma1636-BMA
x-cache: HIT
x-cache-hits: 12297
x-timer: S1663075167.667240,VS0,VE0
cache-control: private,max-age=31536000
vary: Accept-Encoding
abp: 70
server: AmazonS3-br
content-length: 144475
X-Firefox-Spdy: h2
bidder.criteo.com/cdb?ptv=129&profileId=206&cb=56969820290
178.250.0.165204 No Content 0 B URL HTTP/2 bidder.criteo.com/cdb?ptv=129&profileId=206&cb=56969820290
IP 178.250.0.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdb?ptv=129&profileId=206&cb=56969820290 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 566
Origin: https://hankalis.hooxs.com
Connection: keep-alive
Referer: https://hankalis.hooxs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Tue, 13 Sep 2022 13:19:26 GMT
vary: Origin
server: Finatra
timing-allow-origin: *
access-control-allow-origin: https://hankalis.hooxs.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash f939052abfc5d0575ca6d6d8a420f321
654cb5514a5434e9cb036095c44d84e2d760ddaa
b0103ed4b8d17a270028295dc9d37c451b9246de80042f07b3ac4c1ef868146f
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 13 Sep 2022 13:19:26 GMT
Last-Modified: Tue, 13 Sep 2022 12:42:46 GMT
Server: ECS (nyb/1D0C)
X-Cache: Miss from cloudfront
Via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 66Vnm4-N2kY1kmDbdRB7dKk0hAyndfsrvOvi_LlQyNafKE7a2yBRMQ==
Age: 2201
api.viglink.com/api/ping
52.18.219.67200 OK 259 B IP 52.18.219.67:0
File type ASCII text, with no line terminators
Hash 05b3ce8f8c703d0bc3e4c6572fc7fc5d
dfb21c3434f46ba49e556dcc573ab2e8967dcec7
ccc11305105a53553d13ff5146db96e8f07369b840252f64764949221b628401
POST /api/ping HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 136
Origin: https://hankalis.hooxs.com
Connection: keep-alive
Referer: https://hankalis.hooxs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://hankalis.hooxs.com
Cache-Control: no-cache, no-store
Content-Type: text/javascript;charset=UTF-8
Date: Tue, 13 Sep 2022 13:19:26 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 259
Connection: keep-alive
illiweb.com/rs3/63/frm/jquery/ticker/ticker.css
172.67.150.97200 OK 133 B URL HTTP/2 illiweb.com/rs3/63/frm/jquery/ticker/ticker.css
IP 172.67.150.97:0
File type ASCII text, with very long lines (388), with no line terminators
Hash 8655d47b81f8f005500798ac1e992bf5
d9230147783eac5b232fd098dda0e2dff57734d6
ae6d8d469352ebe335b13bff7203e3c045cd2e960e787267e5ee0c352c1952cb
GET /rs3/63/frm/jquery/ticker/ticker.css HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hankalis.hooxs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 13:19:25 GMT
content-type: text/css;charset=UTF-8
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=390
access-control-allow-origin: *
expires: Fri, 08 Sep 2023 08:06:59 GMT
last-modified: Tue, 27 Aug 2019 14:00:13 GMT
vary: Accept-Encoding
x-cache-ne: EXPIRED
x-cache-pr: EXPIRED
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 450746
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q1HuTTyBfmyiJvBpsG9QjPVpkHLKDXsjVeclwAVOUBOSDCfo7PM6uGdE9cqfJxEf8NkJ5BWK6VaCa4VyaJt%2BVPei83xH%2BAi66uBpYSYuF8c2%2FEloCsNzpoRhWBdQwA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74a12caa8b0db529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.criteo.net/images/pixel.gif?ch=1
178.250.2.130200 OK 43 B URL HTTP/2 static.criteo.net/images/pixel.gif?ch=1
IP 178.250.2.130:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /images/pixel.gif?ch=1 HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hankalis.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 13:19:26 GMT
content-type: image/gif
content-length: 43
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
etag: "493ea254-2b"
expires: Fri, 08 Sep 2023 13:19:26 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/images/pixel.gif?ch=2
178.250.2.130200 OK 43 B URL HTTP/2 static.criteo.net/images/pixel.gif?ch=2
IP 178.250.2.130:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /images/pixel.gif?ch=2 HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hankalis.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 13:19:26 GMT
content-type: image/gif
content-length: 43
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
etag: "493ea254-2b"
expires: Fri, 08 Sep 2023 13:19:26 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
api.viglink.com/api/sync.js?key=74bad24252620514d1244cfba01f2ee2
52.18.219.67200 OK 43 B URL HTTP/1.1 api.viglink.com/api/sync.js?key=74bad24252620514d1244cfba01f2ee2
IP 52.18.219.67:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /api/sync.js?key=74bad24252620514d1244cfba01f2ee2 HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hankalis.hooxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Content-Type: image/gif;charset=UTF-8
Date: Tue, 13 Sep 2022 13:19:26 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 43
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 7c85e22b75dd559a6c65736bae63c5bd
eb57470991666108a01b8ee0adf707e1c1dc8642
bd05cc5dfc5ddd554cc9ac5395035ce302b0b74343d199a64b2dbdcac0070944
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 13:19:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
api.viglink.com/api/domains
52.18.219.67200 OK 41 B URL HTTP/1.1 api.viglink.com/api/domains
IP 52.18.219.67:0
File type ASCII text, with no line terminators
Hash 3fe14ea17ccc1d2ab0c37a769535dd29
7bdd1949d5c5da054f63551f4fe278aeb995ea79
448a3965b0e36856fad85864e129e2e6421048203115d2014c45c02f934fd9c2
POST /api/domains HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 290
Origin: https://hankalis.hooxs.com
Connection: keep-alive
Referer: https://hankalis.hooxs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://hankalis.hooxs.com
Cache-Control: no-cache, no-store
Content-Type: text/javascript;charset=UTF-8
Date: Tue, 13 Sep 2022 13:19:26 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 41
Connection: keep-alive
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-144347007-1&cid=89318314.1663075154&jid=1153227564&gjid=1169008047&_gid=89674536.1663075154&_u=YEBAAUAAAAAAAC~&z=1996938719
142.251.1.156200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-144347007-1&cid=89318314.1663075154&jid=1153227564&gjid=1169008047&_gid=89674536.1663075154&_u=YEBAAUAAAAAAAC~&z=1996938719
IP 142.251.1.156:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-144347007-1&cid=89318314.1663075154&jid=1153227564&gjid=1169008047&_gid=89674536.1663075154&_u=YEBAAUAAAAAAAC~&z=1996938719 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://hankalis.hooxs.com
Connection: keep-alive
Referer: https://hankalis.hooxs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://hankalis.hooxs.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 13 Sep 2022 13:19:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
hankalis.hooxs.com/?utm_source=pwa
178.33.43.178200 OK 18 kB URL HTTP/2 hankalis.hooxs.com/?utm_source=pwa
IP 178.33.43.178:0
Hash 2bcb7d46928c633da77d1910ffd677fb
db6940ee1afb80ba585eaeef8708ea680641432e
7b20a1b2662c796a75c7abf10917a5e327f2ad71036716ab92559d1dc7ab2d65
GET /?utm_source=pwa HTTP/1.1
Host: hankalis.hooxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hankalis.hooxs.com/serviceworker.js
Connection: keep-alive
Cookie: exadd=166308; _fa-screen=%7B%22w%22%3A1280%2C%22h%22%3A939%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 13:19:26 GMT
content-type: text/html; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache, no-store
pragma: no-cache
expires: Tue, 13 Sep 2022 00:00:00 GMT
last-modified: Tue, 13 Sep 2022 13:19:26 GMT
vary: User-Agent
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
api.viglink.com/api/sync.gif?key=74bad24252620514d1244cfba01f2ee2
52.18.219.67200 OK 43 B URL HTTP/1.1 api.viglink.com/api/sync.gif?key=74bad24252620514d1244cfba01f2ee2
IP 52.18.219.67:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /api/sync.gif?key=74bad24252620514d1244cfba01f2ee2 HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hankalis.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Content-Type: image/gif;charset=UTF-8
Date: Tue, 13 Sep 2022 13:19:26 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 43
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 9c2c3de209670bcfeb47044ce674ec4c
cb3ea0c2de714dea8be56f6c08c39c05034cc19a
90edc1f1ba1eb10ba44088b3a00a1db1728ed846f9716d434896f29b4a351cd9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "90EDC1F1BA1EB10BA44088B3A00A1DB1728ED846F9716D434896F29B4A351CD9"
Last-Modified: Mon, 12 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9518
Expires: Tue, 13 Sep 2022 15:58:05 GMT
Date: Tue, 13 Sep 2022 13:19:27 GMT
Connection: keep-alive
ag.gbc.criteo.com/newidsd
185.235.84.161200 OK 39 B URL HTTP/2 ag.gbc.criteo.com/newidsd
IP 185.235.84.161:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 87ac4318663645a03828f78ee202b522
cc1dd85d896ea171ccf5774c343dd18ef998123a
df99bfebd234a84657124ed11c46792cb12b72cf1eb5cba445e3fe4a595993c0
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 13:19:26 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 122154
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
hankalis.hooxs.com/images/icons-180.png
178.33.43.178200 OK 0 B URL HTTP/2 hankalis.hooxs.com/images/icons-180.png
IP 178.33.43.178:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/icons-180.png HTTP/1.1
Host: hankalis.hooxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hankalis.hooxs.com/t22-topic
Cookie: exadd=166308; _fa-screen=%7B%22w%22%3A1280%2C%22h%22%3A939%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 13:19:26 GMT
content-type: image/png
content-length: 40144
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Tue, 13 Sep 2022 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
x-cache-ic: HIT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4fd53df42280409cd83e9f2cbd753bb6
c7879abb078bdc6dfd363f72509d1f36e5a8a622
c6eecc725ec5cf4376f99fafaf029eaa6f207dceefb09c09f1e8aaaa1fa1b5f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 13:19:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 7faa6a78f896de4528c8cc9ed35bfa11
199ad87495595163d7d16b1eddb9506c8ddb4918
7effc4afbb7417799d0ecbb32fce2a94cba732e488fd4ce81ba5a77f4d7c13ca
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 13:19:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stootsou.net/custom
139.45.197.250200 OK 0 B IP 139.45.197.250:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://hankalis.hooxs.com/
Origin: https://hankalis.hooxs.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 13:19:27 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://hankalis.hooxs.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
stootsou.net/pfe/current/universal.min.js?v=3.1.393
139.45.197.250200 OK 48 kB URL HTTP/2 stootsou.net/pfe/current/universal.min.js?v=3.1.393
IP 139.45.197.250:0
Hash 86f9dabcd62220139887003c95153306
ec4e9da370b31bb6dea6977c698605e0cc517926
9e5c6ceb0ed137c4fa2a4a2490d74e2fa6e895b6638faaa8d0085a514567a25a
GET /pfe/current/universal.min.js?v=3.1.393 HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hankalis.hooxs.com/
Origin: https://hankalis.hooxs.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 13:19:26 GMT
content-type: application/javascript
last-modified: Tue, 13 Sep 2022 08:49:51 GMT
etag: W/"6320442f-204ff"
access-control-allow-origin: https://hankalis.hooxs.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
stootsou.net/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hankalis.hooxs.com/
Content-Type: application/json
Origin: https://hankalis.hooxs.com
Content-Length: 382
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 13:19:27 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: c16492cca820a60e861c919fac14a40e
access-control-allow-origin: https://hankalis.hooxs.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-144347007-1&cid=89318314.1663075154&jid=1153227564&_u=YEBAAUAAAAAAAC~&z=156147865
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-144347007-1&cid=89318314.1663075154&jid=1153227564&_u=YEBAAUAAAAAAAC~&z=156147865
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-144347007-1&cid=89318314.1663075154&jid=1153227564&_u=YEBAAUAAAAAAAC~&z=156147865 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hankalis.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 13 Sep 2022 13:19:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stootsou.net/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hankalis.hooxs.com/
Content-Type: application/json
Origin: https://hankalis.hooxs.com
Content-Length: 746
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 13:19:27 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 0b1d7bc6a0f942f09199da365d86239a
access-control-allow-origin: https://hankalis.hooxs.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
stootsou.net/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hankalis.hooxs.com/
Content-Type: application/json
Origin: https://hankalis.hooxs.com
Content-Length: 459
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 13:19:27 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: c4d2ae1acc7c79a65f9636de9300891b
access-control-allow-origin: https://hankalis.hooxs.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13305
Expires: Tue, 13 Sep 2022 17:01:12 GMT
Date: Tue, 13 Sep 2022 13:19:27 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4fd53df42280409cd83e9f2cbd753bb6
c7879abb078bdc6dfd363f72509d1f36e5a8a622
c6eecc725ec5cf4376f99fafaf029eaa6f207dceefb09c09f1e8aaaa1fa1b5f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 13:19:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ad439cab56126bcc402ee9f92365a209
a4b48a9a733c53cbc7020e190b8c787e1f80f55a
d0e2e52b66a8dec8c57092ec332f452a7348941d778d7b4686ca32696aabd065
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 13:19:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefa6ec5a-4e0b-4c94-b9da-4836fbaa107b.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefa6ec5a-4e0b-4c94-b9da-4836fbaa107b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e407da4d97d497925b1ab523fd416787
166741631fb93d109b18dde6d316b3fa3276aa8f
707460c02438da6114e35e0b6569d42c0f3fb747f8cb51002f4d52bedbcffa61
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefa6ec5a-4e0b-4c94-b9da-4836fbaa107b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8485
x-amzn-requestid: a56c9282-2786-4ae7-9fc2-0468bcc820a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YQ1k_FM1oAMFZ2Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d02ec-753cc4f121c9b77d22bb82b5;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 21:34:36 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 2jR7F56GE_qqbRBWjNDiDBgWbCYv-Ac6kvC1LI0HciQkKGTeNDYlyw==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 22:16:59 GMT
age: 54148
etag: "166741631fb93d109b18dde6d316b3fa3276aa8f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=rtus&domain=hooxs.com&sn=FirefoxSyncframe&so=3&topUrl=hankalis.hooxs.com&bundle=dtv_El9kSWJSNUk4MFVNY0wlMkJNdDRFMUlBYWZUd3dPd0l3YnlOMzdIeUxEdEFGVnZJT2xwSzdrSEh2YyUyRk1ja0NDJTJCYkVwYyUyRnJnJTJCZERQeW8xWEolMkI5Q0dHSHRYUlVDclRPZnZmN2VmMVpRNmUwWHdZdElCbE52aEJrVjMlMkZqSjl4JTJCMWdsVGFVMnZSdkJ2ckNQUk1ESXRWNkNTSzdnJTNEJTNE&info=EWCg7180M0RITmhlJTJCZkMwOUJGQlhaMUN2czE2SCUyQjZYTmEzT0dGJTJCV2pEZGhzcDdTaE5BN2hCUFRpQmJLTmw4TWE4UGF3&idsd=1523518926,53564847&cw=1&rtusCallerId=72&lsw=1
178.250.2.146200 OK 8.0 kB URL HTTP/2 gum.criteo.com/sid/json?origin=rtus&domain=hooxs.com&sn=FirefoxSyncframe&so=3&topUrl=hankalis.hooxs.com&bundle=dtv_El9kSWJSNUk4MFVNY0wlMkJNdDRFMUlBYWZUd3dPd0l3YnlOMzdIeUxEdEFGVnZJT2xwSzdrSEh2YyUyRk1ja0NDJTJCYkVwYyUyRnJnJTJCZERQeW8xWEolMkI5Q0dHSHRYUlVDclRPZnZmN2VmMVpRNmUwWHdZdElCbE52aEJrVjMlMkZqSjl4JTJCMWdsVGFVMnZSdkJ2ckNQUk1ESXRWNkNTSzdnJTNEJTNE&info=EWCg7180M0RITmhlJTJCZkMwOUJGQlhaMUN2czE2SCUyQjZYTmEzT0dGJTJCV2pEZGhzcDdTaE5BN2hCUFRpQmJLTmw4TWE4UGF3&idsd=1523518926,53564847&cw=1&rtusCallerId=72&lsw=1
IP 178.250.2.146:0
Hash a35a0c68d0f7c0cebf5d787e83aed91b
d21b464495b08185ab2a8119b713b0820862b967
e76bed49c5aaae6fa04d40f376453658f604131615c36ef44878efecf966ab65
GET /sid/json?origin=rtus&domain=hooxs.com&sn=FirefoxSyncframe&so=3&topUrl=hankalis.hooxs.com&bundle=dtv_El9kSWJSNUk4MFVNY0wlMkJNdDRFMUlBYWZUd3dPd0l3YnlOMzdIeUxEdEFGVnZJT2xwSzdrSEh2YyUyRk1ja0NDJTJCYkVwYyUyRnJnJTJCZERQeW8xWEolMkI5Q0dHSHRYUlVDclRPZnZmN2VmMVpRNmUwWHdZdElCbE52aEJrVjMlMkZqSjl4JTJCMWdsVGFVMnZSdkJ2ckNQUk1ESXRWNkNTSzdnJTNEJTNE&info=EWCg7180M0RITmhlJTJCZkMwOUJGQlhaMUN2czE2SCUyQjZYTmEzT0dGJTJCV2pEZGhzcDdTaE5BN2hCUFRpQmJLTmw4TWE4UGF3&idsd=1523518926,53564847&cw=1&rtusCallerId=72&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?origin=rtus&topUrl=hankalis.hooxs.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 13:19:26 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 1158753
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9a2dff5-4864-4430-8c54-6b68d2bbd35a.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9a2dff5-4864-4430-8c54-6b68d2bbd35a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 838f709437b2dfbede4ee15307afe217
2ab2ee20e720b78be6deb55f967ac0d8b7dad048
a3b47ce595b475f2aab6f7378888d15ba3e98453d6c8a3d88946efc5d65eedba
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9a2dff5-4864-4430-8c54-6b68d2bbd35a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10849
x-amzn-requestid: 722d8d75-0911-4b59-af65-2b408bc09d80
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YXbx6E9-oAMFT8w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631fa672-74ea9343619d4a1865e34818;Sampled=0
x-amzn-remapped-date: Mon, 12 Sep 2022 21:36:50 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 4rpwcrZLDlgcwBtH7wpoHMOb8hhFbKbZSQpjWqUqbt_Sl4ud3dm9Vg==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:42:18 GMT
age: 56229
etag: "2ab2ee20e720b78be6deb55f967ac0d8b7dad048"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f033f00-b116-4419-9d21-3aed9c73ea2e.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f033f00-b116-4419-9d21-3aed9c73ea2e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9d97e56f75165efcc71ae54952ded405
28d47359e70789115b2954b6c94711bb783b3c8c
564eac2ae99724e5f43aa1ae0afe4dec03697f888f51774e70e1b9c273c2d9d6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f033f00-b116-4419-9d21-3aed9c73ea2e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8764
x-amzn-requestid: 48f44e2c-3d91-46cf-8701-3c5028e0a86d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YE-gLG4_oAMFn-A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63184467-46abfc77601bd90f39a2c840;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 07:12:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tE5GZDktiELwfFRC_IEAqoat6cN7vb_TA17d-zRO6saTLEGRqB94Pw==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 22:01:47 GMT
age: 55060
etag: "28d47359e70789115b2954b6c94711bb783b3c8c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2830e2cb-8887-441e-8c0c-906b8fbb2366.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2830e2cb-8887-441e-8c0c-906b8fbb2366.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c9ab2ec10c79b91d15edb1d1e3dc763c
744fee4a0baa22ba3aa352d60620a916972b47dd
f7bb66f5bb572d73f936fc74823f51ede1f2c4e309a939b39d9529ff8f757fbe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2830e2cb-8887-441e-8c0c-906b8fbb2366.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9945
x-amzn-requestid: a347749f-a63a-4533-a274-7151b9f235ff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YXcX8HAKoAMF5EQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631fa765-56cff18515b2a5b3397231df;Sampled=0
x-amzn-remapped-date: Mon, 12 Sep 2022 21:40:53 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: lZ3FmD1gM8YBgZNt97kuYSol1kj0GQqRjyLT_7715VtH9GR1WpMDxA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:42:20 GMT
age: 56227
etag: "744fee4a0baa22ba3aa352d60620a916972b47dd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81f9b0a3-fe8f-4665-9e54-9dfaf5d4876b.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81f9b0a3-fe8f-4665-9e54-9dfaf5d4876b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6174529fff57758e958da5432344962f
05ec2076b32398d60ee77fab8c14345bc7dfe647
65284a76355864efa944dff5033575013c6d74a019a7b731e0236603f2f656a7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81f9b0a3-fe8f-4665-9e54-9dfaf5d4876b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9466
x-amzn-requestid: ba3f7eac-61c9-4b5f-ae8a-b372906a25ba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YOTeoHMKoAMFr5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bff90-1e70e2c444242a2d46387986;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 03:08:00 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: -SwaUjMInlOaGpH6yK1W1a57QCQMgY-l43RdUfKVtZA1zJzMrLzC6g==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 f7283f3fe2c258cf54f8b7d3dd272e0e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 04:49:30 GMT
age: 30597
etag: "05ec2076b32398d60ee77fab8c14345bc7dfe647"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
vidstat.taboola.com/lite-unit/3.9.4/UnitWidgetItemDesktop.min.js
151.101.85.44200 OK 30 kB URL HTTP/2 vidstat.taboola.com/lite-unit/3.9.4/UnitWidgetItemDesktop.min.js
IP 151.101.85.44:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash acd5b846bccbff5b3fb40ae81644d6ed
ad0d8fca838b6a840a76c0a3078401dc80ef5590
29870a9c06501f80a3738505f6a4103b265f5ff24ed3fd4a240c5ca126a5865e
GET /lite-unit/3.9.4/UnitWidgetItemDesktop.min.js HTTP/1.1
Host: vidstat.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hankalis.hooxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 06 Sep 2022 07:06:43 GMT
etag: "3e436754c5d023c438918444df558663"
server: AmazonS3
via: 1.1 9fde400234236c10982fe8b8a3ca9eb2.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: OghW2YoLnKzIPqBPhv6IvLL3o4iyoPDiy9zleAfUr-hGF6G9n_TBoA==
cache-control: public, max-age=2592000
content-encoding: gzip
accept-ranges: bytes
date: Tue, 13 Sep 2022 13:19:27 GMT
age: 627122
x-served-by: cache-bma1636-BMA
x-cache: Hit from cloudfront, HIT
x-cache-hits: 20628
x-timer: S1663075168.502438,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
content-length: 29863
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/userx.20220912-34-RELEASE.es6.js
151.101.85.44200 OK 5.4 kB URL HTTP/2 cdn.taboola.com/libtrc/userx.20220912-34-RELEASE.es6.js
IP 151.101.85.44:0
File type ASCII text, with very long lines (17842)
Hash 47bc007a4e56707fb2f8b6afbdc4d1b3
6d54c2061025810c72566ec15ef846e4b2c2f930
bb398a1fe24a5f8e5474eb81e575ad789d16caf1cf4dc11fb6e52dd514e3bb95
GET /libtrc/userx.20220912-34-RELEASE.es6.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hankalis.hooxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: Q3CqNmfh8xry19meXLhAHWeimh7WK97vmOadnf1LHXOgJ+UrXsN41PMVtM21n0RMY/oi7snRK44=
x-amz-request-id: BDNQK6JCPQGR0J8V
x-amz-replication-status: PENDING
last-modified: Mon, 12 Sep 2022 15:56:29 GMT
etag: "56c5b3c3f2233e7732172ac8f86d97d7"
x-amz-version-id: QMBie9MlDyLXWuzuhlt9noTtlBIicMuc
content-type: application/javascript; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Tue, 13 Sep 2022 13:19:27 GMT
via: 1.1 varnish
age: 91
x-served-by: cache-bma1636-BMA
x-cache: HIT
x-cache-hits: 16
x-timer: S1663075168.503003,VS0,VE0
cache-control: private,max-age=14400
vary: Accept-Encoding
abp: 70
content-length: 5399
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8de1e77d64279f1373efad60d831f035.jpg
151.101.85.44200 OK 2.9 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8de1e77d64279f1373efad60d831f035.jpg
IP 151.101.85.44:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 996cadcdc75b6958f0352b5527f212e8
861a914206d0ce0e6c61d7f85ebf1bc8e9491228
21a571625de5823333a3c740a112ee170ff0bf67c2f52826f00bd1a52c907f62
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8de1e77d64279f1373efad60d831f035.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hankalis.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 380737019926322597158310634121596764394,296870302051874402078780526775162453794,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 380737019926322597158310634121596764394,296870302051874402078780526775162453794,29ecf9b93bbf306179626feeda1fab70
etag: "b587baca97aa4ab77410be96851db79a"
expiration: expiry-date="Fri, 02 Sep 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
last-modified: Tue, 02 Aug 2022 17:40:55 GMT
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-envoy-upstream-service-time: 146
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Tue, 13 Sep 2022 13:19:27 GMT
age: 1206625
x-served-by: cache-iad-kcgs7200035-IAD, cache-iad-kcgs7200042-IAD, cache-lga21924-LGA, cache-iad-kiad7000077-IAD, cache-bma1636-BMA
x-cache: MISS, MISS, MISS, HIT, HIT
x-cache-hits: 0, 0, 0, 1, 1
x-timer: S1663075168.504002,VS0,VE1
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8de1e77d64279f1373efad60d831f035.jpg
x-vcl-time-ms: 1
content-length: 2904
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f21/19/73/51/38/vente-10.jpg
151.101.85.44200 OK 8.1 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f21/19/73/51/38/vente-10.jpg
IP 151.101.85.44:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 679744ee01cd8f0e9d5bd3f97de9a1fd
b678d18309e35ff0e206ae0bbc0d7f57001406f4
fdf1eda67cab7bf239fe9d9d494cf0a204f403ebacc19e6828c2d20fda48175c
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f21/19/73/51/38/vente-10.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hankalis.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 352690306229506137798207407469809578240,296870302051874402078780526775162453794,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 352690306229506137798207407469809578240,296870302051874402078780526775162453794,29ecf9b93bbf306179626feeda1fab70
etag: "f48ef060a18c1a36e8e104736857c035"
last-modified: Mon, 01 Aug 2022 21:06:16 GMT
status: 200 OK
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-request-id: 8544715cb3b2ca4a05af08ddcfd6afae
x-envoy-upstream-service-time: 511
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Tue, 13 Sep 2022 13:19:27 GMT
age: 1733066
x-served-by: cache-iad-kcgs7200143-IAD, cache-iad-kcgs7200125-IAD, cache-lga21965-LGA, cache-iad-kiad7000098-IAD, cache-bma1636-BMA
x-cache: MISS, MISS, MISS, HIT, HIT
x-cache-hits: 0, 0, 0, 1, 1
x-timer: S1663075168.504016,VS0,VE1
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f21/19/73/51/38/vente-10.jpg
x-vcl-time-ms: 1
content-length: 8080
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
178.250.2.146200 OK 0 B URL HTTP/2 gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
IP 178.250.2.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /sync?c=72&r=2&j=TRC.getRTUS HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-crto-bundle
Referer: https://hankalis.hooxs.com/
Origin: https://hankalis.hooxs.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 13:19:26 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=3600
expires: 60
access-control-allow-credentials: true
access-control-allow-headers: X-CRTO-SID, X-CRTO-IDCPY, X-CRTO-OPTOUT, X-CRTO-BUNDLE
access-control-allow-origin: https://hankalis.hooxs.com
server-processing-duration-in-ticks: 247953
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f37/14/77/75/59/wqaa2110.jpg
151.101.85.44200 OK 6.1 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f37/14/77/75/59/wqaa2110.jpg
IP 151.101.85.44:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 07fd4dbe3398c304d0f35152cf746c66
76e5894d2ffd7f64e7933c0c7258c89c7bcd8b38
008e55236e660e6f20d8c00a89a5548c029adb2152183c04abc05966663c1fa2
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f37/14/77/75/59/wqaa2110.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hankalis.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 549930644253185078118877309127813515040,296870302051874402078780526775162453794,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 549930644253185078118877309127813515040,296870302051874402078780526775162453794,29ecf9b93bbf306179626feeda1fab70
etag: "6f1203c90b97dcf0b96e1e1e0f119d05"
expiration: expiry-date="Wed, 07 Sep 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
last-modified: Sun, 07 Aug 2022 11:00:58 GMT
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-envoy-upstream-service-time: 131
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Tue, 13 Sep 2022 13:19:27 GMT
age: 1381686
x-served-by: cache-iad-kjyo7100176-IAD, cache-iad-kjyo7100038-IAD, cache-lga21925-LGA, cache-iad-kjyo7100140-IAD, cache-bma1636-BMA
x-cache: HIT, MISS, MISS, MISS, HIT
x-cache-hits: 1, 0, 0, 0, 1
x-timer: S1663075168.504142,VS0,VE1
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f37/14/77/75/59/wqaa2110.jpg
x-vcl-time-ms: 1
content-length: 6080
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f24/12/74/29/60/10001010.gif
151.101.85.44200 OK 9.8 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f24/12/74/29/60/10001010.gif
IP 151.101.85.44:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 180x150, components 3\012- data
Hash 5b3d79a129ffacf6721cb7069e747bd7
bcfd894ef6a321231e5317ca3e02bc22db914b99
4f935ed45f2d8f71adceafda186beeabed8dbf55a9c0fc783cc61ed338d524fb
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f24/12/74/29/60/10001010.gif HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hankalis.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 557219819409828995174939368545043474145,296870302051874402078780526775162453794,29ecf9b93bbf306179626feeda1fab70
content-type: image/jpeg
edge-cache-tag: 557219819409828995174939368545043474145,296870302051874402078780526775162453794,29ecf9b93bbf306179626feeda1fab70
etag: "5b3d79a129ffacf6721cb7069e747bd7"
expiration: expiry-date="Fri, 22 Jul 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
last-modified: Tue, 21 Jun 2022 11:38:56 GMT
server: cloudinary
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-backend-name: CLOUDINARY:3FP7YNX3LMizprTZsG7BSW--F_addr_taboola_res_cloudinary_com
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Tue, 13 Sep 2022 13:19:27 GMT
age: 4928614
x-served-by: cache-iad-kcgs7200086-IAD, cache-iad-kjyo7100044-IAD, cache-bma1636-BMA
x-cache: HIT, HIT, HIT
x-cache-hits: 1, 1, 1
x-timer: S1663075168.504784,VS0,VE1
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f24/12/74/29/60/10001010.gif
x-vcl-time-ms: 1
content-length: 9795
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hitsk.in/t/16/28/41/i_logo.jpg
151.101.85.44200 OK 8.3 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hitsk.in/t/16/28/41/i_logo.jpg
IP 151.101.85.44:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 2a9843d93390aa2222a3666243993532
ad469cbe0b27dce72b8fabccecf58aa819c51774
d15b51246987765bd82a7781299d74a690aa337bfbb8bb9337da1b94c7f8522f
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hitsk.in/t/16/28/41/i_logo.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hankalis.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 311438301812572966555265208773229228139,296870302051874402078780526775162453794,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 311438301812572966555265208773229228139,296870302051874402078780526775162453794,29ecf9b93bbf306179626feeda1fab70
etag: "6de1f7fabb706aff72e76a36c54f6aa0"
last-modified: Mon, 15 Aug 2022 23:03:00 GMT
status: 200 OK
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-request-id: 281dffed7bb9d3cbc0528164b09e1da5
x-envoy-upstream-service-time: 1725
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Tue, 13 Sep 2022 13:19:27 GMT
age: 1388220
x-served-by: cache-iad-kiad7000139-IAD, cache-iad-kjyo7100085-IAD, cache-sna10728-LGB, cache-iad-kcgs7200078-IAD, cache-bma1636-BMA
x-cache: HIT, MISS, MISS, HIT, HIT
x-cache-hits: 1, 0, 0, 1, 1
x-timer: S1663075168.505181,VS0,VE1
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//hitsk.in/t/16/28/41/i_logo.jpg
x-vcl-time-ms: 1
content-length: 8346
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/393e363c85cdb15bf18e4122a8b7478d.jpg
151.101.85.44200 OK 15 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/393e363c85cdb15bf18e4122a8b7478d.jpg
IP 151.101.85.44:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 01b4e14a5ec25f742a5dc35cd92452e7
ae7f02434fd7853cd4866e28e3e4c46610b8c586
7117d47b570232f7c93ec7ceb015fd2ed01746d488a5e0f459efd531512e321e
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/393e363c85cdb15bf18e4122a8b7478d.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hankalis.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 600077148230725823230227551374121701013,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 600077148230725823230227551374121701013,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
etag: "eaed71ef58aa6cb8d94d2a89ff3dfe5e"
expiration: expiry-date="Thu, 14 Jul 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
last-modified: Mon, 13 Jun 2022 11:28:30 GMT
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-envoy-upstream-service-time: 21
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Tue, 13 Sep 2022 13:19:27 GMT
age: 6241273
x-served-by: cache-iad-kjyo7100098-IAD, cache-iad-kcgs7200118-IAD, cache-chi-klot8100114-CHI, cache-iad-kiad7000152-IAD, cache-bma1636-BMA
x-cache: MISS, MISS, HIT, HIT, HIT
x-cache-hits: 0, 0, 1, 1, 1
x-timer: S1663075168.503682,VS0,VE4
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/393e363c85cdb15bf18e4122a8b7478d.jpg
x-vcl-time-ms: 4
content-length: 14920
X-Firefox-Spdy: h2
bidder.criteo.com/csm/events
178.250.0.165204 No Content 0 B URL HTTP/2 bidder.criteo.com/csm/events
IP 178.250.0.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csm/events HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 371
Origin: https://hankalis.hooxs.com
Connection: keep-alive
Referer: https://hankalis.hooxs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Tue, 13 Sep 2022 13:19:26 GMT
vary: Origin
server: Finatra
timing-allow-origin: *
access-control-allow-origin: https://hankalis.hooxs.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 41f9179e59a25f47d57ee44aedba74e7
0fc36a87fcedb98f3748739cc0718470de2f59c2
b4a615e3b1606fa2e99cbfca9a7a7b93257ebcf5957c308cfbaf7f8d4f37415a
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 13:19:27 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 13 Sep 2022 01:21:26 GMT
Expires: Tue, 20 Sep 2022 01:21:25 GMT
Etag: "0fc36a87fcedb98f3748739cc0718470de2f59c2"
Cache-Control: max-age=561117,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74a12cb40e811c0e-OSL
my.rtmark.net/gid.js?userId=d1a0868febb94983984c9ea43037c997
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=d1a0868febb94983984c9ea43037c997
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash b006319fc625a405e2e18330dd5d08e3
f4a39d94dda4b61c3dba172f82c3fe2e42fc4368
272f8113fb9bca8bc16477091b120db643520ebd67a1de9f4c7ad9eef5d8bce0
GET /gid.js?userId=d1a0868febb94983984c9ea43037c997 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hankalis.hooxs.com
Connection: keep-alive
Referer: https://hankalis.hooxs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 13:19:27 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://hankalis.hooxs.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=d1a0868febb94983984c9ea43037c997; expires=Wed, 13 Sep 2023 13:19:27 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
api.viglink.com/api/domains
52.18.219.67200 OK 42 B URL HTTP/1.1 api.viglink.com/api/domains
IP 52.18.219.67:0
File type ASCII text, with no line terminators
Hash 2b301e7532ee3b34d437005daaab7305
42e6ec3942fbb96960783ae4e7c8918af5e99388
a4e7ad5330257a5129d0909a775edfbe46134e1afdc8cd1ce3f234f395300335
POST /api/domains HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 320
Origin: https://hankalis.hooxs.com
Connection: keep-alive
Referer: https://hankalis.hooxs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://hankalis.hooxs.com
Cache-Control: no-cache, no-store
Content-Type: text/javascript;charset=UTF-8
Date: Tue, 13 Sep 2022 13:19:26 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 42
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 95e70948d9a0601a3788257ee99d774a
f01bc75d67445d79e429234c5abde05f0e90d38d
927d964770f4a9093d83d36cc9458abc9fecf634524486eed964700c3c1390ba
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6550
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 13:19:27 GMT
Last-Modified: Tue, 13 Sep 2022 11:30:18 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 314
am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V7X6wCFgPZE8DyhmagkATZE8DyhmagkAUAAAAGBuIHJLLw7EajhcmtXA4XbtFw5XILR66FW7fazRbLxWqyMS2GQCILz240WpjcyuVw4RYNVy63cORauHWr3WyxXKwmG9NiChE3GQ6fg4Go6Hpb7A6n2fMGEjSdDp_rXi902L0Os9NzF_r9xs9d43f7RZfJWvQ3PD12AAAAAHj4____hwAAAACIAAAAAJAAAAAAoAio-LcQuAAAAADA-P___9cA-OQgeM_Z7w8AAAAAEAAAAAASgIHVgBKAj_OVk___________mAH6zBuZ_____xuDHoAHH4AHIQAAgIuh05nYs7NuTjuigtoiRgAAAABbWiqaR5M6obKo-v__77cCuAIACBi8CVBRztIdlHgLAwAACBhboIfF7zc77Bq_22X__________2b_Z_9oQm-j12lBLKPXar-AAABrv4AAAGzqBgDwFgAXdAGwOoXYDWeL3Wi2Gc0OAAAA4O7___9fD2RsG49z41tMZsaVY-LxLEcO52y52rgsJt_KZZh4b3FP9dD449WoL-Imw-FzMBAVXW-L3eE0e-5H0ZLlbrlbjSaL0Wi53OyGm9FgfwI5GyBFSxar5XC1myxGm8VistwNR5MJUrRktVwuV5vNarUbLWaDzXK42SBFq1az0WYwXM0ms91uNRwMl6MRUrRkuVvuVqPJYjRaLje74WY0GCJMWIYbj8kzWouMG8daNNn41gqXZ-NWOIyLlWMz3I02jrXo9TE9HAvDcOTyomCAxl4kT4t0ojBtPBbHYjHzTHyDycxhMqw8vpnHODJtZs7VZDERSzQni3Qiu-w7to3HufEtJjPjyjHxeJYjh3O2XG1cFpNv5TJM_A3LcOMxeUZrkXHjWIsmG99a4fJs3AqHcbFybIa70caxFr0-podjYRiOXP7GbLYZ7FaL2WzfmM02g91qMZvtO3SG7-pzNjqD44lHpdp-vqX1zWFQuAwW7-9zkTajjZtRpQ1bLKprceeaWHXa2MnYOZgNCt_fXNqKg9vIudyXHMQGgyKWCC7Sicxveb39pqff7lZYLmKJ0nSRTvSiy2Qt-hueHotYIjhdpBPRy3i6qP_IkIu5cjAXTeaK1WiVAAAAAAAAAACWMGfeBAAAAOA0kNFgM1yt80AGy8FuuVouAISzl-6Po1tDF9o8-O4HZfx1707BYnHjxw3mt7zeftPTb3crLFcGeKAmZ978mSDWarWsAQAABLABAAACuHXzFoDNxP_____HAQAAyMjRAwAAiO8DOQEAAAAAAPAT4GizGA!&cmcv=&pix=31589837&cb=1663075154850&uv=3224&tms=1663075154850&abt=inc_all_video_vA!ll395_vB!mprdctdt6_vA!scec11_vA!smbs!spa2_vB!t45!ufm&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1663075151859!ts:1663075154850&mntl=1
141.226.228.48200 OK 0 B URL HTTP/2 am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V7X6wCFgPZE8DyhmagkATZE8DyhmagkAUAAAAGBuIHJLLw7EajhcmtXA4XbtFw5XILR66FW7fazRbLxWqyMS2GQCILz240WpjcyuVw4RYNVy63cORauHWr3WyxXKwmG9NiChE3GQ6fg4Go6Hpb7A6n2fMGEjSdDp_rXi902L0Os9NzF_r9xs9d43f7RZfJWvQ3PD12AAAAAHj4____hwAAAACIAAAAAJAAAAAAoAio-LcQuAAAAADA-P___9cA-OQgeM_Z7w8AAAAAEAAAAAASgIHVgBKAj_OVk___________mAH6zBuZ_____xuDHoAHH4AHIQAAgIuh05nYs7NuTjuigtoiRgAAAABbWiqaR5M6obKo-v__77cCuAIACBi8CVBRztIdlHgLAwAACBhboIfF7zc77Bq_22X__________2b_Z_9oQm-j12lBLKPXar-AAABrv4AAAGzqBgDwFgAXdAGwOoXYDWeL3Wi2Gc0OAAAA4O7___9fD2RsG49z41tMZsaVY-LxLEcO52y52rgsJt_KZZh4b3FP9dD449WoL-Imw-FzMBAVXW-L3eE0e-5H0ZLlbrlbjSaL0Wi53OyGm9FgfwI5GyBFSxar5XC1myxGm8VistwNR5MJUrRktVwuV5vNarUbLWaDzXK42SBFq1az0WYwXM0ms91uNRwMl6MRUrRkuVvuVqPJYjRaLje74WY0GCJMWIYbj8kzWouMG8daNNn41gqXZ-NWOIyLlWMz3I02jrXo9TE9HAvDcOTyomCAxl4kT4t0ojBtPBbHYjHzTHyDycxhMqw8vpnHODJtZs7VZDERSzQni3Qiu-w7to3HufEtJjPjyjHxeJYjh3O2XG1cFpNv5TJM_A3LcOMxeUZrkXHjWIsmG99a4fJs3AqHcbFybIa70caxFr0-podjYRiOXP7GbLYZ7FaL2WzfmM02g91qMZvtO3SG7-pzNjqD44lHpdp-vqX1zWFQuAwW7-9zkTajjZtRpQ1bLKprceeaWHXa2MnYOZgNCt_fXNqKg9vIudyXHMQGgyKWCC7Sicxveb39pqff7lZYLmKJ0nSRTvSiy2Qt-hueHotYIjhdpBPRy3i6qP_IkIu5cjAXTeaK1WiVAAAAAAAAAACWMGfeBAAAAOA0kNFgM1yt80AGy8FuuVouAISzl-6Po1tDF9o8-O4HZfx1707BYnHjxw3mt7zeftPTb3crLFcGeKAmZ978mSDWarWsAQAABLABAAACuHXzFoDNxP_____HAQAAyMjRAwAAiO8DOQEAAAAAAPAT4GizGA!&cmcv=&pix=31589837&cb=1663075154850&uv=3224&tms=1663075154850&abt=inc_all_video_vA!ll395_vB!mprdctdt6_vA!scec11_vA!smbs!spa2_vB!t45!ufm&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1663075151859!ts:1663075154850&mntl=1
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V7X6wCFgPZE8DyhmagkATZE8DyhmagkAUAAAAGBuIHJLLw7EajhcmtXA4XbtFw5XILR66FW7fazRbLxWqyMS2GQCILz240WpjcyuVw4RYNVy63cORauHWr3WyxXKwmG9NiChE3GQ6fg4Go6Hpb7A6n2fMGEjSdDp_rXi902L0Os9NzF_r9xs9d43f7RZfJWvQ3PD12AAAAAHj4____hwAAAACIAAAAAJAAAAAAoAio-LcQuAAAAADA-P___9cA-OQgeM_Z7w8AAAAAEAAAAAASgIHVgBKAj_OVk___________mAH6zBuZ_____xuDHoAHH4AHIQAAgIuh05nYs7NuTjuigtoiRgAAAABbWiqaR5M6obKo-v__77cCuAIACBi8CVBRztIdlHgLAwAACBhboIfF7zc77Bq_22X__________2b_Z_9oQm-j12lBLKPXar-AAABrv4AAAGzqBgDwFgAXdAGwOoXYDWeL3Wi2Gc0OAAAA4O7___9fD2RsG49z41tMZsaVY-LxLEcO52y52rgsJt_KZZh4b3FP9dD449WoL-Imw-FzMBAVXW-L3eE0e-5H0ZLlbrlbjSaL0Wi53OyGm9FgfwI5GyBFSxar5XC1myxGm8VistwNR5MJUrRktVwuV5vNarUbLWaDzXK42SBFq1az0WYwXM0ms91uNRwMl6MRUrRkuVvuVqPJYjRaLje74WY0GCJMWIYbj8kzWouMG8daNNn41gqXZ-NWOIyLlWMz3I02jrXo9TE9HAvDcOTyomCAxl4kT4t0ojBtPBbHYjHzTHyDycxhMqw8vpnHODJtZs7VZDERSzQni3Qiu-w7to3HufEtJjPjyjHxeJYjh3O2XG1cFpNv5TJM_A3LcOMxeUZrkXHjWIsmG99a4fJs3AqHcbFybIa70caxFr0-podjYRiOXP7GbLYZ7FaL2WzfmM02g91qMZvtO3SG7-pzNjqD44lHpdp-vqX1zWFQuAwW7-9zkTajjZtRpQ1bLKprceeaWHXa2MnYOZgNCt_fXNqKg9vIudyXHMQGgyKWCC7Sicxveb39pqff7lZYLmKJ0nSRTvSiy2Qt-hueHotYIjhdpBPRy3i6qP_IkIu5cjAXTeaK1WiVAAAAAAAAAACWMGfeBAAAAOA0kNFgM1yt80AGy8FuuVouAISzl-6Po1tDF9o8-O4HZfx1707BYnHjxw3mt7zeftPTb3crLFcGeKAmZ978mSDWarWsAQAABLABAAACuHXzFoDNxP_____HAQAAyMjRAwAAiO8DOQEAAAAAAPAT4GizGA!&cmcv=&pix=31589837&cb=1663075154850&uv=3224&tms=1663075154850&abt=inc_all_video_vA!ll395_vB!mprdctdt6_vA!scec11_vA!smbs!spa2_vB!t45!ufm&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1663075151859!ts:1663075154850&mntl=1 HTTP/1.1
Host: am-vid-events.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hankalis.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 13:19:27 GMT
content-length: 0
X-Firefox-Spdy: h2
csm.nl.eu.criteo.net/iev?entry=c~Idfs.Rtus.72.Events.StartInit~1&entry=c~Idfs.Rtus.72.Events.SyncframeDropped~1&entry=c~Idfs.Rtus.72.Origin.FromSyncframeBundle~1&entry=c~Idfs.Rtus.72.Headers.Bundle~1&entry=c~Idfs.Rtus.72.Events.InitiateFetch~1
178.250.2.150200 OK 43 B URL HTTP/2 csm.nl.eu.criteo.net/iev?entry=c~Idfs.Rtus.72.Events.StartInit~1&entry=c~Idfs.Rtus.72.Events.SyncframeDropped~1&entry=c~Idfs.Rtus.72.Origin.FromSyncframeBundle~1&entry=c~Idfs.Rtus.72.Headers.Bundle~1&entry=c~Idfs.Rtus.72.Events.InitiateFetch~1
IP 178.250.2.150:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /iev?entry=c~Idfs.Rtus.72.Events.StartInit~1&entry=c~Idfs.Rtus.72.Events.SyncframeDropped~1&entry=c~Idfs.Rtus.72.Origin.FromSyncframeBundle~1&entry=c~Idfs.Rtus.72.Headers.Bundle~1&entry=c~Idfs.Rtus.72.Events.InitiateFetch~1 HTTP/1.1
Host: csm.nl.eu.criteo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hankalis.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 13:19:27 GMT
pragma: no-cache
server: Finatra
expires: 0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 43
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
vidstat.taboola.com/vpaid/units/32_2_4/assets/css/cmOsUnit.css
151.101.85.44200 OK 8.3 kB URL HTTP/2 vidstat.taboola.com/vpaid/units/32_2_4/assets/css/cmOsUnit.css
IP 151.101.85.44:0
Hash a28320a69408adba1f01f56d6eb80708
8012c7108fab547cf31481cfda7cb49e654a0542
befbb274b7045e7e5791a4badbe46e1a2e367e6570da7cd0ac127acc4b8e8991
GET /vpaid/units/32_2_4/assets/css/cmOsUnit.css HTTP/1.1
Host: vidstat.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hankalis.hooxs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: T6fFtSO4dW3X+SYYe1J2aQGFCNwG/SSp8LypW4F9YMpE/b8H9tKxpKBoGa5dcINDF9Tdq+8118o=
x-amz-request-id: 72QKW6P3MNTZYMAS
last-modified: Mon, 12 Sep 2022 13:35:10 GMT
etag: "a28320a69408adba1f01f56d6eb80708"
x-amz-meta-ctime: 1662989709
x-amz-meta-mode: 33188
x-amz-meta-gid: 0
x-amz-meta-uid: 0
x-amz-meta-mtime: 1662989708
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
date: Tue, 13 Sep 2022 13:19:27 GMT
via: 1.1 varnish
age: 85363
x-served-by: cache-bma1636-BMA
x-cache: HIT
x-cache-hits: 7833
x-timer: S1663075168.989137,VS0,VE0
vary: Accept-Encoding
server: AmazonS3-br
content-encoding: br
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
content-length: 8297
X-Firefox-Spdy: h2
il-trc-events.taboola.com/forumotion-ar/log/2/debug?tim=13%3A19%3A14.562&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=9894&cv=20220912-34-RELEASE<=deflated&pct=1
185.106.33.48204 No Content 0 B URL HTTP/2 il-trc-events.taboola.com/forumotion-ar/log/2/debug?tim=13%3A19%3A14.562&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=9894&cv=20220912-34-RELEASE<=deflated&pct=1
IP 185.106.33.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /forumotion-ar/log/2/debug?tim=13%3A19%3A14.562&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=9894&cv=20220912-34-RELEASE<=deflated&pct=1 HTTP/1.1
Host: il-trc-events.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hankalis.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Tue, 13 Sep 2022 13:19:27 GMT
x-fastly-to-nlb-rtt: 76029
access-control-allow-credentials: true
X-Firefox-Spdy: h2
vidstat.taboola.com/vpaid/units/32_2_4/infra/cmTagWIDGET_ITEM.js
151.101.85.44200 OK 129 kB URL HTTP/2 vidstat.taboola.com/vpaid/units/32_2_4/infra/cmTagWIDGET_ITEM.js
IP 151.101.85.44:0
File type Unicode text, UTF-8 text, with very long lines (65489), with no line terminators
Size 129 kB (129328 bytes)
Hash fbcb2c2b5bd203d1e821e13624fadaed
4e2fa6a57bf494f22b8aa318a07af0fe516dd786
4b8d1c288ddf7b9fdff80d1d04f3104a6db1985fbb8f2d38754649137879f087
GET /vpaid/units/32_2_4/infra/cmTagWIDGET_ITEM.js HTTP/1.1
Host: vidstat.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hankalis.hooxs.com
Connection: keep-alive
Referer: https://hankalis.hooxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: M6HdgUMAAeYsHV8iJYzW3UD4R6tATPIQ2vwDjbd3aJ2BiL0lIIjZdJ8euS+pZxaqmBD+8uyi+Ng=
x-amz-request-id: 72QVYDGZTY1P942D
last-modified: Mon, 12 Sep 2022 13:34:19 GMT
etag: "fbcb2c2b5bd203d1e821e13624fadaed"
x-amz-meta-ctime: 1662989658
x-amz-meta-mode: 33188
x-amz-meta-gid: 0
x-amz-meta-uid: 0
x-amz-meta-mtime: 1662989657
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
date: Tue, 13 Sep 2022 13:19:28 GMT
via: 1.1 varnish
age: 85363
x-served-by: cache-bma1636-BMA
x-cache: HIT
x-cache-hits: 3350
x-timer: S1663075168.002063,VS0,VE0
vary: Accept-Encoding
server: AmazonS3-br
content-encoding: br
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
content-length: 129328
X-Firefox-Spdy: h2
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 6c7f549a8df976888fcbcdee19165565
49a0529b9b55f417604227a62f39ae0cd392c3e6
571a2accec2170a6a473b99234998d11cec59036c49a6a1aecb1519616693f64
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2360
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 13:19:28 GMT
Last-Modified: Tue, 13 Sep 2022 12:40:08 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 6c7f549a8df976888fcbcdee19165565
49a0529b9b55f417604227a62f39ae0cd392c3e6
571a2accec2170a6a473b99234998d11cec59036c49a6a1aecb1519616693f64
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5113
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 13:19:28 GMT
Last-Modified: Tue, 13 Sep 2022 11:54:15 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7vaYCFgPZE8DyhmagkATZE8DyhmagkAUAAAAGBuIHJGRbrDwOx3AtXJg2a9FksFhLjKvNWjEazFbD4WCymhmGQFKT0cS0XC3WItfKtBYtXBu3xGQcrSWLxcwzsRg2E49lCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeQoOl0-Fz3eqHD7nWYnZ670O83fu4av9svukzWor_h6bEDAAAAwAOA1VsmxA8gAEAEAAAAgAQAAAAARUDFv4XABQAAAAAGgAHJhQbAJwfBe85-fwAANGiBAAAECJAADKwGlAB8nK-cAAAAAAAAAACw_P___8cA7GGNyQCM7O_0ADz4ADwQFYwWMQIAAADY0lLRPJrUCZVFFQAAQboVwBUAQMDgTUALRxgAAEDA2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxN6G71OC2IZvVb7BQQAWPsFBABgUzcAgLcAuKALgNUpxG44W-xGs81odgAAAAB3_____3ogY9t4nBvfYjIzrhwTj2c5cjhny9XGZTH5Vi7DxHuLe6qHxh-vRn0ewjL7fQcRy_M1_Q0HGd_yehtERdfbYnc4zZ77UbRkuVvuVqPJYjRaLje74WY02J9AzgZI0ZLFajlc7SaL0WaxmCx3w9FkghQtWS2Xy9Vms1rtRovZYLMcbjZI0arVbLQZDFezyWy3Ww0Hw-VohBQtWe6Wu9VoshiNlsvNbrgZDYYIE5bhxmPyjNYi48axFk02vrXC5dm4FQ7jYuXYDHejjWMten1MD8fCMBy5vCgYoLEXwUU6kfktr7ff9PTb3QrLRSzRnCzSieyy79g2HufGt5jMjCvHxONZjhzO2XK1cVlMvpXLMPE3LMONx-QZrUXGjWMtmmx8a4XLs3ErHMbFyrEZ7kYbx1r0-pgejoVhOHL5G7PZZrBbLWazfWM22wx2q8Vstu_QGb6rz9noDI4nHpVq-_mW1jeHQeEyWLy_z0XajDZuRpU2bLGorsWda2LVaWMnY-dgNih8f3NpKw5uI-dyX3IQGwyKWCI4XaQT0ct4uoglkqdFOpFNPC7XbLFwOZYbz2gwc60sDtPENJytZh7fzLKyiCVK00U60Ysuk7Xob3h6LOo_MuRirhzMRZO5YjVaJQAAAAAAAACAJcyZNwEAAAA4DWQ02AxXywWAcPbS_XF0a-hCmwff_aCMv-7dKVgsbvy4wfyW19tvevrtboXlygAP1OTMmz0TxFqtljUAAIAANgAAQAC3bt4CsBm5fSAnAAAAAAAAfgIcbRYD!&cmcv=&pix=31589837&cb=1663075155066&uv=3224&tms=1663075155066&abt=inc_all_video_vA!ll395_vB!mprdctdt6_vA!scec11_vA!smbs!spa2_vB!t45!ufm&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1663075151859!ts:1663075155066&mntl=1
141.226.228.48200 OK 0 B URL HTTP/2 am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7vaYCFgPZE8DyhmagkATZE8DyhmagkAUAAAAGBuIHJGRbrDwOx3AtXJg2a9FksFhLjKvNWjEazFbD4WCymhmGQFKT0cS0XC3WItfKtBYtXBu3xGQcrSWLxcwzsRg2E49lCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeQoOl0-Fz3eqHD7nWYnZ670O83fu4av9svukzWor_h6bEDAAAAwAOA1VsmxA8gAEAEAAAAgAQAAAAARUDFv4XABQAAAAAGgAHJhQbAJwfBe85-fwAANGiBAAAECJAADKwGlAB8nK-cAAAAAAAAAACw_P___8cA7GGNyQCM7O_0ADz4ADwQFYwWMQIAAADY0lLRPJrUCZVFFQAAQboVwBUAQMDgTUALRxgAAEDA2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxN6G71OC2IZvVb7BQQAWPsFBABgUzcAgLcAuKALgNUpxG44W-xGs81odgAAAAB3_____3ogY9t4nBvfYjIzrhwTj2c5cjhny9XGZTH5Vi7DxHuLe6qHxh-vRn0ewjL7fQcRy_M1_Q0HGd_yehtERdfbYnc4zZ77UbRkuVvuVqPJYjRaLje74WY02J9AzgZI0ZLFajlc7SaL0WaxmCx3w9FkghQtWS2Xy9Vms1rtRovZYLMcbjZI0arVbLQZDFezyWy3Ww0Hw-VohBQtWe6Wu9VoshiNlsvNbrgZDYYIE5bhxmPyjNYi48axFk02vrXC5dm4FQ7jYuXYDHejjWMten1MD8fCMBy5vCgYoLEXwUU6kfktr7ff9PTb3QrLRSzRnCzSieyy79g2HufGt5jMjCvHxONZjhzO2XK1cVlMvpXLMPE3LMONx-QZrUXGjWMtmmx8a4XLs3ErHMbFyrEZ7kYbx1r0-pgejoVhOHL5G7PZZrBbLWazfWM22wx2q8Vstu_QGb6rz9noDI4nHpVq-_mW1jeHQeEyWLy_z0XajDZuRpU2bLGorsWda2LVaWMnY-dgNih8f3NpKw5uI-dyX3IQGwyKWCI4XaQT0ct4uoglkqdFOpFNPC7XbLFwOZYbz2gwc60sDtPENJytZh7fzLKyiCVK00U60Ysuk7Xob3h6LOo_MuRirhzMRZO5YjVaJQAAAAAAAACAJcyZNwEAAAA4DWQ02AxXywWAcPbS_XF0a-hCmwff_aCMv-7dKVgsbvy4wfyW19tvevrtboXlygAP1OTMmz0TxFqtljUAAIAANgAAQAC3bt4CsBm5fSAnAAAAAAAAfgIcbRYD!&cmcv=&pix=31589837&cb=1663075155066&uv=3224&tms=1663075155066&abt=inc_all_video_vA!ll395_vB!mprdctdt6_vA!scec11_vA!smbs!spa2_vB!t45!ufm&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1663075151859!ts:1663075155066&mntl=1
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7vaYCFgPZE8DyhmagkATZE8DyhmagkAUAAAAGBuIHJGRbrDwOx3AtXJg2a9FksFhLjKvNWjEazFbD4WCymhmGQFKT0cS0XC3WItfKtBYtXBu3xGQcrSWLxcwzsRg2E49lCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeQoOl0-Fz3eqHD7nWYnZ670O83fu4av9svukzWor_h6bEDAAAAwAOA1VsmxA8gAEAEAAAAgAQAAAAARUDFv4XABQAAAAAGgAHJhQbAJwfBe85-fwAANGiBAAAECJAADKwGlAB8nK-cAAAAAAAAAACw_P___8cA7GGNyQCM7O_0ADz4ADwQFYwWMQIAAADY0lLRPJrUCZVFFQAAQboVwBUAQMDgTUALRxgAAEDA2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxN6G71OC2IZvVb7BQQAWPsFBABgUzcAgLcAuKALgNUpxG44W-xGs81odgAAAAB3_____3ogY9t4nBvfYjIzrhwTj2c5cjhny9XGZTH5Vi7DxHuLe6qHxh-vRn0ewjL7fQcRy_M1_Q0HGd_yehtERdfbYnc4zZ77UbRkuVvuVqPJYjRaLje74WY02J9AzgZI0ZLFajlc7SaL0WaxmCx3w9FkghQtWS2Xy9Vms1rtRovZYLMcbjZI0arVbLQZDFezyWy3Ww0Hw-VohBQtWe6Wu9VoshiNlsvNbrgZDYYIE5bhxmPyjNYi48axFk02vrXC5dm4FQ7jYuXYDHejjWMten1MD8fCMBy5vCgYoLEXwUU6kfktr7ff9PTb3QrLRSzRnCzSieyy79g2HufGt5jMjCvHxONZjhzO2XK1cVlMvpXLMPE3LMONx-QZrUXGjWMtmmx8a4XLs3ErHMbFyrEZ7kYbx1r0-pgejoVhOHL5G7PZZrBbLWazfWM22wx2q8Vstu_QGb6rz9noDI4nHpVq-_mW1jeHQeEyWLy_z0XajDZuRpU2bLGorsWda2LVaWMnY-dgNih8f3NpKw5uI-dyX3IQGwyKWCI4XaQT0ct4uoglkqdFOpFNPC7XbLFwOZYbz2gwc60sDtPENJytZh7fzLKyiCVK00U60Ysuk7Xob3h6LOo_MuRirhzMRZO5YjVaJQAAAAAAAACAJcyZNwEAAAA4DWQ02AxXywWAcPbS_XF0a-hCmwff_aCMv-7dKVgsbvy4wfyW19tvevrtboXlygAP1OTMmz0TxFqtljUAAIAANgAAQAC3bt4CsBm5fSAnAAAAAAAAfgIcbRYD!&cmcv=&pix=31589837&cb=1663075155066&uv=3224&tms=1663075155066&abt=inc_all_video_vA!ll395_vB!mprdctdt6_vA!scec11_vA!smbs!spa2_vB!t45!ufm&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1663075151859!ts:1663075155066&mntl=1 HTTP/1.1
Host: am-vid-events.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hankalis.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 13:19:28 GMT
content-length: 0
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
178.250.2.146200 OK 8.8 kB URL HTTP/2 gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
IP 178.250.2.146:0
File type C source, ASCII text, with very long lines (29392)
Hash f47ae3d33fd03c44751ed0b427614278
d742b8ea5a473e95ceacd54e91e16cbc26da1ab9
2c5a6515a496a04d763db490d512cab51d25e849341321233a3fe264c94f1d8f
GET /sync?c=72&r=2&j=TRC.getRTUS HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hankalis.hooxs.com/
x-crto-bundle: mLavU18xRSUyQjNYWEkzcmQ1V2l4c2R0VTI4YkRuZFV4dEZQZmRuTkRUZ1FVdXllUVJOcmFabEI0b2xYc01Zdk1yN0poMEtBY00yUG8lMkI5T3FtMUhBRGJUMHZzam1XTDBWelNTVjg2ZnglMkJ6OXRPeVJYJTJCaVBJciUyRllvZk5rcmJ6Rmd0MWNQVnBJUWNPWE5mT2pEVWQ2REtSWTYlMkJMb0ElM0QlM0Q
Origin: https://hankalis.hooxs.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 13:19:26 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
access-control-allow-credentials: true
access-control-allow-origin: https://hankalis.hooxs.com
server-processing-duration-in-ticks: 1169706
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
il-trc-events.taboola.com/forumotion-ar/log/2/debug?tim=13%3A19%3A14.798&type=warn&msg=video%20tag%20loader%20-%20didn%27t%20find%20enough%20sponsored%20items%20for%20integrated%20widget%20replacement&llvl=2&id=5431&cv=20220912-34-RELEASE<=deflated&pct=1
185.106.33.48204 No Content 0 B URL HTTP/2 il-trc-events.taboola.com/forumotion-ar/log/2/debug?tim=13%3A19%3A14.798&type=warn&msg=video%20tag%20loader%20-%20didn%27t%20find%20enough%20sponsored%20items%20for%20integrated%20widget%20replacement&llvl=2&id=5431&cv=20220912-34-RELEASE<=deflated&pct=1
IP 185.106.33.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /forumotion-ar/log/2/debug?tim=13%3A19%3A14.798&type=warn&msg=video%20tag%20loader%20-%20didn%27t%20find%20enough%20sponsored%20items%20for%20integrated%20widget%20replacement&llvl=2&id=5431&cv=20220912-34-RELEASE<=deflated&pct=1 HTTP/1.1
Host: il-trc-events.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hankalis.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Tue, 13 Sep 2022 13:19:28 GMT
x-fastly-to-nlb-rtt: 75998
access-control-allow-credentials: true
X-Firefox-Spdy: h2
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
185.94.180.126302 Found 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
IP 185.94.180.126:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imprammp.taboola.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Tue, 13 Sep 2022 13:19:28 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=b1cf4632-3366-11ed-8987-11482f420306; expires=Tue, 11-Oct-2022 13:19:28 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=b1cf468a-3366-11ed-8987-11482f420306
X-fe: 102
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
185.94.180.126302 Found 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
IP 185.94.180.126:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Tue, 13 Sep 2022 13:19:28 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=b1cf698a-3366-11ed-8363-141484330306; expires=Tue, 11-Oct-2022 13:19:28 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=b1cf69fc-3366-11ed-8363-141484330306
X-fe: 2
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
185.94.180.126302 Found 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
IP 185.94.180.126:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imprammp.taboola.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Tue, 13 Sep 2022 13:19:28 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=b1d2a439-3366-11ed-8307-1bf0cf250506; expires=Tue, 11-Oct-2022 13:19:28 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=b1d2a4a0-3366-11ed-8307-1bf0cf250506
X-fe: 13
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=b1c9e207-3366-11ed-a825-19da87bf0206
185.94.180.126204 No Content 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=b1c9e207-3366-11ed-a825-19da87bf0206
IP 185.94.180.126:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=b1c9e207-3366-11ed-a825-19da87bf0206 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://am-match.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx
Date: Tue, 13 Sep 2022 13:19:28 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=b1d2d8be-3366-11ed-9f7a-1974e5cf0106; expires=Tue, 11-Oct-2022 13:19:28 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 120
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
vidstat.taboola.com/vpaid/vPlayer/player/v14.8.0/OvaMediaPlayer.js
151.101.85.44200 OK 87 kB URL HTTP/2 vidstat.taboola.com/vpaid/vPlayer/player/v14.8.0/OvaMediaPlayer.js
IP 151.101.85.44:0
File type Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Hash c2a8868b0771ea96f81cfb8bedfb1704
6318bf752ba6d84ebc4c8313eb5fe6937e98f62e
836a28eca02f0e87b962ba1498286c403c8d16e2c00a1bf3c2f74778e3981797
GET /vpaid/vPlayer/player/v14.8.0/OvaMediaPlayer.js HTTP/1.1
Host: vidstat.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hankalis.hooxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: BmNc095QFD7b47OWaGW+LVCp7tSOGq1Gr07CCp0PDn9uAVAEITB69nnPLxyISFYVSRBdoxhfYqk=
x-amz-request-id: VSVNVFN5ZQYPXRWK
last-modified: Tue, 06 Sep 2022 07:08:18 GMT
etag: "c2a8868b0771ea96f81cfb8bedfb1704"
x-amz-meta-ctime: 1662448097
x-amz-meta-mode: 33188
x-amz-meta-gid: 0
x-amz-meta-uid: 0
x-amz-meta-mtime: 1662448084
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
date: Tue, 13 Sep 2022 13:19:28 GMT
via: 1.1 varnish
age: 627026
x-served-by: cache-bma1636-BMA
x-cache: HIT
x-cache-hits: 121633
x-timer: S1663075168.290640,VS0,VE0
vary: Accept-Encoding
server: AmazonS3-br
content-encoding: br
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
content-length: 86924
X-Firefox-Spdy: h2
vidstatb.taboola.com/vid/blackScreen5.mp4
151.101.85.44206 Partial Content 91 kB URL HTTP/2 vidstatb.taboola.com/vid/blackScreen5.mp4
IP 151.101.85.44:0
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Hash b2b087fe4ae638c533731c347fcd4df8
62851c888c21bb51cc04f13b6fc0451279fe0425
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
GET /vid/blackScreen5.mp4 HTTP/1.1
Host: vidstatb.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://hankalis.hooxs.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 206 Partial Content
content-type: video/mp4
last-modified: Sun, 02 Jul 2017 20:40:57 GMT
etag: "b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-mode: 33188
x-amz-meta-gid: 0
x-amz-meta-uid: 0
x-amz-meta-mtime: 1497790207
server: AmazonS3
via: 1.1 9803a30a87f1ec1047cb2b8ad5ecc43e.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: gopM2XYfUoVUFmJXQ0440-QEF6IoAyvdLK0EUOquu3M35zK6ZGLwLg==
cache-control: public, max-age=2592000
accept-ranges: bytes
date: Tue, 13 Sep 2022 13:19:28 GMT
age: 1577260
x-served-by: cache-bma1636-BMA
x-cache: Hit from cloudfront, HIT
x-cache-hits: 198093
x-timer: S1663075168.358035,VS0,VE0
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
content-range: bytes 0-90783/90784
content-length: 90784
X-Firefox-Spdy: h2
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=b1cf468a-3366-11ed-8987-11482f420306
185.94.180.126204 No Content 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=b1cf468a-3366-11ed-8987-11482f420306
IP 185.94.180.126:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=b1cf468a-3366-11ed-8987-11482f420306 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://imprammp.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx
Date: Tue, 13 Sep 2022 13:19:28 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=b1f44292-3366-11ed-97ba-1bbe6fc50506; expires=Tue, 11-Oct-2022 13:19:28 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 71
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=b1cf69fc-3366-11ed-8363-141484330306
185.94.180.126204 No Content 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=b1cf69fc-3366-11ed-8363-141484330306
IP 185.94.180.126:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=b1cf69fc-3366-11ed-8363-141484330306 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://am-match.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx
Date: Tue, 13 Sep 2022 13:19:28 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=b1f4d018-3366-11ed-9bf4-1ac054420306; expires=Tue, 11-Oct-2022 13:19:28 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 125
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=b1d2a4a0-3366-11ed-8307-1bf0cf250506
185.94.180.126204 No Content 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=b1d2a4a0-3366-11ed-8307-1bf0cf250506
IP 185.94.180.126:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=b1d2a4a0-3366-11ed-8307-1bf0cf250506 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://imprammp.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx
Date: Tue, 13 Sep 2022 13:19:28 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=b1f6e7ad-3366-11ed-be02-1860f0710206; expires=Tue, 11-Oct-2022 13:19:28 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 110
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
185.94.180.126302 Found 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
IP 185.94.180.126:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Tue, 13 Sep 2022 13:19:28 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=b1f8654b-3366-11ed-8019-1d7abbad0306; expires=Tue, 11-Oct-2022 13:19:28 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=b1f865a7-3366-11ed-8019-1d7abbad0306
X-fe: 28
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=283&height=159&pubid=169497&tagid=953497&crid=5664665&noaop=5&sortOrderType=0&cb=1663075155071&mimes=5,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1480&pt=-1260942090&tz=0&viewable=true&ddast=V7vaYCFgPZE8DyhmagkATZE8DyhmagkAUAAAAGBuIHJGRbrDwOx3AtXJg2a9FksFhLjKvNWjEazFbD4WCymhmGQFKT0cS0XC3WItfKtBYtXBu3xGQcrSWLxcwzsRg2E49lCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeQoOl0-Fz3eqHD7nWYnZ670O83fu4av9svukzWor_h6bEDAAAAwAOA1VsmxA8gAEAEAAAAgAQAAAAARUDFv4XABQAAAAAGgAHJhQbAJwfBe85-fwAANGiBAAAECJAADKwGlAB8nK-cAAAAAAAAAACw_P___8cA7GGNyQCM7O_0ADz4ADwQFYwWMQIAAADY0lLRPJrUCZVFFQAAQboVwBUAQMDgTUALRxgAAEDA2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxN6G71OC2IZvVb7BQQAWPsFBABgUzcAgLcAuKALgNUpxG44W-xGs81odgAAAAB3_____3ogY9t4nBvfYjIzrhwTj2c5cjhny9XGZTH5Vi7DxHuLe6qHxh-vRn0ewjL7fQcRy_M1_Q0HGd_yehtERdfbYnc4zZ77UbRkuVvuVqPJYjRaLje74WY02J9AzgZI0ZLFajlc7SaL0WaxmCx3w9FkghQtWS2Xy9Vms1rtRovZYLMcbjZI0arVbLQZDFezyWy3Ww0Hw-VohBQtWe6Wu9VoshiNlsvNbrgZDYYIE5bhxmPyjNYi48axFk02vrXC5dm4FQ7jYuXYDHejjWMten1MD8fCMBy5vCgYoLEXwUU6kfktr7ff9PTb3QrLRSzRnCzSieyy79g2HufGt5jMjCvHxONZjhzO2XK1cVlMvpXLMPE3LMONx-QZrUXGjWMtmmx8a4XLs3ErHMbFyrEZ7kYbx1r0-pgejoVhOHL5G7PZZrBbLWazfWM22wx2q8Vstu_QGb6rz9noDI4nHpVq-_mW1jeHQeEyWLy_z0XajDZuRpU2bLGorsWda2LVaWMnY-dgNih8f3NpKw5uI-dyX3IQGwyKWCI4XaQT0ct4uoglkqdFOpFNPC7XbLFwOZYbz2gwc60sDtPENJytZh7fzLKyiCVK00U60Ysuk7Xob3h6LOo_MuRirhzMRZO5YjVaJQAAAAAAAACAJcyZNwEAAAA4DWQ02AxXywWAcPbS_XF0a-hCmwff_aCMv-7dKVgsbvy4wfyW19tvevrtboXlygAP1OTMmz0TxFqtljUAAIAANgAAQAC3bt4CsBm5fSAnAAAAAAAAfgIcbRYD!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=inc_all_video_vA!ll395_vB!mprdctdt6_vA!scec11_vA!smbs!spa2_vB!t45!ufm&mPre=0.025&cirf=https%3A%2F%2Fhankalis.hooxs.com&en=1
151.101.85.44200 OK 1.9 kB URL HTTP/2 wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=283&height=159&pubid=169497&tagid=953497&crid=5664665&noaop=5&sortOrderType=0&cb=1663075155071&mimes=5,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1480&pt=-1260942090&tz=0&viewable=true&ddast=V7vaYCFgPZE8DyhmagkATZE8DyhmagkAUAAAAGBuIHJGRbrDwOx3AtXJg2a9FksFhLjKvNWjEazFbD4WCymhmGQFKT0cS0XC3WItfKtBYtXBu3xGQcrSWLxcwzsRg2E49lCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeQoOl0-Fz3eqHD7nWYnZ670O83fu4av9svukzWor_h6bEDAAAAwAOA1VsmxA8gAEAEAAAAgAQAAAAARUDFv4XABQAAAAAGgAHJhQbAJwfBe85-fwAANGiBAAAECJAADKwGlAB8nK-cAAAAAAAAAACw_P___8cA7GGNyQCM7O_0ADz4ADwQFYwWMQIAAADY0lLRPJrUCZVFFQAAQboVwBUAQMDgTUALRxgAAEDA2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxN6G71OC2IZvVb7BQQAWPsFBABgUzcAgLcAuKALgNUpxG44W-xGs81odgAAAAB3_____3ogY9t4nBvfYjIzrhwTj2c5cjhny9XGZTH5Vi7DxHuLe6qHxh-vRn0ewjL7fQcRy_M1_Q0HGd_yehtERdfbYnc4zZ77UbRkuVvuVqPJYjRaLje74WY02J9AzgZI0ZLFajlc7SaL0WaxmCx3w9FkghQtWS2Xy9Vms1rtRovZYLMcbjZI0arVbLQZDFezyWy3Ww0Hw-VohBQtWe6Wu9VoshiNlsvNbrgZDYYIE5bhxmPyjNYi48axFk02vrXC5dm4FQ7jYuXYDHejjWMten1MD8fCMBy5vCgYoLEXwUU6kfktr7ff9PTb3QrLRSzRnCzSieyy79g2HufGt5jMjCvHxONZjhzO2XK1cVlMvpXLMPE3LMONx-QZrUXGjWMtmmx8a4XLs3ErHMbFyrEZ7kYbx1r0-pgejoVhOHL5G7PZZrBbLWazfWM22wx2q8Vstu_QGb6rz9noDI4nHpVq-_mW1jeHQeEyWLy_z0XajDZuRpU2bLGorsWda2LVaWMnY-dgNih8f3NpKw5uI-dyX3IQGwyKWCI4XaQT0ct4uoglkqdFOpFNPC7XbLFwOZYbz2gwc60sDtPENJytZh7fzLKyiCVK00U60Ysuk7Xob3h6LOo_MuRirhzMRZO5YjVaJQAAAAAAAACAJcyZNwEAAAA4DWQ02AxXywWAcPbS_XF0a-hCmwff_aCMv-7dKVgsbvy4wfyW19tvevrtboXlygAP1OTMmz0TxFqtljUAAIAANgAAQAC3bt4CsBm5fSAnAAAAAAAAfgIcbRYD!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=inc_all_video_vA!ll395_vB!mprdctdt6_vA!scec11_vA!smbs!spa2_vB!t45!ufm&mPre=0.025&cirf=https%3A%2F%2Fhankalis.hooxs.com&en=1
IP 151.101.85.44:0
Hash 49be7c9f6e0ef2b0d0284a17af68571b
9de4ef7ef3f5076c8797dae3d5b9ca3ac4909dc8
52cd765a222699b6d8afccd2d0f7574313140a95295a14d32eda48cae23888e7
POST /VideoBidRequestHandlerServlet?oid=15&width=283&height=159&pubid=169497&tagid=953497&crid=5664665&noaop=5&sortOrderType=0&cb=1663075155071&mimes=5,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1480&pt=-1260942090&tz=0&viewable=true&ddast=V7vaYCFgPZE8DyhmagkATZE8DyhmagkAUAAAAGBuIHJGRbrDwOx3AtXJg2a9FksFhLjKvNWjEazFbD4WCymhmGQFKT0cS0XC3WItfKtBYtXBu3xGQcrSWLxcwzsRg2E49lCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeQoOl0-Fz3eqHD7nWYnZ670O83fu4av9svukzWor_h6bEDAAAAwAOA1VsmxA8gAEAEAAAAgAQAAAAARUDFv4XABQAAAAAGgAHJhQbAJwfBe85-fwAANGiBAAAECJAADKwGlAB8nK-cAAAAAAAAAACw_P___8cA7GGNyQCM7O_0ADz4ADwQFYwWMQIAAADY0lLRPJrUCZVFFQAAQboVwBUAQMDgTUALRxgAAEDA2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxN6G71OC2IZvVb7BQQAWPsFBABgUzcAgLcAuKALgNUpxG44W-xGs81odgAAAAB3_____3ogY9t4nBvfYjIzrhwTj2c5cjhny9XGZTH5Vi7DxHuLe6qHxh-vRn0ewjL7fQcRy_M1_Q0HGd_yehtERdfbYnc4zZ77UbRkuVvuVqPJYjRaLje74WY02J9AzgZI0ZLFajlc7SaL0WaxmCx3w9FkghQtWS2Xy9Vms1rtRovZYLMcbjZI0arVbLQZDFezyWy3Ww0Hw-VohBQtWe6Wu9VoshiNlsvNbrgZDYYIE5bhxmPyjNYi48axFk02vrXC5dm4FQ7jYuXYDHejjWMten1MD8fCMBy5vCgYoLEXwUU6kfktr7ff9PTb3QrLRSzRnCzSieyy79g2HufGt5jMjCvHxONZjhzO2XK1cVlMvpXLMPE3LMONx-QZrUXGjWMtmmx8a4XLs3ErHMbFyrEZ7kYbx1r0-pgejoVhOHL5G7PZZrBbLWazfWM22wx2q8Vstu_QGb6rz9noDI4nHpVq-_mW1jeHQeEyWLy_z0XajDZuRpU2bLGorsWda2LVaWMnY-dgNih8f3NpKw5uI-dyX3IQGwyKWCI4XaQT0ct4uoglkqdFOpFNPC7XbLFwOZYbz2gwc60sDtPENJytZh7fzLKyiCVK00U60Ysuk7Xob3h6LOo_MuRirhzMRZO5YjVaJQAAAAAAAACAJcyZNwEAAAA4DWQ02AxXywWAcPbS_XF0a-hCmwff_aCMv-7dKVgsbvy4wfyW19tvevrtboXlygAP1OTMmz0TxFqtljUAAIAANgAAQAC3bt4CsBm5fSAnAAAAAAAAfgIcbRYD!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=inc_all_video_vA!ll395_vB!mprdctdt6_vA!scec11_vA!smbs!spa2_vB!t45!ufm&mPre=0.025&cirf=https%3A%2F%2Fhankalis.hooxs.com&en=1 HTTP/1.1
Host: wf.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Content-Length: 133
Origin: https://hankalis.hooxs.com
Connection: keep-alive
Referer: https://hankalis.hooxs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/json;charset=utf-8
machineid: 1429
pragma: no-cache
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: https://hankalis.hooxs.com
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Tue, 13 Sep 2022 13:19:28 GMT
via: 1.1 varnish
x-served-by: cache-bma1636-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1663075168.065911,VS0,VE53
vary: Accept-Encoding
X-Firefox-Spdy: h2
trc.taboola.com/forumotion-ar/log/3/bulk?route=AM%3AIL%3AV<i=deflated&bulkSize=2
151.101.85.44204 No Content 0 B URL HTTP/2 trc.taboola.com/forumotion-ar/log/3/bulk?route=AM%3AIL%3AV<i=deflated&bulkSize=2
IP 151.101.85.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /forumotion-ar/log/3/bulk?route=AM%3AIL%3AV<i=deflated&bulkSize=2 HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 3795
Origin: https://hankalis.hooxs.com
Connection: keep-alive
Referer: https://hankalis.hooxs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
content-type: image/gif
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://hankalis.hooxs.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
accept-ranges: bytes
date: Tue, 13 Sep 2022 13:19:28 GMT
via: 1.1 varnish
x-served-by: cache-bma1636-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1663075168.366612,VS0,VE80
x-vcl-time-ms: 80
X-Firefox-Spdy: h2
trc.taboola.com/forumotion-ar/log/3/visible?route=AM%3AIL%3AV<i=deflated
151.101.85.44204 No Content 0 B URL HTTP/2 trc.taboola.com/forumotion-ar/log/3/visible?route=AM%3AIL%3AV<i=deflated
IP 151.101.85.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /forumotion-ar/log/3/visible?route=AM%3AIL%3AV<i=deflated HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 2368
Origin: https://hankalis.hooxs.com
Connection: keep-alive
Referer: https://hankalis.hooxs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
content-type: image/gif
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://hankalis.hooxs.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
accept-ranges: bytes
date: Tue, 13 Sep 2022 13:19:28 GMT
via: 1.1 varnish
x-served-by: cache-bma1636-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1663075168.365585,VS0,VE83
x-vcl-time-ms: 83
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 768f5668d87ff656e8801194ec6ae122
31e43de243266af0aeadc804a017264bb6f69e46
831a215bdb38c468269645453dc12c4b461ce9ecb3c98e11b9530af71dca9766
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2581
Cache-Control: max-age=137886
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 13:19:28 GMT
Etag: "631ff0e9-1d7"
Expires: Thu, 15 Sep 2022 03:37:34 GMT
Last-Modified: Tue, 13 Sep 2022 02:54:33 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
52.223.40.198200 OK 70 B URL HTTP/2 match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
IP 52.223.40.198:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 58a7930cd4577fc33c35828c271eab8f
406e57f86dc101e10f3a57be1e2f7b93c4580474
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
GET /track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 13:19:28 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
am-match.taboola.com/sync?dast=V7X6wCFgPZE8DyhmagkATZE8DyhmagkAUAAAAGBuIHJLLw7EajhcmtXA4XbtFw5XILR66FW7fazRbLxWqyMS2GQCILz240WpjcyuVw4RYNVy63cORauHWr3WyxXKwmG9NiChE3GQ6fg4Go6Hpb7A6n2fMGEjSdDp_rXi902L0Os9NzF_r9xs9d43f7RZfJWvQ3PD12AAAAAHj4____hwAAAACIAAAAAJAAAAAAoAio-LcQuAAAAADA-P___9cA-OQgeM_Z7w8AAAAAEAAAAAASgIHVgBKAj_OVk___________mAH6zBuZ_____xuDHoAHH4AHIQAAgIuh05nYs7NuTjuigtoiRgAAAABbWiqaR5M6obKo-v__77cCuAIACBi8CVBRztIdlHgLAwAACBhboIfF7zc77Bq_22X__________2b_Z_9oQm-j12lBLKPXar-AAABrv4AAAGzqBgDwFgAXdAGwOoXYDWeL3Wi2Gc0OAAAA4O7___9fD2RsG49z41tMZsaVY-LxLEcO52y52rgsJt_KZZh4b3FP9dD449WoL-Imw-FzMBAVXW-L3eE0e-5H0ZLlbrlbjSaL0Wi53OyGm9FgfwI5GyBFSxar5XC1myxGm8VistwNR5MJUrRktVwuV5vNarUbLWaDzXK42SBFq1az0WYwXM0ms91uNRwMl6MRUrRkuVvuVqPJYjRaLje74WY0GCJMWIYbj8kzWouMG8daNNn41gqXZ-NWOIyLlWMz3I02jrXo9TE9HAvDcOTyomCAxl4kT4t0ojBtPBbHYjHzTHyDycxhMqw8vpnHODJtZs7VZDERSzQni3Qiu-w7to3HufEtJjPjyjHxeJYjh3O2XG1cFpNv5TJM_A3LcOMxeUZrkXHjWIsmG99a4fJs3AqHcbFybIa70caxFr0-podjYRiOXP7GbLYZ7FaL2WzfmM02g91qMZvtO3SG7-pzNjqD44lHpdp-vqX1zWFQuAwW7-9zkTajjZtRpQ1bLKprceeaWHXa2MnYOZgNCt_fXNqKg9vIudyXHMQGgyKWCC7Sicxveb39pqff7lZYLmKJ0nSRTvSiy2Qt-hueHotYIjhdpBPRy3i6qP_IkIu5cjAXTeaK1WiVAAAAAAAAAACWMGfeBAAAAOA0kNFgM1yt80AGy8FuuVouAISzl-6Po1tDF9o8-O4HZfx1707BYnHjxw3mt7zeftPTb3crLFcGeKAmZ978mSDWarWsAQAABLABAAACuHXzFoDNxP_____HAQAAyMjRAwAAiO8DOQEAAAAAAPAT4GizGA!&excid=22&docw=0&cijs=1&nlb=false
141.226.228.48200 OK 742 B URL HTTP/2 am-match.taboola.com/sync?dast=V7X6wCFgPZE8DyhmagkATZE8DyhmagkAUAAAAGBuIHJLLw7EajhcmtXA4XbtFw5XILR66FW7fazRbLxWqyMS2GQCILz240WpjcyuVw4RYNVy63cORauHWr3WyxXKwmG9NiChE3GQ6fg4Go6Hpb7A6n2fMGEjSdDp_rXi902L0Os9NzF_r9xs9d43f7RZfJWvQ3PD12AAAAAHj4____hwAAAACIAAAAAJAAAAAAoAio-LcQuAAAAADA-P___9cA-OQgeM_Z7w8AAAAAEAAAAAASgIHVgBKAj_OVk___________mAH6zBuZ_____xuDHoAHH4AHIQAAgIuh05nYs7NuTjuigtoiRgAAAABbWiqaR5M6obKo-v__77cCuAIACBi8CVBRztIdlHgLAwAACBhboIfF7zc77Bq_22X__________2b_Z_9oQm-j12lBLKPXar-AAABrv4AAAGzqBgDwFgAXdAGwOoXYDWeL3Wi2Gc0OAAAA4O7___9fD2RsG49z41tMZsaVY-LxLEcO52y52rgsJt_KZZh4b3FP9dD449WoL-Imw-FzMBAVXW-L3eE0e-5H0ZLlbrlbjSaL0Wi53OyGm9FgfwI5GyBFSxar5XC1myxGm8VistwNR5MJUrRktVwuV5vNarUbLWaDzXK42SBFq1az0WYwXM0ms91uNRwMl6MRUrRkuVvuVqPJYjRaLje74WY0GCJMWIYbj8kzWouMG8daNNn41gqXZ-NWOIyLlWMz3I02jrXo9TE9HAvDcOTyomCAxl4kT4t0ojBtPBbHYjHzTHyDycxhMqw8vpnHODJtZs7VZDERSzQni3Qiu-w7to3HufEtJjPjyjHxeJYjh3O2XG1cFpNv5TJM_A3LcOMxeUZrkXHjWIsmG99a4fJs3AqHcbFybIa70caxFr0-podjYRiOXP7GbLYZ7FaL2WzfmM02g91qMZvtO3SG7-pzNjqD44lHpdp-vqX1zWFQuAwW7-9zkTajjZtRpQ1bLKprceeaWHXa2MnYOZgNCt_fXNqKg9vIudyXHMQGgyKWCC7Sicxveb39pqff7lZYLmKJ0nSRTvSiy2Qt-hueHotYIjhdpBPRy3i6qP_IkIu5cjAXTeaK1WiVAAAAAAAAAACWMGfeBAAAAOA0kNFgM1yt80AGy8FuuVouAISzl-6Po1tDF9o8-O4HZfx1707BYnHjxw3mt7zeftPTb3crLFcGeKAmZ978mSDWarWsAQAABLABAAACuHXzFoDNxP_____HAQAAyMjRAwAAiO8DOQEAAAAAAPAT4GizGA!&excid=22&docw=0&cijs=1&nlb=false
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (742), with no line terminators
Hash e212b134cabf80f8be66f676e09c0097
c6f5b87bdb324d5acc99af18d97d5d9835c65c7a
f4461fdc5512d2915f67a2b761cfd5ce1166d1f8dd0f07a571bf31eb1c7d0855
GET /sync?dast=V7X6wCFgPZE8DyhmagkATZE8DyhmagkAUAAAAGBuIHJLLw7EajhcmtXA4XbtFw5XILR66FW7fazRbLxWqyMS2GQCILz240WpjcyuVw4RYNVy63cORauHWr3WyxXKwmG9NiChE3GQ6fg4Go6Hpb7A6n2fMGEjSdDp_rXi902L0Os9NzF_r9xs9d43f7RZfJWvQ3PD12AAAAAHj4____hwAAAACIAAAAAJAAAAAAoAio-LcQuAAAAADA-P___9cA-OQgeM_Z7w8AAAAAEAAAAAASgIHVgBKAj_OVk___________mAH6zBuZ_____xuDHoAHH4AHIQAAgIuh05nYs7NuTjuigtoiRgAAAABbWiqaR5M6obKo-v__77cCuAIACBi8CVBRztIdlHgLAwAACBhboIfF7zc77Bq_22X__________2b_Z_9oQm-j12lBLKPXar-AAABrv4AAAGzqBgDwFgAXdAGwOoXYDWeL3Wi2Gc0OAAAA4O7___9fD2RsG49z41tMZsaVY-LxLEcO52y52rgsJt_KZZh4b3FP9dD449WoL-Imw-FzMBAVXW-L3eE0e-5H0ZLlbrlbjSaL0Wi53OyGm9FgfwI5GyBFSxar5XC1myxGm8VistwNR5MJUrRktVwuV5vNarUbLWaDzXK42SBFq1az0WYwXM0ms91uNRwMl6MRUrRkuVvuVqPJYjRaLje74WY0GCJMWIYbj8kzWouMG8daNNn41gqXZ-NWOIyLlWMz3I02jrXo9TE9HAvDcOTyomCAxl4kT4t0ojBtPBbHYjHzTHyDycxhMqw8vpnHODJtZs7VZDERSzQni3Qiu-w7to3HufEtJjPjyjHxeJYjh3O2XG1cFpNv5TJM_A3LcOMxeUZrkXHjWIsmG99a4fJs3AqHcbFybIa70caxFr0-podjYRiOXP7GbLYZ7FaL2WzfmM02g91qMZvtO3SG7-pzNjqD44lHpdp-vqX1zWFQuAwW7-9zkTajjZtRpQ1bLKprceeaWHXa2MnYOZgNCt_fXNqKg9vIudyXHMQGgyKWCC7Sicxveb39pqff7lZYLmKJ0nSRTvSiy2Qt-hueHotYIjhdpBPRy3i6qP_IkIu5cjAXTeaK1WiVAAAAAAAAAACWMGfeBAAAAOA0kNFgM1yt80AGy8FuuVouAISzl-6Po1tDF9o8-O4HZfx1707BYnHjxw3mt7zeftPTb3crLFcGeKAmZ978mSDWarWsAQAABLABAAACuHXzFoDNxP_____HAQAAyMjRAwAAiO8DOQEAAAAAAPAT4GizGA!&excid=22&docw=0&cijs=1&nlb=false HTTP/1.1
Host: am-match.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hankalis.hooxs.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 13:19:28 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3406
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
151.101.85.44200 OK 254 B URL HTTP/2 cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
IP 151.101.85.44:0
File type PNG image data, 12 x 12, 8-bit gray+alpha, non-interlaced\012- data
Hash dfa7b52c86e56bd67fa4002f6ed19854
7df722645482433c2b5c8d8ab4272a9874592f27
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
GET /libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hankalis.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: c3AK0F63Rmz1U+ZkwDZRH6hJiJRTGpZB8kTBPWz0vwbg9siBxtMOH8aEqr1NtVeNHtLhLAVUR9E=
x-amz-request-id: 4JKSR0YA3KVH073N
x-amz-replication-status: COMPLETED
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
content-type: image/png
server: AmazonS3
accept-ranges: bytes
date: Tue, 13 Sep 2022 13:19:28 GMT
via: 1.1 varnish
age: 20953
x-served-by: cache-bma1636-BMA
x-cache: HIT
x-cache-hits: 2928
x-timer: S1663075169.599846,VS0,VE0
cache-control: private,max-age=31536000
abp: 70
content-length: 254
X-Firefox-Spdy: h2
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=b1f865a7-3366-11ed-8019-1d7abbad0306
185.94.180.126204 No Content 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=b1f865a7-3366-11ed-8019-1d7abbad0306
IP 185.94.180.126:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=b1f865a7-3366-11ed-8019-1d7abbad0306 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://am-match.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx
Date: Tue, 13 Sep 2022 13:19:28 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=b21afce8-3366-11ed-b7dd-143d56a10306; expires=Tue, 11-Oct-2022 13:19:28 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 112
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
ups.analytics.yahoo.com/ups/58534/occ?verify=true
18.156.0.31204 No Content 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58534/occ?verify=true
IP 18.156.0.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58534/occ?verify=true HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://am-match.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Tue, 13 Sep 2022 13:19:28 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security: max-age=31536000
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBGCDIGMCEKZbWA7rwuYSRd7LX43FeIMFEgEBAQHUIWMqYwAAAAAA_eMAAA&S=AQAAAosvTTqxVyegjwFWykBQikg; Expires=Wed, 13 Sep 2023 19:19:28 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 6f3e9a759452478afa2bb025eaa9b551
8e09bfc0386a750a391eb7e44325e49b7c384d19
dffa1ebf345ecd0d4c615c7203a1509d06faba72554ebdb1daa568a3e9b8dbe1
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 13 Sep 2022 13:19:28 GMT
Last-Modified: Tue, 13 Sep 2022 12:21:17 GMT
Server: ECS (nyb/1D35)
X-Cache: Miss from cloudfront
Via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: AhdSuRzoc5RuvudZmFF32wp5xd0VjB8PymAD7799lYT4RCOGn5ulHA==
Age: 3491
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 78c9cb6f11e9d2e8939b8450b2cf2908
5c6268e40c5fb06dfd6510b425eed5c5985efd0c
2ea09d7268db539c7bc9755a4e97a811b663c96ec902853808e8c61eefb2324c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 13:19:28 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 10 Sep 2022 01:56:48 GMT
Expires: Sat, 17 Sep 2022 01:56:47 GMT
Etag: "5c6268e40c5fb06dfd6510b425eed5c5985efd0c"
Cache-Control: max-age=304038,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74a12cbb0dd51c0e-OSL
x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
3.122.190.231200 OK 43 B URL HTTP/1.1 x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
IP 3.122.190.231:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /sync?gdpr=1&us_privacy=1---&ssp=taboola HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: image/gif
Date: Tue, 13 Sep 2022 13:19:28 GMT
Content-Length: 43
Connection: keep-alive
am-match.taboola.com/sync?dast=V7X6wCFgPZE8DyhmagkATZE8DyhmagkAUAAAAGBuIHJLLw7EajhcmtXA4XbtFw5XILR66FW7fazRbLxWqyMS2GQCILz240WpjcyuVw4RYNVy63cORauHWr3WyxXKwmG9NiChE3GQ6fg4Go6Hpb7A6n2fMGEjSdDp_rXi902L0Os9NzF_r9xs9d43f7RZfJWvQ3PD12AAAAAHj4____hwAAAACIAAAAAJAAAAAAoAio-LcQuAAAAADA-P___9cA-OQgeM_Z7w8AAAAAEAAAAAASgIHVgBKAj_OVk___________mAH6zBuZ_____xuDHoAHH4AHIQAAgIuh05nYs7NuTjuigtoiRgAAAABbWiqaR5M6obKo-v__77cCuAIACBi8CVBRztIdlHgLAwAACBhboIfF7zc77Bq_22X__________2b_Z_9oQm-j12lBLKPXar-AAABrv4AAAGzqBgDwFgAXdAGwOoXYDWeL3Wi2Gc0OAAAA4O7___9fD2RsG49z41tMZsaVY-LxLEcO52y52rgsJt_KZZh4b3FP9dD449WoL-Imw-FzMBAVXW-L3eE0e-5H0ZLlbrlbjSaL0Wi53OyGm9FgfwI5GyBFSxar5XC1myxGm8VistwNR5MJUrRktVwuV5vNarUbLWaDzXK42SBFq1az0WYwXM0ms91uNRwMl6MRUrRkuVvuVqPJYjRaLje74WY0GCJMWIYbj8kzWouMG8daNNn41gqXZ-NWOIyLlWMz3I02jrXo9TE9HAvDcOTyomCAxl4kT4t0ojBtPBbHYjHzTHyDycxhMqw8vpnHODJtZs7VZDERSzQni3Qiu-w7to3HufEtJjPjyjHxeJYjh3O2XG1cFpNv5TJM_A3LcOMxeUZrkXHjWIsmG99a4fJs3AqHcbFybIa70caxFr0-podjYRiOXP7GbLYZ7FaL2WzfmM02g91qMZvtO3SG7-pzNjqD44lHpdp-vqX1zWFQuAwW7-9zkTajjZtRpQ1bLKprceeaWHXa2MnYOZgNCt_fXNqKg9vIudyXHMQGgyKWCC7Sicxveb39pqff7lZYLmKJ0nSRTvSiy2Qt-hueHotYIjhdpBPRy3i6qP_IkIu5cjAXTeaK1WiVAAAAAAAAAACWMGfeBAAAAOA0kNFgM1yt80AGy8FuuVouAISzl-6Po1tDF9o8-O4HZfx1707BYnHjxw3mt7zeftPTb3crLFcGeKAmZ978mSDWarWsAQAABLABAAACuHXzFoDNxP_____HAQAAyMjRAwAAiO8DOQEAAAAAAPAT4GizGA!&excid=22&docw=0&cijs=1&nlb=false
141.226.228.48200 OK 742 B URL HTTP/2 am-match.taboola.com/sync?dast=V7X6wCFgPZE8DyhmagkATZE8DyhmagkAUAAAAGBuIHJLLw7EajhcmtXA4XbtFw5XILR66FW7fazRbLxWqyMS2GQCILz240WpjcyuVw4RYNVy63cORauHWr3WyxXKwmG9NiChE3GQ6fg4Go6Hpb7A6n2fMGEjSdDp_rXi902L0Os9NzF_r9xs9d43f7RZfJWvQ3PD12AAAAAHj4____hwAAAACIAAAAAJAAAAAAoAio-LcQuAAAAADA-P___9cA-OQgeM_Z7w8AAAAAEAAAAAASgIHVgBKAj_OVk___________mAH6zBuZ_____xuDHoAHH4AHIQAAgIuh05nYs7NuTjuigtoiRgAAAABbWiqaR5M6obKo-v__77cCuAIACBi8CVBRztIdlHgLAwAACBhboIfF7zc77Bq_22X__________2b_Z_9oQm-j12lBLKPXar-AAABrv4AAAGzqBgDwFgAXdAGwOoXYDWeL3Wi2Gc0OAAAA4O7___9fD2RsG49z41tMZsaVY-LxLEcO52y52rgsJt_KZZh4b3FP9dD449WoL-Imw-FzMBAVXW-L3eE0e-5H0ZLlbrlbjSaL0Wi53OyGm9FgfwI5GyBFSxar5XC1myxGm8VistwNR5MJUrRktVwuV5vNarUbLWaDzXK42SBFq1az0WYwXM0ms91uNRwMl6MRUrRkuVvuVqPJYjRaLje74WY0GCJMWIYbj8kzWouMG8daNNn41gqXZ-NWOIyLlWMz3I02jrXo9TE9HAvDcOTyomCAxl4kT4t0ojBtPBbHYjHzTHyDycxhMqw8vpnHODJtZs7VZDERSzQni3Qiu-w7to3HufEtJjPjyjHxeJYjh3O2XG1cFpNv5TJM_A3LcOMxeUZrkXHjWIsmG99a4fJs3AqHcbFybIa70caxFr0-podjYRiOXP7GbLYZ7FaL2WzfmM02g91qMZvtO3SG7-pzNjqD44lHpdp-vqX1zWFQuAwW7-9zkTajjZtRpQ1bLKprceeaWHXa2MnYOZgNCt_fXNqKg9vIudyXHMQGgyKWCC7Sicxveb39pqff7lZYLmKJ0nSRTvSiy2Qt-hueHotYIjhdpBPRy3i6qP_IkIu5cjAXTeaK1WiVAAAAAAAAAACWMGfeBAAAAOA0kNFgM1yt80AGy8FuuVouAISzl-6Po1tDF9o8-O4HZfx1707BYnHjxw3mt7zeftPTb3crLFcGeKAmZ978mSDWarWsAQAABLABAAACuHXzFoDNxP_____HAQAAyMjRAwAAiO8DOQEAAAAAAPAT4GizGA!&excid=22&docw=0&cijs=1&nlb=false
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (742), with no line terminators
Hash 98a76f3a7fd5e8337ef3301d5d69d0d7
f7c260a4e32ec68e61dc6e25c3b7e4d2b572c6a6
878a2c6c7257a40f4bd4a98b8e865f1307fadd09a359b067f19049d6f096a4c3
GET /sync?dast=V7X6wCFgPZE8DyhmagkATZE8DyhmagkAUAAAAGBuIHJLLw7EajhcmtXA4XbtFw5XILR66FW7fazRbLxWqyMS2GQCILz240WpjcyuVw4RYNVy63cORauHWr3WyxXKwmG9NiChE3GQ6fg4Go6Hpb7A6n2fMGEjSdDp_rXi902L0Os9NzF_r9xs9d43f7RZfJWvQ3PD12AAAAAHj4____hwAAAACIAAAAAJAAAAAAoAio-LcQuAAAAADA-P___9cA-OQgeM_Z7w8AAAAAEAAAAAASgIHVgBKAj_OVk___________mAH6zBuZ_____xuDHoAHH4AHIQAAgIuh05nYs7NuTjuigtoiRgAAAABbWiqaR5M6obKo-v__77cCuAIACBi8CVBRztIdlHgLAwAACBhboIfF7zc77Bq_22X__________2b_Z_9oQm-j12lBLKPXar-AAABrv4AAAGzqBgDwFgAXdAGwOoXYDWeL3Wi2Gc0OAAAA4O7___9fD2RsG49z41tMZsaVY-LxLEcO52y52rgsJt_KZZh4b3FP9dD449WoL-Imw-FzMBAVXW-L3eE0e-5H0ZLlbrlbjSaL0Wi53OyGm9FgfwI5GyBFSxar5XC1myxGm8VistwNR5MJUrRktVwuV5vNarUbLWaDzXK42SBFq1az0WYwXM0ms91uNRwMl6MRUrRkuVvuVqPJYjRaLje74WY0GCJMWIYbj8kzWouMG8daNNn41gqXZ-NWOIyLlWMz3I02jrXo9TE9HAvDcOTyomCAxl4kT4t0ojBtPBbHYjHzTHyDycxhMqw8vpnHODJtZs7VZDERSzQni3Qiu-w7to3HufEtJjPjyjHxeJYjh3O2XG1cFpNv5TJM_A3LcOMxeUZrkXHjWIsmG99a4fJs3AqHcbFybIa70caxFr0-podjYRiOXP7GbLYZ7FaL2WzfmM02g91qMZvtO3SG7-pzNjqD44lHpdp-vqX1zWFQuAwW7-9zkTajjZtRpQ1bLKprceeaWHXa2MnYOZgNCt_fXNqKg9vIudyXHMQGgyKWCC7Sicxveb39pqff7lZYLmKJ0nSRTvSiy2Qt-hueHotYIjhdpBPRy3i6qP_IkIu5cjAXTeaK1WiVAAAAAAAAAACWMGfeBAAAAOA0kNFgM1yt80AGy8FuuVouAISzl-6Po1tDF9o8-O4HZfx1707BYnHjxw3mt7zeftPTb3crLFcGeKAmZ978mSDWarWsAQAABLABAAACuHXzFoDNxP_____HAQAAyMjRAwAAiO8DOQEAAAAAAPAT4GizGA!&excid=22&docw=0&cijs=1&nlb=false HTTP/1.1
Host: am-match.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hankalis.hooxs.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 13:19:27 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3406
X-Firefox-Spdy: h2
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=b2385bd1-3366-11ed-bfc7-14e583300506
185.94.180.126204 No Content 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=b2385bd1-3366-11ed-bfc7-14e583300506
IP 185.94.180.126:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=b2385bd1-3366-11ed-bfc7-14e583300506 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://am-match.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx
Date: Tue, 13 Sep 2022 13:19:28 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=b23c35e1-3366-11ed-bcb4-10a0cca80506; expires=Tue, 11-Oct-2022 13:19:28 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 139
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
3.122.190.231200 OK 43 B URL HTTP/1.1 x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
IP 3.122.190.231:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /sync?gdpr=1&us_privacy=1---&ssp=taboola HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: image/gif
Date: Tue, 13 Sep 2022 13:19:28 GMT
Content-Length: 43
Connection: keep-alive
taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
54.92.133.28200 OK 43 B URL HTTP/2 taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
IP 54.92.133.28:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo HTTP/1.1
Host: taboola-supply-partners.tremorhub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 13:19:28 GMT
content-type: image/gif
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
X-Firefox-Spdy: h2
match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
52.223.40.198200 OK 70 B URL HTTP/2 match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
IP 52.223.40.198:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 58a7930cd4577fc33c35828c271eab8f
406e57f86dc101e10f3a57be1e2f7b93c4580474
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
GET /track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 13:19:28 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
ups.analytics.yahoo.com/ups/58534/occ?verify=true
18.156.0.31204 No Content 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58534/occ?verify=true
IP 18.156.0.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58534/occ?verify=true HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://am-match.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Tue, 13 Sep 2022 13:19:28 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security: max-age=31536000
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBGCDIGMCEBx9Tt1aWANdzZFO-cFUcL0FEgEBAQHUIWMqYwAAAAAA_eMAAA&S=AQAAAp9skO5bxqicpYKdsJUDOp0; Expires=Wed, 13 Sep 2023 19:19:28 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
cdn.taboola.com/scripts/cds-pips.js
151.101.85.44200 OK 923 B URL HTTP/2 cdn.taboola.com/scripts/cds-pips.js
IP 151.101.85.44:0
File type ASCII text, with very long lines (2312), with no line terminators
Hash 26cdd3fcc80c31abb5e56a5be502737e
a6a67fd2591deaa331e11376972b2dd06616242a
ac58c61fa356670a0b14838061e474db061cc73d27cd8495d6a80499e1ec340e
GET /scripts/cds-pips.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hankalis.hooxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: OabJCqejKjWAEbOc6aMLjWxWI9yBDtJUE0jfEcdrQX256FX6YAl7+8YAt/Wnn2LwuUIILuM7ono=
x-amz-request-id: AJMXSS2STJJA1J1N
x-amz-replication-status: COMPLETED
last-modified: Tue, 05 Apr 2022 10:34:30 GMT
etag: "8cbcf8a5c724c32aa9be09d14a4c624d"
x-amz-version-id: Q93sCEWoqxiO0LdTLulEOAOmIgRcHF1L
content-type: application/javascript
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Tue, 13 Sep 2022 13:19:29 GMT
via: 1.1 varnish
age: 2207
x-served-by: cache-bma1636-BMA
x-cache: HIT
x-cache-hits: 2517
x-timer: S1663075169.275670,VS0,VE0
vary: Accept-Encoding
abp: 70
cache-control: private, max-age=3600
content-length: 923
X-Firefox-Spdy: h2
pips.taboola.com/
151.101.85.44200 OK 4 B IP 151.101.85.44:0
File type ASCII text, with no line terminators
Hash 6c3e226b4d4795d518ab341b0824ec29
eef19c54306daa69eda49c0272623bdb5e2b341f
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
GET / HTTP/1.1
Host: pips.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hankalis.hooxs.com
Connection: keep-alive
Referer: https://hankalis.hooxs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Varnish
retry-after: 0
access-control-allow-methods: GET
access-control-allow-origin: https://hankalis.hooxs.com
accept-ranges: bytes
date: Tue, 13 Sep 2022 13:19:29 GMT
via: 1.1 varnish
x-served-by: cache-bma1659-BMA
x-cache: HIT
x-cache-hits: 0
cache-control: no-store
content-length: 4
X-Firefox-Spdy: h2
cds.taboola.com/?uid=a28ccd34-d8c1-42c7-ae3c-aa81e13874c1-tucta1a08de
141.226.224.32204 No Content 0 B URL HTTP/2 cds.taboola.com/?uid=a28ccd34-d8c1-42c7-ae3c-aa81e13874c1-tucta1a08de
IP 141.226.224.32:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?uid=a28ccd34-d8c1-42c7-ae3c-aa81e13874c1-tucta1a08de HTTP/1.1
Host: cds.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hankalis.hooxs.com
Connection: keep-alive
Referer: https://hankalis.hooxs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Tue, 13 Sep 2022 13:19:29 GMT
cache-control: no-store
access-control-allow-origin: *
X-Firefox-Spdy: h2
wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=283&height=159&pubid=169497&tagid=953497&crid=5664665&noaop=5&sortOrderType=0&cb=1663075160590&mimes=5,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1480&pt=-556302321&tz=0&viewable=true&ddast=V7vaYCFgPZE8DyhmagkATZE8DyhmagkAUAAAAGBuIHJGRbrDwOx3AtXJg2a9FksFhLjKvNWjEazFbD4WCymhmGQFKT0cS0XC3WItfKtBYtXBu3xGQcrSWLxcwzsRg2E49lCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeQoOl0-Fz3eqHD7nWYnZ670O83fu4av9svukzWor_h6bEDAAAAwAOA1VsmxA8gAEAEAAAAgAQAAAAARUDFv4XABQAAAAAGgAHJhQbAJwfBe85-fwAANGiBAAAECJAADKwGlAB8nK-cAAAAAAAAAACw_P___8cA7GGNyQCM7O_0ADz4ADwQFYwWMQIAAADY0lLRPJrUCZVFFQAAQboVwBUAQMDgTUALRxgAAEDA2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxN6G71OC2IZvVb7BQQAWPsFBABgUzcAgLcAuKALgNUpxG44W-xGs81odgAAAAB3_____3ogY9t4nBvfYjIzrhwTj2c5cjhny9XGZTH5Vi7DxHuLe6qHxh-vRn0ewjL7fQcRy_M1_Q0HGd_yehtERdfbYnc4zZ77UbRkuVvuVqPJYjRaLje74WY02J9AzgZI0ZLFajlc7SaL0WaxmCx3w9FkghQtWS2Xy9Vms1rtRovZYLMcbjZI0arVbLQZDFezyWy3Ww0Hw-VohBQtWe6Wu9VoshiNlsvNbrgZDYYIE5bhxmPyjNYi48axFk02vrXC5dm4FQ7jYuXYDHejjWMten1MD8fCMBy5vCgYoLEXwUU6kfktr7ff9PTb3QrLRSzRnCzSieyy79g2HufGt5jMjCvHxONZjhzO2XK1cVlMvpXLMPE3LMONx-QZrUXGjWMtmmx8a4XLs3ErHMbFyrEZ7kYbx1r0-pgejoVhOHL5G7PZZrBbLWazfWM22wx2q8Vstu_QGb6rz9noDI4nHpVq-_mW1jeHQeEyWLy_z0XajDZuRpU2bLGorsWda2LVaWMnY-dgNih8f3NpKw5uI-dyX3IQGwyKWCI4XaQT0ct4uoglkqdFOpFNPC7XbLFwOZYbz2gwc60sDtPENJytZh7fzLKyiCVK00U60Ysuk7Xob3h6LOo_MuRirhzMRZO5YjVaJQAAAAAAAACAJcyZNwEAAAA4DWQ02AxXywWAcPbS_XF0a-hCmwff_aCMv-7dKVgsbvy4wfyW19tvevrtboXlygAP1OTMmz0TxFqtljUAAIAANgAAQAC3bt4CsBm5fSAnAAAAAAAAfgIcbRYD!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=inc_all_video_vA!ll395_vB!mprdctdt6_vA!scec11_vA!smbs!spa2_vB!t45!ufm_vA&mPre=0.025&cirf=https%3A%2F%2Fhankalis.hooxs.com&en=1
151.101.85.44200 OK 540 B URL HTTP/2 wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=283&height=159&pubid=169497&tagid=953497&crid=5664665&noaop=5&sortOrderType=0&cb=1663075160590&mimes=5,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1480&pt=-556302321&tz=0&viewable=true&ddast=V7vaYCFgPZE8DyhmagkATZE8DyhmagkAUAAAAGBuIHJGRbrDwOx3AtXJg2a9FksFhLjKvNWjEazFbD4WCymhmGQFKT0cS0XC3WItfKtBYtXBu3xGQcrSWLxcwzsRg2E49lCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeQoOl0-Fz3eqHD7nWYnZ670O83fu4av9svukzWor_h6bEDAAAAwAOA1VsmxA8gAEAEAAAAgAQAAAAARUDFv4XABQAAAAAGgAHJhQbAJwfBe85-fwAANGiBAAAECJAADKwGlAB8nK-cAAAAAAAAAACw_P___8cA7GGNyQCM7O_0ADz4ADwQFYwWMQIAAADY0lLRPJrUCZVFFQAAQboVwBUAQMDgTUALRxgAAEDA2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxN6G71OC2IZvVb7BQQAWPsFBABgUzcAgLcAuKALgNUpxG44W-xGs81odgAAAAB3_____3ogY9t4nBvfYjIzrhwTj2c5cjhny9XGZTH5Vi7DxHuLe6qHxh-vRn0ewjL7fQcRy_M1_Q0HGd_yehtERdfbYnc4zZ77UbRkuVvuVqPJYjRaLje74WY02J9AzgZI0ZLFajlc7SaL0WaxmCx3w9FkghQtWS2Xy9Vms1rtRovZYLMcbjZI0arVbLQZDFezyWy3Ww0Hw-VohBQtWe6Wu9VoshiNlsvNbrgZDYYIE5bhxmPyjNYi48axFk02vrXC5dm4FQ7jYuXYDHejjWMten1MD8fCMBy5vCgYoLEXwUU6kfktr7ff9PTb3QrLRSzRnCzSieyy79g2HufGt5jMjCvHxONZjhzO2XK1cVlMvpXLMPE3LMONx-QZrUXGjWMtmmx8a4XLs3ErHMbFyrEZ7kYbx1r0-pgejoVhOHL5G7PZZrBbLWazfWM22wx2q8Vstu_QGb6rz9noDI4nHpVq-_mW1jeHQeEyWLy_z0XajDZuRpU2bLGorsWda2LVaWMnY-dgNih8f3NpKw5uI-dyX3IQGwyKWCI4XaQT0ct4uoglkqdFOpFNPC7XbLFwOZYbz2gwc60sDtPENJytZh7fzLKyiCVK00U60Ysuk7Xob3h6LOo_MuRirhzMRZO5YjVaJQAAAAAAAACAJcyZNwEAAAA4DWQ02AxXywWAcPbS_XF0a-hCmwff_aCMv-7dKVgsbvy4wfyW19tvevrtboXlygAP1OTMmz0TxFqtljUAAIAANgAAQAC3bt4CsBm5fSAnAAAAAAAAfgIcbRYD!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=inc_all_video_vA!ll395_vB!mprdctdt6_vA!scec11_vA!smbs!spa2_vB!t45!ufm_vA&mPre=0.025&cirf=https%3A%2F%2Fhankalis.hooxs.com&en=1
IP 151.101.85.44:0
Hash 91b5881f65a6a94c682a9960b86f11ae
cf1402cc7e5b34e797d7d6245b71d18ed45d20d1
c14585147601068d3e4a268dbc5f48261c2e76327c2ced745463fc4009a37b96
POST /VideoBidRequestHandlerServlet?oid=15&width=283&height=159&pubid=169497&tagid=953497&crid=5664665&noaop=5&sortOrderType=0&cb=1663075160590&mimes=5,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1480&pt=-556302321&tz=0&viewable=true&ddast=V7vaYCFgPZE8DyhmagkATZE8DyhmagkAUAAAAGBuIHJGRbrDwOx3AtXJg2a9FksFhLjKvNWjEazFbD4WCymhmGQFKT0cS0XC3WItfKtBYtXBu3xGQcrSWLxcwzsRg2E49lCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeQoOl0-Fz3eqHD7nWYnZ670O83fu4av9svukzWor_h6bEDAAAAwAOA1VsmxA8gAEAEAAAAgAQAAAAARUDFv4XABQAAAAAGgAHJhQbAJwfBe85-fwAANGiBAAAECJAADKwGlAB8nK-cAAAAAAAAAACw_P___8cA7GGNyQCM7O_0ADz4ADwQFYwWMQIAAADY0lLRPJrUCZVFFQAAQboVwBUAQMDgTUALRxgAAEDA2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxN6G71OC2IZvVb7BQQAWPsFBABgUzcAgLcAuKALgNUpxG44W-xGs81odgAAAAB3_____3ogY9t4nBvfYjIzrhwTj2c5cjhny9XGZTH5Vi7DxHuLe6qHxh-vRn0ewjL7fQcRy_M1_Q0HGd_yehtERdfbYnc4zZ77UbRkuVvuVqPJYjRaLje74WY02J9AzgZI0ZLFajlc7SaL0WaxmCx3w9FkghQtWS2Xy9Vms1rtRovZYLMcbjZI0arVbLQZDFezyWy3Ww0Hw-VohBQtWe6Wu9VoshiNlsvNbrgZDYYIE5bhxmPyjNYi48axFk02vrXC5dm4FQ7jYuXYDHejjWMten1MD8fCMBy5vCgYoLEXwUU6kfktr7ff9PTb3QrLRSzRnCzSieyy79g2HufGt5jMjCvHxONZjhzO2XK1cVlMvpXLMPE3LMONx-QZrUXGjWMtmmx8a4XLs3ErHMbFyrEZ7kYbx1r0-pgejoVhOHL5G7PZZrBbLWazfWM22wx2q8Vstu_QGb6rz9noDI4nHpVq-_mW1jeHQeEyWLy_z0XajDZuRpU2bLGorsWda2LVaWMnY-dgNih8f3NpKw5uI-dyX3IQGwyKWCI4XaQT0ct4uoglkqdFOpFNPC7XbLFwOZYbz2gwc60sDtPENJytZh7fzLKyiCVK00U60Ysuk7Xob3h6LOo_MuRirhzMRZO5YjVaJQAAAAAAAACAJcyZNwEAAAA4DWQ02AxXywWAcPbS_XF0a-hCmwff_aCMv-7dKVgsbvy4wfyW19tvevrtboXlygAP1OTMmz0TxFqtljUAAIAANgAAQAC3bt4CsBm5fSAnAAAAAAAAfgIcbRYD!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=inc_all_video_vA!ll395_vB!mprdctdt6_vA!scec11_vA!smbs!spa2_vB!t45!ufm_vA&mPre=0.025&cirf=https%3A%2F%2Fhankalis.hooxs.com&en=1 HTTP/1.1
Host: wf.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Content-Length: 133
Origin: https://hankalis.hooxs.com
Connection: keep-alive
Referer: https://hankalis.hooxs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/json;charset=utf-8
machineid: 1459
pragma: no-cache
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: https://hankalis.hooxs.com
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Tue, 13 Sep 2022 13:19:33 GMT
via: 1.1 varnish
x-served-by: cache-bma1636-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1663075174.580242,VS0,VE52
vary: Accept-Encoding
X-Firefox-Spdy: h2
secure.adnxs.com/ptv?id=16816844&size=728x409&promo_alignment=center&cb=R0.1663075160701&ext_inv_code=cm_240385-2090795_UNKNOWN&referrer=https%3A%2F%2Fhankalis.hooxs.com&pubclick=http%3A%2F%2Fclickam.zorosrv.com%2Fst%3Fcipid%3D66363435%26ttype%3D1%26crid%3D-1%26dast%3DV7X6wCFgPZE8DyhmagkATZE8DyhmagkAUAAAAGBuIHJLLw7EajhcmtXA4XbtFw5XILR66FW7fazRbLxWqyMS2GQCILz240WpjcyuVw4RYNVy63cORauHWr3WyxXKwmG9NiChE3GQ6fg4Go6Hpb7A6n2fMGEjSdDp_rXi902L0Os9NzF_r9xs9d43f7RZfJWvQ3PD12AAAAAHj4____hwAAAACIAAAAAJAAAAAAoAio-LcQuAAAAADA-P___9cA-OQgeM_Z7w8AAAAAEAAAAAASgIHVgBKAj_OVk___________mAH6zBuZ_____xuDHoAHH4AHIQAAgIuh05nYs7NuTjuigtoiRgAAAABbWiqaR5M6obKo-v__77cCuAIACBi8CVBRztIdlHgLAwAACBhboIfF7zc77Bq_22X__________2b_Z_9oQm-j12lBLKPXar-AAABrv4AAAGzqBgDwFgAXdAGwOoXYDWeL3Wi2Gc0OAAAA4O7___9fD2RsG49z41tMZsaVY-LxLEcO52y52rgsJt_KZZh4b3FP9dD449WoL-Imw-FzMBAVXW-L3eE0e-5H0ZLlbrlbjSaL0Wi53OyGm9FgfwI5GyBFSxar5XC1myxGm8VistwNR5MJUrRktVwuV5vNarUbLWaDzXK42SBFq1az0WYwXM0ms91uNRwMl6MRUrRkuVvuVqPJYjRaLje74WY0GCJMWIYbj8kzWouMG8daNNn41gqXZ-NWOIyLlWMz3I02jrXo9TE9HAvDcOTyomCAxl4kT4t0ojBtPBbHYjHzTHyDycxhMqw8vpnHODJtZs7VZDERSzQni3Qiu-w7to3HufEtJjPjyjHxeJYjh3O2XG1cFpNv5TJM_A3LcOMxeUZrkXHjWIsmG99a4fJs3AqHcbFybIa70caxFr0-podjYRiOXP7GbLYZ7FaL2WzfmM02g91qMZvtO3SG7-pzNjqD44lHpdp-vqX1zWFQuAwW7-9zkTajjZtRpQ1bLKprceeaWHXa2MnYOZgNCt_fXNqKg9vIudyXHMQGgyKWCC7Sicxveb39pqff7lZYLmKJ0nSRTvSiy2Qt-hueHotYIjhdpBPRy3i6qP_IkIu5cjAXTeaK1WiVAAAAAAAAAACWMGfeBAAAAOA0kNFgM1yt80AGy8FuuVouAISzl-6Po1tDF9o8-O4HZfx1707BYnHjxw3mt7zeftPTb3crLFcGeKAmZ978mSDWarWsAQAABLABAAACuHXzFoDNxP_____HAQAAyMjRAwAAiO8DOQEAAAAAAPAT4GizGA!%26cmcv%3D${CMCV}%26tgtf%3D&GDPR_APPLIES=1&us_privacy=1---
37.252.172.37200 OK 85 B URL HTTP/1.1 secure.adnxs.com/ptv?id=16816844&size=728x409&promo_alignment=center&cb=R0.1663075160701&ext_inv_code=cm_240385-2090795_UNKNOWN&referrer=https%3A%2F%2Fhankalis.hooxs.com&pubclick=http%3A%2F%2Fclickam.zorosrv.com%2Fst%3Fcipid%3D66363435%26ttype%3D1%26crid%3D-1%26dast%3DV7X6wCFgPZE8DyhmagkATZE8DyhmagkAUAAAAGBuIHJLLw7EajhcmtXA4XbtFw5XILR66FW7fazRbLxWqyMS2GQCILz240WpjcyuVw4RYNVy63cORauHWr3WyxXKwmG9NiChE3GQ6fg4Go6Hpb7A6n2fMGEjSdDp_rXi902L0Os9NzF_r9xs9d43f7RZfJWvQ3PD12AAAAAHj4____hwAAAACIAAAAAJAAAAAAoAio-LcQuAAAAADA-P___9cA-OQgeM_Z7w8AAAAAEAAAAAASgIHVgBKAj_OVk___________mAH6zBuZ_____xuDHoAHH4AHIQAAgIuh05nYs7NuTjuigtoiRgAAAABbWiqaR5M6obKo-v__77cCuAIACBi8CVBRztIdlHgLAwAACBhboIfF7zc77Bq_22X__________2b_Z_9oQm-j12lBLKPXar-AAABrv4AAAGzqBgDwFgAXdAGwOoXYDWeL3Wi2Gc0OAAAA4O7___9fD2RsG49z41tMZsaVY-LxLEcO52y52rgsJt_KZZh4b3FP9dD449WoL-Imw-FzMBAVXW-L3eE0e-5H0ZLlbrlbjSaL0Wi53OyGm9FgfwI5GyBFSxar5XC1myxGm8VistwNR5MJUrRktVwuV5vNarUbLWaDzXK42SBFq1az0WYwXM0ms91uNRwMl6MRUrRkuVvuVqPJYjRaLje74WY0GCJMWIYbj8kzWouMG8daNNn41gqXZ-NWOIyLlWMz3I02jrXo9TE9HAvDcOTyomCAxl4kT4t0ojBtPBbHYjHzTHyDycxhMqw8vpnHODJtZs7VZDERSzQni3Qiu-w7to3HufEtJjPjyjHxeJYjh3O2XG1cFpNv5TJM_A3LcOMxeUZrkXHjWIsmG99a4fJs3AqHcbFybIa70caxFr0-podjYRiOXP7GbLYZ7FaL2WzfmM02g91qMZvtO3SG7-pzNjqD44lHpdp-vqX1zWFQuAwW7-9zkTajjZtRpQ1bLKprceeaWHXa2MnYOZgNCt_fXNqKg9vIudyXHMQGgyKWCC7Sicxveb39pqff7lZYLmKJ0nSRTvSiy2Qt-hueHotYIjhdpBPRy3i6qP_IkIu5cjAXTeaK1WiVAAAAAAAAAACWMGfeBAAAAOA0kNFgM1yt80AGy8FuuVouAISzl-6Po1tDF9o8-O4HZfx1707BYnHjxw3mt7zeftPTb3crLFcGeKAmZ978mSDWarWsAQAABLABAAACuHXzFoDNxP_____HAQAAyMjRAwAAiO8DOQEAAAAAAPAT4GizGA!%26cmcv%3D${CMCV}%26tgtf%3D&GDPR_APPLIES=1&us_privacy=1---
IP 37.252.172.37:0
File type ASCII text, with no line terminators
Hash 3290b937e2658213bb9630bb7d52dba4
26b680c852b93cad329aef493ae5c12422789bf7
b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea
GET /ptv?id=16816844&size=728x409&promo_alignment=center&cb=R0.1663075160701&ext_inv_code=cm_240385-2090795_UNKNOWN&referrer=https%3A%2F%2Fhankalis.hooxs.com&pubclick=http%3A%2F%2Fclickam.zorosrv.com%2Fst%3Fcipid%3D66363435%26ttype%3D1%26crid%3D-1%26dast%3DV7X6wCFgPZE8DyhmagkATZE8DyhmagkAUAAAAGBuIHJLLw7EajhcmtXA4XbtFw5XILR66FW7fazRbLxWqyMS2GQCILz240WpjcyuVw4RYNVy63cORauHWr3WyxXKwmG9NiChE3GQ6fg4Go6Hpb7A6n2fMGEjSdDp_rXi902L0Os9NzF_r9xs9d43f7RZfJWvQ3PD12AAAAAHj4____hwAAAACIAAAAAJAAAAAAoAio-LcQuAAAAADA-P___9cA-OQgeM_Z7w8AAAAAEAAAAAASgIHVgBKAj_OVk___________mAH6zBuZ_____xuDHoAHH4AHIQAAgIuh05nYs7NuTjuigtoiRgAAAABbWiqaR5M6obKo-v__77cCuAIACBi8CVBRztIdlHgLAwAACBhboIfF7zc77Bq_22X__________2b_Z_9oQm-j12lBLKPXar-AAABrv4AAAGzqBgDwFgAXdAGwOoXYDWeL3Wi2Gc0OAAAA4O7___9fD2RsG49z41tMZsaVY-LxLEcO52y52rgsJt_KZZh4b3FP9dD449WoL-Imw-FzMBAVXW-L3eE0e-5H0ZLlbrlbjSaL0Wi53OyGm9FgfwI5GyBFSxar5XC1myxGm8VistwNR5MJUrRktVwuV5vNarUbLWaDzXK42SBFq1az0WYwXM0ms91uNRwMl6MRUrRkuVvuVqPJYjRaLje74WY0GCJMWIYbj8kzWouMG8daNNn41gqXZ-NWOIyLlWMz3I02jrXo9TE9HAvDcOTyomCAxl4kT4t0ojBtPBbHYjHzTHyDycxhMqw8vpnHODJtZs7VZDERSzQni3Qiu-w7to3HufEtJjPjyjHxeJYjh3O2XG1cFpNv5TJM_A3LcOMxeUZrkXHjWIsmG99a4fJs3AqHcbFybIa70caxFr0-podjYRiOXP7GbLYZ7FaL2WzfmM02g91qMZvtO3SG7-pzNjqD44lHpdp-vqX1zWFQuAwW7-9zkTajjZtRpQ1bLKprceeaWHXa2MnYOZgNCt_fXNqKg9vIudyXHMQGgyKWCC7Sicxveb39pqff7lZYLmKJ0nSRTvSiy2Qt-hueHotYIjhdpBPRy3i6qP_IkIu5cjAXTeaK1WiVAAAAAAAAAACWMGfeBAAAAOA0kNFgM1yt80AGy8FuuVouAISzl-6Po1tDF9o8-O4HZfx1707BYnHjxw3mt7zeftPTb3crLFcGeKAmZ978mSDWarWsAQAABLABAAACuHXzFoDNxP_____HAQAAyMjRAwAAiO8DOQEAAAAAAPAT4GizGA!%26cmcv%3D${CMCV}%26tgtf%3D&GDPR_APPLIES=1&us_privacy=1--- HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Origin: https://hankalis.hooxs.com
Connection: keep-alive
Referer: https://hankalis.hooxs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Tue, 13 Sep 2022 13:19:33 GMT
Content-Type: application/xml; charset=utf-8
Content-Length: 85
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://hankalis.hooxs.com
AN-X-Request-Uuid: e2a165a0-8239-4459-b9cd-5132f18fa379
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2E?#`v089!1yIE'Yg-$0y=/d!!'+Z$RBce; SameSite=None; Path=/; Max-Age=7776000; Expires=Mon, 12-Dec-2022 13:19:33 GMT; Domain=.adnxs.com; Secure; HttpOnly
icu=ChgIktBcEAoYASABKAEw5YaCmQY4AUABSAEQ5YaCmQYYAA..; SameSite=None; Path=/; Max-Age=7776000; Expires=Mon, 12-Dec-2022 13:19:33 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=3786367811114250673; SameSite=None; Path=/; Max-Age=7776000; Expires=Mon, 12-Dec-2022 13:19:33 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
secure.adnxs.com/ptv?id=20765209&size=728x409&promo_alignment=center&cb=R0.1663075160698&ext_inv_code=cm_240385-2090795_UNKNOWN
37.252.172.37200 OK 27 B URL HTTP/1.1 secure.adnxs.com/ptv?id=20765209&size=728x409&promo_alignment=center&cb=R0.1663075160698&ext_inv_code=cm_240385-2090795_UNKNOWN
IP 37.252.172.37:0
File type ASCII text, with no line terminators
Hash 5f631db49306435ae8cdb4d0c36f1263
f8b283d1f2a7b552120b9878d8f15e977aa683b4
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
GET /ptv?id=20765209&size=728x409&promo_alignment=center&cb=R0.1663075160698&ext_inv_code=cm_240385-2090795_UNKNOWN HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Origin: https://hankalis.hooxs.com
Connection: keep-alive
Referer: https://hankalis.hooxs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Tue, 13 Sep 2022 13:19:34 GMT
Content-Type: application/xml; charset=utf-8
Content-Length: 27
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://hankalis.hooxs.com
AN-X-Request-Uuid: 4253d42d-2501-45e6-8af6-02fc17d99388
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2E?#`v089!1yIE'Yg-$0y=/d!!'+Z$RBce; SameSite=None; Path=/; Max-Age=7776000; Expires=Mon, 12-Dec-2022 13:19:33 GMT; Domain=.adnxs.com; Secure; HttpOnly
icu=ChgIs8VmEAoYASABKAEw5YaCmQY4AUABSAEQ5YaCmQYYAA..; SameSite=None; Path=/; Max-Age=7776000; Expires=Mon, 12-Dec-2022 13:19:33 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=696049409472953914; SameSite=None; Path=/; Max-Age=7776000; Expires=Mon, 12-Dec-2022 13:19:33 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 3e2fccbde7b3a00b2f19fa91242e41e5
3f9d8042f9f3bedb3579360e20cc8f494b427235
c36236b457d800844400ef92cb0755c77c5f5d97e7bde709b054686f82c3b151
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 13 Sep 2022 13:19:33 GMT
Last-Modified: Tue, 13 Sep 2022 12:39:24 GMT
Server: ECS (nyb/1D05)
X-Cache: Miss from cloudfront
Via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: SaJ9E9qdKVbrr7XR7mmVY3H72Dh8y2oE62M-E6J3578ciUSdanqqrQ==
Age: 2409
wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=728&height=409&pubid=169497&tagid=953497&crid=-1&noaop=5&sortOrderType=0&cb=1663075160450&mimes=5,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1480&pt=-556302321&tz=0&viewable=true&ddast=V7X6wCFgPZE8DyhmagkATZE8DyhmagkAUAAAAGBuIHJLLw7EajhcmtXA4XbtFw5XILR66FW7fazRbLxWqyMS2GQCILz240WpjcyuVw4RYNVy63cORauHWr3WyxXKwmG9NiChE3GQ6fg4Go6Hpb7A6n2fMGEjSdDp_rXi902L0Os9NzF_r9xs9d43f7RZfJWvQ3PD12AAAAAHj4____hwAAAACIAAAAAJAAAAAAoAio-LcQuAAAAADA-P___9cA-OQgeM_Z7w8AAAAAEAAAAAASgIHVgBKAj_OVk___________mAH6zBuZ_____xuDHoAHH4AHIQAAgIuh05nYs7NuTjuigtoiRgAAAABbWiqaR5M6obKo-v__77cCuAIACBi8CVBRztIdlHgLAwAACBhboIfF7zc77Bq_22X__________2b_Z_9oQm-j12lBLKPXar-AAABrv4AAAGzqBgDwFgAXdAGwOoXYDWeL3Wi2Gc0OAAAA4O7___9fD2RsG49z41tMZsaVY-LxLEcO52y52rgsJt_KZZh4b3FP9dD449WoL-Imw-FzMBAVXW-L3eE0e-5H0ZLlbrlbjSaL0Wi53OyGm9FgfwI5GyBFSxar5XC1myxGm8VistwNR5MJUrRktVwuV5vNarUbLWaDzXK42SBFq1az0WYwXM0ms91uNRwMl6MRUrRkuVvuVqPJYjRaLje74WY0GCJMWIYbj8kzWouMG8daNNn41gqXZ-NWOIyLlWMz3I02jrXo9TE9HAvDcOTyomCAxl4kT4t0ojBtPBbHYjHzTHyDycxhMqw8vpnHODJtZs7VZDERSzQni3Qiu-w7to3HufEtJjPjyjHxeJYjh3O2XG1cFpNv5TJM_A3LcOMxeUZrkXHjWIsmG99a4fJs3AqHcbFybIa70caxFr0-podjYRiOXP7GbLYZ7FaL2WzfmM02g91qMZvtO3SG7-pzNjqD44lHpdp-vqX1zWFQuAwW7-9zkTajjZtRpQ1bLKprceeaWHXa2MnYOZgNCt_fXNqKg9vIudyXHMQGgyKWCC7Sicxveb39pqff7lZYLmKJ0nSRTvSiy2Qt-hueHotYIjhdpBPRy3i6qP_IkIu5cjAXTeaK1WiVAAAAAAAAAACWMGfeBAAAAOA0kNFgM1yt80AGy8FuuVouAISzl-6Po1tDF9o8-O4HZfx1707BYnHjxw3mt7zeftPTb3crLFcGeKAmZ978mSDWarWsAQAABLABAAACuHXzFoDNxP_____HAQAAyMjRAwAAiO8DOQEAAAAAAPAT4GizGA!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=inc_all_video_vA!ll395_vB!mprdctdt6_vA!scec11_vA!smbs!spa2_vB!t45!ufm_vA&mPre=0.025&cirf=https%3A%2F%2Fhankalis.hooxs.com&en=1
151.101.85.44200 OK 12 kB URL HTTP/2 wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=728&height=409&pubid=169497&tagid=953497&crid=-1&noaop=5&sortOrderType=0&cb=1663075160450&mimes=5,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1480&pt=-556302321&tz=0&viewable=true&ddast=V7X6wCFgPZE8DyhmagkATZE8DyhmagkAUAAAAGBuIHJLLw7EajhcmtXA4XbtFw5XILR66FW7fazRbLxWqyMS2GQCILz240WpjcyuVw4RYNVy63cORauHWr3WyxXKwmG9NiChE3GQ6fg4Go6Hpb7A6n2fMGEjSdDp_rXi902L0Os9NzF_r9xs9d43f7RZfJWvQ3PD12AAAAAHj4____hwAAAACIAAAAAJAAAAAAoAio-LcQuAAAAADA-P___9cA-OQgeM_Z7w8AAAAAEAAAAAASgIHVgBKAj_OVk___________mAH6zBuZ_____xuDHoAHH4AHIQAAgIuh05nYs7NuTjuigtoiRgAAAABbWiqaR5M6obKo-v__77cCuAIACBi8CVBRztIdlHgLAwAACBhboIfF7zc77Bq_22X__________2b_Z_9oQm-j12lBLKPXar-AAABrv4AAAGzqBgDwFgAXdAGwOoXYDWeL3Wi2Gc0OAAAA4O7___9fD2RsG49z41tMZsaVY-LxLEcO52y52rgsJt_KZZh4b3FP9dD449WoL-Imw-FzMBAVXW-L3eE0e-5H0ZLlbrlbjSaL0Wi53OyGm9FgfwI5GyBFSxar5XC1myxGm8VistwNR5MJUrRktVwuV5vNarUbLWaDzXK42SBFq1az0WYwXM0ms91uNRwMl6MRUrRkuVvuVqPJYjRaLje74WY0GCJMWIYbj8kzWouMG8daNNn41gqXZ-NWOIyLlWMz3I02jrXo9TE9HAvDcOTyomCAxl4kT4t0ojBtPBbHYjHzTHyDycxhMqw8vpnHODJtZs7VZDERSzQni3Qiu-w7to3HufEtJjPjyjHxeJYjh3O2XG1cFpNv5TJM_A3LcOMxeUZrkXHjWIsmG99a4fJs3AqHcbFybIa70caxFr0-podjYRiOXP7GbLYZ7FaL2WzfmM02g91qMZvtO3SG7-pzNjqD44lHpdp-vqX1zWFQuAwW7-9zkTajjZtRpQ1bLKprceeaWHXa2MnYOZgNCt_fXNqKg9vIudyXHMQGgyKWCC7Sicxveb39pqff7lZYLmKJ0nSRTvSiy2Qt-hueHotYIjhdpBPRy3i6qP_IkIu5cjAXTeaK1WiVAAAAAAAAAACWMGfeBAAAAOA0kNFgM1yt80AGy8FuuVouAISzl-6Po1tDF9o8-O4HZfx1707BYnHjxw3mt7zeftPTb3crLFcGeKAmZ978mSDWarWsAQAABLABAAACuHXzFoDNxP_____HAQAAyMjRAwAAiO8DOQEAAAAAAPAT4GizGA!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=inc_all_video_vA!ll395_vB!mprdctdt6_vA!scec11_vA!smbs!spa2_vB!t45!ufm_vA&mPre=0.025&cirf=https%3A%2F%2Fhankalis.hooxs.com&en=1
IP 151.101.85.44:0
Hash 1f6b04a85b9115a98dbfe7e813ad27ac
d90855e9da4414ee9c2d21c9980e9ce7cbddb9ab
dddb724b9e8b5f1677fc4f1b1984418604e6f0ddbf0fb162148c90177e1ca217
POST /VideoBidRequestHandlerServlet?oid=15&width=728&height=409&pubid=169497&tagid=953497&crid=-1&noaop=5&sortOrderType=0&cb=1663075160450&mimes=5,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1480&pt=-556302321&tz=0&viewable=true&ddast=V7X6wCFgPZE8DyhmagkATZE8DyhmagkAUAAAAGBuIHJLLw7EajhcmtXA4XbtFw5XILR66FW7fazRbLxWqyMS2GQCILz240WpjcyuVw4RYNVy63cORauHWr3WyxXKwmG9NiChE3GQ6fg4Go6Hpb7A6n2fMGEjSdDp_rXi902L0Os9NzF_r9xs9d43f7RZfJWvQ3PD12AAAAAHj4____hwAAAACIAAAAAJAAAAAAoAio-LcQuAAAAADA-P___9cA-OQgeM_Z7w8AAAAAEAAAAAASgIHVgBKAj_OVk___________mAH6zBuZ_____xuDHoAHH4AHIQAAgIuh05nYs7NuTjuigtoiRgAAAABbWiqaR5M6obKo-v__77cCuAIACBi8CVBRztIdlHgLAwAACBhboIfF7zc77Bq_22X__________2b_Z_9oQm-j12lBLKPXar-AAABrv4AAAGzqBgDwFgAXdAGwOoXYDWeL3Wi2Gc0OAAAA4O7___9fD2RsG49z41tMZsaVY-LxLEcO52y52rgsJt_KZZh4b3FP9dD449WoL-Imw-FzMBAVXW-L3eE0e-5H0ZLlbrlbjSaL0Wi53OyGm9FgfwI5GyBFSxar5XC1myxGm8VistwNR5MJUrRktVwuV5vNarUbLWaDzXK42SBFq1az0WYwXM0ms91uNRwMl6MRUrRkuVvuVqPJYjRaLje74WY0GCJMWIYbj8kzWouMG8daNNn41gqXZ-NWOIyLlWMz3I02jrXo9TE9HAvDcOTyomCAxl4kT4t0ojBtPBbHYjHzTHyDycxhMqw8vpnHODJtZs7VZDERSzQni3Qiu-w7to3HufEtJjPjyjHxeJYjh3O2XG1cFpNv5TJM_A3LcOMxeUZrkXHjWIsmG99a4fJs3AqHcbFybIa70caxFr0-podjYRiOXP7GbLYZ7FaL2WzfmM02g91qMZvtO3SG7-pzNjqD44lHpdp-vqX1zWFQuAwW7-9zkTajjZtRpQ1bLKprceeaWHXa2MnYOZgNCt_fXNqKg9vIudyXHMQGgyKWCC7Sicxveb39pqff7lZYLmKJ0nSRTvSiy2Qt-hueHotYIjhdpBPRy3i6qP_IkIu5cjAXTeaK1WiVAAAAAAAAAACWMGfeBAAAAOA0kNFgM1yt80AGy8FuuVouAISzl-6Po1tDF9o8-O4HZfx1707BYnHjxw3mt7zeftPTb3crLFcGeKAmZ978mSDWarWsAQAABLABAAACuHXzFoDNxP_____HAQAAyMjRAwAAiO8DOQEAAAAAAPAT4GizGA!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=inc_all_video_vA!ll395_vB!mprdctdt6_vA!scec11_vA!smbs!spa2_vB!t45!ufm_vA&mPre=0.025&cirf=https%3A%2F%2Fhankalis.hooxs.com&en=1 HTTP/1.1
Host: wf.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Content-Length: 133
Origin: https://hankalis.hooxs.com
Connection: keep-alive
Referer: https://hankalis.hooxs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/json;charset=utf-8
machineid: 1476
link: <https://secure.adnxs.com>; rel=preconnect,<https://secure.adnxs.com>; rel=preconnect,<https://ioms.bfmio.com>; rel=preconnect,<https://secure.adnxs.com>; rel=preconnect,<https://secure.adnxs.com>; rel=preconnect
pragma: no-cache
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: https://hankalis.hooxs.com
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Tue, 13 Sep 2022 13:19:33 GMT
via: 1.1 varnish
x-served-by: cache-bma1636-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1663075173.442017,VS0,VE190
vary: Accept-Encoding
X-Firefox-Spdy: h2
ioms.bfmio.com/getmu?aid=f3ba7097-c379-4680-c2af-b76fbd71dc0e&output=html5&width=728&height=409&v=1&pageurl=https%3A%2F%2Fhankalis.hooxs.com&i_type=out&stream=out&playback=2&cb=R0.1663075160697&us_privacy=1---
3.226.154.125200 OK 9.7 kB URL HTTP/2 ioms.bfmio.com/getmu?aid=f3ba7097-c379-4680-c2af-b76fbd71dc0e&output=html5&width=728&height=409&v=1&pageurl=https%3A%2F%2Fhankalis.hooxs.com&i_type=out&stream=out&playback=2&cb=R0.1663075160697&us_privacy=1---
IP 3.226.154.125:0
Hash f49025be50b1a36cd96d6f20eb6535db
dc83d194b5d30d2be1454d64bd5abd287eaf18f0
55315b3bf4ccdf2a33aeb27bc3c9553f8bbdde94bce66685e86378a2358a000f
GET /getmu?aid=f3ba7097-c379-4680-c2af-b76fbd71dc0e&output=html5&width=728&height=409&v=1&pageurl=https%3A%2F%2Fhankalis.hooxs.com&i_type=out&stream=out&playback=2&cb=R0.1663075160697&us_privacy=1--- HTTP/1.1
Host: ioms.bfmio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Origin: https://hankalis.hooxs.com
Connection: keep-alive
Referer: https://hankalis.hooxs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 13:19:34 GMT
content-type: application/xml
access-control-allow-origin: https://hankalis.hooxs.com
access-control-allow-credentials: true
access-control-expose-headers: location
x-content-type-options: nosniff
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
vary: Origin, Accept-Encoding, User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?pub=0&userId=ea8890fe65824c65bb4b670992b22e17&zoneId=2308013&checkDuplicate=true&ymid=&var=
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=ea8890fe65824c65bb4b670992b22e17&zoneId=2308013&checkDuplicate=true&ymid=&var=
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash b006319fc625a405e2e18330dd5d08e3
f4a39d94dda4b61c3dba172f82c3fe2e42fc4368
272f8113fb9bca8bc16477091b120db643520ebd67a1de9f4c7ad9eef5d8bce0
GET /gid.js?pub=0&userId=ea8890fe65824c65bb4b670992b22e17&zoneId=2308013&checkDuplicate=true&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hankalis.hooxs.com/
Origin: https://hankalis.hooxs.com
Connection: keep-alive
Cookie: ID=d1a0868febb94983984c9ea43037c997
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 13:19:34 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://hankalis.hooxs.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=d1a0868febb94983984c9ea43037c997; expires=Wed, 13 Sep 2023 13:19:34 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
illiweb.com/rs3/63/frm/embed/FA_Embed.js
172.67.150.97200 OK 0 B URL HTTP/2 illiweb.com/rs3/63/frm/embed/FA_Embed.js
IP 172.67.150.97:0
GET /rs3/63/frm/embed/FA_Embed.js HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hankalis.hooxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 13:19:25 GMT
content-type: application/x-javascript
cache-control: max-age=31536000
cf-bgj: minify
access-control-allow-origin: *
expires: Fri, 08 Sep 2023 08:06:07 GMT
last-modified: Tue, 20 Apr 2021 14:17:00 GMT
x-cache-ne: HIT
x-cache-pr: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 450797
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SzOGYsPvzOzcMJ7Czv%2BWlH%2Fx7Uxm%2Bt3RAt6%2BCge4JX8O2VkTFV4HIWOa%2FWJablS9iBLURTtVApSGpR9mDXACjDus2f%2F24r4yV0El298fYuf1zG86gpVLfvt0IAb%2BOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a12caa8affb529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
178.250.6.84200 OK 0 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP 178.250.6.84:0
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 13:19:26 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 111426
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
cdn.betgorebysson.club/apu.php?zoneid=3765907
139.45.195.8200 OK 0 B URL HTTP/2 cdn.betgorebysson.club/apu.php?zoneid=3765907
IP 139.45.195.8:0
Analyzer Verdict Alert fortinet Malware
GET /apu.php?zoneid=3765907 HTTP/1.1
Host: cdn.betgorebysson.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hankalis.hooxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 13:19:27 GMT
content-type: application/javascript
x-trace-id: 622e395a0bc12ba923351f17b72b631e
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=d1a0868febb94983984c9ea43037c997; expires=Wed, 13 Sep 2023 13:19:27 GMT; path=/; secure; SameSite=None
oaidts=1663075167; expires=Wed, 13 Sep 2023 13:19:27 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
trc.taboola.com/forumotion-ar/trc/3/json?tim=13%3A19%3A13.818<i=deflated&data=%7B%22id%22%3A674%2C%22ii%22%3A%22%2Ft22-topic%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1662997164016%2C%22vi%22%3A1663075153816%2C%22cv%22%3A%2220220912-34-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fhankalis.hooxs.com%2Ft22-topic%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22bu%22%3A%22https%3A%2F%2Fhankalis.hooxs.com%2Ft22-topic%22%2C%22vpi%22%3A%22%2Ft22-topic%22%2C%22bad%22%3A-1%2C%22sw%22%3A1280%2C%22sh%22%3A1002%2C%22bw%22%3A1280%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A939%2C%22dw%22%3A1268%2C%22dh%22%3A3215%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-728x90%3Aabp%3D0%22%2C%22uip%22%3A%22728x90%20Thumbnails%22%2C%22orig_uip%22%3A%22728x90%20Thumbnails%22%2C%22cd%22%3A736%2C%22mw%22%3A0%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A5%2C%22uim%22%3A%22thumbnails-desktop-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22cd%22%3A2286%2C%22mw%22%3A728%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Ft22-topic%2C728x90%20Thumbnails%3Dthumbnails-728x90%3Aabp%3D0%2C%2CBelow%20Desktop%20Forum%20Thumbnails%3Dthumbnails-desktop-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
151.101.85.44200 OK 0 B URL HTTP/2 trc.taboola.com/forumotion-ar/trc/3/json?tim=13%3A19%3A13.818<i=deflated&data=%7B%22id%22%3A674%2C%22ii%22%3A%22%2Ft22-topic%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1662997164016%2C%22vi%22%3A1663075153816%2C%22cv%22%3A%2220220912-34-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fhankalis.hooxs.com%2Ft22-topic%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22bu%22%3A%22https%3A%2F%2Fhankalis.hooxs.com%2Ft22-topic%22%2C%22vpi%22%3A%22%2Ft22-topic%22%2C%22bad%22%3A-1%2C%22sw%22%3A1280%2C%22sh%22%3A1002%2C%22bw%22%3A1280%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A939%2C%22dw%22%3A1268%2C%22dh%22%3A3215%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-728x90%3Aabp%3D0%22%2C%22uip%22%3A%22728x90%20Thumbnails%22%2C%22orig_uip%22%3A%22728x90%20Thumbnails%22%2C%22cd%22%3A736%2C%22mw%22%3A0%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A5%2C%22uim%22%3A%22thumbnails-desktop-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22cd%22%3A2286%2C%22mw%22%3A728%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Ft22-topic%2C728x90%20Thumbnails%3Dthumbnails-728x90%3Aabp%3D0%2C%2CBelow%20Desktop%20Forum%20Thumbnails%3Dthumbnails-desktop-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
IP 151.101.85.44:0
GET /forumotion-ar/trc/3/json?tim=13%3A19%3A13.818<i=deflated&data=%7B%22id%22%3A674%2C%22ii%22%3A%22%2Ft22-topic%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1662997164016%2C%22vi%22%3A1663075153816%2C%22cv%22%3A%2220220912-34-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fhankalis.hooxs.com%2Ft22-topic%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22bu%22%3A%22https%3A%2F%2Fhankalis.hooxs.com%2Ft22-topic%22%2C%22vpi%22%3A%22%2Ft22-topic%22%2C%22bad%22%3A-1%2C%22sw%22%3A1280%2C%22sh%22%3A1002%2C%22bw%22%3A1280%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A939%2C%22dw%22%3A1268%2C%22dh%22%3A3215%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-728x90%3Aabp%3D0%22%2C%22uip%22%3A%22728x90%20Thumbnails%22%2C%22orig_uip%22%3A%22728x90%20Thumbnails%22%2C%22cd%22%3A736%2C%22mw%22%3A0%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A5%2C%22uim%22%3A%22thumbnails-desktop-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22cd%22%3A2286%2C%22mw%22%3A728%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Ft22-topic%2C728x90%20Thumbnails%3Dthumbnails-728x90%3Aabp%3D0%2C%2CBelow%20Desktop%20Forum%20Thumbnails%3Dthumbnails-desktop-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2 HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://hankalis.hooxs.com
Connection: keep-alive
Referer: https://hankalis.hooxs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://hankalis.hooxs.com
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Tue, 13 Sep 2022 13:19:27 GMT
via: 1.1 varnish
x-served-by: cache-bma1636-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1663075167.822006,VS0,VE415
vary: Accept-Encoding
x-vcl-time-ms: 415
X-Firefox-Spdy: h2
15.taboola.com/tb?oid=15&pubnm=forumotion-ar&unitType=226&tbloc=&pageType=text&pstn=Below%20Desktop%20Forum%20Thumbnails&uuip=&cisrf=&cirf=https%3A%2F%2Fhankalis.hooxs.com%2Ft22-topic&encoded=1&uid=a28ccd34-d8c1-42c7-ae3c-aa81e13874c1-tucta1a08de&variant=0|1786174634&callback=TRC.videoTagCallbacks.videoCallback2&cb=1663075154338&tagid=&cntry=NO&platform=1&sesid=c6cc9c712f8e1bc39da9695cebd7ee0b&itemid=/t22-topic&viewid=1663075153816&geolat=&geoing=&deviceifa=&appid=&sd=v2_c6cc9c712f8e1bc39da9695cebd7ee0b_a28ccd34-d8c1-42c7-ae3c-aa81e13874c1-tucta1a08de_1663075166_1663075166_CNawjgYQ3pxDGJjvg7izMCABKAEwogE434cMQJ6XEEj5qNkDUN6lI1gAYABo_9iV8p6d99_dAXAA&ri=6bce561ae19c340f5eba4b4865fc7f2e&appname=&cdb=&gdprApplies=true&rid=&sii=2275709620623967627&oee=true&tpubid=1101406&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=®ion=03&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1037540&prcnt=&layer=&normp=1&gvv=8431
151.101.85.44200 OK 0 B URL HTTP/2 15.taboola.com/tb?oid=15&pubnm=forumotion-ar&unitType=226&tbloc=&pageType=text&pstn=Below%20Desktop%20Forum%20Thumbnails&uuip=&cisrf=&cirf=https%3A%2F%2Fhankalis.hooxs.com%2Ft22-topic&encoded=1&uid=a28ccd34-d8c1-42c7-ae3c-aa81e13874c1-tucta1a08de&variant=0|1786174634&callback=TRC.videoTagCallbacks.videoCallback2&cb=1663075154338&tagid=&cntry=NO&platform=1&sesid=c6cc9c712f8e1bc39da9695cebd7ee0b&itemid=/t22-topic&viewid=1663075153816&geolat=&geoing=&deviceifa=&appid=&sd=v2_c6cc9c712f8e1bc39da9695cebd7ee0b_a28ccd34-d8c1-42c7-ae3c-aa81e13874c1-tucta1a08de_1663075166_1663075166_CNawjgYQ3pxDGJjvg7izMCABKAEwogE434cMQJ6XEEj5qNkDUN6lI1gAYABo_9iV8p6d99_dAXAA&ri=6bce561ae19c340f5eba4b4865fc7f2e&appname=&cdb=&gdprApplies=true&rid=&sii=2275709620623967627&oee=true&tpubid=1101406&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=®ion=03&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1037540&prcnt=&layer=&normp=1&gvv=8431
IP 151.101.85.44:0
GET /tb?oid=15&pubnm=forumotion-ar&unitType=226&tbloc=&pageType=text&pstn=Below%20Desktop%20Forum%20Thumbnails&uuip=&cisrf=&cirf=https%3A%2F%2Fhankalis.hooxs.com%2Ft22-topic&encoded=1&uid=a28ccd34-d8c1-42c7-ae3c-aa81e13874c1-tucta1a08de&variant=0|1786174634&callback=TRC.videoTagCallbacks.videoCallback2&cb=1663075154338&tagid=&cntry=NO&platform=1&sesid=c6cc9c712f8e1bc39da9695cebd7ee0b&itemid=/t22-topic&viewid=1663075153816&geolat=&geoing=&deviceifa=&appid=&sd=v2_c6cc9c712f8e1bc39da9695cebd7ee0b_a28ccd34-d8c1-42c7-ae3c-aa81e13874c1-tucta1a08de_1663075166_1663075166_CNawjgYQ3pxDGJjvg7izMCABKAEwogE434cMQJ6XEEj5qNkDUN6lI1gAYABo_9iV8p6d99_dAXAA&ri=6bce561ae19c340f5eba4b4865fc7f2e&appname=&cdb=&gdprApplies=true&rid=&sii=2275709620623967627&oee=true&tpubid=1101406&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=®ion=03&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1037540&prcnt=&layer=&normp=1&gvv=8431 HTTP/1.1
Host: 15.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://hankalis.hooxs.com
Connection: keep-alive
Referer: https://hankalis.hooxs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: text/html;charset=ISO-8859-1
machineid: 1443
link: <https://am-wf.taboola.com>; rel=preconnect
xvid-debug: mrmr - :
pragma: no-cache
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: https://hankalis.hooxs.com
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Tue, 13 Sep 2022 13:19:27 GMT
via: 1.1 varnish
x-served-by: cache-bma1636-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1663075168.507376,VS0,VE32
vary: Accept-Encoding
X-Firefox-Spdy: h2
taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
54.92.133.28200 OK 0 B URL HTTP/2 taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
IP 54.92.133.28:0
GET /sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo HTTP/1.1
Host: taboola-supply-partners.tremorhub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 13:19:28 GMT
content-type: image/gif
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
X-Firefox-Spdy: h2
hankalis.hooxs.com/t22-topic
178.33.43.178200 OK 0 B URL HTTP/2 hankalis.hooxs.com/t22-topic
IP 178.33.43.178:0
GET /t22-topic HTTP/1.1
Host: hankalis.hooxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Tue, 13 Sep 2022 13:19:25 GMT
content-type: text/html; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache
pragma: no-cache
expires: Tue, 13 Sep 2022 00:00:00 GMT
last-modified: Tue, 13 Sep 2022 13:19:25 GMT
vary: User-Agent
set-cookie: exadd=166308; expires=Tue, 13-Sep-2022 17:19:25 GMT; Max-Age=14400
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
static.criteo.net/js/ld/publishertag.js
178.250.2.130200 OK 0 B URL HTTP/2 static.criteo.net/js/ld/publishertag.js
IP 178.250.2.130:0
GET /js/ld/publishertag.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hankalis.hooxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 13:19:25 GMT
content-type: text/javascript
last-modified: Wed, 31 Aug 2022 21:49:04 GMT
etag: W/"630fd750-1e137"
expires: Wed, 14 Sep 2022 13:19:25 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
connect.topicit.net/scripts/connect.js
104.21.90.171200 OK 0 B URL HTTP/2 connect.topicit.net/scripts/connect.js
IP 104.21.90.171:0
GET /scripts/connect.js HTTP/1.1
Host: connect.topicit.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hankalis.hooxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 13:19:26 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=5437
access-control-allow-origin: *
etag: W/"5d653880-153d"
last-modified: Tue, 27 Aug 2019 14:04:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=86400
cf-cache-status: HIT
age: 4199
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E5TfVef72fLQE9LyRpGdKzbweXShmwGGD1ZtCr21jfewxA83RBl2lXxAdcX2wrOmkN%2BLMs2izjcXbH9%2BekRpxJtoDt54IovRAdiglOiLH6yLCxCOpTkrSLYzonwJamDSZ6iEZygY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a12cad7c161bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
connect.topicit.net/button/light?id=topicit-connect-0&redirect=https%3A%2F%2Fhankalis.hooxs.com%2Ft22-topic&lang=ar&loc=https%3A%2F%2Fconnect.topicit.net%2F&login=https%3A%2F%2Fhankalis.hooxs.com%2Ftopicit%2Findex.php%2Fconnect&version=1
104.21.90.171200 OK 0 B URL HTTP/2 connect.topicit.net/button/light?id=topicit-connect-0&redirect=https%3A%2F%2Fhankalis.hooxs.com%2Ft22-topic&lang=ar&loc=https%3A%2F%2Fconnect.topicit.net%2F&login=https%3A%2F%2Fhankalis.hooxs.com%2Ftopicit%2Findex.php%2Fconnect&version=1
IP 104.21.90.171:0
GET /button/light?id=topicit-connect-0&redirect=https%3A%2F%2Fhankalis.hooxs.com%2Ft22-topic&lang=ar&loc=https%3A%2F%2Fconnect.topicit.net%2F&login=https%3A%2F%2Fhankalis.hooxs.com%2Ftopicit%2Findex.php%2Fconnect&version=1 HTTP/1.1
Host: connect.topicit.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hankalis.hooxs.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 13:19:26 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, post-check=0, pre-check=0, private
last-modified: Tue, 13 Sep 2022 01:19:27 GMT
expires: Tue, 13 Sep 2022 00:00:00 GMT
set-cookie: XSRF-TOKEN=eyJpdiI6IlQ1NVRhaDVtV0hRTVY2NUhUVGVaanc9PSIsInZhbHVlIjoibkl2MFlGYXZYa1NZcVFmZGhMZlJlWHRZcWMxVHN3NWdBYlM5ZTdoZkNPUmN6ekdvUWZ3ZTZVWExwb0c5WE41cyIsIm1hYyI6ImRiZGJiYzk5N2Q1NzA2ODdkMTJmMDk3NjM4NGJhMGQxOWUyNzkyODVkMTc3OTcwZmRiOGVmNTA5ZmI1ZTU1MjcifQ%3D%3D; expires=Tue, 13-Sep-2022 15:19:27 GMT; Max-Age=7200; path=/; domain=.topicit.net
topicit_session=3o66AIrVPKgXHCoar76ZrpTg4W7OkMYloBdprK77; expires=Tue, 13-Sep-2022 15:19:27 GMT; Max-Age=7200; path=/; domain=.topicit.net; httponly
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
x-cache-ne: MISS
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=INWee7SLViWbfpJBazmJg%2FTiLhWlO0U46NZ9s5p352zXzvrZMbaRDQwUGqb1nRdSIlSHQtapFL15whpMwFeyShwR5VhB%2FUOwe1gbQPeIOkoxxeSrHivY7UPZ8Q2nPTTUBSYDD211"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74a12cadac571bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.0.157200 OK 0 B IP 178.250.0.157:0
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=6ygWzF80M0RITmhlJTJCZkMwOUJGQlhaMUN2czE2SCUyQjZYTmEzT0dGJTJCV2pEZGhzcDdTbVhPcmJhc3h6cHBjUnFYcGEwc2F3
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 13:19:26 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=fknufV80M0RITmhlJTJCZkMwOUJGQlhaMUN2czE2SCUyQjZYTmEzT0dGJTJCV2pEZGhzcDdSUWs5bGFuWW9TRTh5RmNwbk8lMkZkZGo; expires=Sun, 08 Oct 2023 13:19:27 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 301667
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
hankalis.hooxs.com/sw.js
178.33.43.178200 OK 0 B IP 178.33.43.178:0
GET /sw.js HTTP/1.1
Host: hankalis.hooxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hankalis.hooxs.com/t22-topic
Connection: keep-alive
Cookie: exadd=166308; _fa-screen=%7B%22w%22%3A1280%2C%22h%22%3A939%7D; _ga=GA1.2.89318314.1663075154; _gid=GA1.2.89674536.1663075154; _gat_gtag_UA_144347007_1=1; cto_bundle=dtv_El9kSWJSNUk4MFVNY0wlMkJNdDRFMUlBYWZUd3dPd0l3YnlOMzdIeUxEdEFGVnZJT2xwSzdrSEh2YyUyRk1ja0NDJTJCYkVwYyUyRnJnJTJCZERQeW8xWEolMkI5Q0dHSHRYUlVDclRPZnZmN2VmMVpRNmUwWHdZdElCbE52aEJrVjMlMkZqSjl4JTJCMWdsVGFVMnZSdkJ2ckNQUk1ESXRWNkNTSzdnJTNEJTNE
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 13:19:27 GMT
content-type: application/javascript
last-modified: Tue, 27 Aug 2019 13:54:01 GMT
etag: W/"5d6535f9-1554"
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
am-match.taboola.com/sync?dast=V7vaYCFgPZE8DyhmagkATZE8DyhmagkAUAAAAGBuIHJGRbrDwOx3AtXJg2a9FksFhLjKvNWjEazFbD4WCymhmGQFKT0cS0XC3WItfKtBYtXBu3xGQcrSWLxcwzsRg2E49lCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeQoOl0-Fz3eqHD7nWYnZ670O83fu4av9svukzWor_h6bEDAAAAwAOA1VsmxA8gAEAEAAAAgAQAAAAARUDFv4XABQAAAAAGgAHJhQbAJwfBe85-fwAANGiBAAAECJAADKwGlAB8nK-cAAAAAAAAAACw_P___8cA7GGNyQCM7O_0ADz4ADwQFYwWMQIAAADY0lLRPJrUCZVFFQAAQboVwBUAQMDgTUALRxgAAEDA2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxN6G71OC2IZvVb7BQQAWPsFBABgUzcAgLcAuKALgNUpxG44W-xGs81odgAAAAB3_____3ogY9t4nBvfYjIzrhwTj2c5cjhny9XGZTH5Vi7DxHuLe6qHxh-vRn0ewjL7fQcRy_M1_Q0HGd_yehtERdfbYnc4zZ77UbRkuVvuVqPJYjRaLje74WY02J9AzgZI0ZLFajlc7SaL0WaxmCx3w9FkghQtWS2Xy9Vms1rtRovZYLMcbjZI0arVbLQZDFezyWy3Ww0Hw-VohBQtWe6Wu9VoshiNlsvNbrgZDYYIE5bhxmPyjNYi48axFk02vrXC5dm4FQ7jYuXYDHejjWMten1MD8fCMBy5vCgYoLEXwUU6kfktr7ff9PTb3QrLRSzRnCzSieyy79g2HufGt5jMjCvHxONZjhzO2XK1cVlMvpXLMPE3LMONx-QZrUXGjWMtmmx8a4XLs3ErHMbFyrEZ7kYbx1r0-pgejoVhOHL5G7PZZrBbLWazfWM22wx2q8Vstu_QGb6rz9noDI4nHpVq-_mW1jeHQeEyWLy_z0XajDZuRpU2bLGorsWda2LVaWMnY-dgNih8f3NpKw5uI-dyX3IQGwyKWCI4XaQT0ct4uoglkqdFOpFNPC7XbLFwOZYbz2gwc60sDtPENJytZh7fzLKyiCVK00U60Ysuk7Xob3h6LOo_MuRirhzMRZO5YjVaJQAAAAAAAACAJcyZNwEAAAA4DWQ02AxXywWAcPbS_XF0a-hCmwff_aCMv-7dKVgsbvy4wfyW19tvevrtboXlygAP1OTMmz0TxFqtljUAAIAANgAAQAC3bt4CsBm5fSAnAAAAAAAAfgIcbRYD!&excid=22&docw=0&cijs=1&nlb=true
141.226.228.48200 OK 0 B URL HTTP/2 am-match.taboola.com/sync?dast=V7vaYCFgPZE8DyhmagkATZE8DyhmagkAUAAAAGBuIHJGRbrDwOx3AtXJg2a9FksFhLjKvNWjEazFbD4WCymhmGQFKT0cS0XC3WItfKtBYtXBu3xGQcrSWLxcwzsRg2E49lCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeQoOl0-Fz3eqHD7nWYnZ670O83fu4av9svukzWor_h6bEDAAAAwAOA1VsmxA8gAEAEAAAAgAQAAAAARUDFv4XABQAAAAAGgAHJhQbAJwfBe85-fwAANGiBAAAECJAADKwGlAB8nK-cAAAAAAAAAACw_P___8cA7GGNyQCM7O_0ADz4ADwQFYwWMQIAAADY0lLRPJrUCZVFFQAAQboVwBUAQMDgTUALRxgAAEDA2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxN6G71OC2IZvVb7BQQAWPsFBABgUzcAgLcAuKALgNUpxG44W-xGs81odgAAAAB3_____3ogY9t4nBvfYjIzrhwTj2c5cjhny9XGZTH5Vi7DxHuLe6qHxh-vRn0ewjL7fQcRy_M1_Q0HGd_yehtERdfbYnc4zZ77UbRkuVvuVqPJYjRaLje74WY02J9AzgZI0ZLFajlc7SaL0WaxmCx3w9FkghQtWS2Xy9Vms1rtRovZYLMcbjZI0arVbLQZDFezyWy3Ww0Hw-VohBQtWe6Wu9VoshiNlsvNbrgZDYYIE5bhxmPyjNYi48axFk02vrXC5dm4FQ7jYuXYDHejjWMten1MD8fCMBy5vCgYoLEXwUU6kfktr7ff9PTb3QrLRSzRnCzSieyy79g2HufGt5jMjCvHxONZjhzO2XK1cVlMvpXLMPE3LMONx-QZrUXGjWMtmmx8a4XLs3ErHMbFyrEZ7kYbx1r0-pgejoVhOHL5G7PZZrBbLWazfWM22wx2q8Vstu_QGb6rz9noDI4nHpVq-_mW1jeHQeEyWLy_z0XajDZuRpU2bLGorsWda2LVaWMnY-dgNih8f3NpKw5uI-dyX3IQGwyKWCI4XaQT0ct4uoglkqdFOpFNPC7XbLFwOZYbz2gwc60sDtPENJytZh7fzLKyiCVK00U60Ysuk7Xob3h6LOo_MuRirhzMRZO5YjVaJQAAAAAAAACAJcyZNwEAAAA4DWQ02AxXywWAcPbS_XF0a-hCmwff_aCMv-7dKVgsbvy4wfyW19tvevrtboXlygAP1OTMmz0TxFqtljUAAIAANgAAQAC3bt4CsBm5fSAnAAAAAAAAfgIcbRYD!&excid=22&docw=0&cijs=1&nlb=true
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
GET /sync?dast=V7vaYCFgPZE8DyhmagkATZE8DyhmagkAUAAAAGBuIHJGRbrDwOx3AtXJg2a9FksFhLjKvNWjEazFbD4WCymhmGQFKT0cS0XC3WItfKtBYtXBu3xGQcrSWLxcwzsRg2E49lCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeQoOl0-Fz3eqHD7nWYnZ670O83fu4av9svukzWor_h6bEDAAAAwAOA1VsmxA8gAEAEAAAAgAQAAAAARUDFv4XABQAAAAAGgAHJhQbAJwfBe85-fwAANGiBAAAECJAADKwGlAB8nK-cAAAAAAAAAACw_P___8cA7GGNyQCM7O_0ADz4ADwQFYwWMQIAAADY0lLRPJrUCZVFFQAAQboVwBUAQMDgTUALRxgAAEDA2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxN6G71OC2IZvVb7BQQAWPsFBABgUzcAgLcAuKALgNUpxG44W-xGs81odgAAAAB3_____3ogY9t4nBvfYjIzrhwTj2c5cjhny9XGZTH5Vi7DxHuLe6qHxh-vRn0ewjL7fQcRy_M1_Q0HGd_yehtERdfbYnc4zZ77UbRkuVvuVqPJYjRaLje74WY02J9AzgZI0ZLFajlc7SaL0WaxmCx3w9FkghQtWS2Xy9Vms1rtRovZYLMcbjZI0arVbLQZDFezyWy3Ww0Hw-VohBQtWe6Wu9VoshiNlsvNbrgZDYYIE5bhxmPyjNYi48axFk02vrXC5dm4FQ7jYuXYDHejjWMten1MD8fCMBy5vCgYoLEXwUU6kfktr7ff9PTb3QrLRSzRnCzSieyy79g2HufGt5jMjCvHxONZjhzO2XK1cVlMvpXLMPE3LMONx-QZrUXGjWMtmmx8a4XLs3ErHMbFyrEZ7kYbx1r0-pgejoVhOHL5G7PZZrBbLWazfWM22wx2q8Vstu_QGb6rz9noDI4nHpVq-_mW1jeHQeEyWLy_z0XajDZuRpU2bLGorsWda2LVaWMnY-dgNih8f3NpKw5uI-dyX3IQGwyKWCI4XaQT0ct4uoglkqdFOpFNPC7XbLFwOZYbz2gwc60sDtPENJytZh7fzLKyiCVK00U60Ysuk7Xob3h6LOo_MuRirhzMRZO5YjVaJQAAAAAAAACAJcyZNwEAAAA4DWQ02AxXywWAcPbS_XF0a-hCmwff_aCMv-7dKVgsbvy4wfyW19tvevrtboXlygAP1OTMmz0TxFqtljUAAIAANgAAQAC3bt4CsBm5fSAnAAAAAAAAfgIcbRYD!&excid=22&docw=0&cijs=1&nlb=true HTTP/1.1
Host: am-match.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hankalis.hooxs.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 13:19:28 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3406
X-Firefox-Spdy: h2
imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7X6wCFgPZE8DyhmagkATZE8DyhmagkAUAAAAGBuIHJLLw7EajhcmtXA4XbtFw5XILR66FW7fazRbLxWqyMS2GQCILz240WpjcyuVw4RYNVy63cORauHWr3WyxXKwmG9NiChE3GQ6fg4Go6Hpb7A6n2fMGEjSdDp_rXi902L0Os9NzF_r9xs9d43f7RZfJWvQ3PD12AAAAAHj4____hwAAAACIAAAAAJAAAAAAoAio-LcQuAAAAADA-P___9cA-OQgeM_Z7w8AAAAAEAAAAAASgIHVgBKAj_OVk___________mAH6zBuZ_____xuDHoAHH4AHIQAAgIuh05nYs7NuTjuigtoiRgAAAABbWiqaR5M6obKo-v__77cCuAIACBi8CVBRztIdlHgLAwAACBhboIfF7zc77Bq_22X__________2b_Z_9oQm-j12lBLKPXar-AAABrv4AAAGzqBgDwFgAXdAGwOoXYDWeL3Wi2Gc0OAAAA4O7___9fD2RsG49z41tMZsaVY-LxLEcO52y52rgsJt_KZZh4b3FP9dD449WoL-Imw-FzMBAVXW-L3eE0e-5H0ZLlbrlbjSaL0Wi53OyGm9FgfwI5GyBFSxar5XC1myxGm8VistwNR5MJUrRktVwuV5vNarUbLWaDzXK42SBFq1az0WYwXM0ms91uNRwMl6MRUrRkuVvuVqPJYjRaLje74WY0GCJMWIYbj8kzWouMG8daNNn41gqXZ-NWOIyLlWMz3I02jrXo9TE9HAvDcOTyomCAxl4kT4t0ojBtPBbHYjHzTHyDycxhMqw8vpnHODJtZs7VZDERSzQni3Qiu-w7to3HufEtJjPjyjHxeJYjh3O2XG1cFpNv5TJM_A3LcOMxeUZrkXHjWIsmG99a4fJs3AqHcbFybIa70caxFr0-podjYRiOXP7GbLYZ7FaL2WzfmM02g91qMZvtO3SG7-pzNjqD44lHpdp-vqX1zWFQuAwW7-9zkTajjZtRpQ1bLKprceeaWHXa2MnYOZgNCt_fXNqKg9vIudyXHMQGgyKWCC7Sicxveb39pqff7lZYLmKJ0nSRTvSiy2Qt-hueHotYIjhdpBPRy3i6qP_IkIu5cjAXTeaK1WiVAAAAAAAAAACWMGfeBAAAAOA0kNFgM1yt80AGy8FuuVouAISzl-6Po1tDF9o8-O4HZfx1707BYnHjxw3mt7zeftPTb3crLFcGeKAmZ978mSDWarWsAQAABLABAAACuHXzFoDNxP_____HAQAAyMjRAwAAiO8DOQEAAAAAAPAT4GizGA!&cmcv=&pix=undefined&cb=1663075154851&uv=3224&tms=1663075154851&abt=inc_all_video_vA!ll395_vB!mprdctdt6_vA!scec11_vA!smbs!spa2_vB!t45!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=2a3744ad-998a-48ee-8d5a-757619152c41&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
151.101.85.44200 OK 0 B URL HTTP/2 imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7X6wCFgPZE8DyhmagkATZE8DyhmagkAUAAAAGBuIHJLLw7EajhcmtXA4XbtFw5XILR66FW7fazRbLxWqyMS2GQCILz240WpjcyuVw4RYNVy63cORauHWr3WyxXKwmG9NiChE3GQ6fg4Go6Hpb7A6n2fMGEjSdDp_rXi902L0Os9NzF_r9xs9d43f7RZfJWvQ3PD12AAAAAHj4____hwAAAACIAAAAAJAAAAAAoAio-LcQuAAAAADA-P___9cA-OQgeM_Z7w8AAAAAEAAAAAASgIHVgBKAj_OVk___________mAH6zBuZ_____xuDHoAHH4AHIQAAgIuh05nYs7NuTjuigtoiRgAAAABbWiqaR5M6obKo-v__77cCuAIACBi8CVBRztIdlHgLAwAACBhboIfF7zc77Bq_22X__________2b_Z_9oQm-j12lBLKPXar-AAABrv4AAAGzqBgDwFgAXdAGwOoXYDWeL3Wi2Gc0OAAAA4O7___9fD2RsG49z41tMZsaVY-LxLEcO52y52rgsJt_KZZh4b3FP9dD449WoL-Imw-FzMBAVXW-L3eE0e-5H0ZLlbrlbjSaL0Wi53OyGm9FgfwI5GyBFSxar5XC1myxGm8VistwNR5MJUrRktVwuV5vNarUbLWaDzXK42SBFq1az0WYwXM0ms91uNRwMl6MRUrRkuVvuVqPJYjRaLje74WY0GCJMWIYbj8kzWouMG8daNNn41gqXZ-NWOIyLlWMz3I02jrXo9TE9HAvDcOTyomCAxl4kT4t0ojBtPBbHYjHzTHyDycxhMqw8vpnHODJtZs7VZDERSzQni3Qiu-w7to3HufEtJjPjyjHxeJYjh3O2XG1cFpNv5TJM_A3LcOMxeUZrkXHjWIsmG99a4fJs3AqHcbFybIa70caxFr0-podjYRiOXP7GbLYZ7FaL2WzfmM02g91qMZvtO3SG7-pzNjqD44lHpdp-vqX1zWFQuAwW7-9zkTajjZtRpQ1bLKprceeaWHXa2MnYOZgNCt_fXNqKg9vIudyXHMQGgyKWCC7Sicxveb39pqff7lZYLmKJ0nSRTvSiy2Qt-hueHotYIjhdpBPRy3i6qP_IkIu5cjAXTeaK1WiVAAAAAAAAAACWMGfeBAAAAOA0kNFgM1yt80AGy8FuuVouAISzl-6Po1tDF9o8-O4HZfx1707BYnHjxw3mt7zeftPTb3crLFcGeKAmZ978mSDWarWsAQAABLABAAACuHXzFoDNxP_____HAQAAyMjRAwAAiO8DOQEAAAAAAPAT4GizGA!&cmcv=&pix=undefined&cb=1663075154851&uv=3224&tms=1663075154851&abt=inc_all_video_vA!ll395_vB!mprdctdt6_vA!scec11_vA!smbs!spa2_vB!t45!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=2a3744ad-998a-48ee-8d5a-757619152c41&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
IP 151.101.85.44:0
GET /st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7X6wCFgPZE8DyhmagkATZE8DyhmagkAUAAAAGBuIHJLLw7EajhcmtXA4XbtFw5XILR66FW7fazRbLxWqyMS2GQCILz240WpjcyuVw4RYNVy63cORauHWr3WyxXKwmG9NiChE3GQ6fg4Go6Hpb7A6n2fMGEjSdDp_rXi902L0Os9NzF_r9xs9d43f7RZfJWvQ3PD12AAAAAHj4____hwAAAACIAAAAAJAAAAAAoAio-LcQuAAAAADA-P___9cA-OQgeM_Z7w8AAAAAEAAAAAASgIHVgBKAj_OVk___________mAH6zBuZ_____xuDHoAHH4AHIQAAgIuh05nYs7NuTjuigtoiRgAAAABbWiqaR5M6obKo-v__77cCuAIACBi8CVBRztIdlHgLAwAACBhboIfF7zc77Bq_22X__________2b_Z_9oQm-j12lBLKPXar-AAABrv4AAAGzqBgDwFgAXdAGwOoXYDWeL3Wi2Gc0OAAAA4O7___9fD2RsG49z41tMZsaVY-LxLEcO52y52rgsJt_KZZh4b3FP9dD449WoL-Imw-FzMBAVXW-L3eE0e-5H0ZLlbrlbjSaL0Wi53OyGm9FgfwI5GyBFSxar5XC1myxGm8VistwNR5MJUrRktVwuV5vNarUbLWaDzXK42SBFq1az0WYwXM0ms91uNRwMl6MRUrRkuVvuVqPJYjRaLje74WY0GCJMWIYbj8kzWouMG8daNNn41gqXZ-NWOIyLlWMz3I02jrXo9TE9HAvDcOTyomCAxl4kT4t0ojBtPBbHYjHzTHyDycxhMqw8vpnHODJtZs7VZDERSzQni3Qiu-w7to3HufEtJjPjyjHxeJYjh3O2XG1cFpNv5TJM_A3LcOMxeUZrkXHjWIsmG99a4fJs3AqHcbFybIa70caxFr0-podjYRiOXP7GbLYZ7FaL2WzfmM02g91qMZvtO3SG7-pzNjqD44lHpdp-vqX1zWFQuAwW7-9zkTajjZtRpQ1bLKprceeaWHXa2MnYOZgNCt_fXNqKg9vIudyXHMQGgyKWCC7Sicxveb39pqff7lZYLmKJ0nSRTvSiy2Qt-hueHotYIjhdpBPRy3i6qP_IkIu5cjAXTeaK1WiVAAAAAAAAAACWMGfeBAAAAOA0kNFgM1yt80AGy8FuuVouAISzl-6Po1tDF9o8-O4HZfx1707BYnHjxw3mt7zeftPTb3crLFcGeKAmZ978mSDWarWsAQAABLABAAACuHXzFoDNxP_____HAQAAyMjRAwAAiO8DOQEAAAAAAPAT4GizGA!&cmcv=&pix=undefined&cb=1663075154851&uv=3224&tms=1663075154851&abt=inc_all_video_vA!ll395_vB!mprdctdt6_vA!scec11_vA!smbs!spa2_vB!t45!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=2a3744ad-998a-48ee-8d5a-757619152c41&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1 HTTP/1.1
Host: imprammp.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hankalis.hooxs.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: text/html;charset=ISO-8859-1
content-encoding: gzip
accept-ranges: bytes
date: Tue, 13 Sep 2022 13:19:27 GMT
via: 1.1 varnish
x-served-by: cache-bma1636-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1663075168.880912,VS0,VE21
vary: Accept-Encoding
X-Firefox-Spdy: h2
illiweb.com/rs3/63/frm/jquery//ticker/ticker.js
172.67.150.97200 OK 0 B URL HTTP/2 illiweb.com/rs3/63/frm/jquery//ticker/ticker.js
IP 172.67.150.97:0
GET /rs3/63/frm/jquery//ticker/ticker.js HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hankalis.hooxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 13:19:25 GMT
content-type: application/x-javascript
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=8803
access-control-allow-origin: *
expires: Fri, 08 Sep 2023 08:38:35 GMT
last-modified: Tue, 27 Aug 2019 14:00:13 GMT
x-cache-ne: EXPIRED
x-cache-pr: EXPIRED
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 448849
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1%2Bt8MdWz2Z2KK9UVMJJbycAyb%2BBOx7QnhO7leW8uzOzVgOaBgM1R6I6TD%2FSaC8SYArPEGSIZNQcLu%2BHLSPVZOE4E8pDyT0cd2e%2BPRtWjO%2FN%2BpMXMOdsM4Cz4dSMK2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a12caa8b09b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7vaYCFgPZE8DyhmagkATZE8DyhmagkAUAAAAGBuIHJGRbrDwOx3AtXJg2a9FksFhLjKvNWjEazFbD4WCymhmGQFKT0cS0XC3WItfKtBYtXBu3xGQcrSWLxcwzsRg2E49lCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeQoOl0-Fz3eqHD7nWYnZ670O83fu4av9svukzWor_h6bEDAAAAwAOA1VsmxA8gAEAEAAAAgAQAAAAARUDFv4XABQAAAAAGgAHJhQbAJwfBe85-fwAANGiBAAAECJAADKwGlAB8nK-cAAAAAAAAAACw_P___8cA7GGNyQCM7O_0ADz4ADwQFYwWMQIAAADY0lLRPJrUCZVFFQAAQboVwBUAQMDgTUALRxgAAEDA2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxN6G71OC2IZvVb7BQQAWPsFBABgUzcAgLcAuKALgNUpxG44W-xGs81odgAAAAB3_____3ogY9t4nBvfYjIzrhwTj2c5cjhny9XGZTH5Vi7DxHuLe6qHxh-vRn0ewjL7fQcRy_M1_Q0HGd_yehtERdfbYnc4zZ77UbRkuVvuVqPJYjRaLje74WY02J9AzgZI0ZLFajlc7SaL0WaxmCx3w9FkghQtWS2Xy9Vms1rtRovZYLMcbjZI0arVbLQZDFezyWy3Ww0Hw-VohBQtWe6Wu9VoshiNlsvNbrgZDYYIE5bhxmPyjNYi48axFk02vrXC5dm4FQ7jYuXYDHejjWMten1MD8fCMBy5vCgYoLEXwUU6kfktr7ff9PTb3QrLRSzRnCzSieyy79g2HufGt5jMjCvHxONZjhzO2XK1cVlMvpXLMPE3LMONx-QZrUXGjWMtmmx8a4XLs3ErHMbFyrEZ7kYbx1r0-pgejoVhOHL5G7PZZrBbLWazfWM22wx2q8Vstu_QGb6rz9noDI4nHpVq-_mW1jeHQeEyWLy_z0XajDZuRpU2bLGorsWda2LVaWMnY-dgNih8f3NpKw5uI-dyX3IQGwyKWCI4XaQT0ct4uoglkqdFOpFNPC7XbLFwOZYbz2gwc60sDtPENJytZh7fzLKyiCVK00U60Ysuk7Xob3h6LOo_MuRirhzMRZO5YjVaJQAAAAAAAACAJcyZNwEAAAA4DWQ02AxXywWAcPbS_XF0a-hCmwff_aCMv-7dKVgsbvy4wfyW19tvevrtboXlygAP1OTMmz0TxFqtljUAAIAANgAAQAC3bt4CsBm5fSAnAAAAAAAAfgIcbRYD!&cmcv=&pix=undefined&cb=1663075155067&uv=3224&tms=1663075155067&abt=inc_all_video_vA!ll395_vB!mprdctdt6_vA!scec11_vA!smbs!spa2_vB!t45!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=d61eca18-8a43-4201-b853-1406588025f0&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
151.101.85.44200 OK 0 B URL HTTP/2 imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7vaYCFgPZE8DyhmagkATZE8DyhmagkAUAAAAGBuIHJGRbrDwOx3AtXJg2a9FksFhLjKvNWjEazFbD4WCymhmGQFKT0cS0XC3WItfKtBYtXBu3xGQcrSWLxcwzsRg2E49lCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeQoOl0-Fz3eqHD7nWYnZ670O83fu4av9svukzWor_h6bEDAAAAwAOA1VsmxA8gAEAEAAAAgAQAAAAARUDFv4XABQAAAAAGgAHJhQbAJwfBe85-fwAANGiBAAAECJAADKwGlAB8nK-cAAAAAAAAAACw_P___8cA7GGNyQCM7O_0ADz4ADwQFYwWMQIAAADY0lLRPJrUCZVFFQAAQboVwBUAQMDgTUALRxgAAEDA2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxN6G71OC2IZvVb7BQQAWPsFBABgUzcAgLcAuKALgNUpxG44W-xGs81odgAAAAB3_____3ogY9t4nBvfYjIzrhwTj2c5cjhny9XGZTH5Vi7DxHuLe6qHxh-vRn0ewjL7fQcRy_M1_Q0HGd_yehtERdfbYnc4zZ77UbRkuVvuVqPJYjRaLje74WY02J9AzgZI0ZLFajlc7SaL0WaxmCx3w9FkghQtWS2Xy9Vms1rtRovZYLMcbjZI0arVbLQZDFezyWy3Ww0Hw-VohBQtWe6Wu9VoshiNlsvNbrgZDYYIE5bhxmPyjNYi48axFk02vrXC5dm4FQ7jYuXYDHejjWMten1MD8fCMBy5vCgYoLEXwUU6kfktr7ff9PTb3QrLRSzRnCzSieyy79g2HufGt5jMjCvHxONZjhzO2XK1cVlMvpXLMPE3LMONx-QZrUXGjWMtmmx8a4XLs3ErHMbFyrEZ7kYbx1r0-pgejoVhOHL5G7PZZrBbLWazfWM22wx2q8Vstu_QGb6rz9noDI4nHpVq-_mW1jeHQeEyWLy_z0XajDZuRpU2bLGorsWda2LVaWMnY-dgNih8f3NpKw5uI-dyX3IQGwyKWCI4XaQT0ct4uoglkqdFOpFNPC7XbLFwOZYbz2gwc60sDtPENJytZh7fzLKyiCVK00U60Ysuk7Xob3h6LOo_MuRirhzMRZO5YjVaJQAAAAAAAACAJcyZNwEAAAA4DWQ02AxXywWAcPbS_XF0a-hCmwff_aCMv-7dKVgsbvy4wfyW19tvevrtboXlygAP1OTMmz0TxFqtljUAAIAANgAAQAC3bt4CsBm5fSAnAAAAAAAAfgIcbRYD!&cmcv=&pix=undefined&cb=1663075155067&uv=3224&tms=1663075155067&abt=inc_all_video_vA!ll395_vB!mprdctdt6_vA!scec11_vA!smbs!spa2_vB!t45!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=d61eca18-8a43-4201-b853-1406588025f0&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
IP 151.101.85.44:0
GET /st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7vaYCFgPZE8DyhmagkATZE8DyhmagkAUAAAAGBuIHJGRbrDwOx3AtXJg2a9FksFhLjKvNWjEazFbD4WCymhmGQFKT0cS0XC3WItfKtBYtXBu3xGQcrSWLxcwzsRg2E49lCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeQoOl0-Fz3eqHD7nWYnZ670O83fu4av9svukzWor_h6bEDAAAAwAOA1VsmxA8gAEAEAAAAgAQAAAAARUDFv4XABQAAAAAGgAHJhQbAJwfBe85-fwAANGiBAAAECJAADKwGlAB8nK-cAAAAAAAAAACw_P___8cA7GGNyQCM7O_0ADz4ADwQFYwWMQIAAADY0lLRPJrUCZVFFQAAQboVwBUAQMDgTUALRxgAAEDA2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxN6G71OC2IZvVb7BQQAWPsFBABgUzcAgLcAuKALgNUpxG44W-xGs81odgAAAAB3_____3ogY9t4nBvfYjIzrhwTj2c5cjhny9XGZTH5Vi7DxHuLe6qHxh-vRn0ewjL7fQcRy_M1_Q0HGd_yehtERdfbYnc4zZ77UbRkuVvuVqPJYjRaLje74WY02J9AzgZI0ZLFajlc7SaL0WaxmCx3w9FkghQtWS2Xy9Vms1rtRovZYLMcbjZI0arVbLQZDFezyWy3Ww0Hw-VohBQtWe6Wu9VoshiNlsvNbrgZDYYIE5bhxmPyjNYi48axFk02vrXC5dm4FQ7jYuXYDHejjWMten1MD8fCMBy5vCgYoLEXwUU6kfktr7ff9PTb3QrLRSzRnCzSieyy79g2HufGt5jMjCvHxONZjhzO2XK1cVlMvpXLMPE3LMONx-QZrUXGjWMtmmx8a4XLs3ErHMbFyrEZ7kYbx1r0-pgejoVhOHL5G7PZZrBbLWazfWM22wx2q8Vstu_QGb6rz9noDI4nHpVq-_mW1jeHQeEyWLy_z0XajDZuRpU2bLGorsWda2LVaWMnY-dgNih8f3NpKw5uI-dyX3IQGwyKWCI4XaQT0ct4uoglkqdFOpFNPC7XbLFwOZYbz2gwc60sDtPENJytZh7fzLKyiCVK00U60Ysuk7Xob3h6LOo_MuRirhzMRZO5YjVaJQAAAAAAAACAJcyZNwEAAAA4DWQ02AxXywWAcPbS_XF0a-hCmwff_aCMv-7dKVgsbvy4wfyW19tvevrtboXlygAP1OTMmz0TxFqtljUAAIAANgAAQAC3bt4CsBm5fSAnAAAAAAAAfgIcbRYD!&cmcv=&pix=undefined&cb=1663075155067&uv=3224&tms=1663075155067&abt=inc_all_video_vA!ll395_vB!mprdctdt6_vA!scec11_vA!smbs!spa2_vB!t45!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=d61eca18-8a43-4201-b853-1406588025f0&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1 HTTP/1.1
Host: imprammp.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hankalis.hooxs.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: text/html;charset=ISO-8859-1
content-encoding: gzip
accept-ranges: bytes
date: Tue, 13 Sep 2022 13:19:28 GMT
via: 1.1 varnish
x-served-by: cache-bma1636-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1663075168.060505,VS0,VE27
vary: Accept-Encoding
X-Firefox-Spdy: h2
wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=728&height=409&pubid=169497&tagid=953497&crid=-1&noaop=5&sortOrderType=0&cb=1663075154870&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1480&pt=-1260942090&tz=0&viewable=true&ddast=V7X6wCFgPZE8DyhmagkATZE8DyhmagkAUAAAAGBuIHJLLw7EajhcmtXA4XbtFw5XILR66FW7fazRbLxWqyMS2GQCILz240WpjcyuVw4RYNVy63cORauHWr3WyxXKwmG9NiChE3GQ6fg4Go6Hpb7A6n2fMGEjSdDp_rXi902L0Os9NzF_r9xs9d43f7RZfJWvQ3PD12AAAAAHj4____hwAAAACIAAAAAJAAAAAAoAio-LcQuAAAAADA-P___9cA-OQgeM_Z7w8AAAAAEAAAAAASgIHVgBKAj_OVk___________mAH6zBuZ_____xuDHoAHH4AHIQAAgIuh05nYs7NuTjuigtoiRgAAAABbWiqaR5M6obKo-v__77cCuAIACBi8CVBRztIdlHgLAwAACBhboIfF7zc77Bq_22X__________2b_Z_9oQm-j12lBLKPXar-AAABrv4AAAGzqBgDwFgAXdAGwOoXYDWeL3Wi2Gc0OAAAA4O7___9fD2RsG49z41tMZsaVY-LxLEcO52y52rgsJt_KZZh4b3FP9dD449WoL-Imw-FzMBAVXW-L3eE0e-5H0ZLlbrlbjSaL0Wi53OyGm9FgfwI5GyBFSxar5XC1myxGm8VistwNR5MJUrRktVwuV5vNarUbLWaDzXK42SBFq1az0WYwXM0ms91uNRwMl6MRUrRkuVvuVqPJYjRaLje74WY0GCJMWIYbj8kzWouMG8daNNn41gqXZ-NWOIyLlWMz3I02jrXo9TE9HAvDcOTyomCAxl4kT4t0ojBtPBbHYjHzTHyDycxhMqw8vpnHODJtZs7VZDERSzQni3Qiu-w7to3HufEtJjPjyjHxeJYjh3O2XG1cFpNv5TJM_A3LcOMxeUZrkXHjWIsmG99a4fJs3AqHcbFybIa70caxFr0-podjYRiOXP7GbLYZ7FaL2WzfmM02g91qMZvtO3SG7-pzNjqD44lHpdp-vqX1zWFQuAwW7-9zkTajjZtRpQ1bLKprceeaWHXa2MnYOZgNCt_fXNqKg9vIudyXHMQGgyKWCC7Sicxveb39pqff7lZYLmKJ0nSRTvSiy2Qt-hueHotYIjhdpBPRy3i6qP_IkIu5cjAXTeaK1WiVAAAAAAAAAACWMGfeBAAAAOA0kNFgM1yt80AGy8FuuVouAISzl-6Po1tDF9o8-O4HZfx1707BYnHjxw3mt7zeftPTb3crLFcGeKAmZ978mSDWarWsAQAABLABAAACuHXzFoDNxP_____HAQAAyMjRAwAAiO8DOQEAAAAAAPAT4GizGA!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=inc_all_video_vA!ll395_vB!mprdctdt6_vA!scec11_vA!smbs!spa2_vB!t45!ufm&mPre=0.025&cirf=https%3A%2F%2Fhankalis.hooxs.com&en=1
151.101.85.44200 OK 0 B URL HTTP/2 wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=728&height=409&pubid=169497&tagid=953497&crid=-1&noaop=5&sortOrderType=0&cb=1663075154870&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1480&pt=-1260942090&tz=0&viewable=true&ddast=V7X6wCFgPZE8DyhmagkATZE8DyhmagkAUAAAAGBuIHJLLw7EajhcmtXA4XbtFw5XILR66FW7fazRbLxWqyMS2GQCILz240WpjcyuVw4RYNVy63cORauHWr3WyxXKwmG9NiChE3GQ6fg4Go6Hpb7A6n2fMGEjSdDp_rXi902L0Os9NzF_r9xs9d43f7RZfJWvQ3PD12AAAAAHj4____hwAAAACIAAAAAJAAAAAAoAio-LcQuAAAAADA-P___9cA-OQgeM_Z7w8AAAAAEAAAAAASgIHVgBKAj_OVk___________mAH6zBuZ_____xuDHoAHH4AHIQAAgIuh05nYs7NuTjuigtoiRgAAAABbWiqaR5M6obKo-v__77cCuAIACBi8CVBRztIdlHgLAwAACBhboIfF7zc77Bq_22X__________2b_Z_9oQm-j12lBLKPXar-AAABrv4AAAGzqBgDwFgAXdAGwOoXYDWeL3Wi2Gc0OAAAA4O7___9fD2RsG49z41tMZsaVY-LxLEcO52y52rgsJt_KZZh4b3FP9dD449WoL-Imw-FzMBAVXW-L3eE0e-5H0ZLlbrlbjSaL0Wi53OyGm9FgfwI5GyBFSxar5XC1myxGm8VistwNR5MJUrRktVwuV5vNarUbLWaDzXK42SBFq1az0WYwXM0ms91uNRwMl6MRUrRkuVvuVqPJYjRaLje74WY0GCJMWIYbj8kzWouMG8daNNn41gqXZ-NWOIyLlWMz3I02jrXo9TE9HAvDcOTyomCAxl4kT4t0ojBtPBbHYjHzTHyDycxhMqw8vpnHODJtZs7VZDERSzQni3Qiu-w7to3HufEtJjPjyjHxeJYjh3O2XG1cFpNv5TJM_A3LcOMxeUZrkXHjWIsmG99a4fJs3AqHcbFybIa70caxFr0-podjYRiOXP7GbLYZ7FaL2WzfmM02g91qMZvtO3SG7-pzNjqD44lHpdp-vqX1zWFQuAwW7-9zkTajjZtRpQ1bLKprceeaWHXa2MnYOZgNCt_fXNqKg9vIudyXHMQGgyKWCC7Sicxveb39pqff7lZYLmKJ0nSRTvSiy2Qt-hueHotYIjhdpBPRy3i6qP_IkIu5cjAXTeaK1WiVAAAAAAAAAACWMGfeBAAAAOA0kNFgM1yt80AGy8FuuVouAISzl-6Po1tDF9o8-O4HZfx1707BYnHjxw3mt7zeftPTb3crLFcGeKAmZ978mSDWarWsAQAABLABAAACuHXzFoDNxP_____HAQAAyMjRAwAAiO8DOQEAAAAAAPAT4GizGA!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=inc_all_video_vA!ll395_vB!mprdctdt6_vA!scec11_vA!smbs!spa2_vB!t45!ufm&mPre=0.025&cirf=https%3A%2F%2Fhankalis.hooxs.com&en=1
IP 151.101.85.44:0
POST /VideoBidRequestHandlerServlet?oid=15&width=728&height=409&pubid=169497&tagid=953497&crid=-1&noaop=5&sortOrderType=0&cb=1663075154870&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1480&pt=-1260942090&tz=0&viewable=true&ddast=V7X6wCFgPZE8DyhmagkATZE8DyhmagkAUAAAAGBuIHJLLw7EajhcmtXA4XbtFw5XILR66FW7fazRbLxWqyMS2GQCILz240WpjcyuVw4RYNVy63cORauHWr3WyxXKwmG9NiChE3GQ6fg4Go6Hpb7A6n2fMGEjSdDp_rXi902L0Os9NzF_r9xs9d43f7RZfJWvQ3PD12AAAAAHj4____hwAAAACIAAAAAJAAAAAAoAio-LcQuAAAAADA-P___9cA-OQgeM_Z7w8AAAAAEAAAAAASgIHVgBKAj_OVk___________mAH6zBuZ_____xuDHoAHH4AHIQAAgIuh05nYs7NuTjuigtoiRgAAAABbWiqaR5M6obKo-v__77cCuAIACBi8CVBRztIdlHgLAwAACBhboIfF7zc77Bq_22X__________2b_Z_9oQm-j12lBLKPXar-AAABrv4AAAGzqBgDwFgAXdAGwOoXYDWeL3Wi2Gc0OAAAA4O7___9fD2RsG49z41tMZsaVY-LxLEcO52y52rgsJt_KZZh4b3FP9dD449WoL-Imw-FzMBAVXW-L3eE0e-5H0ZLlbrlbjSaL0Wi53OyGm9FgfwI5GyBFSxar5XC1myxGm8VistwNR5MJUrRktVwuV5vNarUbLWaDzXK42SBFq1az0WYwXM0ms91uNRwMl6MRUrRkuVvuVqPJYjRaLje74WY0GCJMWIYbj8kzWouMG8daNNn41gqXZ-NWOIyLlWMz3I02jrXo9TE9HAvDcOTyomCAxl4kT4t0ojBtPBbHYjHzTHyDycxhMqw8vpnHODJtZs7VZDERSzQni3Qiu-w7to3HufEtJjPjyjHxeJYjh3O2XG1cFpNv5TJM_A3LcOMxeUZrkXHjWIsmG99a4fJs3AqHcbFybIa70caxFr0-podjYRiOXP7GbLYZ7FaL2WzfmM02g91qMZvtO3SG7-pzNjqD44lHpdp-vqX1zWFQuAwW7-9zkTajjZtRpQ1bLKprceeaWHXa2MnYOZgNCt_fXNqKg9vIudyXHMQGgyKWCC7Sicxveb39pqff7lZYLmKJ0nSRTvSiy2Qt-hueHotYIjhdpBPRy3i6qP_IkIu5cjAXTeaK1WiVAAAAAAAAAACWMGfeBAAAAOA0kNFgM1yt80AGy8FuuVouAISzl-6Po1tDF9o8-O4HZfx1707BYnHjxw3mt7zeftPTb3crLFcGeKAmZ978mSDWarWsAQAABLABAAACuHXzFoDNxP_____HAQAAyMjRAwAAiO8DOQEAAAAAAPAT4GizGA!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=inc_all_video_vA!ll395_vB!mprdctdt6_vA!scec11_vA!smbs!spa2_vB!t45!ufm&mPre=0.025&cirf=https%3A%2F%2Fhankalis.hooxs.com&en=1 HTTP/1.1
Host: wf.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Content-Length: 133
Origin: https://hankalis.hooxs.com
Connection: keep-alive
Referer: https://hankalis.hooxs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/json;charset=utf-8
machineid: 1408
pragma: no-cache
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: https://hankalis.hooxs.com
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Tue, 13 Sep 2022 13:19:27 GMT
via: 1.1 varnish
x-served-by: cache-bma1636-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1663075168.900580,VS0,VE63
vary: Accept-Encoding
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=publishertag&domain=hooxs.com&sn=FirefoxSyncframe&so=0&topUrl=hankalis.hooxs.com&info=fknufV80M0RITmhlJTJCZkMwOUJGQlhaMUN2czE2SCUyQjZYTmEzT0dGJTJCV2pEZGhzcDdSUWs5bGFuWW9TRTh5RmNwbk8lMkZkZGo&idsd=1523518926,53564847&cw=1&lsw=1
178.250.2.146200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=publishertag&domain=hooxs.com&sn=FirefoxSyncframe&so=0&topUrl=hankalis.hooxs.com&info=fknufV80M0RITmhlJTJCZkMwOUJGQlhaMUN2czE2SCUyQjZYTmEzT0dGJTJCV2pEZGhzcDdSUWs5bGFuWW9TRTh5RmNwbk8lMkZkZGo&idsd=1523518926,53564847&cw=1&lsw=1
IP 178.250.2.146:0
GET /sid/json?origin=publishertag&domain=hooxs.com&sn=FirefoxSyncframe&so=0&topUrl=hankalis.hooxs.com&info=fknufV80M0RITmhlJTJCZkMwOUJGQlhaMUN2czE2SCUyQjZYTmEzT0dGJTJCV2pEZGhzcDdSUWs5bGFuWW9TRTh5RmNwbk8lMkZkZGo&idsd=1523518926,53564847&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=hankalis.hooxs.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 13:19:26 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 1246629
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
am-match.taboola.com/sync?dast=V7vaYCFgPZE8DyhmagkATZE8DyhmagkAUAAAAGBuIHJGRbrDwOx3AtXJg2a9FksFhLjKvNWjEazFbD4WCymhmGQFKT0cS0XC3WItfKtBYtXBu3xGQcrSWLxcwzsRg2E49lCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeQoOl0-Fz3eqHD7nWYnZ670O83fu4av9svukzWor_h6bEDAAAAwAOA1VsmxA8gAEAEAAAAgAQAAAAARUDFv4XABQAAAAAGgAHJhQbAJwfBe85-fwAANGiBAAAECJAADKwGlAB8nK-cAAAAAAAAAACw_P___8cA7GGNyQCM7O_0ADz4ADwQFYwWMQIAAADY0lLRPJrUCZVFFQAAQboVwBUAQMDgTUALRxgAAEDA2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxN6G71OC2IZvVb7BQQAWPsFBABgUzcAgLcAuKALgNUpxG44W-xGs81odgAAAAB3_____3ogY9t4nBvfYjIzrhwTj2c5cjhny9XGZTH5Vi7DxHuLe6qHxh-vRn0ewjL7fQcRy_M1_Q0HGd_yehtERdfbYnc4zZ77UbRkuVvuVqPJYjRaLje74WY02J9AzgZI0ZLFajlc7SaL0WaxmCx3w9FkghQtWS2Xy9Vms1rtRovZYLMcbjZI0arVbLQZDFezyWy3Ww0Hw-VohBQtWe6Wu9VoshiNlsvNbrgZDYYIE5bhxmPyjNYi48axFk02vrXC5dm4FQ7jYuXYDHejjWMten1MD8fCMBy5vCgYoLEXwUU6kfktr7ff9PTb3QrLRSzRnCzSieyy79g2HufGt5jMjCvHxONZjhzO2XK1cVlMvpXLMPE3LMONx-QZrUXGjWMtmmx8a4XLs3ErHMbFyrEZ7kYbx1r0-pgejoVhOHL5G7PZZrBbLWazfWM22wx2q8Vstu_QGb6rz9noDI4nHpVq-_mW1jeHQeEyWLy_z0XajDZuRpU2bLGorsWda2LVaWMnY-dgNih8f3NpKw5uI-dyX3IQGwyKWCI4XaQT0ct4uoglkqdFOpFNPC7XbLFwOZYbz2gwc60sDtPENJytZh7fzLKyiCVK00U60Ysuk7Xob3h6LOo_MuRirhzMRZO5YjVaJQAAAAAAAACAJcyZNwEAAAA4DWQ02AxXywWAcPbS_XF0a-hCmwff_aCMv-7dKVgsbvy4wfyW19tvevrtboXlygAP1OTMmz0TxFqtljUAAIAANgAAQAC3bt4CsBm5fSAnAAAAAAAAfgIcbRYD!&excid=22&docw=0&cijs=1&nlb=true
141.226.228.48200 OK 0 B URL HTTP/2 am-match.taboola.com/sync?dast=V7vaYCFgPZE8DyhmagkATZE8DyhmagkAUAAAAGBuIHJGRbrDwOx3AtXJg2a9FksFhLjKvNWjEazFbD4WCymhmGQFKT0cS0XC3WItfKtBYtXBu3xGQcrSWLxcwzsRg2E49lCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeQoOl0-Fz3eqHD7nWYnZ670O83fu4av9svukzWor_h6bEDAAAAwAOA1VsmxA8gAEAEAAAAgAQAAAAARUDFv4XABQAAAAAGgAHJhQbAJwfBe85-fwAANGiBAAAECJAADKwGlAB8nK-cAAAAAAAAAACw_P___8cA7GGNyQCM7O_0ADz4ADwQFYwWMQIAAADY0lLRPJrUCZVFFQAAQboVwBUAQMDgTUALRxgAAEDA2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxN6G71OC2IZvVb7BQQAWPsFBABgUzcAgLcAuKALgNUpxG44W-xGs81odgAAAAB3_____3ogY9t4nBvfYjIzrhwTj2c5cjhny9XGZTH5Vi7DxHuLe6qHxh-vRn0ewjL7fQcRy_M1_Q0HGd_yehtERdfbYnc4zZ77UbRkuVvuVqPJYjRaLje74WY02J9AzgZI0ZLFajlc7SaL0WaxmCx3w9FkghQtWS2Xy9Vms1rtRovZYLMcbjZI0arVbLQZDFezyWy3Ww0Hw-VohBQtWe6Wu9VoshiNlsvNbrgZDYYIE5bhxmPyjNYi48axFk02vrXC5dm4FQ7jYuXYDHejjWMten1MD8fCMBy5vCgYoLEXwUU6kfktr7ff9PTb3QrLRSzRnCzSieyy79g2HufGt5jMjCvHxONZjhzO2XK1cVlMvpXLMPE3LMONx-QZrUXGjWMtmmx8a4XLs3ErHMbFyrEZ7kYbx1r0-pgejoVhOHL5G7PZZrBbLWazfWM22wx2q8Vstu_QGb6rz9noDI4nHpVq-_mW1jeHQeEyWLy_z0XajDZuRpU2bLGorsWda2LVaWMnY-dgNih8f3NpKw5uI-dyX3IQGwyKWCI4XaQT0ct4uoglkqdFOpFNPC7XbLFwOZYbz2gwc60sDtPENJytZh7fzLKyiCVK00U60Ysuk7Xob3h6LOo_MuRirhzMRZO5YjVaJQAAAAAAAACAJcyZNwEAAAA4DWQ02AxXywWAcPbS_XF0a-hCmwff_aCMv-7dKVgsbvy4wfyW19tvevrtboXlygAP1OTMmz0TxFqtljUAAIAANgAAQAC3bt4CsBm5fSAnAAAAAAAAfgIcbRYD!&excid=22&docw=0&cijs=1&nlb=true
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
GET /sync?dast=V7vaYCFgPZE8DyhmagkATZE8DyhmagkAUAAAAGBuIHJGRbrDwOx3AtXJg2a9FksFhLjKvNWjEazFbD4WCymhmGQFKT0cS0XC3WItfKtBYtXBu3xGQcrSWLxcwzsRg2E49lCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjeQoOl0-Fz3eqHD7nWYnZ670O83fu4av9svukzWor_h6bEDAAAAwAOA1VsmxA8gAEAEAAAAgAQAAAAARUDFv4XABQAAAAAGgAHJhQbAJwfBe85-fwAANGiBAAAECJAADKwGlAB8nK-cAAAAAAAAAACw_P___8cA7GGNyQCM7O_0ADz4ADwQFYwWMQIAAADY0lLRPJrUCZVFFQAAQboVwBUAQMDgTUALRxgAAEDA2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxN6G71OC2IZvVb7BQQAWPsFBABgUzcAgLcAuKALgNUpxG44W-xGs81odgAAAAB3_____3ogY9t4nBvfYjIzrhwTj2c5cjhny9XGZTH5Vi7DxHuLe6qHxh-vRn0ewjL7fQcRy_M1_Q0HGd_yehtERdfbYnc4zZ77UbRkuVvuVqPJYjRaLje74WY02J9AzgZI0ZLFajlc7SaL0WaxmCx3w9FkghQtWS2Xy9Vms1rtRovZYLMcbjZI0arVbLQZDFezyWy3Ww0Hw-VohBQtWe6Wu9VoshiNlsvNbrgZDYYIE5bhxmPyjNYi48axFk02vrXC5dm4FQ7jYuXYDHejjWMten1MD8fCMBy5vCgYoLEXwUU6kfktr7ff9PTb3QrLRSzRnCzSieyy79g2HufGt5jMjCvHxONZjhzO2XK1cVlMvpXLMPE3LMONx-QZrUXGjWMtmmx8a4XLs3ErHMbFyrEZ7kYbx1r0-pgejoVhOHL5G7PZZrBbLWazfWM22wx2q8Vstu_QGb6rz9noDI4nHpVq-_mW1jeHQeEyWLy_z0XajDZuRpU2bLGorsWda2LVaWMnY-dgNih8f3NpKw5uI-dyX3IQGwyKWCI4XaQT0ct4uoglkqdFOpFNPC7XbLFwOZYbz2gwc60sDtPENJytZh7fzLKyiCVK00U60Ysuk7Xob3h6LOo_MuRirhzMRZO5YjVaJQAAAAAAAACAJcyZNwEAAAA4DWQ02AxXywWAcPbS_XF0a-hCmwff_aCMv-7dKVgsbvy4wfyW19tvevrtboXlygAP1OTMmz0TxFqtljUAAIAANgAAQAC3bt4CsBm5fSAnAAAAAAAAfgIcbRYD!&excid=22&docw=0&cijs=1&nlb=true HTTP/1.1
Host: am-match.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hankalis.hooxs.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 13:19:28 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3406
X-Firefox-Spdy: h2
twemoji.maxcdn.com/twemoji.min.js
23.111.9.57200 OK 0 B URL HTTP/2 twemoji.maxcdn.com/twemoji.min.js
IP 23.111.9.57:0
GET /twemoji.min.js HTTP/1.1
Host: twemoji.maxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hankalis.hooxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 13:19:25 GMT
content-type: application/javascript; charset=utf-8
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Thu, 31 Mar 2022 03:24:15 GMT
access-control-allow-origin: *
etag: W/"62451edf-3bc8"
expires: Thu, 13 Oct 2022 13:19:25 GMT
cache-control: max-age=2592000
x-proxy-cache: MISS
x-github-request-id: 0ABA:25E6:BEFB7:C66AA:63179B03
vary: Accept-Encoding
x-fastly-request-id: 0a98234bb389a2dda5c78fa1dad361c4ff87e38d
server: NetDNA-cache/2.2
powered-by: MaxCDN
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2